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PTO Disclosure 01/19/2002 

11 

2| Enabling Source Code 
3| 

4| — - NOTICE 
5| 

6| All source code is 

7\ Copyright (c) 1995-2002 

8| Columbia Data Products, Inc. 

9| All Rights Reserved. 

10| 

111 
12| 

13| PSM COM Object Provider Source 
14| 

15| The COM object provider allows a web browser of other 
16| COM enabled object to access the COM server located on 
| the same or another machine. --LPW 

17| 
18| 
19| 

20| File Listing: CDP.h 
21 1 

22 1 #define VER_COMPANYNAME_STR "Columbia Data 

| Products, Inc." 
23 1 #define VER_LEGALTRADEMARKS_STR "PSM\256 is a 

| trademark of " VER_COMPANYNAME_STR 
24 1 

25 1 #define VER_LEGALCOPYRIGHT_YEARS "1995-2001" 
26| #define VER_LEGALCOPYRIGHT_STR "Copyright \251 " 

| VER LEGALCOPYRIGHT YEARS " " VER COMPANYNAME STR 
27| 

28 1 #if DBG 

29 1 #define VER_DEBUG VS_FF_DEBUG 
30 1 #else 

31 1 #define VER DEBUG 0 
32 1 #endif 
33 1 

34 1 #if BETA 

35 1 #define VER_PRODUCTBETA_STR "BETA" 

36| #define VER PRERELEASE VS_FF_PRERELEASE 

37\ #else 

38 1 #define VER_PRERELEASE 0 
39 1 #define VER_PRODUCTBETA_STR 
40 1 #endif 
41 1 

42 1 #define VER_FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 
43 1 #define VER_FILEOS VOS_NT_WINDOWS32 
44 1 #define VER_FILEFLAGS (VER_PRERELEASE | 



I VEFMDEBUG) 
45| 
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File Listing: psmprov.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 

#include <winioctl.h> 
#include "..\include\psmoem.h" 

declspec( dllexport ) ULONG cdecl Validate(void) 

{ 

return 0x11223344; 

} 

declspec( dllexport ) BOOLEAN cdecl lsProvVendor(IN 



| WCHAR *wVendorName) 



{ 

if (_wcsicmp(wVendorName,_PsmVendorNameWStr_)==0) 



| return TRUE; 



return FALSE; 

} 

BOOL WINAPI DIIMain( 
HINSTANCE hDlllnst, 
DWORD fdwReason, 
LPVOID IpvReserved) 

{ 

#if 0 

// Dispatch this call based on the reason it was 



| called. 



switch (fdwReason) { 

case DLL_PROCESS_ATTACH : 
case DLL_THREAD_ATTACH: 
case DLL_PROCESS_DETACH: 
case D L L_TH R E A D_D ET AC H : 

} 

#endif 

return TRUE; 



01|} 
92 1 
93 1 
94 1 

95| File Listing: RESOURCE.h 
96| 

97| //{{NO_DEPENDENCIES}} 

98| // Microsoft Developer Studio generated include file. 
99 1 // Used by SBPSMAN.RC 
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102 
103 
104| 
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// 

#define VER_PRODUCTBUILD 3 

#define VER_PRODUCTVERSION_W 0x01 01 

// Next default values for new objects 

// 

#ifdef APSTUDIOJNVOKED 

#ifndef APSTUDIO_READONLY_SYMBOLS 

#define _APS_NO_MFC 1 

#define _APS_NEXT_RESOURCE_VALUE 1 01 

#define _APS_N EXT_COM M AN D_VALU E 40001 

#define _APS_NEXT_CONTROL_VALUE 1 000 

#define _APS_N EXT SYM E D VALU E 101 

#endif 

#endif 



PSM COM Object Server Source 



The COM server allows a remote COM provider to access 
PSM functionality over a network. --LPW 



File Listing: cluster.c 

#include <windows.h> 
#include <stdio.h> 
#include <stdlib.h> 
#include <process.h> 
#include <tchar.h> 
#include <winioctl.h> 
#include <undoc.h> 
#include "psm.h" 

#include M ..\driver\ioctl.h" 
#include <clusapi.h> 
#include "cluster.h" 

#define DLOG(x) printf x 



140| 

141 1 ULONG ClusterGetApis( pClusApis Apis ) 
142| { 

143| ULONG Err=0; 
144| 

1 45| memset(Apis,0,sizeof(tClusApis)); 
146| 

147| Apis->ClusApi=LoadLibrary(TEXT( M clusapi.dir)); 
148| 

149| if((Apis->ClusApi!=INVALID_HANDLE_VALUE) && 

| (Apis->ClusApi!=NULL)) { 
1 50| Apis->OpenCluster= 

| (tOpenCluster)GetProcAddress(Apis->ClusApi,"OpenCluster M 

I); 

1 51 1 Apis->CloseCluster= 
| (tCloseCluster)GetProcAddress(Apis->ClusApi,"CloseCluste 
I r"); 

1 52 1 Apis->GetClusterKey= 
| (tGetClusterKey)GetProcAddress(Apis->ClusApi,"GetCluster 
I Key"); 

1 53| Apis->ClusterRegCreateKey = 

| (tClusterRegCreateKey)GetProcAddress(Apis->ClusApi,"Clus 

| terRegCreateKey"); 
1 54| Apis->ClusterRegOpenKey = 

| (tClusterRegOpenKey)GetProcAddress(Apis->ClusApi,"Cluste 

| rRegOpenKey"); 
1 55| Apis->ClusterRegDeleteKey = 

| (tClusterRegDeleteKey)GetProcAddress(Apis->ClusApi,"Clus 

| terRegDeleteKey"); 
156| Apis->ClusterRegCloseKey = 

| (tClusterRegCloseKey)GetProcAddress(Apis->ClusApi,"Clust 

| erRegCloseKey"); 
1 57| Apis->ClusterRegEnumKey = 

| (tClusterRegEnumKey)GetProcAddress(Apis->ClusApi,"Cluste 

| rRegEnumKey"); 
1 58| Apis->ClusterRegSetValue = 

| (tClusterRegSetValue)GetProcAddress(Apis->ClusApi,"Clust 

| erRegSetValue"); 
1 59| Apis->ClusterRegDeleteValue = 

| (tClusterRegDeleteValue)GetProcAddress(Apis->ClusApi,"CI 

| usterRegDeleteValue"); 
1 60| Apis->ClusterRegQueryValue = 

| (tClusterRegQueryValue)GetProcAddress(Apis->ClusApi,"Clu 

| sterRegQueryValue"); 
1 61 1 Apis->ClusterRegEnumValue = 

| (tClusterRegEnumValue)GetProcAddress(Apis->ClusApi,"Clus 

| terRegEnumValue"); 
1 62| Apis->ClusterRegQuerylnfoKey = 

| (tClusterRegQuerylnfoKey)GetProcAddress(Apis->ClusApi,"C 

| lusterRegQuerylnfoKey"); 



1 63| Apis->ClusterRegGetKeySecurity = 

| (tClusterRegGetKeySecurity)GetProcAddress(Apis->ClusApi, 

| "ClusterRegGetKeySecurity"); 
1 64| Apis->ClusterRegSetKeySecurity = 

| (tClusterRegSetKeySecurity)GetProcAddress(Apis->ClusApi, 

| "ClusterRegSetKeySecurity"); 
1 65| Apis->GetNodeClusterState = 

| (tGetNodeClusterState)GetProcAddress(Apis->ClusApi, M GetN 

| odeClusterState"); 
166| 

167| #ifdef DEBUG 

1 68| // make sure everything loaded 
169| { 

170| ULONGi; 

171 1 ULONG *Ptr; 

172| Ptr = (ULONG*)Apis; 

173| for(i=0;i<sizeof(tClusApis)/4;i++,Ptr++) { 

174| if(!Ptr){ 

1 75| DLOG((TEXT("Error! Api %d is 

| missing!\n"),i)); 
176| } 
177| } 
178| } 
179|#endif 
180| }else{ 

181 1 Err = GetLastError(); 

182| DLOG((TEXT("Error %08x load module\n M ),Err)); 
183| } 

184| return Err; 

185|} 

186| 

187| ULONG ClusterCopyKey( pClusApis Apis, HKEY LocalKey, 

| HKEY ClusterKey ) 
188| { 

189| ULONG Err=0; 
190| WCHAR Name[100]; 
191 1 ULONG NameLen; 
192| ULONG lndex=0; 
193| ULONG Type; 
194| ULONG DataSize; 
195| PVOID Data; 
196| 

197| do{ 

198| NameLen = sizeof(Name) / sizeof (WCHAR); 
199| DataSize=0; 
200| Err = 

| RegEnumValueW(LocalKey,lndex,Name,&NameLen,NULL,NULL,NUL 
| L,&DataSize); 
201 1 if(!Err){ 

202| Data = Local Alloc(LPTR, DataSize); 



203| 
204| 



if (Data) { 
Err = 



| RegQueryValueExW(LocalKey,Name,NULL,&Type,Data,&DataSize 

I); 



I Apis->ClusterRegSetValue(ClusterKey,Name,Type,Data,DataS 
I ize); 



224| } 

225| lndex++; 

226| } while(Err==0); 

227| 

228| if(Err==ERROR_NO_MORE_ITEMS) { 

229| Err = 0; 

230| } 

231 1 return Err; 
232| } 
233 1 

234| ULONG CopyKeyToClusterKey( WCHAR *VolumeGuid, WCHAR 

| *Uniqueld) 
235|{ 

236| tClusApis Apis; 

237| HCLUSTER Cluster; 

238| ULONG Err=0; 

239| HKEY ClusterKey; 

240| HKEY PSMKey; 

241 1 HKEY psmlocalkey; 

242| HKEY volumelocalkey; 



205| 
206| 



if(!Err) { 



Err = 



207| if(!Err) { 

208| DLOG((TEXT("Success updating 

| %d:'%S', size=%d cluster\n"),Type,Name,DataSize)); 
209 1 } else { 

21 0| DLOG((TEXT("Error %08x setting 

| data for value %S\n"),Err,Name)); 
211| } 
212| }else{ 

213| DLOG((TEXT("Error %08x getting data 

| for value %S\n"),Err,Name)); 
214| } 

21 5| Local Free( Data); 

216| }else{ 

21 7| DLOG((TEXT("Error! out of memory for 

| data, need %d bytes\n"),DataSize)); 
218| Err = ERROR_OUTOFMEMORY; 

219| } 
220 1 } else { 

221 1 if(Err!=ERROR_NO_MORE_ITEMS) { 

222| DLOG((TEXT("Error %08x enumerating 

| key\n"),Err)); 
223 1 } 



243| ULONG Disp=0; 
244| 

245| DLOG((TEXT("VolumeGuid= , %S', 

| uniqueid='%S'\n M ),VolumeGuid,Uniquelcl)); 
246| 

247| Err = ClusterGetApis(&Apis); 

248| jf(!Err) { 

249| Cluster = Apis.OpenCluster(NULL); 

250| if(ICIuster) { 

251 1 DLOG((TEXT("unable to open cluster\n"))); 

252| Err = GetLastError(); 

253| } 

254| if(!Err) { 

255| ClusterKey = 

| Apis.GetClusterKey(Cluster,KEY_ALL_ACCESS); 

256| if(!ClusterKey) { 

257| DLOG((TEXT("unable to open root 

I key\n"))); 

258| Err = GetLastError(); 

259| } 

260| if(!Err) { 

261 1 WCHAR Temp[200]; 
262| 

| wcscpy(Temp,L"PersistentStorageManager\\"); 

263| wcscat(Temp,Uniqueld); 
264| 

265| ^try { 

266| Err = Apis.ClusterRegCreateKey( 

267| ClusterKey, 

268| Temp, 

269| REG_OPTION_NON_VOLATILE, 

270| KEYALLACCESS, 

271 1 NULL, 

272| &PSMKey, 

273| &Disp 

274| ); 

275| } _except (EXCEPTION EXECUTE HANDLER) 
|{ 

276| Err = GetExceptionCode(); 

277| DLOG((TEXT("Exception %08x in 

| ClusterRegCreateKey\n M ),Err)); 

278| } 
279| 

280| if(!Err) { 

281 1 DLOG((TEXT("Disposition of PSM key 

| is%08x\n M ),Disp)); 

282| // delete old keys, incase they 

| have been deleted locally 

283| if(Disp==REG_OPENED_EXISTING_KEY ) 

|{ 



284| if((Err = 

| Apis.ClusterRegDeleteValue(PSMKey,L"HeaderMap"))) { 
285| DLOG((TEXT("Error %08x 

| deleting header map\n"),Err)); 
286| } 
287| if((Err = 

| Apis.ClusterRegDeleteValue(PSMKey,L"lndexMap n ))) { 
288| DLOG((TEXT("Error %08x 

| deleting index map\n"),Err)); 
289| } 
290| if((Err = 

| Apis.ClusterRegDeleteValue(PSMKey,L"CacheMap"))) { 
291 1 DLOG((TEXT("Error %08x 

| deleting cache map\n"),Err)); 
292| } 
293| } 
294| 

295| Err = 

| RegOpenKeyExW(HKEY_LOCAL_MACHINE, 
296| 

| L"SYSTEM\\CurrentControlSet\\Services\\PSMan5", 
297| 0, 
298| KEY_READ, 
299| &psmlocalkey); 
300| if(!Err) { 

301 1 Err = 

| RegOpenKeyExW(psmlocalkey, 
302| VolumeGuid, 
303| 0, 
304| KEY_READ, 
305| &volumelocalkey); 
306| if(!Err) { 

307| Err = 

| ClusterCopyKey(&Apis,volumelocalkey,PSMKey); 
308| 

| RegCloseKey(volumelocalkey); 
309| } else { 

310| DLOG((TEXT("Cluster: Error 

| %08x opening volume guid key\n"),Err)); 
3111 } 

3 1 2 1 RegC lose Key (ps m local key) ; 

31 3| }else{ 

31 4| DLOG((TEXT("Cluster: Error %08x 

| opening psman5 key\n"),Err)); 
315| } 

31 6| Apis.ClusterRegCloseKey(PSMKey); 
31 7| }else{ 

31 8| DLOG((TEXT("Cluster: Error %08x 

| creating PSM key\n"),Err)); 
319| } 



320| Apis.ClusterRegCloseKey(ClusterKey); 
321 1 } else { 

322| DLOG((TEXT("Cluster: Error %08x getting 

| cluster key\n"),Err)); 
323 1 } 

324| Apis.CloseCluster(Cluster); 
325| } else { 

326| DLOG((TEXT("Cluster: Error %08x opening 

| cluster\n"),Err)); 
327| } 

328| FreeLibrary(Apis.ClusApi); 
329 1 } else { 

330| DLOG((TEXT("Cluster: Error %08x unable to get 

| entry points\n"),Err)); 
331| } 

332 1 return Err; 

333| } 

334| 

335| 

336| ULONG DoCleanClusterDatabaseEvent( WCHAR *VolumeGuid, 

| WCHAR *Uniqueld ) 
337| { 

338| return CopyKeyToClusterKey(VolumeGuid, Uniqueld); 

339| } 

340| 

341 1 

342 1 

343| File Listing: cluster.h 
344| 

345| typedef LONG 

346| (WINAPI *tClusterRegCreateKey)( 
347| IN HKEY hKey, 
348| IN LPCWSTR IpszSubKey, 
349| IN DWORD dwOptions, 
350| IN REGSAM samDesired, 

351 1 IN LPSECURITY_ATTRIBUTES IpSecurityAttributes, 

352| OUT PHKEY phkResult, 

353| OUT OPTIONAL LPDWORD IpdwDisposition 

354| ); 

355| 

356| typedef LONG 

357| (WINAPI *tClusterRegOpenKey)( 

358| IN HKEY hKey, 

359| IN LPCWSTR IpszSubKey, 

360| IN REGSAM samDesired, 

361 1 OUT PHKEY phkResult 

362| ); 

363 1 

364| typedef LONG 

365| (WINAPI *tClusterRegDeleteKey)( 
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IN HKEY hKey, 

IN LPCWSTR IpszSubKey 

); 

typedef LONG 

(WINAPI *tClusterRegCloseKey)( 
IN HKEY hKey 

); 

typedef LONG 

(WINAPI *tClusterRegEnumKey)( 
IN HKEY hKey, 
IN DWORD dwlndex, 
OUT LPWSTR IpszName, 
IN OUT LPDWORD IpcchName, 
OUT PFILETIME IpftLastWriteTime 

); 

typedef DWORD 
(WINAPI *tClusterRegSetValue)( 
IN HKEY hKey, 

IN LPCWSTR IpszValueName, 
IN DWORD dwType, 
IN CONST BYTE* IpData, 
IN DWORD cbData 

); 

typedef DWORD 

(WINAPI *tClusterRegDeleteValue)( 
IN HKEY hKey, 
IN LPCWSTR IpszValueName 

); 

typedef LONG 

(WINAPI *tClusterRegQuery Value) ( 
IN HKEY hKey, 

IN LPCWSTR IpszValueName, 
OUT LPDWORD IpdwValueType, 
OUT LPBYTE IpData, 
IN OUT LPDWORD IpcbData 

); 

typedef DWORD 

(WINAPI *tClusterRegEnumValue)( 
IN HKEY hKey, 
IN DWORD dwlndex, 
OUT LPWSTR IpszValueName, 
IN OUT LPDWORD IpcchValueName, 
OUT LPDWORD IpdwType, 
OUT LPBYTE IpData, 
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IN OUT LPDWORD IpcbData 

); 

typedef LONG 

(WINAPI *tClusterRegQuerylnfoKey)( 
IN HKEY hKey, 
IN LPDWORD IpcSubKeys, 
IN LPDWORD IpcchMaxSubKeyLen, 
IN LPDWORD IpcValues, 
IN LPDWORD IpcchMaxValueNameLen, 
IN LPDWORD IpcbMaxValueLen, 
IN LPDWORD IpcbSecurityDescriptor, 
IN PFILETIME IpftLastWriteTime 

); 

typedef LONG 

(WINAPI *tClusterRegGetKeySecurity )( 
IN HKEY hKey, 

IN SECURITYJNFORMATION Requested Inform at ion, 
OUT PSECURITY_DESCRIPTOR pSecurity Descriptor, 
IN LPDWORD IpcbSecurityDescriptor 

); 

typedef LONG 

(WINAPI *tClusterRegSetKeySecurity)( 
IN HKEY hKey, 

IN SECURITYJNFORMATION Security Inform at ion, 
IN PSECURITY_DESCRIPTOR pSecurity Descriptor 

); 



typedef DWORD 

(WINAPI *tGetNodeClusterState)( 
IN LPCWSTR IpszNodeName, 
OUT DWORD *pdwClusterState 

); 

typedef HCLUSTER 
(WINAPI *tOpenCluster)( 

IN LPCWSTR IpszClusterName 

); 

typedef BOOL 
(WINAPI *tCloseCluster)( 
IN HCLUSTER hCluster 

); 

typedef HKEY 
(WINAPI *tGetClusterKey)( 
IN HCLUSTER hCluster, 
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IN REGSAM sam Desired 

); 



typedef struct sClusApis { 

HMODULE ClusApi; 

tOpenCluster OpenCluster; 

tCloseCluster CloseCluster; 

tGetClusterKey GetClusterKey; 

tClusterRegCreateKey ClusterRegCreateKey; 

tClusterRegOpenKey ClusterRegOpenKey; 

tClusterRegDeleteKey ClusterRegDeleteKey; 

tClusterRegCloseKey ClusterRegCloseKey; 

tClusterRegEnumKey ClusterRegEnumKey; 

tClusterRegSetValue ClusterRegSetValue; 

tClusterRegDeleteValue ClusterRegDeleteValue; 

tClusterRegQueryValue ClusterRegQueryValue; 

tClusterRegEnumValue ClusterRegEnumValue; 

tClusterRegQuerylnfoKey ClusterRegQuerylnfoKey; 

tClusterRegGetKeySecurity ClusterRegGetKeySecurity; 

tClusterRegSetKeySecurity ClusterRegSetKeySecurity; 

tGetNodeClusterState GetNodeClusterState; 
} tClusApis,*pClusApis; 

ULONG UpdateClusterRegistries( tSnapShot *SnapShot ); 

ULONG IsClusterlnstalled(void); 

ULONG ClusterUpdateVolume( WCHAR *NTName ); 



File Listing: event.c 

#include <windows.h> 
#include <stdio.h> 
#include <stdlib.h> 
#include <process.h> 
#include <tchar.h> 
#include <winioctl.h> 
#include <undoc.h> 
#include "psm.h" 

#include "..\driver\ioctl.h" 

// this event is signalled when the 
// service should end 

// 

extern HANDLE hServerStopEvent; 
#define DLOG(x) printf x 

ULONG PSMI_OpenManager( HANDLE *hDevice ) 
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| PSM_LOW_COMPATIBLE_VERSION ); 
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{ 

TCHAR Name[40]={0}; 
ULONG returned=0; 
BOOL B=FALSE; 
ULONG Err=0; 



stprintf(Name,TEXT("\\\\.\\%s_%04x"),TEXT("psman"), 



*hDevice = CreateFile( Name, 

GENERIC_READ | GENERIC_WRITE, 
FILE_SHARE_READ | FILE_SHARE_WRITE, 
NULL, 

OPEN_EXISTING, 

FILE_FLAG_OVERLAPPED, 

NULL 

); 

if (*h Device) { 
Err = 0; 

} else { 

Err = GetLastError(); 

} 

return Err; 



} 



void DoVolumeOnlineEvent( void ) 
{ 

return; 

} 



ULONG DoCleanClusterDatabaseEvent( WCHAR *VolumeGuid, 
| WCHAR *Uniqueld ); 
548| 

void _cdecl PSMEventHandlerThread( void *Arg ) 
{ 

HANDLE PSMan; 

ULONG Err= PSMI_OpenManager(&PSMan); 
if(!Err) { 

HANDLE Handles[2]; 
OVERLAPPED o; 
tPSM_GetPSMEvent Event; 
ULONG returned; 



Handles[0] = hServerStop Event; 
o.hEvent = Handles[1] = 
| CreateEvent(NULL,TRUE,FALSE,NULL); 
561 1 



562| while(1) { 

563| ResetEvent(Handles[1]); 

564| 

565| // send command to driver 

566| 

| if(DeviceloControl(PSMan,IOCTL_GET_PSM_EVENT,NULL,0,&Eve 

| nt,sizeof(tPSM_GetPSMEvent),&returned,&o)) { 
567| Err = 0; 

568| } else { 

569| Err = GetLastError(); 

570| } 
571 1 

572| // we only ever expect io pending 

573| if((Err==ERROR_IO_PENDING) || (Err==0)) { 

574| // wait for an event to occur (or told 

| to exit) 
575| 

576| if(Err — 0) { 

577| Err = WAIT_OBJECT_0+1 ; 

578| } else { 

579| Err = 

| WaitForMultipleObjects(2,Handles,FALSE,INFINITE); 
580| } 
581 1 

582| if(Err==WAIT_OBJECT_0) { 

583| //told to exit 

584| break; 
585| } else 

586| if(Err==WAIT_OBJECT_0+1) { 

587| // driver specified event, find out 

| which one 
588| switch(Event. Event) { 

589 | case 

| PSM_EVENT_CLEAN_CLUSTER_REGISTRY : 
590| 

| DoCleanClusterDatabaseEvent( Event.VolumeGuid, 
| Event.Uniqueld ); 



591 1 break; 

592| case PSM_EVENT_VOLUME_ONLINE: 

593| DLOG((TEXT( M Volume '%S' is 

| online\n"), Event. NTName)); 

594| DoVolumeOnlineEvent(); 

595| break; 

596| default: 

597| DLOG((TEXT("Unknown event 

| %08x\n"),Event.Event)); 

598| //what to do??? 

599 1 break; 

600| } 

601 1 }else{ 



602| //what to do??? 

603| DLOG((TEXT("Error %08x waiting for 

| objects \n M ),Err)); 
604| } 
605| } else { 

606| DLOG((TEXT("Error %08x sending device 

| control\n M ),Err)); 
607| jf(Err==ERROR_INVALID_HANDLE) { 

608| // psm not installed 

609| //just exit 

61 0| break; 
611| } 
61 2| //what to do??? 

613| } 
61 4\ }// while 1 
615| CloseHandle(PSMan); 
616| CloseHandle(Handles[1]); 
61 7| }else{ 

61 8| DLOG((TEXT("Error %08x opening 

| manager\n"),Err)); 
619| } 
620| 

621 1 if ( hServerStopEvent ) { 

622| // set the event so the service will exit 

623| DLOG((TEXT("Setting stop event so service 

| exits\n"))); 
624 1 Set Eve nt ( hServerStop Eve nt) ; 
625| } 
626| } 
627| 
628| 
629| 

630| File Listing: main.c 
631 1 

632| #include <windows.h> 
633| #include <stdio.h> 
634| #include <stdlib.h> 
635| #include <process.h> 
636| #include <tchar.h> 
637| #include "service.h" 
638| 

639| // this event is signalled when the 
640| // service should end 
641 1 // 

642| HANDLE hServerStopEvent = NULL; 

643| extern void _cdecl PSMEventHandlerThread( void *Arg ); 

644| 

645| 

646| // 

647|// FUNCTION: ServiceStart 



648| // 

649| // PURPOSE: Actual code of the service that does the 

| work. 
650| // 

651 1 // PARAMETERS: 

652| // dwArgc - number of command line arguments 
653| // IpszArgv - array of command line arguments 
654| // 

655|// RETURN VALUE: 
656| // none 
657| // 

658| // COMMENTS: 
659| // 

660| VOID ServiceStart (DWORD dwArgc, LPTSTR *lpszArgv) 
661 1 { 

662| HANDLE hEvents[1] = {NULL}; 

663| DWORD dwWait; 

664| 

665| llllllllllllllllllllllllllllllllllllllllllllillllll 
666| // 

667| // Service initialization 

668| // 

669| 

670| // report the status to the service control manager. 
671 1 // 

672| if (!ReportStatusToSCMgr( 

673| SERVICE_START_PENDING, // 

| service state 
674| NO_ERROR, // 

| exit code 

675| 3000)) // 

| wait hint 
676| goto cleanup; 
677| 

678| // create the event object. The control handler 

| function signals 
679| // this event when it receives the "stop" control 

| code. 
680| // 

681 1 hServerStopEvent = CreateEvent( 
682| NULL, // no 

| security attributes 
683| TRUE, //manual 

| reset event 
684| FALSE, // 

| not-signalled 
685| NULL); // no name 

686| 

687| if ( hServerStopEvent == NULL) 
688| goto cleanup; 



689| 

690| hEvents[0] = hServerStopEvent; 
691 1 

692| // create thread for event handler 

693| _beginthread(PSMEventHandlerThread,0,NULL); 

694| 

695| // report the status to the service control manager. 
696| // 

697| if (!ReportStatusToSCMgr( 

698| SERVICE_START_PENDING, // 

| service state 
699| NO_ERROR, // 

| exit code 

700| 3000)) // 

| wait hint 
701 1 goto cleanup; 
702 1 
703| // 

704| // End of initialization 

705| // 

706| 

| llllllllllllllllllllllllllllllllllllllllllllllllllllllll 
707\ 

708| // report the status to the service control manager. 
709| // 

71 0| if (!ReportStatusToSCMgr( 

711 1 SERVICERUNNING, // 

| service state 
71 2| NO_ERROR, // 

| exit code 
713| 0)) // 

| wait hint 
71 4 1 goto cleanup; 
715| 
716| 

| lllilllllllllllllllllillllllllilllllllllllllllllllllllil 
717| // 

71 8| // Service is now running, perform work until 

| shutdown 
719| // 
720| 

721 1 while ( 1 ) 
722| { 

723| dwWait = WaitForMultipleObjects( 1 , hEvents, 

| FALSE, INFINITE ); 
724| if ( dwWait == WAIT_OBJECT_0 ) 
725| break; 
726| } 
727| 

728| cleanup: 



729 1 






730| 




if (hServerStopEvent) 


731 1 




CloseHandle(hServerStopEvent); 


732 1 






733| 


} 




734| 






735| 






736| 


// 




737| 


// 


FUNCTION: ServiceStop 


738| 


// 




739 1 


// 


PURPOSE: Stops the service 


740| 


// 




741 1 


// 


PARAMETERS: 


742 1 


// 


none 


743| 


// 




744| 


// 


RETURN VALUE: 


745| 


// 


none 


746| 


// 




747| 


// 


COMMENTS: 


748| 


// 


If a ServiceStop procedure is going to 


749| 


// 


take longer than 3 seconds to execute, 


750| 


// 


it should spawn a thread to execute the 


751 1 


// 


stop code, and return. Otherwise, the 


752 1 


// 


ServiceControlManager will believe that 


753| 


// 


the service has stopped responding. 


754| 


// 




755| 


VOID ServiceStop() 


756| 


{ 




757| 




if ( hServerStopEvent ) 


758[ 




SetEvent(hServerStopEvent); 


759| 


} 




760| 






761 1 






762 1 






763| 


File Listing: Service.c 


764| 






7651 


/*- 


# 



| include <windows.h> 
#include <stdio.h> 
#include <stdlib.h> 
#include <process.h> 
#include <tchar.h> 
#include <shellapi.h> 



766| 
767| 
768| 
769| 
770| 
771 1 
772 1 
773| 
774| 
775| 

| status of the service 
776| SERVICE_STATUS_HANDLE sshStatusHandle; 



#include "service. h" 
// internal variables 

SERVICE STATUS ssStatus; //current 



7771 

778 

779 

780 

781 

782 

783 

I * 
784 
785 
786 
787 
788 

I) 
789 
790 
791 
792 
793 
794 
795 
796 
797 
798 
799 
800 
801 
802 
803 
804 
805 
806 
807 
808 
809 
810 
811 
812 



813 
814 
815 
816 
817 
818 
819 
820 
821 
822 
823 



DWORD dwErr = 0; 

BOOL bDebug = FALSE; 

TCHAR szErr[256]; 

// internal function prototypes 

VOID WINAPI service_ctrl(DWORD dwCtrlCode); 

VOID WINAPI service_main(DWORD dwArgc, LPTSTR 

pszArgv); 

VOID CmdlnstallServiceO; 

VOID CmdRemoveServiceO; 

VOID CmdDebugService(int argc, char **argv); 

BOOL WINAPI ControlHandler ( DWORD dwCtrlType ); 

LPTSTR GetLastErrorText( LPTSTR IpszBuf, DWORD dwSize 



// 

// FUNCTION: main 

// 

// PURPOSE: entrypoint for service 

// 

// PARAMETERS: 

// argc - number of command line arguments 
// argv - array of command line arguments 

// 

// RETURN VALUE: 
// none 

// 

// COMMENTS: 

// main() either performs the command line task, or 
// call StartServiceCtrlDispatcher to register the 
// main service thread. When the this call returns, 
// the service has stopped, so exit. 

// 

void cdecl main(int argc, char **argv) 

{ 

SERVICE_TABLE_ENTRY dispatchTableQ = 
{ 

{ TEXT(SZSERVICENAME), 



| (LPSERVICE_MAIN_FUNCTION)service_main}, 



{ NULL, NULL} 

}; 

if ( (argc > 1 ) && 

((*argv[1]== '-') || (*argv[1] == '/'))) 

{ 

if ( _stricmp( "install", argv[1]+1 ) == 0 ) 
{ 

CmdlnstallServiceO; 

} 

else if ( _stricmp( "remove", argv[1]+1 ) == 0 ) 



824| { 

825| CmdRemoveService(); 
826| } 

827| else if ( _stricmp( "debug", argv[1]+1 ) == 0 ) 
828| { 

829| bDebug = TRUE; 

830| CmdDebugService(argc, argv); 

831| } 

832| else 

833| { 

834| goto dispatch; 

835| } 

836| exit(O); 

837| } 

838| 

839| // if it doesn't match any of the above parameters 
840| // the service control manager may be starting the 
| service 

841 1 // so we must call StartServiceCtrl Dispatcher 
842 1 dispatch: 

843| // this is just to be friendly 

844| printf( "%s -install to install the 

| service\n", SZAPPNAME ); 
845| printf( "%s -remove to remove the 

| serviced", SZAPPNAME ); 
846| printf( "%s -debug <params> to run as a console 

| app for debugging^", SZAPPNAME ); 
847| printf( "VnStartServiceCtrl Dispatcher being 

| calledAn" ); 

848| printf( "This may take several seconds. Please 

| waitAn" ); 
849| 

850| if (!StartServiceCtrlDispatcher(dispatchTable)) 

851 1 AddToMessageLog(TEXT("StartServiceCtrlDispatcher 

| failed.")); 
852|} 
853| 
854| 
855| 
856| // 

857| // FUNCTION: service_main 
858| // 

859| // PURPOSE: To perform actual initialization of the 

| service 
860| // 

861 1 // PARAMETERS: 

862| // dwArgc - number of command line arguments 
863| // IpszArgv - array of command line arguments 
864| // 

865|// RETURN VALUE: 



866| // none 
867| // 

868| // COMMENTS: 

869| // This routine performs the service initialization 

| and then calls 
870| // the user defined ServiceStart() routine to 

| perform majority 
871 1 // of the work. 
872| // 

873| void WINAPI service_main(DWORD dwArgc, LPTSTR 

| *lpszArgv) 
874|{ 
875| 

876| // register our service control handler: 
877| // 

878| sshStatusHandle = RegisterServiceCtrlHandler( 

| TEXT(SZSERVICENAME), service_ctrl); 
879| 

880| if (IsshStatusHandle) 
881 1 goto cleanup; 
882 1 

883| // SERVICE_STATUS members that don't change in 

| example 
884| // 

885| ssStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS; 

886| ssStatus.dwServiceSpecificExitCode = 0; 

887| 

888| 

889| // report the status to the service control manager. 
890| // 

891 1 if (!ReportStatusToSCMgr( 

892| SERVICE_START_PENDING, // 

| service state 
893| NO_ERROR, // 

| exit code 

894| 3000)) // 

| wait hint 
895| goto cleanup; 
896| 
897| 

898| ServiceStart( dwArgc, IpszArgv ); 
899| 

900| cleanup: 
901 1 

902| // try to report the stopped status to the service 

| control manager. 
903| // 

904| if (sshStatusHandle) 

905| (VOID)ReportStatusToSCMgr( 

906| SERVICE_STOPPED, 



907| dwErr, 
908| 0); 
909 1 

91 0| return; 

911|} 

912| 

913| 

914| 

915| // 

91 6|// FUNCTION: service_ctrl 
91 7| // 

918| // PURPOSE: This function is called by the SCM 
| whenever 

91 9| // ControlService() is called on this 

| service. 
920 1 // 

921 1 // PARAMETERS: 

922| // dwCtrlCode - type of control requested 

923 1 // 

924| // RETURN VALUE: 
925| // none 
926| // 

927| // COMMENTS: 
928| // 

929| VOID WINAPI service_ctrl(DWORD dwCtrlCode) 
930| { 

931 1 // Handle the requested control code. 
932 1 // 

933| switch (dwCtrlCode) 
934| { 

935| // Stop the service. 
936| // 

937| // SERVICE_STOP_PENDING should be reported before 
938| // setting the Stop Event - hServerStopEvent - in 
939| // ServiceStop(). This avoids a race condition 
940| // which may result in a 1 053 - The Service did not 

| respond... 
941 1 // error. 

942| case SERVICE_CONTROL_STOP: 

943| ReportStatusToSCMgr(SERVICE_STOP_PENDING, 

| NO_ERROR, 0); 
944| ServiceStop(); 
945 1 return; 
946| 

947| // Update the service status. 
948| // 

949| case SERVICE CONTROL INTERROGATE: 
950 1 break; 
951 1 

952 1 // invalid control code 



953| // 
954| default: 
955| break; 
956| 
957| } 
958| 

959| ReportStatusToSCMgr(ssStatus.dwCurrentState, 

| NO_ERROR, 0); 
960| } 
961 1 
962| 
963| 
964| // 

965| // FUNCTION: ReportStatusToSCMgr() 
966| // 

967| // PURPOSE: Sets the current status of the service and 
968| // reports it to the Service Control Manager 
969| // 

970\// PARAMETERS: 

971 1 // dwCurrentState - the state of the service 
972| // dwWin32ExitCode - error code to report 
973| // dwWaitHint - worst case estimate to next 

| checkpoint 
974| // 

975|// RETURN VALUE: 
976| // TRUE - success 
977|// FALSE -failure 
978| // 

979| // COMMENTS: 
980| // 

981 1 BOOL ReportStatusToSCMgr(DWORD dwCurrentState, 
982| DWORD dwWin32ExitCode, 

983| DWORD dwWaitHint) 

984| { 

985| static DWORD dwCheckPoint = 1 ; 

986| BOOL f Result = TRUE; 

987| 

988| 

989| if ( IbDebug ) // when debugging we don't report to 

| the SCM 
990| { 

991 1 if (dwCurrentState == SERVICE START PENDING) 
992| ssStatus.dwControlsAccepted = 0; 
993| else 

994| ssStatus.dwControlsAccepted = 

| SERVICE_ACCEPT_STOP; 
995| 

996| ssStatus. dwCurrentState = dwCurrentState; 
997| ssStatus.dwWin32ExitCode = dwWin32ExitCode; 
998| ssStatus.dwWaitHint = dwWaitHint; 



999| 
1000 
1001 
1002 
1003 
1004 
1005 
1006 
1007 



service control manager. 



1008 
1009 



| sshStatusHandle, &ssStatus))) 



1010 
1011 
1012 
1013 
1014 
1015 
1016 
1017 
1018 
1019 
1020 
1021 
1022 
1023 
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1025 
1026 
1027 
1028 
1029 
1030 
1031 
1032 
1033 
1034 
1035 
1036 
1037 
1038 
1039 
1040 
1041 
1042 
1043 
1044 
1045 
1046 



if ( ( dwCurrentState == SERVICE_RUNNING ) || 
( dwCurrentState == SERVICE_STOPPED ) ) 
ssStatus.dwCheckPoint = 0; 
else 

ssStatus.dwCheckPoint = dwCheckPoint++; 



// Report the status of the service to the 



// 

if (!(f Result = SetServiceStatus( 



{ 

AddToMessageLog(TEXT("SetServiceStatus")); 

} 

} 

return fResult; 



// 

// FUNCTION: AddToMessageLog(LPTSTR IpszMsg) 

// 

// PURPOSE: Allows any thread to log an error message 

// 

// PARAMETERS: 

// IpszMsg - text for message 

// 

// RETURN VALUE: 
// none 

// 

// COMMENTS: 

// 

VOID AddToMessagel_og(LPTSTR IpszMsg) 
{ 

#if 0 

TCHAR szMsg[256]; 
HANDLE hEventSource; 
LPTSTR lpszStrings[2]; 



if ( !b Debug ) 
{ 

dwErr = GetLastError(); 

// Use event logging to log the error. 

// 

hEventSource = RegisterEventSource(NULL, 



I TEXT(SZSERVICENAME)); 
1047| 

1 048| _stprintf(szMsg, TEXT("%s error: %d"), 
| TEXT(SZSERVICENAME), dwErr); 



1049| 
1050| 
1051| 
1052| 
1053| 
1054| 

| source 
1055| 

| type 
1056| 

| category 
1057| 
1058| 

| user's SID 
1059| 

| in IpszStrings 
1060| 

| of raw data 
1061| 

| error strings 
1062| 



lpszStrings[0] = szMsg; 
lpszStrings[1] = IpszMsg; 

if (hEventSource != NULL) 
{ 

ReportEvent(hEventSource, // handle of event 
EVENTLOG ERROR TYPE, //event 



0, 
0, 

NULL, 

2, 
0, 

IpszStrings, 
NULL); 



// event 

//event ID 
// current 

// strings 

// no bytes 

// array of 

// no raw 



| data 
1063| 

1064| (VOID) DeregisterEventSource(hEventSource); 

1065| } 

1066| } 

1067| #endif 

1068| } 

1069| 

1070| 

1071| 

1072| 

1 073| //////////////////////////////////////////////////////// 

| /////////// 
1074| // 

1075| // The following code handles service installation and 

| removal 
1076| // 
1077| 
1078| 
1079| // 

1080| // FUNCTION: CmdlnstallService() 
1081 1 // 

1082| // PURPOSE: Installs the service 
1083| // 

1084| // PARAMETERS: 



1 085| // none 
1086| // 

1087| // RETURN VALUE: 
1 088| // none 
1089| // 

1090| // COMMENTS: 
1091| // 

1092| void CmdlnstallService() 
1093| { 

1094| SCJHANDLE schService; 
1095| SCJHANDLE schSCManager; 
1096| 

1 097| TCHAR szPath[51 2]; 
1098| 

1099| if ( GetModuleFileName( NULL, szPath, 512 ) == 0 ) 
1100| { 

1101| _tprintf(TEXT("Unable to install %s - %s\n M ), 

| TEXT(SZSERVICEDISPLAYNAME), GetLastErrorText(szErr, 
I 256)); 

1102| return; 

1103| } 

1104| 

1 1 05| schSCManager = OpenSCManager( 
1106| NULL, 

| // machine (NULL == local) 
1107| NULL, 

| // database (NULL == default) 
1 1 08| SC_MANAGER_ALL_ACCESS 

| // access required 
1109| ); 
1110| if ( schSCManager ) 
1111| { 

1 1 1 2| schService = CreateService( 
1113| schSCManager, 

| // SCManager database 
1 1 1 4| TEXT(SZSERVICENAME), 

| // name of service 
1115| 

| TEXT(SZSERVICEDISPLAYNAME), // name to display 
1 1 1 6| SERVICE_ALL_ACCESS, 

| // desired access 
1117| 

| SERVICE_WIN32_OWN_PROCESS, // service type 
1118| SERVICE_AUTO_START, 
| // start type 

1119| SERVICE_ERROR_NORMAL, 

| // error control type 
1120| szPath, 

| // service's binary 
1121| NULL, 



I // no load ordering group 
1122| NULL, 

| // no tag identifier 
1123| TEXT(SZDEPENDENCIES), 

| // dependencies 
1124| NULL, 

| // LocalSystem account 
1125| NULL); 

| // no password 
1126| 

1127| if ( schService ) 
1128| { 

1 1 29| _tprintf(TEXT("%s installedAn"), 

| TEXT(SZSERVICEDISPLAYNAME) ); 
1130| CloseServiceHandle(schService); 
1131| } 
1132| else 
1133| { 

1 1 34| _tprintf (TEXTfCreateService failed - %s\n"), 

| GetLastErrorText(szErr, 256)); 
1135| } 
1136| 

1 137| CloseServiceHandle(schSCManager); 
1138| } 
1139| else 

1 1 40| _tprintf(TEXT("OpenSCManager failed - %s\n"), 

| GetLastErrorText(szErr,256)); 
1141|} 
1142| 
1143| 
1144| 
1145|// 

1146| // FUNCTION: CmdRemoveService() 
1147| // 

1148| // PURPOSE: Stops and removes the service 
1149| // 

1150| // PARAMETERS: 
1151| // none 
1152| // 

1153| // RETURN VALUE: 
1154|// none 
1155|// 

1156|// COMMENTS: 
1157| // 

1158| void CmdRemoveServiceO 
1159| { 

1160| SCJHANDLE schService; 
1161| SCJHANDLE schSCManager; 
1162| 

1 1 63| schSCManager = OpenSCManager( 



1164| NULL, 

| // machine (NULL == local) 
1165| NULL, 

| // database (NULL == default) 
1 1 66| SC_MANAGER_ALL_ACCESS 

| // access required 
1167| ); 
1 1 68| if ( schSC Manager ) 
1169| { 

1 1 70| schService = OpenService(schSCManager, 

| TEXT(SZSERVICENAME), SERVICE_ALL_ACCESS); 
1171| 

1 1 72| if (schService) 
1173| { 

1 1 74| // try to stop the service 

1 1 75| if ( ControlService( schService, 

| SERVICE_CONTROL_STOP, SssStatus ) ) 
1176| { 

1 1 77| _tprintf(TEXT("Stopping %s."), 

| TEXT(SZSERVICEDISPLAYNAME)); 
1178| Sleep( 1000); 

1179| 

1 1 80| while ( QueryServiceStatus( schService, 

| &ssStatus ) ) 
1181| { 

1 1 82| if ( ssStatus.dwCurrentState == 

| SERVICE_STOP_PENDING ) 
1183| { 

1184| _tprintf(TEXT(".")); 

1185| Sleep(1000); 

1186| } 

1187| else 

1188| break; 

1189| } 

1190| 

1191| if ( ssStatus.dwCurrentState == 

| SERVICE_STOPPED ) 
1 1 92| _tprintf(TEXT("\n%s stoppedAn"), 

| TEXT(SZSERVICEDISPLAYNAME) ); 
1193| else 

1 1 94| _tprintf(TEXT("\n%s failed to stopAn"), 

| TEXT(SZSERVICEDISPLAYNAME) ); 
1195| 

1196| } 
1197| 

1 1 98| // now remove the service 
1199| if ( DeleteService(schService) ) 
1200| _tprintf(TEXT("%s removed An"), 

| TEXT(SZSERVICEDISPLAYNAME) ); 
1201| else 



1 202| _tprintf (TEXT("DeleteService failed - 

| %s\n"), Getl_astErrorText(szErr,256)); 
1203| 
1204| 

1 205| CloseServiceHandle(schService); 
1206| } 
1207| else 

1 208| _tprintf(TEXT("OpenService failed - %s\n"), 

| GetLastErrorText(szErr,256)); 
1209| 

1 21 0| CloseServiceHandle(schSCManager); 
1211| } 
1212| else 

1213| _tprintf(TEXT("OpenSCManager failed - %s\n"), 

| GetLastErrorText(szErr,256)); 
1214| } 
1215| 
1216| 
1217| 
1218| 

1219| llllllllllllllllllllllllllllllllllllllllllllllllllllllll 

| /////////// 
1220| // 

1221 1 // The following code is for running the service as a 

| console app 
1222| // 
1223| 
1224| 
1225| // 

1226| // FUNCTION: CmdDebugService(int argc, char ** argv) 
1227| // 

1228| // PURPOSE: Runs the service as a console application 
1229| // 

1230| // PARAMETERS: 

1231 1 // argc - number of command line arguments 
1232| // argv - array of command line arguments 
1233| // 

1234| // RETURN VALUE: 
1235| // none 
1236| // 

1237| // COMMENTS: 
1238| // 

1239| void CmdDebugService(int argc, char ** argv) 
1240| { 

1241| DWORD dwArgc; 
1242| LPTSTR *lpszArgv; 
1243| 

1244| #ifdef UNICODE 

1245| IpszArgv = CommandLineToArgvW(GetCommandLineW(), 
| &(dwArgc) ); 



1246| #else 

1247| dwArgc = (DWORD) argc; 
1248| IpszArgv = argv; 
1249| #endif 
1250| 

1 251 1 _tprintf(TEXT("Debugging %s.\n"), 

| TEXT(SZSERVICEDISPLAYNAME)); 
1252| 

1253| SetConsoleCtrlHandler( ControlHandler, TRUE ); 
1254| 

1255| ServiceStart( dwArgc, IpszArgv ); 
1256| 

1257| #ifdef UNICODE 

1258| // Must free memory allocated for arguments 
1259| 

1260| GlobalFree(lpszArgv); 

1261| #endif // UNICODE 

1262| 

1263| } 

1264| 

1265| 

1266| // 

1267| // FUNCTION: ControlHandler ( DWORD dwCtrlType ) 
1268| // 

1269| // PURPOSE: Handled console control events 
1270| // 

1271| // PARAMETERS: 

1 272| // dwCtrlType - type of control event 

1273| // 

1274| // RETURN VALUE: 
1275| // True - handled 
1276| // False - unhand led 
1277| // 

1278| // COMMENTS: 
1279| // 

1280| BOOL WINAPI ControlHandler ( DWORD dwCtrlType ) 
1281| { 

1282| switch ( dwCtrlType ) 
1283| { 

1 284| case CTRL_BREAK_EVENT: // use Ctrl+C or Ctrl+Break 
| to simulate 

1285| case CTRL_C_EVENT: // SERVICE_CONTROL_STOP in 

| debug mode 
1286| _tprintf(TEXT("Stopping %s.\n"), 

| TEXT(SZSERVICEDISPLAYNAME)); 
1287| ServiceStop(); 
1288| return TRUE; 
1289| break; 
1290| 
1291| } 



1292 
1293 
1294 
1295 
1296 
1297 
1298 
1299 
1300 
1301 
1302 
1303 
1304 
1305 
1306 
1307 
1308 
1309 
1310 
1311 
1312 
1313 
1314 



return FALSE; 

} 

// 

// FUNCTION: GetLastErrorText 

// 

// PURPOSE: copies error message text to string 

// 

// PARAMETERS: 

// IpszBuf - destination buffer 

// dwSize - size of buffer 

// 

// RETURN VALUE: 
// destination buffer 

// 

// COMMENTS: 

// 

LPTSTR GetLastErrorText( LPTSTR IpszBuf, DWORD dwSize ) 
{ 

DWORD dwRet; 

LPTSTR IpszTemp = NULL; 



dwRet = FormatMessage( 
| FORMAT MESSAGE ALLOCATE BUFFER | 
| FORMAT_MESSAGE_FROM_SYSTEM 
| |FORMAT_MESSAGE_ARGUMENT_ARRAY, 
1315| NULL, 
1316| GetLastError(), 
1317| LANGJMEUTRAL, 
1318| (LPTSTR)&lpszTemp, 
1319| 0, 
1320| NULL); 
1321| 

1322| // supplied buffer is not long enough 

1323| if ( IdwRet || ( (long)dwSize < (long)dwRet+14 ) ) 

1 324| lpszBuf[0] = TEXTC\0'); 

1325| else 

1326| { 

1327| lpszTemp[lstrlen(lpszTemp)-2] = TEXTOW); 

| //remove cr and newline character 
1328| _stprintf( IpszBuf, TEXT("%s (0x%x)"), IpszTemp, 

| GetLastError() ); 
1329| } 
1330| 

1331| if (IpszTemp) 

1332| Local Free( (H LOCAL) IpszTemp ); 

1333| 

1334| return IpszBuf; 

1335| } 

1336| 



1337| 
1338| 

1339| File Listing: Service. h 
1340| 

1341 1 #ifndef _SERVICE_H 
1342| #define_SERVICE_H 
1343| 
1344| 

1345| #ifdef cplusplus 

1346| extern "C" { 
1347| #endif 
1348| 
1349| 

1350| llllll/llfll/ll/ll/ll/lllllllllllfll/ll/lllll/llllllllll 

| ////////////////////// 
1351 1 //// todo: change to desired strings 
1352| //// 

1353| // name of the executable 

1 354| #define SZAPPNAME "psmserv" 

1355| // internal name of the service 

1 356| #define SZSERVICENAME "psmserv" 

1357| // displayed name of the service 

1358| #define SZSERVICEDISPLAYNAME "Persistent Storage 

| Manager Service" 
1359| // list of service dependencies - "dep1\0dep2\0\0" 
1360| #define SZDEPENDENCIES 
1361 1 llllllillllllllfll/llfll/ll/lllllfll/ll/llllllll/ll/llll 

| ////////////////////// 
1362| 
1363| 
1364| 

1365| lllllllllillilllllllllllllllllllllllllllllllllllllllllll 

| III llll III II III II II I II 
1366| ////todo: ServiceStart()must be defined by in your 

| code. 

1367| //// The service should use ReportStatusToSCMgr 
| to indicate 

1368| //// progress. This routine must also be used by 

| StartService() 
1369| //// to report to the SCM when the service is 

| running. 
1370| //// 

1 371 1 //// If a ServiceStop procedure is going to take 
| longer than 

1372| //// 3 seconds to execute, it should spawn a 
| thread to 

1373| //// execute the stop code, and return. 

| Otherwise, the 
1 374| //// ServiceControlManager will believe that the 

| service has 



1375| //// stopped responding 
1376| //// 

1377| VOID ServiceStart(DWORD dwArgc, LPTSTR *lpszArgv); 

1378| VOIDServiceStopQ; 

1379| llllllllllllllllll/lllll/l/llllll/IIIIIIIIIIIIIIIIIHIII 

| ////////////////////// 
1380| 
1381| 
1382| 

1383| llllllllllllllllllllllllllllll/ll/lllll/llllllll/ll/llll 

| II I II II I II II II ill II I II 
1384| //// The following are procedures which 
1385| //// may be useful to call within the above procedures, 
1386| //// but require no implementation by the user. 
1387| //// They are implemented in service. c 
1388| 
1389| // 

1390| // FUNCTION: ReportStatusToSCMgr() 
1391| // 

1392| // PURPOSE: Sets the current status of the service and 
1393| // reports it to the Service Control Manager 
1394| // 

1395| // PARAMETERS: 

1 396| // dwCurrentState - the state of the service 
1 397| // dwWin32ExitCode - error code to report 
1 398| // dwWaitHint - worst case estimate to next 

| checkpoint 
1399| // 

1400| // RETURN VALUE: 
1401 1 // TRUE - success 
1402| // FALSE - failure 
1403| // 

1404| BOOL ReportStatusToSCMgr(DWORD dwCurrentState, DWORD 

| dwWin32ExitCode, DWORD dwWaitHint); 
1405| 
1406| 
1407| // 

1408| // FUNCTION: AddToMessageLog(LPTSTR IpszMsg) 
1409| // 

141 0| // PURPOSE: Allows any thread to log an error message 
141 1 1 // 

1412| // PARAMETERS: 

1 41 3| // IpszMsg - text for message 

1414| // 

1415| // RETURN VALUE: 
1416| // none 
1417| // 

1 41 8| void AddToMessageLog(LPTSTR IpszMsg); 
1419| lllllllllllll/lllll/llllllllllllll/lllllllllllllllllllll 
| II I II lllllll Hill II I II 



1420| 
1421| 

1422| #ifdef cplusplus 

1423| } 
1424| #endif 
1425| 

1426| #endif 
1427| 
1428| 
1429| 

1430| PSM Command Line Source 
1431| 

1432| The Command Line allows the user and the scheduling 

1433| system to issue commands to the PSM system. --LPW 

1434| 

1435| 

1436| 

1437| File Listing: File: bootini.c 
1438| 

1439| #include "precomp.h" 
1440| 

1441| // 

| 

I- 
1442| 

1443| STATIC ULONG UpdateBootlniBuffer ( 

1444| const char *OriginalBuffer, 

1445| const ULONG OriginalBytesRead, 

1446| char *TempBuffer, 

1447| ULONG *TempBytes, 

1448| const ULONG TempBufferSize ); 

1449| 

1450| // 

| 

I- 
1451| 

1452| void UpdateBootlni() 

1453| { 

1454| 

| // 
| 

1 455| // This function determines whether the file 

| '%systemdrive%\boot.ini' should 
1456| // be copied and updated in 

| '%systemroot%\system32\boot.ini\ 
1457| // The purpose is to make sure we always have 

| Ynopsm' and Vresetpsm' options 
1458| // available if someone boots up Recovery Console, 

| so they can manually copy 
1459| // boot.ini back into the root of the boot drive. 



1460| // 

1 461 1 // We avoid re-creating the copy if the copy exists 

| already and its contents 
1 462| // are identical to what we would replace it with. 
1 463| // The rationale for this is that if the computer 

| crashes soon after we 
1 464| // overwrite the copy of boot.ini, it may not be 

| flushed from the cache manager 
1465| // and not be available. Writing only when 

| necessary greatly reduces this risk. 
1466| // 

1 467| // However, we don't just avoid overwriting the 

| copy just because already exists. 
1468| // This is because the system administrator may 

| edit the original boot.ini at any 
1 469| // time, and we want to get a freshly updated copy. 
1470| // 

1 471 1 // We also need to detect the case where the 

| updated copy has been manually 
1 472| // copied to the root, so we don't keep adding 

| superfluous boot entries. 

1473| 

| // 



1474| 

1475| const ULONG BUFFER_SIZE = 64 * 1024; 

1476| const ULONG MAX_BOOTINI_SIZE = BUFFER SIZE / 4; 

1 477| char *OriginalBuffer = NULL; 

1 478| char *UpdatedBuffer = NULL; 

1 479| char *TempBuffer = NULL; 

1 480| FILE *OriginalFile = NULL; 

1481| FILE *UpdatedFile = NULL; 

1482| const char *Env = NULL; 

1483| char OriginalFileName [256]; 

1 484| char UpdatedFileName [256]; 

1 485| char BackupFileName [256] ; 

1486| 

1487| DEBUG_WRITE(L"»> Entering UpdateBootlni()\n M ); 
1488| 

1489| Env = getenvfSystem Drive"); 

1490| if(!Env){ 

1491 1 DEBUG_WRITE(L"»> !!! Environment variable 

| 'SystemDrive' not found !!!\n"); 

1492| }else{ 

1 493| sprintf (OriginalFileName, "%s\\boot.ini", 
I Env); 

1 494| DEBUG_WRITE(L"»> OriginalFileName = '%S'\n", 

| OriginalFileName); 
1495| Env = getenv("SystemRoot"); 
1496| if(!Env){ 



1497| DEBUG_WRITE(L">» !!! Environment variable 

| 'System Root' not found !!!\n"); 
1498| }else{ 

1499| sprintf (UpdatedFileName, 

| "%s\\system32\\boot.ini", Env); 
1 500| DEBUG_WRITE(L">» UpdatedFileName = 

| '%SYT, UpdatedFileName); 
1501| 

1 502| sprintf (BackupFileName, 

| "%s\\system32\\boot.sav M , Env); 
1503| DEBUG_WRITE(L M »> BackupFileName = 

| '%S'\n M , BackupFileName); 
1504| 

1 505| OriginalBuffer = (char *) 

| malloc(BUFFER_SIZE); 
1506| if ( SOriginalBuffer ) { 

1507| WRITE_ERROR(L"Warning: Could not 

| allocate memory for boot.ini safe copy (1)\n M ); 
1508| }else{ 

1509| memset (OriginalBuffer, 0, 

| BUFFER_SIZE); 
1510| UpdatedBuffer = (char *) 

| malloc(BUFFER_SIZE); 
1511| if ( !UpdatedBuffer ) { 

1512| WRITE_ERROR(L"Warning: Could not 

| allocate memory for boot.ini safe copy (2)\n M ); 
1513| }else{ 
1 51 4| memset (UpdatedBuffer, 0, 

| BUFFER_SIZE); 
1 51 5| TempBuffer = (char *) 

| malloc(BUFFER_SIZE); 
1516| if ( ITempBuffer ) { 

1517| WRITE_ERROR(L"Warning: Could 

| not allocate memory for boot.ini safe copy (3)\n M ); 
1518| }else{ 
1 51 9| memset (TempBuffer, 0, 

| BUFFERSIZE); 
1520| OriginalFile = 

| fopen(OriginalFileName,"rt M ); 
1521| if ( SOriginalFile ) { 

1 522| DEBUG_WRITE(L"Cannot open 

| file '%S' for read\n",OriginalFileName); 
1523| }else{ 

1 524| ULONG OriginalBytesRead = 

| fread (OriginalBuffer, 1, BUFFER SIZE, OriginalFile); 

1 525| fclose(OriginalFile); 

1526| OriginalFile = NULL; 

1 527| DEBUG_WRITE(L">» Read %u 

| bytes from '%S'\n M , OriginalBytesRead, OriginalFileName); 

1528| 



1 529| if ( OriginalBytesRead >= 

| MAX_BOOTINI_SIZE ) { 
1530| WRITE_ERROR(L"Warning: 

| File '%S' is too big to make safe 

| copy\n M ,OriginalFileName); 
1531| }else{ 
1 532| ULONG UpdateSuccess = 

| FALSE; 

1 533| ULONG Updated Bytes Read 

l = 0; 

1 534| ULONG TempBytes = 0; 

| // number of bytes generated in TempBuffer 
1 535| ULONG ShouldMakeCopy = 

| FALSE; 
1536| 

1537| UpdatedFile = 

| fopen(UpdatedFileName,"rt M ); 
1538| if ( SUpdatedFile ) { 

1539| ShouldMakeCopy = 

| TRUE; 

1 540| DEBUG_WRITE(L">» 

| UpdateBootlni: Updated file does not already exist\n M ); 
1541| }else{ 
1542| UpdatedBytesRead = 

| fread(UpdatedBuffer, 1, BUFFER_SIZE, UpdatedFile); 
1543| fclose 

| (UpdatedFile); 
1544| UpdatedFile = NULL; 

1 545| DEBUG_WRITE(L">» 

| Read %u bytes from 

| '%S'\n M ,UpdatedBytesRead,UpdatedFileName); 
1546| } 
1547| 
1548| 

| OriginalBuffer[OriginalBytesRead] = '\0'; 
1549| 

| UpdatedBuffer[UpdatedBytesRead] = \0'; 
1550| 

1 551 1 // Generate updated 

| boot.ini image in TempBuffer based on OriginalBuffer. 
1 552| // Then compare to 

| UpdatedBuffer. If not identical, then overwrite 

| updated 
1553| //file with 

| TempBuffer. 
1554| 

1 555| UpdateSuccess = 

| UpdateBootlniBuffer ( 
1556| OriginalBuffer, 
1 557| OriginalBytesRead, 



1558| TempBuffer, 
1559| &TempBytes, 
1560| BUFFER_SIZE ); 

1561| 

1 562| if ( UpdateSuccess && 

| !ShouldMakeCopy ) { 
1563| if( 

| TempBytes!=UpdatedBytesRead || 

| memcmp(TempBuffer,UpdatedBuffer,UpdatedBytesRead)!=0 ) 
|{ 

1564| 

| DEBUG_WRITE(L"»> Contents of '%S' do not match 
| in-memory updated image.\n",UpdatedFileName); 

1 565| ShouldMakeCopy 
| = TRUE; 

1566| } 

1567| } 

1568| 

1 569| if ( UpdateSuccess && 

| ShouldMakeCopy ) { 
1570| FILE *BackupFile = 

| fopen (BackupFileName, "wt"); 
1571| if ( BackupFile ) { 

1572| ULONG 

| BackupBytesWritten = fwrite (OriginalBuffer, 1 , 

| OriginalBytesRead, BackupFile); 
1573| fclose 

| (BackupFile); 
1574| BackupFile = 

| NULL; 

1575| if( 

| BackupBytesWritten == OriginalBytesRead ) { 
1576| 

| DEBUG_WRITE(L"»> Successfully made backup of '%S' in 

| '%SYT, OriginalFileName, BackupFileName); 
1577| }else{ 
1578| 

| DEBUG_WRITE(L"»> !!! Could only write %u bytes to 

| '%SYT, BackupFileName); 
1579| } 
1580| }else{ 
1581| 

| DEBUG_WRITE(L"»> Could not make backup file '%S'\n", 

| BackupFileName); 
1582| } 
1583| 

1584| DEBUG_WRITE(L"»> 
| **** Trying to update '%SYi",UpdatedFileName); 

1 585| UpdatedFile = fopen 

| (UpdatedFileName, "wt"); 



1586| 
I { 



if ( lUpdatedFile ) 



1587| 

| WRITE_ERROR(L"Warning: Could not open '%S' to write 
| safe copy of '%S'\n",UpdatedFileName,OriginalFileName); 



| UpdatedBytesWritten = fwrite (TempBuffer, 1 , TempBytes, 
| UpdatedFile); 



| NULL; 
1592| 
1593| 

| DEBUG_WRITE(L"»> Wrote %u bytes to 

| , %S'\n",UpdatedBytesWritten,UpdatedFileName); 

1594| if( 

| UpdatedBytesWritten == TempBytes ) { 

1595| 

| DEBUG_WRITE(L"»> **** Safe copy of boot.ini was 

| successful!\n"); 
1596| }else{ 
1597| 

| WRITE_ERROR(L"Warning: Could not write complete safe 
| copy of '%S' to 

| '%S'\n",OriginalFileName,UpdatedFileName); 
1598| } 
1599| } 
1600| }else{ 
1601| DEBUG_WRITE(L"»> 

| **** Leaving alone existing '%S'\n", Updated FileName); 
1602| } 
1603| } 
1604| } 



1588| 
1589| 



} else { 
ULONG 



1590| 

| (UpdatedFile); 
1591| 



fclose 



UpdatedFile = 



1605| 
1606| 
1607| 
1608| 
1609| 
1610| 
1611| 
1612| 
1613| 
1614| 
1615| 
1616| 



free(OriginalBuffer); 
OriginalBuffer = NULL; 



free(UpdatedBuffer); 
UpdatedBuffer = NULL; 



free(TempBuffer); 
TempBuffer = NULL; 



1617| } 



1618| } 
1619| 



1620| //- 

| 

I- 
1621| 

1622| STATIC ULONG ExtractLine ( 

1623| const char *lnBuffer, 

1 624| char *LineBuffer, 

1 625| const ULONG LineBufferSize, 

1626| ULONG *LineLength, 

1627| ULONG *lsLastLine ) 

1628| { 

1 629| ULONG Success = FALSE; 
1630| 

1631| if ( LineLength!=NULL && LineBuffer!=NULL && 
| lnBuffer!=NULL && LineBufferSizoO && lsLastLine!=NULL 
l){ 

1632| *LineLength = 0; 
1633| *lsLastLine = FALSE; 
1634| 

1 635| while ( lnBuffer[*LineLength]!='\0' && 

| lnBuffer[*LineLength]!=YT && 

| *LineLength<LineBufferSize ) { 
1636| LineBuffer[*LineLength] = 

| lnBuffer[*LineLength]; 
1637| ++(*LineLength); 
1638| } 
1639| 

1 640| if ( *LineLength >= LineBufferSize ) { 

1 641 1 WRITE_ERROR(L"»> Line overflow in 

| ExtractLine\n"); 
1642| }else{ 

1 643| if ( lnBuffer[*LineLength] == '\0' ) { 

1644| *lsLastLine = TRUE; 

1645| } 

1646| LineBuffer[*LineLength] = '\0'; 

1647| Success = TRUE; 

1648| } 
1649| }else{ 

1650| WRITE_ERROR(L"»> Internal Error: Invalid 

| parameter in ExtractLineVn"); 
1651| } 
1652| 

1 653| return Success; 

1654| } 

1655| 

1656| //- 



1657| 

1658| STATIC ULONG UpdateBootlniBuffer ( 



1 659| const char *OriginalBuffer, 

1660| const ULONG OriginalBytesRead, 

1661| char *TempBuffer, 

1662| ULONG *TempBytes, 

1 663| const ULONG TempBufferSize ) 

1664| { 

1 665| ULONG Success = FALSE; 

1666| ULONG i = 0; 

1667| char OriginalLine [512]; 

1 668| char DuplicateLine [51 2]; 

1669| 

1 670| struct sPsmSwitch Entry { 

1 671 1 const char *Switch; 

1 672| const char *Description; 

1673| } PsmSwitches[] = { 

1 674| // {"/nopsm", " (Disable PSM)"}, 

1 675| {"/resetpsm", " (Delete Snapshots)"}, 

1676| {NULL, NULL} 

1677| }; 

1678| 

1 679 1 const char *ExcludedSwitches[] = { 

1680| "/nootm", 

1681| "/resetotm", 

1682| "/nopsm", 

1683| NULL 

1684| }; 

1685| 

1 686| if ( TempBytes != NULL ) { 

1687| TempBytes = 0; 

1 688| if ( TempBuffer != NULL ) { 

1689| memset (TempBuffer, 0, TempBufferSize); 

1 690| if ( OriginalBuffer != NULL ) { 

1691| ULONG Originallndex = 0; 

1 692| ULONG LineLength = 0; 

1 693| ULONG InOperatingSystemsSection = 
| FALSE; 

1 694| ULONG IsLastLine = FALSE; 
1695| 

1 696| // Scan one line of text at a time from 

| OriginalBuffer. 

1 697| // Copy each into TempBuffer. 

1 698| // If needed, generate a line modified 

| to also contain PSM switches. 

1699| Success = TRUE; 

1700| while ( Originallndex<OriginalBytesRead 

| && MsLastLine ) { 

1701| ULONG ShouldCopyThisLine = TRUE; 

1 702| ULONG ShouldExpandThisLine = TRUE; 
1703| 

1704| ULONG ExtractSuccess = ExtractLine 



K 

1705| 
1706| 
1707| 
1708| 
1709| 
1710| 
1711| 
1712| 
1713| 
1714| 
1715| 
1716| 
1717| 
1718| 



// 
if 



if 



See if we are changing sections. 
( OriginalLine[0] == '[' ) { 
InOperatingSystemsSection = 



( !ExtractSuccess ) { 
Success = FALSE; 
break; 



&OriginalBuffer[Originallndex], 

OriginalLine, 

sizeof(OriginalLine), 



&l_inel_ength, 
&lsl_astl_ine ); 



| (strcmp(OriginalLine,"[operating systems]") == 0); 



| operating system section already containing known 
| switches 
1721| 

1722| for ( i=0; 

| PsmSwitches[i]. Switch != NULL; ++i ) { 
1723| if( 

| strstr(OriginalLine,PsmSwitches[i]. Switch) ) { 
1 724| ShouldCopyThisLine = 

| FALSE; 
1725| break; 
1726| } 
1727| } 
1728| 

1 729| for ( i=0; ExcludedSwitches[i] 

| != NULL; ++i ) { 
1730| if( 

| strstr(OriginalLine,ExcludedSwitches[i]) ) { 
1 731 1 ShouldExpandThisLine = 

| FALSE; 
1732| break; 
1733| } 
1734| } 
1735| } 



1719| } else if ( 

| InOperatingSystemsSection ) { 
1 720| // Look for any lines in 



1736| 
1737| 
1738| 
1739| 
1740| 
1741| 
1742| 
1743| 



if 



if 



( MsLastLine ) { 
strcat ( OriginalLine, "\n" ); 
++LineLength; 



( ShouldCopyThisLine ) { 
if ( *TempBytes + LineLength >= 



I TempBufferSize ) { 
1744| Success = FALSE; 

1745| WRITE_ERROR(L"Error: Safe 

| copy of boot.ini is too long! (1)\n M ); 
1746| break; 
1747| } 
1748| 

1749| strcpy( 

| &TempBuffer[*TempBytes], OriginalLine ); 
1750| *TempBytes += LineLength; 

1751| 

1 752| // Now see if we need to make 

| modified duplicates of this line... 
1753| if ( InOperatingSystemsSection 

| && ShouldExpandThisLine ) { 
1 754| const char *EqualSign = 

| strchr(OriginalLine,'='); 
1755| if ( EqualSign ) { 

1 756| const char *FirstQuote 

| = strchr(EqualSign+1 ,""); 
1 757| if ( FirstQuote ) { 

1 758| const char 

| *SecondQuote = strchr(FirstQuote+1, ,m ); 
1759| if ( SecondQuote ) 

|{ 

1760| //Expect a 

| line like 'multi(0)disk(0)...\WINNT= M Microsoft Windows 

| ..."/stuff 
1761| 

1762| for ( i=0; 

| PsmSwitches[i]. Switch != NULL; ++i ) { 
1763| const char 

| *pln = OriginalLine; 
1 764| const char 

| *pDesc = PsmSwitches[i]. Description; 
1 765| const char 

| *pSwitch = PsmSwitches[i]. Switch; 
1766| char*pOut 

| = DuplicateLine; 
1767| ULONG 

| DuplicateLength = 0; 
1768| 

1769| //Copy 

| everything up to but excluding the second quote... (so 

| we can insert description) 
1770| while (pin 

| < SecondQuote ) { 
1771| *pOut++ 

I = *pln++; 
1772| } 



1773| 

1774| //insert 

| the switch description 
1775| while ( 

| *pDesc ) { 

1776| *pOut++ 

| = *pDesc++; 
1777| } 
1778| 

1779| *pOut++ = 

| *pln++; // copy the second quote 
1780| 



1781| 

| the switch itself 
1782| 

I'; 

1783| 
1784| 

| *pSwitch ) { 
1785| 

| = *pSwitch++; 
1786| 
1787| 
1788| 



// insert 
*pOut++ = ' 

while ( 
*pOut++ 

} 

*pOut++ = ' 



1789| 

1790| //copy the 

| rest of the original line... 
1791| while ( 

I *pm ) { 

1792| *pOut++ 

I = *pln++; 
1793| } 
1794| 

1795| *pOut = 

I '\0'; 
1796| 
1797| 

| DuplicateLength = strlen(DuplicateLine); 
1798| 

1799| if( 

| *TempBytes + DuplicateLength >= TempBufferSize ) { 
1800| Success 

| = FALSE; 
1801| goto 

| BailOut; 
1802| } 
1803| 

1804| strcpy ( 

| &TempBuffer[*TempBytes], DuplicateLine ); 



1805| TempBytes 

| += DuplicateLength; 
1806| } //for 

| PsmSwitches 
1807| } //if 

| SecondQuote 
1808| } // if FirstQuote 

1809| } // if EqualSign 

1810| } //if 

| InOperatingSystemsSection 
1811| } // if ShouldCopyThisLine 

1812| 

1813| Originallndex += LineLength; 

1814| } //while Originallndex < 

| OriginalBytesRead 
1815| }else{ 

1816| WRITE_ERROR(L"!M Internal Error: 

| OriginalBuffer==NULL in UpdateBootlniBuffer\n"); 
1817| } 
1818| }else{ 

1819| WRITE_ERROR(L"!!! Internal Error: 

| TempBuffer==NULL in UpdateBootlniBufferVn"); 
1820| } 
1821| }else{ 

1822| WRITE_ERROR(L"M! Internal Error: 

| TempBytes==NULL in UpdateBootlniBufferVn"); 
1823| } 
1824| 

1825| BailOut: 

1 826| DEBUG_WRITE(L"»> UpdateBootlniBuffer returning 

| %s\n", (Success?L"TRUE":L"FALSE")); 
1827| return Success; 
1828| } 
1829| 

1830| // 

I 

I- 
1831| 
1832| 

1833| /*— end of file bootini.c —7 

1834| 

1835| 

1836| 

1837| File Listing: File: CDP.h 
1838| 

1839| #define VER_COMPANYNAME_STR "Columbia Data 
| Products, Inc." 

1840| #define VER_LEGALTRADEMARKS_STR "PSM\256 is a 

| trademark of " VER_COMPANYNAME_STR 
1841| 



1842| #define VER_LEGALCOPYRIGHT_YEARS "1995-2001" 
1843| #define VER_LEGALCOPYRIGHT_STR "Copyright \251 " 

| VER_LEGALCOPYRIGHT_YEARS " " VER_COMPANYNAME_STR 
1844| 

1845| #if DBG 

1 846| #define VER_DEBUG VS_FF_DEBUG 
1847| #else 

1 848| #define VER_DEBUG 0 

1849| #endif 

1850| 

1851| #if BETA 

1 852| #define VER_PRODUCTBETA_STR "BETA" 

1 853| #define VER_PRERELEASE VS_FF_PRERELEASE 

1854| #else 

1 855| #define VER_PRERELEASE 0 
1 856| #define V E R_P RO D U CTB ETA_ST R 
1857| #endif 
1858| 

1 859| #define VER FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 
1860| #define VER_FILEOS VOS_NT_WINDOWS32 
1 861 1 #define VER_FILEFLAGS (VER_PRERELEASE | 

| VERDEBUG) 
1862| 
1863| 
1864| 

1865| File Listing: File: precomp.h 
1866| 

1867| #ifndef _PSM_SS_PRECOMP 
1868| #define_PSM_SS_PRECOMP 1 
1869| 

1870| #include <stdio.h> 
1871| #include <stdlib.h> 
1872| #include <stdarg.H> 
1873| #include <string.h> 
1874| #include <time.h> 
1875| #include <process.h> 
1876| #include <io.h> 
1877| #include <errno.h> 
1878| #include <conio.h> 
1879| #include <fcntl.h> 
1880| #include <windows.h> 
1881 1 #include <windowsx.h> 

1882| #include <commctrl.h> // includes the common control 

| header 
1883| #include <tchar.h> 
1884| #include <winioctl.h> 
1885| #include <process.h> 
1886| #include <direct.h> 
1887| 

1888| #include <winnt.h> 



1889 
1890 
1891 
1892 
1893 
1894 
1895 
1896 
1897 
1898 
1899 
1900 
1901 
1902 
1903 
1904 
1905 
1906 
1907 
1908 
1909 
1910 
1911 
1912 
1913 
1914 
1915 
1916 
1917 
1918 
1919 
1920 
1921 
1922 
1923 
1924 
1925 
1926 
1927 
1928 
1929 
1930 
1931 
1932 
1933 
1934 
1935 
1936 
1937 
1938 



#include <mountmgr.h> 

#include <psm.h> 
#include <psmlapi.h> 

#include <aclapi.h> 
#include <shellapi.h> 



#define getch _getch 
#define wcsicmp _wcsicmp 
#define strlwr _strlwr 
#define wcsdup _wcsdup 
#define stricmp _stricmp 
#define strnicmp _strnicmp 

#include "psmoem.h" 
#include "ss.h" 
#include "vimage.h" 

#include "..\features\drbackup\drbackup.h" 

#endif /* PSM_SS_PRECOMP7 

/*— end of file precomp.h —7 



File Listing: File: RESOURCE. h 
//{{NO_DEPENDENCIES}} 

// Microsoft Developer Studio generated include file. 
// Used by SBPSMAN.RC 

// 

#define VER_PRODUCTBUILD 3 

#define VER_PRODUCTVERSION_W 0x01 01 

// Next default values for new objects 

// 

#ifdef APSTUDIOJNVOKED 

#ifndef APSTUDIO_READONLY_SYMBOLS 

#define_APS_NO_MFC 1 

#define _APS_NEXT_RESOURCE_VALUE 101 

#define _APS_NEXT_COMMAND_VALUE 40001 

#define _APS_NEXT_CONTROL_VALUE 1 000 

#define_APS_NEXT_SYMED_VALUE 101 

#endif 

#endif 



File Listing: File: ss.c 



1939 
1940 
1941 
1942 
1943 
1944 
1945 
1946 
1947 
1948 
1949 
1950 
1951 
1952 
1953 
1954 
1955 
1956 
1957 
1958 
1959 
1960 
1961 
1962 
1963 
1964 
1965 
1966 
1967 
1968 
1969 
1970 
1971 
1972 
1973 
1974 
1975 



1976 
1977 
1978 
1979 
1980 
1981 
1982 

I- 
1983 
1984 
1985 
1986 



//#define .UNICODE 
#include "precomp.h" 

#define PSM_CODE_CDP_TPSM L"0KED9877DEAFEARS" 
#define PSM_CODE_CDP_TPSM_LICENSE NULL 

#define FORWARD_CHRON 1 
#define REVERSE_CHRON 2 

// Map of priority as listed by webui 
#define PRIORI T Y_AL W A YS_K E E P 255 
#define PRIORITY HIGHEST 254 
#define PRIORITY_HIGH 210 
#define PRIORITY_ABOVE_AVERAGE 165 
#define PRIORITY_NORMAL 125 
#define PRIORITY_BELOW_AVERAGE 85 
#define PRIORITY_LOW 40 
#define PRIORITY_LOWEST 0 

ULONG ViewSortOrder = REVERSE_CHRON; 

PWCHAR lnVolumeMap[26]={0}; 

WCHAR lnVolumeMapData[26][1 00]={0}; 

ULONG VolumeMapFlags[26]; 

ULONG NumVolumes=0; 

WCHAR **OutVolumeMap=NULL; 

pSnapShot Snapshot; 

ULONG OutVolumeMapByteSize; 

tOpenTransactionlnPersistentW ln={0}; 

tOpenTransactionOutW Out={0}; 

ULONG GroupNumber=0; 

ULONG NumToKeep = -1 ; 

WCHAR Pattern Name[256]={0}; 

BYTE Priority=PRIORITY_NORMAL; 

BYTE SnapShotFlags = PSM_SS_FLAG_P_READONLY; 

ULONG SaveTempOnExit = TRUE; // used only on 



| temporary snapshots (turn off with '-discardtemp'). 



ULONG QuietMode = FALSE; 
ULONG QuietModeError = FALSE; 
ULONG DebugEnabled = FALSE; 

int DeleteExistingSnapShot( ULONG Snapshot ); 

// 



#if 0 

void PrintWin32Error( DWORD ErrorCode ) 
{ 

LPVOID IpMsgBuf; 



1987| 

1988| FormatMessage( FORMAT_MESSAGE_ALLOCATE_BUFFER | 

| FORMAT_MESSAGE_FROM_SYSTEM, 
1989| NULL, ErrorCode, 

1990| MAKELANGID(LANG_NEUTRAL, 

| SUBLANG_DEFAULT), 
1991 1 (LPTSTR) &lpMsgBuf, 0, NULL ); 

1 992| WRITE_ERROR(L"%S\n", IpMsgBuf ); 
1 993| LocalFree( IpMsgBuf ); 
1994| } 
1995| #else 

1996| void PrintWin32Error( ULONG ErrorCode ) 
1997| { 

1 998| WCHAR ErrorBuffer[1 024]; 
1999| ULONG Count; 
2000| HMODULE 

| psmlapi=GetModuleHandle(TEXT("psmlapi.dir)); 
2001| 

2002| SetLastError(O); 

2003| // see if NT system error messages or OTM error 

2004| Count = FormatMessageW( 

2005| FO RM ATM ESS AG E_F ROMS YST E M | 

| FORMAT_MESSAGE_FROM_HMODULE, 
2006| psmlapi, 
2007| ErrorCode, 

2008| MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), 

2009| ErrorBuffer, 

201 0| sizeof(ErrorBuffer), 

2011| NULL); 

2012| 

2013| #if 0 

201 4| // remove line feeds... 

201 5| for(ULONG i=0;i<Count;i++) { 

2016| if((ErrorBuffer[i]==L'\n') || 

| (ErrorBuffer[i]==LV) ) { 
2017| ErrorBuffer[i] = L' '; 

2018| } 
2019| } 
2020| #endif 
2021| 

2022| if(Count!=0) { 

2023| WRITE_ERROR(L"%s\n", ErrorBuffer); 
2024| } else 

2025| WRITE_ERROR(L"Unknown error code %08x 

| (%08x)\n",ErrorCode,GetLastError()); 
2026| } 
2027| #endif 
2028| 

2029| HANDLE AbortEvent=l N VALI D_H AN DLE_VALU E; 
2030| WCHAR AbortMessage[256]; 



2031| 

2032| // when the user presses Ctrl C, set the exit flag, and 
| return. 

2033| // All the threads will exit, and the main thread will 

| be signaled to wake 
2034| // since its waiting on the threads to finish. 
2035| BOOL CtrlHandlerRoutine( DWORD dwCtrlType ) 
2036| { 

2037| switch (dwCtrlType) { 
2038| case CTRL_C_EVENT : 
2039| WRITE(L M Control-C pressed"); 

2040| break; 

2041 1 case CTRL_BREAK_EVENT : 
2042| WRITE(L"Control-Break M ); 
2043| break; 

2044| case CTRL_C LOS E_E VENT : 
2045| WRITE(L"Close occuring"); 

2046| break; 

2047| case CTRL_LOGOFF_EVENT : 
2048| WRITE(L"Logoff occurring"); 

2049| break; 

2050| case CTRL SHUTDOWN EVENT : 
2051 1 WRITE(L"Shutdown occurring"); 

2052| break; 
2053| default: 

2054| WRITE(L"Unknown Event occurred"); 
2055| } 

2056| if (AbortEvent!=l N VALI D_H AN DLE_VALU E) { 

2057| WRITE(AbortMessage); 

2058| SetEvent(AbortEvent); 

2059| } else { 

2060| WRITE(L".\n"); 

2061| } 

2062| return TRUE; 

2063| } 

2064| 

2065| 

2066| PSECURITY_DESCRIPTOR GetSecuritySD( 

2067| BOOLEAN IncludeEveryone, 

2068| ULONG SystemRights, 

2069| ULONG AdminRights, 

2070| ULONG EveryoneRights 

2071| ) 

2072| { 

2073| DWORD dwRes; 
2074| ULONG Err; 

2075| PSID pEveryoneSID = NULL, pAdminSID = NULL, 

| pSystemSID = NULL; 
2076| PACL pACL = NULL; 

2077| PSECURITY_DESCRIPTOR pSD = NULL; 



2078| PSECURITY_DESCRIPTOR pSDRel = NULL; 
2079| EXPLICIT_ACCESS ea[3]; 

2080| SID_IDENTIFIER_AUTHORITY SIDAuthWorld = 

| SECURITY_WORLD_SID_AUTHORITY; 
2081 1 SID_IDENTIFIER_AUTHORITY SIDAuthLocal = 

| SECURITY_LOCAL_SID_AUTHORITY; 
2082| SID_IDENTIFIER_AUTHORITY SIDAuthNT = 

| SECURITY_NT_AUTHORITY; 
2083| ULONG Count; 
2084| 
2085| 

2086| // Create a SID for the BUILTIN\Administrators 

I group. 
2087| 

2088| if(! AllocateAndlnitializeSid( &SIDAuthNT, 2, 

2089| SECURITY_BUILTIN_DOMAIN_RID, 

2090| DOMAIN_ALIAS_RID_ADMINS, 

2091| 0, 0, 0, 0, 0, 0, 

2092| &pAdminSID)){ 

2093| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastError() ); 
2094| goto Cleanup; 
2095| } 
2096| 

2097| // Create a well-known SID for the Everyone group. 
2098| 

2099| if(! AllocateAndlnitializeSid( &SIDAuthWorld, 1 , 

21 00| SECURITY_WORLD_RID, 

2101| 0, 0, 0, 0, 0, 0, 0, 

2102| &pEveryoneSID) ) { 

2103| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastError() ); 
2104| goto Cleanup; 
2105| } 
2106| 

21 07| // Create a well-known SID for the system group. 
2108| 

2109| if(! AllocateAndlnitializeSid( &SIDAuthNT, 1, 

21 1 0| SECURITY_LOCAL_SYSTEM_RID, 

2111| 0, 0, 0, 0, 0, 0, 0, 

2112| &pSystemSID) ) { 

21 13| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastErrorQ ); 
2114| goto Cleanup; 
2115| } 
2116| 

21 1 7| // Initialize an EXPLICIT_ACCESS structure for an 
| ACE. 

21 1 8| // The ACE will allow the Administrators group full 
| access to the key. 



2119| 

2120| ZeroMemory(&ea, 3 * sizeof(EXPLICIT_ACCESS)); 
2121| 

2122| // system user 

2123| ea[0].grfAccessPermissions = System Rig hits; 

2124| ea[0].grfAccessMode = SET_ACCESS; 

2125| ea[0].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

2126| ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

2127| ea[0].Trustee.TrusteeType = TRUSTEE_IS_USER; 

2128| ea[0].Trustee.ptstrName = (LPTSTR) pSystemSID; 
2129| 

2130| //admin 

2131 1 ea[1].grfAccessPermissions = AdminRights; 

2132| ea[1].grfAccessMode = SET_ACCESS; 

2133| ea[1].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

2134| ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

2135| ea[1].Trustee.TrusteeType = TRUSTEE_IS_GROUP; 

2136| ea[1].Trustee.ptstrName = (LPTSTR) pAdminSID; 
2137| 

2138| //everyone 

2139| ea[2].grfAccessPermissions = EveryoneRights; 

2140| ea[2].grfAccessMode = SET_ACCESS; 

2141 1 ea[2].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

2142| ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

2143| ea[2]. Trustee. TrusteeType = 

| TRUSTEE_IS_WELL_KNOWN_GROUP; 

2144| ea[2].Trustee.ptstrName = (LPTSTR) pEveryoneSID; 
2145| 
2146| 

2147| // Create a new ACL that contains the new ACEs. 
2148| 

2149| Count=2; 

2150| if(lncludeEveryone) { 

2151| Count++; 

2152| } 

2153| 

2154| dwRes = SetEntrieslnAcl(Count, ea, NULL, &pACL); 

2155| if (ERROR_SUCCESS != dwRes) { 

2156| SetLastError(dwRes); 

2157| printf( "SetEntrieslnAcI Error %u\n M , 

| GetLastError() ); 
2158| goto Cleanup; 

2159| } 
2160| 

2161 1 // Initialize a security descriptor. 
2162| 

2163| pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, 



I SECURITY_DESCRIPTOR_MIN_LENGTH); 
2164| if (pSD == NULL) { 

21 65| printf( "LocalAlloc Error %u\n", GetLastError() 

I); 

2166| goto Cleanup; 

2167| } 

2168| 

2169| if (!lnitializeSecurityDescriptor(pSD, 

| SECURITY_DESCRIPTOR_REVISION)) { 
2170| printf( "InitializeSecurityDescriptor Error 

| %u\n", 

2171| GetLastError() ); 

21 72| goto Cleanup; 
2173| } 
2174| 

21 75| // Add the ACL to the security descriptor. 
2176| 

2177| if (!SetSecurityDescriptorDacl(pSD, 
2178| TRUE, //fDaclPresentflag 

2179| pACL, 

2180| FALSE)) // not a default D ACL 

2181| { 

2182| printf( "SetSecurityDescriptorDacI Error %u\n", 

| GetLastError() ); 
2183| goto Cleanup; 
2184| } 
2185| 

2186| Count = 1024; 

2187| pSDRel = LocalAlloc(LPTR,Count); 

2188| if(!pSDRel){ 

2189| goto Cleanup; 

2190| } 

2191| 

2192| if(MakeSelfRelativeSD(pSD,pSDRel,&Count)==0) { 

2193| LocalFree(pSDRel); 

2194| pSDRel=NULL; 

2195| goto Cleanup; 

2196| } 

2197| 

2198| SetLastError(O); 
2199| Cleanup: 
2200| 

2201 1 Err = GetLastError(); 
2202| 

2203| if (pEveryoneSID) { 

2204| FreeSid(pEveryoneSID); 

2205| } 

2206| if (pSystemSID) { 

2207| FreeSid(pSystemSID); 

2208| } 
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if (pAdminSID) { 

FreeSid(pAdminSID); 

} 

if (pACL) { 

LocalFree(pACL); 

} 

if (pSD) { 

LocalFree(pSD); 

} 

SetLastError(Err); 
return pSDRel; 



ULONG GetPsmRegistryDword ( 
const WCHAR * ValueName, 
ULONG DefaultValue ) 

{ 

ULONG Err=0; 

HKEY Key = INVALID_HANDLE_VALUE; 
const WCHAR *RegPath = 
SYSTEM\\CurrentControlSet\\Services\\PSMan5\\Persisten 

ULONG Value = DefaultValue; 

Err = RegOpenKeyExW ( 
H KE Y_LOC AL_M ACH I N E, 
RegPath, 

0, 

KEY_READ, 
&Key); 

if ( Err == 0 ) { 

ULONG TempValue = 0; 
ULONG DataSize = sizeof (TempValue); 
Err = RegQueryValueExW ( 
Key, 

ValueName, 
NULL, // reserved 

NULL, // address of buffer for value type 
(char*)(&TempValue), 
&DataSize ); 

if ( Err == 0 ) { 

Value = TempValue; 

} 



2256| RegCloseKey(Key); 

2257| Key = INVALID_HANDLE_VALUE; 

2258| } else { 

2259| DEBUG_WRITE(L"»> GetPsmRegistryDword: error 

| %08x opening '%s'\n",RegPath); 
2260| } 
2261| 

2262| return Value; 
2263| } 
2264| 
2265| // 



2266| // GetSnapShotCreationFlags - This function 

| translates PSM_SS_FLAG values into 
2267| // PSM_FLAG values. In other words, it translates a 

| snapshot's flag byte into 
2268| // a snapshot creation flag dword. 
2269| 

2270| ULONG GetSnapShotCreationFlags ( BYTE 

| UserSnapShotFlags, ULONG *Flags ) 
2271 | { 

2272| ULONG Err =0; 

2273| if (Flags !=NULL){ 

2274| ULONG EnableForcedSnapShot = 

| GetPsmRegistryDword (L"EnableForcedSnapShot", 1); 
2275| 

2276| *Flags = PSM_FLAG_PAUSE_ON_IO; 

2277| if ( EnableForcedSnapShot ) { 

2278| *Flags |= PSM_FLAG_FORCE_SNAPSHOT; 

2279| DEBUG_WRITE(L">» GetSnapShotCreationFlags: 

| Snapshot will be forced if quiescence times outAn"); 
2280| } else { 

2281 1 DEBUG_WRITE(L"»> GetSnapShotCreationFlags: 

| Snapshot will be aborted if quiescence times outAn"); 
2282| } 
2283| 

2284| if ( PSM_SS_lsPersistent(UserSnapShotFlags) ) { 
2285| *Flags |= PSM_FLAG_PERSISTENT_SNAPSHOT; 

2286| DEBUG_WRITE(L">» GetSnapShotCreationFlags: 

| Snapshot will be persistent An"); 
2287| } else { 

2288| DEBUG_WRITE(L">>> GetSnapShotCreationFlags: 

| Snapshot will be temporary An"); 
2289| if ( SaveTempOnExit ) { 

2290| *Flags |= PSM_FLAG_SAVE_TEMP_ON_EXIT; 

2291 1 DEBUG_WRITE(L"»> 

| GetSnapShotCreationFlags: Temporary snapshot will be 

| retained after thread exitsAn"); 
2292| } else { 

2293| DEBUG_WRITE(L"»> 



I GetSnapShotCreationFlags: Temporary snapshot will be 

| discarded after thread exitsAn"); 
2294| } 
2295| } 
2296| } else { 

2297| Err = ERROR_INVALID_PARAMETER; 

2298| } 

2299| 

2300| DEBUG_WRITE(L">»GetSnapShotCreationFlags() 

| returning Err=%08x, 

| Flags=%08x\n M ,Err,(Flags?(*Flags):0)); 
2301| return Err; 
2302| } 
2303| 

2304| // 



2306| int MakeNewSnapShot() 
2307| { 

2308| ULONG Err=0; 
2309| 

2310| UpdateBootlni(); 

2311| 

2312| 

| memset(&ln,0,sizeof(tOpenTransactionlnPersistentW)); 
2313| 

231 4 1 In. Size = sizeof(tOpenTransactionlnPersistentW); 
231 5| Err = GetSnapShotCreationFlags(SnapShotFlags, 

| &ln. Flags); 
2316| 

2317| if ( Err == 0 ) { 

2318| In.CallerPrivateUse = (PVOID)GroupNumber; 

2319| In.NumToKeep = NumToKeep; 

2320| 

2321 1 // this is the snapshot name or L M " if none 
2322| wcscpy(ln.SnapShotName,PatternName); 
2323| 

2324| // not used 

2325| In.ErrorEvent = NULL; 

2326| 

2327| // set event so they can cancel waiting for q 
| period 

2328| AbortEvent = In.AbortEvent = CreateEvent( 

| NULL, TRUE, FALSE, NULL ); 
2329| 

2330| // Set our Control - C handler 

2331 1 wcscpy(AbortMessage,L", cancelling creation of 

| snapshot An"); 
2332| SetConsoleCtrlHandler( 

| (PHANDLER ROUTINE)CtrlHandlerRoutine, TRUE ); 



2333| 

2334| In. Priority = Priority; 

2335| In.SnapShotFlags = SnapShotFlags; 

2336| 

2337| OutVolumeMapByteSize = 32768; 

2338| OutVolumeMap = malloc(OutVolumeMapByteSize); 

2339| if(OutVolumeMap) { 

2340| 

2341 1 Err = Psm_CreateSnapShotW( 

2342| (pOpenTransactionlnW)&ln, 

2343| NumVolumes, 

2344| InVolumeMap, 

2345| VolumeMapFlags, 

2346| OutVolumeMapByteSize, 

2347| OutVolumeMap, 

2348| &Out, 

2349| &SnapShot, 

2350| NULL, 

2351| NULL); 

2352| 

2353| if(!Err) { 

2354| ULONG i; 

2355| WRITE(L"Snapshot created 

| successfully\n"); 

2356| for(i=0;i<NumVolumes;i++) { 

2357| WRITE(L"'%S' = 

| '%s'\n",lnVolumeMap[i],OutVolumeMap[i]); 

2358| } 

2359| } else { 

2360| WRITE_ERROR(L"Error %08x creating 

| snapshot\n",Err); 

2361 | } 
2362| 

2363| free(OutVolumeMap); 

2364| OutVolumeMap = NULL; 

2365| } else { 

2366| WRITE_ERROR(L"Out of memory\n"); 

2367| Err = ERROR_OUTOFMEMORY; 

2368| } 

2369| } 
2370| 

2371 1 if(AbortEvent) { 

2372| CloseHandle(AbortEvent); 

2373| AbortEvent = INVALID_HANDLE_VALUE; 

2374| } 

2375| 

2376| if(Err) { 

2377| PrintWin32Error(Err); 

2378| } 

2379| 



2380| return Err; 

2381| } 

2382| 

2383| // 



2385| #include "vimage.inc" 
2386| 

2387| // 



2389| int lsSnapShotAlwaysKeep( ULONG Snapshot ) 
2390| { 

2391| ULONG Err=0; 

2392| tPSM_GetKernelSnapShotlnfoW Info; 
2393| 

2394| if(SnapShot) { 
2395| Err = 

| Psm_GetKernelSnapShotlnfoW((PVOID)SnapShot,&lnfo); 
2396| if(!Err) { 

2397| if(lnfo. Priority == PRIORITY_ALWAYS_KEEP) { 

2398| return TRUE; 

2399| } 

2400| } else { 

2401| } 

2402| } 

2403| return FALSE; 

2404| } 

2405| 

2406| ULONG AlwaysDelete = FALSE; 
2407| 

2408| int OkayToDelete( ULONG Snapshot ) 
2409| { 

2410| WCHARch; 
2411| 

241 2| if(lsSnapShotAlwaysKeep(SnapShot)) { 
2413| if(! Always Delete) { 

241 4| tPSM_GetKernelSnapShotlnfoW lnfo={0}; 

241 5| FILETIME NewFileTime={0}; 

241 6| SYSTEMTIME SystemTime={0}; 

2417| 

2418| 

| Psm_GetKernelSnapShotlnfoW((PVOID)SnapShot,&lnfo); 
2419| 

| FileTimeToLocalFileTime((FILETIME*)&lnfo.SnapShotTime,&N 
| ewFileTime); 
2420| 

| FileTimeToSystemTime(&NewFileTime,&SystemTime); 
2421| 

2422| WRITE(L m %08x | %2d/%02d/%4d 



I %2d:%02d:%02d.%03d | %s'\n is set to always keep, 
| delete anyway (Y/N/A)? ", 



2423| Snapshot, 
2424| SystemTime.wMonth, 
2425| SystemTime.wDay, 
2426| SystemTime.wYear, 
2427| SystemTime.wHour, 
2428| SystemTime.wMinute, 
2429| SystemTime.wSecond, 
2430| SystemTime.wMilliseconds, 
2431| Info. Directory 

2432| ); 

2433| do { 

2434| ch = (WCHAR) toupper(getch()); 

2435| } while((ch!='Y') && (ch!='N') && 

I (ch!=7V)); 
2436| 

2437| WRITE(L"%c\n",ch); 
2438| 

2439| if(ch=='N') { 

2440| return FALSE; 

2441| } else if(ch==7V) { 

2442| AlwaysDelete = TRUE; 

2443| } 

2444| } 

2445| } 



2446| return TRUE; 

2447| } 

2448| 

2449| int DeleteExistingSnapShot( ULONG Snapshot ) 
2450| { 

2451| ULONG Err=0; 

2452| BOOLEAN GotData = FALSE; 

2453| tPSM_GetKernelSnapShotlnfo Info; 

2454| SYSTEMTIME System Time; 

2455| 

2456| if(SnapShot) { 
2457| Err = 

| Psm_GetKernelSnapShotlnfo((PVOID)SnapShot,&lnfo); 
2458| if(!Err) { 

2459| FILETIME NewFileTime; 

2460| 

| FileTimeToLocalFileTime((FILETIME*)&lnfo.SnapShotTime,&N 
| ewFileTime); 
2461| 

| FileTimeToSystemTime(&NewFileTime,&SystemTime); 
2462| GotData=TRUE; 
2463| } 
2464| 

2465| if(OkayToDelete(SnapShot)) { 



2466| Err = Psm_DestroySnapShot((PVOID)SnapShot); 

2467| jf(!Err) { 

2468| if(!GotData) { 

2469| WRITE(L"Success deleting snapshot 

| %08x\n",SnapShot); 
2470| } else { 

2471 1 WRITE(L"%08x | %2d/%02d/%4d 

| %2d:%02d:%02d.%03d successfully deleted\n M , 
2472| Snapshot, 
2473| SystemTime.wMonth, 
2474| SystemTime.wDay, 
2475| SystemTime.wYear, 
2476| SystemTime.wHour, 
2477| SystemTime.wMinute, 
2478| SystemTime.wSecond, 
2479| SystemTime.wMilliseconds ); 

2480| } 
2481| 

2482| } else { 

2483| WRITE_ERROR(L"Error %08x deleting 

| snapshot %08x\n M ,Err,SnapShot); 
2484| } 
2485| } 
2486| } 
2487| if(Err) { 

2488| PrintWin32Error(Err); 

2489| } 

2490| return 0; 

2491| } 

2492| 

2493| // 
| 

2494| 

2495| PSMSTATUS PSMAPI Psm_GetPersistentSnapShots( PVOID 

| Buffer, ULONG BufferSize ); 
2496| typedef struct sPSM_GetPersistentSnapShotsOut { 
2497| PVOID KernelPointers[MAX_NUMBER_OF_SNAPSHOTS]; 
2498| } tPSM_GetPersistentSnapShotsOut, 

| *pPSM_GetPersistentSnapShotsOut; 
2499| 

2500| #define VIEW_NORMAL 0 
2501 1 #define VIEW_SHORT 1 
2502| #define VIEW_LONG 2 
2503| 

2504| WCHAR *GetSSFIags( BYTE Flags ) 
2505| { 

2506| switch (Flags & PSM_SS_FLAG_TYPE_MASK) { 
2507| case PSM_SS_FLAG_P_READWRITE : return 
| L" R/W "; 

2508| case PSM_SS_FLAG_P_READWRITE_PVW : return 



I L"R/W P"; 

2509| case PSM_SS_FLAG_P_READONLY : return 
| L M R/0 "; 

2510| case PSM_SS_FLAG_T_READONLY : return 
| L"T R/O m ; 

2511| case PSM_SS_FLAG_T_READWRITE : return 

| L'T R/W M ; 
2512| default: 
2513| return L"Unk "; 
2514| } 
2515| } 
2516| 
2517| 

2518| void SortlnChronologicalOrder ( 

251 9| tPSM_GetPersistentSnapShotsOut *ssArray, 

2520| ULONG sortOrder ) 

2521| { 

2522| // Figure out how many snapshots there are. 
2523| // While doing that, find out when each was 

| created. 
2524| 

2525| _int64 ssTime [MAX NUMBER OF SNAPSHOTS]; 

2526| unsigned numSnapShots = MAX_NUMBER_OF_SNAPSHOTS; 

2527| tPSM_GetKernelSnapShotlnfoW sslnfo; 

2528| ULONG status=0; 

2529| unsigned i, j; 

2530| for ( i=0; knumSnapShots; ++i ) { 

2531 1 if ( ssArray->KernelPointers[i] == NULL ) { 

2532| numSnapShots = i; 

2533| break; 

2534| } 

2535| 

2536| status = 

| Psm_GetKernelSnapShotlnfoW(ssArray->KernelPointers[i],&s 
| slnfo); 

2537| if ( status == STATUS_SUCCESS ) { 

2538| ssTime[i] = sslnfo. SnapShotTime.QuadPart; 

2539| } else { 

2540| ssTime[i] = 0; 

2541 | } 

2542| } 

2543| 

2544| if ( numSnapShots > 1 ) { 
2545| 

2546| // Now we have parallel arrays of times and 

| snapshot pointers. 
2547| // Sort them in tandem. 
2548| 

2549| for ( i=0; knumSnapShots-1 ; ++i ) { 
2550| // On each loop of 'i\ find the thing that 



I goes to index i. 
2551 1 // Search index i+1 ..numSnapShots-1 for the 

| largest time left. 
2552| unsigned best = i; 

2553| for ( j=i+1 ; j<numSnapShots; ++j ) { 

2554| BOOLEAN better = 

| (sortOrder==REVERSE_CHRON) ? 
2555| (ssTime[j] > ssTime[best]) : 

2556| (ssTime[j] < ssTime[best]); 

2557| 

2558| if ( better ) { 

2559 1 best = j; 

2560| } 
2561| } 
2562| 

2563| if ( best != i ) { 

2564| // Swap what is at i with the best 

| thing found after it 
2565| PVOID swapPointer = 

| ssArray->KernelPointers[i]; 

2566| int64 swapTime = ssTime[i]; 

2567| 

2568| ssTime[i] = ssTime[best]; 

2569| ssTime[best] = swapTime; 

2570| 

2571 1 ssArray->KernelPointers[i] = 

| ssArray->KernelPointers[best]; 
2572| ssArray->KernelPointers[best] = 

| swapPointer; 
2573| } 
2574| } 
2575| } 
2576| } 
2577| 
2578| 

2579| int ListExistingSnapShots( ULONG Type ) 
2580| { 

2581 1 tPSM_GetPersistentSnapShotsOut *Out = 0; 

2582| tPSM_GetKernelSnapShotlnfoW Info; 

2583| ULONG Err =0; 

2584| SYSTEMTIME SystemTime; 

2585| 

2586| Out = 

| malloc(sizeof(tPSM_GetPersistentSnapShotsOut)); 
2587| if(Out) { 
2588| Err = 

| Psm_GetPersistentSnapShots(Out,sizeof(tPSM_GetPersistent 

| SnapShotsOut)); 
2589| if(!Err) { 
2590| ULONG FoundOne=0; 



2591| ULONG i; 

2592| 

2593| SortlnChronologicalOrder (Out, 

| ViewSortOrder); 
2594| 

2595| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 

2596| if(Out->KernelPointers[i]==NULL) { 

2597| // break at first null 

2598| break; 

2599| } 

2600| if(FoundOne) { 

2601| // print header 

2602| switch ( Type) { 

2603| case VIEW NORMAL: 

2604| WRITE(L" Id | 

| Date/time of snapshots | Status | Directory\n"); 
2605| break; 
2606| case VIEW_SHORT: 

2607| WRITE(L"Date/time of 

| snapshots | Directory\n M ); 
2608| break; 
2609| case VIEW_LONG: 

2610| WRITE(L" Id | 

| Date/time of snapshots | Unq | Group | Status | 

| Pr. | Flags | Directory\n M ); 
261 1 1 break; 
2612| }; 
2613| } 

2614| FoundOne = TRUE; 

2615| Err = 

| Psm_GetKernelSnapShotlnfoW(Out->KernelPointers[i],&lnfo) 

I ; 

2616| 

2617| if(!Err){ 

261 8| ULONG BufferSize=65536; 

261 9| WCHAR *Buffer = 0; 

2620| 

2621 1 // get the list of volumes for this 

| snapshot 

2622| do { 

2623| Buffer = (WCHAR 

| *)malloc(BufferSize); 

2624| if(Buffer) { 

2625| Err = 

| Psm_GetKernelSnapShotVolumesW( 

2626| Out->KernelPointers[i], 

2627| Buffer, 

2628| BufferSize); 
2629| 

2630| jf(Err==ERRO R_M O R E_D AT A) { 



2631| Err = 0; 

2632| BufferSize *= 2; 

2633| free(Buffer); 

2634| Buffer = NULL; 

2635| } else { 

2636| if(Err) { 

2637| WRITE_ERROR(L"%08x 

| | Error %08x getting volume 

| list\n",Out->KernelPointers[i],Err); 

2638| } 

2639| } 

2640| } else { 

2641 1 Err = ERROR_OUTOFMEMORY; 

2642| } 

2643| } while(Err==ERROR_MORE_DATA); 
2644| 

2645| if(!Err&& Buffer) { 

2646| WCHAR *p = 0; 

2647| FILETIME NewFileTime; 
2648| 



| FileTimeToLocalFileTime((FILETIME*)&lnfo.SnapShotTime,&N 
| ewFileTime); 
2649| 

| FileTimeToSystemTime(&NewFileTime,&SystemTime); 



2650| 

2651 1 p = Buffer; 

2652| whilefp) { 

2653| switch ( Type ) { 

2654| case VIEW_NORMAL: 

2655| WRITE(L"%08x | 



| %2d/%02d/%4d %2d:%02d:%02d.%03d | %08x | %s\\%s\n", 
2656| 

| Out->KernelPointers[i], 
2657| 

| SystemTime.wMonth, 
2658| 

| SystemTime.wDay, 
2659| 

| SystemTime.wYear, 
2660| 

| SystemTime.wHour, 
2661| 

| SystemTime.wMinute, 
2662| 

| SystemTime.wSecond, 
2663| 

| SystemTime.wMilliseconds, 
2664| Info.Status, 
2665| p, 
2666| Info. Directory 



I); 

2667| 
2668| 
2669| 



case VIEW_SHORT: 



break; 



2670| 

| WRITE(L"%2d/%02d/%4d %2d:%02d:%02d.%03d | %s\\%s\n", 
2671| 

| SystemTime.wMonth, 
2672| 

| SystemTime.wDay, 
2673| 

| SystemTime.wYear, 
2674| 

| SystemTime.wHour, 
2675| 

| SystemTime.wMinute, 
2676| 

| SystemTime.wSecond, 
2677| 

| SystemTime.wMilliseconds, 
2678| p, 
2679| Info. Directory 



| %2d/%02d/%4d %2d:%02d:%02d.%03d | %3u | %08x | %08x | 
| %3u | %-5.5s | %s\\%s\n", 
2685| 

| Out->KernelPointers[i], 
2686| 

| SystemTime.wMonth, 
2687| 

| SystemTime.wDay, 
2688| 

| SystemTime.wYear, 
2689| 

| SystemTime.wHour, 
2690| 

| SystemTime.wMinute, 
2691| 

| SystemTime.wSecond, 
2692| 

| SystemTime.wMilliseconds, 
2693| Info. Instance, 

2694| 

| Info.CallerPrivateUse, 



I); 

2680| 
2681| 
2682| 
2683| 



case VIEW_LONG: { 
unsigned char 



break; 



| priority=lnfo. Priority; 
2684| 



WRITE(L"%08x | 



2695| Info.Status, 
2696| priority, 
2697| 

| GetSSFIags(lnfo.SnapShotFlags), 
2698| p, 
2699| Info. Directory 

I); 

2700| break; 

2701| } 

2702| } // switch 

2703| DEBUG_WRITE(L"»> 

| SnapShotTime = %016l64x\n",lnfo.SnapShotTime); 
2704| p += wcslen(p) + 1 ; 

2705| } // while (*p) 

2706| free(Buffer); 
2707| } // if !Err 

2708| } else { 

2709| WRITE(L"%08x | No info available 

| %08x\n",Out->KernelPointers[i],Err); 
2710| } 
2711| } 

2712| if(IFoundOne) { 

271 3| WRITE_ERROR(L"No persistent snapshots 

| exist\n"); 
2714| } 
2715| }else{ 

271 6| WRITE_ERROR(L"Error %08x getting snapshot 

| list\n",Err); 
2717| } 
2718| 

2719| free (Out); 
2720| Out = NULL; 
2721| }else{ 

2722| WRITE_ERROR(L"Out of memory\n"); 

2723| } 

2724| 

2725| if(Err) { 

2726| PrintWin32Error(Err); 

2727| } 

2728| return 0; 

2729| } 

2730| 

2731 1 //- 



2732| 

2733| int DeleteAIIExistingSnapShots() 
2734| { 

2735| tPSM_GetPersistentSnapShotsOut *Out = 0; 

2736| ULONG Err=0, NumDeleted=0; 

2737| 



2738| Out = 

| malloc(sizeof(tPSM_GetPersistentSnapShotsOut)); 
2739| if(Out) { 
2740| Err = 

| Psm_GetPersistentSnapShots(Out,sizeof(tPSM_GetPersistent 

| SnapShotsOut)); 
2741| if(!Err){ 

2742| BOOLEAN FoundOne = FALSE; 

2743| ULONG i; 

2744| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 

2745| if(Out->KernelPointers[i]==NULL) { 

2746| break; 
2747| } 

2748| FoundOne = TRUE; 

2749| Err = DeleteExistingSnapShot ((ULONG) 

| (Out->KernelPointers[i])); 
2750| if ( Err == 0 ) { 

2751 1 ++NumDeleted; 
2752| } 
2753| } 

2754| if(IFoundOne) { 

2755| WRITE_ERROR(L"No persistent snapshots 

| exist\n"); 
2756| } 
2757| } else { 

2758| WRITE_ERROR(L"Error %08x getting snapshot 

| list\n",Err); 
2759| } 
2760| 

2761| free (Out); 
2762| Out = NULL; 
2763| } else { 

2764| WRITE_ERROR(L"Out of memory\n"); 
2765| Err= ERROR_OUTOFM EMORY; 
2766| } 
2767| 

2768| if(Err) { 

2769| PrintWin32Error(Err); 
2770| } 

2771 1 WRITE ( L'TJeleted %lu snapshot%S.\n", NumDeleted, 

| (NumDeleted==1)?L"":L"s" ); 
2772| return Err; 
2773| } 
2774| 

2775| int DeleteAIISnapShotslnGroup( ULONG Group ) 
2776| { 

2777| tPSM_GetPersistentSnapShotsOut *Out = 0; 
2778| tPSM_GetKernelSnapShotlnfoW Info; 
2779| ULONG Err=0, NumDeleted=0; 
2780| 



2781 1 Out = 

| malloc(sizeof(tPSM_GetPersistentSnapShotsOut)); 
2782| if(Out) { 
2783| Err = 

| Psm_GetPersistentSnapShots(Out,sizeof(tPSM_GetPersistent 

| SnapShotsOut)); 
2784| if(!Err) { 

2785| BOOLEAN FoundOne = FALSE; 

2786| ULONG i; 

2787| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 

2788| if(Out->KernelPointers[i]==NULL) { 

2789| break; 

2790| } 

2791| 

2792| if((Err = 

| Psm_GetKernelSnapShotlnfoW(Out->KernelPointers[i],&lnfo) 
I )==0) { 

2793| if(lnfo.CallerPrivateUse == 

| (PVOID)Group ) { 
2794| FoundOne = TRUE; 

2795| Err = DeleteExistingSnapShot 

| ((ULONG) (Out->KernelPointers[i])); 
2796| if ( Err == 0 ) { 

2797| ++NumDeleted; 
2798| } 
2799| } 
2800| } else { 

2801 1 WRITE_ERROR(L"Error %08x getting 

| snapshot info for %08x\n",Err,Out->KernelPointers[i]); 
2802| } 
2803| } 
2804| 

2805| if(IFoundOne) { 

2806| WRITE_ERROR(L"No persistent snapshots 

| existAn"); 
2807| } 
2808| } else { 

2809| WRITE_ERROR(L"Error %08x getting snapshot 

| list\n",Err); 
2810| } 
2811| free (Out); 
2812| Out = NULL; 
2813| }else{ 

281 4| WRITE_ERROR(L"Out of memory\n"); 
2815| Err= ERROR_OUTOFMEMORY; 
281 6| } 
2817| 

2818| if(Err) { 

2819| PrintWin32Error(Err); 
2820| } 



2821 1 WRITE ( U'Deleted %lu snapshot%s for group 

| %08x.\n", NumDeleted, (NumDeleted==1)?L MM :L M s M ,Group); 
2822| return Err; 
2823| } 
2824| 
2825| 

2826| // 



2828| 

2829| int lnstallPsm() 
2830| { 

2831 1 CHAR rebootNeeded = 0; 

2832| PSMSTATUS status = PsmJnstallPsm ( &rebootNeeded 

I); 

2833| if ( status == 0 ) { 

2834| WRITE ( L"PSM has been installedAn" ); 

2835| if ( rebootNeeded ) { 

2836| WRITE ( L"You will need to reboot the 

| computer for changes to take effect. \n" ); 
2837| } 

2838| } else if ( status == ERROR_SERVICE_EXISTS ) { 
2839| WRITE ( L"PSM was already installedAn" ); 
2840| } else { 

2841 1 WRITE_ERROR ( U'Error 0x%08lx occurred trying 

| to install PSMAn", (unsigned long)status ); 
2842| PrintWin32 Error ( status ); 
2843| } 
2844| 

2845| return status; 

2846| } 

2847| 

2848| // 



2850| int UninstallPsm() 
2851| { 

2852| CHAR rebootNeeded = 0; 

2853| PSMSTATUS status = PsmJJnlnstallPsm ( &rebootNeeded 

I); 

2854| if ( status == 0 ) { 

2855| WRITE ( L"PSM has been uninstalledAn" ); 

2856| if ( rebootNeeded ) { 

2857| WRITE ( L"You will need to reboot the 

| computer for changes to take effect An" ); 
2858| } 
2859| } else { 

2860| WRITE_ERROR ( L"Error 0x%08lx occurred trying 

| to uninstall PSMAn", (unsigned long)status ); 
2861 1 PrintWin32 Error ( status ); 



2862| } 
2863| 

2864| return status; 

2865| } 

2866| 

2867| // 



2869| int Testl_ist() 
2870| { 

2871 1 // Test new functions for listing both persistent 

| and temporary snapshots. 

2872| // Also test functions for enumerating PSM'ed 

| volumes associated with a snapshot. 
2873| 

2874| pSnapShot snapshotTable [1 024]; 

2875| const ULONG TABLE SIZE = sizeof(snapshotTable) / 

| sizeof(snapshotTable[0]); 

2876| ULONG numSnapshots = 0; 

2877| int errorlevel = 0; 
2878| 

2879| PSMSTATUS status = Psm_GetActiveSnapshotTable ( 

2880| &numSnapshots, 

2881| snapshotTable, 

2882| TABLE_SIZE ); 

2883| 

2884| if ( status == 0 ) { 

2885| ULONG i=0; 

2886| ULONG iterator = 0; 

2887| WCHAR *volumeName = 0; 

2888| 

2889| WRITE ( U'Found %lu active snapshot%S\n", 

2890| numSnapshots, 

2891 1 (numSnapshots==1) ? L"" : L"s" ); 

2892| 

2893| for ( i=0; i<numSnapshots && status==0; ++i ) { 

2894| int numVolumesFound = 0; 

2895| 

2896| WRITE ( ^'snapshot pointer = %p\n", 

| snapshotTable[i] ); 

2897| status = Psm_FindFirstVolumeForSnapshot ( 

2898| snapshotTable[i], 

2899| &volumeName, 

2900| &iterator ); 
2901| 

2902| if ( status == 0 ) { 

2903| if ( volumeName ) { 

2904| WRITE ( L" volume[%d] = %S\n", 

| numVolumesFound++, volumeName ); 

2905| while ( volumeName && status==0 ) { 



2906| status = 

| Psm_FindNextVolumeForSnapshot ( 
2907| snapshotTable[i], 
2908| &volumeName, 
2909| iterator ); 

2910| 

2911| if (status == 0 ) { 

2912| if ( volumeName ) { 

2913| WRITE (L" 

| volume[%d] = %S\n M , numVolumesFound++, volumeName ); 
2914| } 
2915| }else{ 

291 6| WRITE_ERROR ( U'Error %08x 

| returned from Psm_FindNextVolumeForSnapshot()\n", 
| status ); 

291 7| errorlevel = 3; 

2918| } 
2919| } 
2920| } 
2921| }else{ 

2922| WRITE_ERROR ( U'Error %08x returned 

| from Psm_FindFirstVolumeForSnapshot()\n", status ); 
2923| errorlevel = 2; 

2924| } 
2925| } 
2926| } else { 

2927| WRITE ERROR ( L" Error %08x returned from 

| Psm_GetActiveSnapshotTable()\n M , status ); 
2928| errorlevel = 1 ; 
2929| } 
2930| 

2931 1 return errorlevel; 

2932| } 

2933| 

2934| // 

| 

2935| ULONG GetDriveLetterFromWin32Name( WCHAR *Win32Name, 

| WCHAR *Drivel_etter) 
2936| { 

2937| WCHAR *Buffer,*p; 

2938| WCHAR Name[256]; 

2939| BOOLEAN FoundOne=FALSE; 

2940| WCHAR LookingFor[256]; 

2941| 

2942| // its in \\\\?\\Volume{ we need Volume{ 

2943| QueryDosDeviceW(Win32Name+4,LookingFor,256); 

2944| 

2945| Buffer = 

| (WCHAR*)LocalAlloc(LPTR,65536*sizeof(WCHAR)); 
2946| QueryDosDeviceW(NULL,Buffer,65536); 



2947| 

2948| p = Buffer; 

2949| whilefp) { 

2950| QueryDosDeviceW(p, Name,256) ; 

2951 1 if( (wcsicmp(LookingFor,Name)==0) && 

2952| (*(p+1 )==!_':')){ 

2953 1 wcscpy ( D riveLette r, p) ; 

2954| FoundOne = TRUE; 

2955| break; 

2956| } 

2957| P = P + wcslen(p)+1 ; 

2958| } 

2959| 

2960| Local Free(Buffer); 

2961| if(FoundOne) { 

2962| return 0; 

2963| } else { 

2964| return ERROR_FILE_NOT_FOUND; 

2965| } 



2966| } 

2967| 

2968| 

2969| int DisplayPsmStatistics() 
2970| { 

2971 1 PSMSTATUS status=0; 
2972| ULONG Err=0; 

2973| tPSM_GetVolumeCachelnfoOut progress; 
2974| ULONG i; 

2975| ULONG Auto Enumerated = FALSE; 
2976| 

2977| WRITE(L"Used | Size | Max | 

| Volume\n M ); 
2978| ListVols: 
2979| if(NumVolumes>0) { 
2980| for(i=0;i<NumVolumes;i++) { 
2981 1 status = Psm_GetVolumeCachelnfoW 

| (lnVolumeMap[i],&progress); 
2982| 

2983| if ( NT_SUCCESS(status) ) { 

2984| double mbTotal = 

| (double)progress.lnitialCacheFileSize; 
2985| double mbMax = 

| (double)progress.MaximumCacheFileSize; 
2986| double mbUsed = 

| (double)progress.CurrentCacheFileSize; 
2987| if(mbTotal) { 

2988| WRITE ( L"%10.3lf (%7.3lf%%) | 

| %6.0lf | %6.0lf | %s\n", 
2989| mbUsed/1024, 
2990| 1 00.0*mbUsed/(mbTotal*1 024.0), 



2991| mbTotal, 
2992| mbMax, 
2993| lnVolumeMap[i] 
2994| ); 
2995| } else { 

2996| WRITE( L" 

| | %s\n",lnVolumeMap[i]); 
2997| } 

2998| } else if ( AutoEnumerated && 

| status==ERROR_NOT_FOUND ) { 
2999| DEBUG_WRITE(L"»> We thought volume 

| '%s' was PSMable, but cannot get its cache 

| info!\n",lnVolumeMap[i]); 
3000| status = STATUS_SUCCESS; 

3001| }else{ 

3002| WRITE_ERROR ( U'Error %08x retrieving 

| info | %s\n", status, lnVolumeMap[i] ); 
3003| } 
3004| } 
3005| } else { 
3006| WCHAR Vol[256]; 
3007| HANDLE VolHandle = 

| FindFirstVolumeW(Vol,256*sizeof(WCHAR)); 
3008| if(VolHandle!=INVALID_HANDLE_VALUE) { 
3009| do { 

3010| if(Vol[wcslen(Vol)-1]==L , \V) { 

301 1 1 Vol[wcslen(Vol)-1 ] = L'\0'; 

3012| } 
3013| 

| if(GetDriveLetterFromWin32Name(Vol,lnVolumeMapData[NumVo 
| lumes])!=0) { 
3014| 

| wcscpy( I n VolumeMapData[Nu m Volu mes] , Vol) ; 
3015| } 
3016| 

| if(((lnVolumeMapData[NumVolumes][0]==L'A') && 
| (lnVolumeMapData[NumVolumes][1]==L':')) || 
3017| 

| (((lnVolumeMapData[NumVolumes][0]==L , A , ) && 

| (lnVolumeMapData[NumVolumes][1]==L':')))) { 
3018| // skip floppies 

3019| }else{ 
3020| 

| if(Psm_CanBePSMedW(lnVolumeMapData[NumVolumes])) { 
3021| 

| lnVolumeMap[NumVolumes]=lnVolumeMapData[NumVolumes]; 



3022| NumVolumes++; 
3023| } 
3024| } 
3025| } 



I while(FindNextVolumeW(VolHandle,Vol,256)); 
3026| FindVolumeClose(VolHandle); 
3027| if(NumVolumes) { 

3028| AutoEnumerated = TRUE; 

3029| goto ListVols; 

3030| } 
3031| } 
3032| } 
3033| 

3034| if(status) { 

3035| PrintWin32Error(status); 

3036| } 

3037| return NT_SUCCESS(status) ? 0 : 1 ; 

3038| } 

3039| 

3040| int CreateCache() 
3041| { 

3042| PSMSTATUS status=0; 
3043| ULONG Err=0; 
3044| 

3045| UpdateBootlni(); 
3046| 

3047| if(NumVolumes>0) { 

3048| // set event so they can cancel waiting for q 
| period 

3049| AbortEvent = CreateEvent( NULL, TRUE, FALSE, 

| NULL); 
3050| 

3051 1 // Set our Control - C handler 

3052| wcscpy(AbortMessage,L M , cancelling creating 

| cache filesAn"); 
3053| SetConsoleCtrlHandler( 

| (PHANDLER_ROUTINE)CtrlHandlerRoutine, TRUE ); 
3054| 

3055| status = Psm_Create Files W( NumVolumes, 

| InVolumeMap, AbortEvent ); 
3056| if(status) { 
3057| PrintWin32Error(status); 
3058| } 
3059| 

3060| if(AbortEvent) { 

3061 1 CloseHandle(AbortEvent); 

3062| AbortEvent = INVALID_HANDLE_VALUE; 

3063| } 

3064| 

3065| } else { 

3066| WRITE_ERROR(L"No volumes specif ied\n M ); 

3067| } 

3068| 

3069 1 return status; 



3070| } 
3071| 
3072| 
3073| //- 



3076| int IslnstalledQ 
3077| { 

3078| tPSM_Versionlnfo version = {0}; 

3079| PSMSTATUS status = Psmjslnstalled ( 

3080| sizeof(version), 

3081| &version ); 

3082| 

3083| switch ( status ) { 

3084| case PSM_ERROR_REBOOT_NEEDED: WRITE_ERROR ( 

| U'Reboot needed\n" ); break; 
3085| case PSM_ERROR_NOT_INSTALLED: WRITE_ERROR ( 

| L"PSM Not installed\n M ); break; 
3086| case STATUS_SUCCESS: break; 
3087| default: WRITE_ERROR ( 

| U'Error %08x getting version\n", status ); break; 
3088| } 
3089| 

3090| if(status==STATUS_SUCCESS) { 
3091 1 ULONG VersionHi=(version.Version & OxffOO) » 
I 8; 

3092| ULONG Versionl_o= version. Version & OxOOff; 
3093| ULONG BuildNum=(version.Version » 16) & 

| OxOfff; 
3094| 

3095| WRITE ( U'LoVersion = 0x%08lx\n", 

| version. LoVersion ); 
3096| WRITE ( L'Version = %d.%02x build %d\n", 

| VersionHi, VersionLo,BuildNum); 
3097| WRITE ( U'Eval = %s\n",version.Eval ? 

| L"yes":L"no"); 
3098| 

3099| if(version.Eval) { 

31 00| SYSTEMTIME SysTime={0}; 

3101| FILETIME NewFileTime; 

3102| 

3103| 

| FileTimeToLocalFileTime((PFILETIME)&version.ExpireDate,& 
| NewFileTime); 
3104| 

| FileTimeToSystemTime(&NewFileTime,&SysTime); 
3105| 

3106| if (version. Expired) { 

31 07| WRITE (U'Expired on %d/%02d/%4d 



I %d:%02d\n", 

3108| SysTime.wMonth, 

31 09| SysTime.wDay, 

31 1 0| SysTime.wYear, 

31 1 1 1 SysTime.wHour, 

31 1 2| SysTime.wMinute); 

3113| }else{ 

31 1 4| WRITE(L"Expires on %d/%02d/%4d 

| %d:%02d\n", 

31 1 5| SysTime.wMonth, 

31 1 6| SysTime.wDay, 

31 1 7| SysTime.wYear, 

31 1 8| SysTime.wHour, 

31 1 9| SysTime.wMinute); 

3120| } 

3121| } 

3122| WRITE(L"\n"); 

3123| } 

3124| 

3125| if(status){ 

3126| PrintWin32Error(status); 

3127| } 

3128| 

3129| return 0; 

3130| } 

3131| 



3132| //- 

| 

3133| 

3134| ULONG RevertSnapShotToPristineState ( ULONG Snapshot ) 
3135| { 

3136| ULONG Err=0; 

3137| Err= Psm_RevertSnapShotToPristineState( 

| (PVOID)SnapShot ); 
3138| if(!Err){ 

31 39| WRITE(L"Snapshot %08x is restored to it's 

| pristine state.\n",SnapShot); 
3140| }else{ 

3141| WRITE_ERROR(L"Error %08x restoring snapshot 

| %08x to it's pristine state.\n",Err,SnapShot); 
3142| } 
3143| if(Err) { 

3144| PrintWin32Error(Err); 
3145| } 

3146| return Err; 

3147| } 

3148| 

3149| //- 



3150| 



3151| ULONG RevertToSnapShot ( 
3152| ULONG Snapshot, 
3153| ULONG RevertFlags ) 
3154| { 

3155| WCHARch=0; 
3156| ULONG Err=0; 
3157| 

3158| if(!AlwaysDelete) { 

31 59| WRITE(L"This is a destructive operation. 

| Continue (Y/N)? "); 
3160| do{ 

31 61 1 ch = (WCHAR) toupper(getch()); 

31 62| } while((ch!='Y') && (ch!='N')); 
3163| 

3164| WRITE(L"%c\n",ch); 

3165| }else{ 

3166| ch='Y'; 

3167| } 

3168| 

3169| if(ch=='Y'){ 

31 70| Err = Psm_RevertToSnapShot( (PVOID)SnapShot, 

| RevertFlags ); 
3171| 

31 72| if ( Err == PSM_ERROR_REBOOT_NEEDED ) { 
31 73| WRITE_ERROR(L"Revert operation will be 

| performed at next bootAn"); 
3174| } else if ( Err == 

| PSM_M U LTI_VO LUME_REVE RT_D IS AB LED ) { 
31 75| WRITE_ERROR(L"Multi-volume revert is 

| disabled - no revert performedAn"); 
3176| } else if (Err) { 

31 77| WRITE_ERROR(L"Error %08x reverting snapshot 

| %08x\n",Err,SnapShot); 
3178| PrintWin32Error(Err); 
3179| } 
3180| } 
3181 1 return Err; 
3182| } 
3183| 

3184| // 

3185| 

3186| ULONG ConvertTypeToFlags ( 
3187| ULONG SnapShotType, 
3188| BYTE *SnapShotFlags ) 
3189| { 

3190| ULONG Err = 0; 
3191| 

31 92| if ( SnapShotFlags ) { 
3193| switch ( SnapShotType ) { 



3194| case PSM_SS_FLAG_HEADER_READ WRITE: 

3195| *SnapShotFlags = 

| PSM_SS_FLAG_P_READWRITE; 
3196| break; 
3197| 

3198| case PSM_SS_FLAG_HEADER_READONLY: 

3199| *SnapShotFlags = 

| PSM_SS_FLAG_P_READONLY; 
3200| break; 
3201| 

3202| case 

| PSM_SS_FLAG_HEADER_READWRITE_PERSISTENT: 
3203| *SnapShotFlags = 

| PSM_SS_FLAG_P_READWRITE_PVW; 
3204| break; 
3205| 

3206| case PSM_SS_FLAG_HEADER_TEMP_READONLY: 

3207| *SnapShotFlags = 

| PSM_SS_FLAG_T_READONLY; 
3208| break; 
3209| 

3210| case PSM_SS_FLAG_HEADER_TEMP_READWRITE: 

321 1 1 *SnapShotFlags = 

| PSM_SS_FLAG_T_READWRITE; 
3212| break; 
3213| 

3214| default: 

321 5| *SnapShotFlags = 0; 

321 6| Err = ERROR_INVALID_PARAMETER; 

3217| break; 

3218| } 

3219| }else{ 

3220| Err= ERROR_INVALID_PARAMETER; 

3221| } 

3222| 

3223| return Err; 

3224| } 

3225| 

3226| //- 



3228| ULONG ModifySnapShotFlags ( 

3229| ULONG Snapshot, 

3230| CHAR Flags ) 
3231| { 

3232| ULONG Err=0; 

3233| tPSM_GetKernelSnapShotlnfoW Get = {0}; 

3234| tPSM_SetKernelSnapShotlnfo Put = {0}; 
3235| 

3236| if(SnapShot) { 



3237| Err = 

| Psm_GetKernelSnapShotlnfoW((PVOID)SnapShot,&Get); 
3238| if(!Err) { 
3239| Put.CallerPrivateUse = 

| Get.CallerPrivateUse; 
3240| Put.NumToKeep = Get.NumToKeep; 

3241 1 Put. Priority = Get. Priority; 

3242| Put. Reserved 1 = Get.Reservedl ; 

3243| Put.Reserved2 = Get.Reserved2; 

3244| 

3245| // We want to change what type of snapshot 

| (temp/persist, readonly/read write), 
3246| // but leave any other bits (e.g. save on 

| exit) alone. 

3247| Put.SnapShotFlags = Get.SnapShotFlags; 

3248| Put.SnapShotFlags &= 

| ~PSM_SS_FLAG_TYPE_MASK; 
3249| Put.SnapShotFlags |= (Flags & 

| PSM_SS_FLAG_TYPE_MASK); 
3250| 

3251 1 Err = Psm_SetKernelSnapShotlnfoW ( 

| (PVOID)SnapShot, &Put); 
3252| if ( Err ) { 

3253| WRITE_ERROR(L"Error %08x setting flags 

| for snapshot %08x\n",Err,SnapShot); 
3254| } 
3255| } else { 

3256| WRITE_ERROR(L"Error %08x getting 

| information for snapshot %08x\n",Err,SnapShot); 
3257| } 
3258| } 
3259| 

3260| return Err; 

3261| } 

3262| 

3263| // 
| 

3264| 

3265 1 J**** ************************************** ************* 
I ********************y 

3266| * 

3267| * FilerGetVersion() 
3268| * 

3269| * Given an item from a File ListBox, GetVersion 

| retrieves the version 
3270| * information from the specified file. 
3271 | * 

3272| * input: IpszFileName - the name of the file. 
3273| * dwBuffSize - > 0 size of buffer to 
| hold version info 



3274| * szBuff - buffer to hold version 

| info 
3275| * 

3276| * returns: TRUE if successful, FALSE otherwise. 
3277| * 
3278| * 

3279 1 y******************************************************* 

3280| #define NUM_VERSION_INFO_KEYS 13 

3281 1 #define VERSION_INFO_KEY_ROOT L"\\StringFilelnfo\\" 

3282| 

3283| // .EXE version information key structure: for 

| FilerGetVersion() in DRVPROC.C 
3284| typedef struct _VersionKeylnfo { 
3285| WCHAR const *szKey; 
3286| WCHAR *szValue; 
3287| } VKINFO, *LPVKINFO; 
3288| 

3289| BOOL FilerGetVersion(LPWSTR IpszFileName, DWORD 

| dwBuffSize, LPWSTR szBuff, VKINFO *lnfo) 
3290| { 
3291| // 

3292| // NUM_VERSION_INFO_KEYS should be set to the 

| number of entries in 
3293| // VersionKeys[]. 
3294| // 

3295| CONST static WCHAR *VersionKeys[] = { 

3296| U'ProductName", 

3297| L"ProductVersion", 

3298| L"Original Filename", 

3299| L"FileDescription", 

3300| U'FileVersion", 

3301| U'CompanyName", 

3302| U'LegalCopyright", 

3303| U'LegalTrademarks", 

3304| U'lnternalName", 

3305| L"PrivateBuild", 

3306| U'SpecialBuild", 

3307| U'Build", 

3308| U'Comments" 

3309| }; 

3310| 

331 1 1 static WCHAR szNull[1 ] = L""; 

3312| LPVOID Iplnfo; 

3313| DWORD cch; 

3314| UINT i; 

3315| WCHAR key[80]; 

3316| WCHAR lpBuffer[10]; 

3317| 

3318| GetFileVersionlnfoW(lpszFileName, 0, dwBuffSize, 



I (LPVOID)szBuff ); 
3319| swprintf(lpBuffer, L M %04X", 

| GetUserDefaultLanglD()); 
3320| wcscat(lpBuffer,L"04B0"); 

3321 1 for (i = 0; i < NUM_VERSION_INFO_KEYS; i++) { 

3322| wcscpy(key, VERSION_INFO_KEY_ROOT); 

3323| wcscat(key, IpBuffer); 

3324| wcscat(key, L"\\"); 

3325| wcscat(key, VersionKeys[i]); 

3326| lnfo[i].szKey = Version Keys[i]; 

3327| 

3328| // 

3329| // If version info exists, and the key query is 

| successful, add 
3330| // the value. Otherwise, the value for the 

| key is NULL. 
3331| // 

3332| if( dwBuffSize && VerQueryValueW(szBuff, key, 

| &lplnfo, &cch) ) 
3333| lnfo[i].szValue = Iplnfo; 

3334| else 

3335| lnfo[i].szValue = szNull; 

3336| } 

3337| 

3338| return TRUE; 

3339| } 

3340| 

3341| ULONG GetVersionOfFile( WCHAR *FileName, VKINFO **lnfo 
I) 

3342| { 

3343| ULONG dwHandle; 

3344| ULONG dwLength = GetFileVersionlnfoSizeW( FileName, 

| &dwHandle); 
3345| 

3346| if(dwLength) { 
3347| *lnfo= 

| malloc((dwLength+sizeof(VKINFO)*NUM_VERSION_INFO_KEYS)); 
3348| if(*lnfo) { 
3349| 

| FilerGetVersion(FileName,dwLength,(WCHAR*)(((char*)*lnfo 
| )+sizeof(VKINFO)*NUM_VERSION_INFO_KEYS),*lnfo); 

3350| return 0; 

3351| }else{ 

3352| return GetLastError(); 

3353| } 

3354| } else { 

3355| *lnfo = NULL; 

3356| return GetLastError(); 

3357| } 

3358| } 



3359| 

3360| ULONG FreeVersionlnfo( VKINFO *lnfo ) 
3361| { 

3362| if ( Info ) { 

3363| free(lnfo); 

3364| } 

3365| return 0; 

3366| } 

3367| 

3368| void DumplnfoAboutFile( WCHAR *FileName ) 
3369| { 

3370| VKINFO *lnfo = NULL; 

3371 1 HANDLE Handle = INVALID_HANDLE_VALUE; 

3372| WIN32_FIND_DATAW Dir = {0}; 

3373| WCHAR Buffer[1 024]; 

3374| WCHAR *p = NULL; 

3375| 

3376| if(SearchPathW(NULL,FileName,NULL,1024,Buffer,&p)) 
|{ 

3377| Handle = FindFirstFileW(Buffer,&Dir); 
3378| if(Handle!=INVALID_HANDLE_VALUE) { 
3379| FILETIME NewFileTime={0}; 

3380| SYSTEMTIME SystemTime={0}; 

3381| 

3382| GetVersionOfFile(FileName,&lnfo); 
3383| 

| FileTimeToLocalFileTime((FILETIME*)&Dir.ftLastWriteTime, 
| &NewFileTime); 
3384| 

| FileTimeToSystemTime(&NewFileTime,&SystemTime); 
3385| 

3386| WRITE(L"%2d/%02d/%4d %2d:%02d %-15.15s 

| VoSVl", 

3387| SystemTime.wMonth, 

3388| SystemTime.wDay, 

3389| SystemTime.wYear, 

3390| SystemTime.wHour, 

3391 1 SystemTime.wMinute, 

3392| Info ? lnfo[4].szValue : L" M , 

3393| Buffer 

3394| ); 
3395| 

3396| FreeVersionlnfo(lnfo); 

3397| FindClose(Handle); 

3398| } else { 

3399| DEBUG_WRITE(L"Unable to get directory 

| information for file '%s'\n",FileName); 

3400| } 

3401| }else{ 

3402| DEBUG_WRITE(L"Unable to find file 



I '%s'\n",FileName); 
3403| } 
3404| } 
3405| 

3406| // 



3408| void PrintHeader( const char *exeName ) 

3409| { 

341 0| WRITE(L M %S - Snapshot Command line management 

| utility\n",exeName); 

341 1 1 WRITE(L M Copyright (c) 2000-2001 Columbia Data 

| Products, Inc. All Rights Reserved.\n\n"); 
3412|} 
3413| 

341 4| void PrintVersion( const char *exeName ) 

3415| { 

3416| WCHAR Dir[1024]; 
3417| 

341 8| PrintHeader(exeName) ; 

341 9| WRITE(L M %s version\n'\_PsmVendorNameWStr_); 

3420| lslnstalled(); 

3421| 

3422| WRITE(L"Date/Time Version File\n"); 
3423| 

3424| DumplnfoAboutFile(L"psmlapi.dir); 

3425| DumplnfoAboutFile(L"ss.exe"); 
3426| 

3427| GetSystemDirectoryW(Dir,1 024); 

3428| wcscat(Dir,L"\\psmready.exe"); 
3429| 

3430| DumplnfoAboutFile(Dir); 
3431| 

3432| GetSystemDirectoryW(Dir,1 024); 

3433| wcscat(Dir,L"\\drivers\\psman5.sys M ); 

3434| DumplnfoAboutFile(Dir); 
3435| 

3436| GetSystemDirectoryW(Dir,1 024); 
3437| 

| wcscat(Dir,L M \\serverappliance\\mui\\0409\\snapshot.dH M 

I); 

3438| DumplnfoAboutFile(Dir); 
3439| 

3440| GetSystemDirectoryW(Dir,1 024); 

3441| wcscat(Dir,L"\\serverappliance\\PSMCom.dll M ); 

3442| DumplnfoAboutFile(Dir); 

3443| 

3444| GetSystemDirectoryW(Dir,1 024); 

3445| wcscat(Dir,L"\\serverappliance\\drbackup.dH"); 

3446| DumplnfoAboutFile(Dir); 



3447| } 

3448| 

3449| 

3450| void PrintHelp ( const char *exeName ) 
3451| { 

3452| PrintHeader(exeName); 
3453| 

3454| WRITE( 

3455| L" -n = Create new snapshot (must be 

| followed by one or more -l:x).\n" 
3456| L" -l:x = Volume to take a snapshot 

| of.\n" 

3457| L" -d:x = Delete the snapshot specified 
| by x.\n" 

3458| L" -dg:x = Delete the snapshots in group 
| x.\n" 

3459| L" -deleteall = Delete all snapshotsAn" 
3460| L" -v[s|l] = List all active snapshots in 

| normal, short or long view An" 
3461 1 L" -stats = Display cache utilization for 

| all volumesAn" 
3462| L" -i = Install PSMAn" 
3463| L" -u = Uninstall PSMAn" 
3464| L" -g:x = Group number of this 

| snapshotAn" 
3465| L" -p:x = Priority, 0=none, 1=lowest, 

| 254=highest, 255=keep alwaysAn" 
3466| L" -k:x = Number of snapshots to keep in 

| this groupAn" 
3467| L" -f :x = Snapshot flags, do '-? flags' 

| for more informationAn" 
3468| L" -name:x = Name of snapshot, do '-? name' 

| for more informationAn" 
3469| L" -quiet[:full] = Don't display console 

| messages. \n" 
3470| L" -y = Always assume yes on 

| questionsAn" 

3471 1 L" -reset :x = Restore a Read/Write snapshot 

| to its pristine stateAn" 
3472| L" -revert:x = Restore snapshot x images to 

| original volumesAn" 
3473| L" -version = List versions of support 

| modules\n" 

3474| L" -chron = Sort snapshot list in forward 

| chronological order\n" 
3475| L" -readonly:x = Make snapshot x be read-only 

| (causes reset to pristine state)\n" 
3476| L" -readwrite:x = Make snapshot x be 

| writeable\n" 
3477| #if DR_BACKUP_SUPPORTED 



3478| L" -image:x = Perform image backup of 
| volume x\n" 

3479| L" -imagetest:x = Fully test correctness of 

| volume image backup in path x (slow)\n M 
3480| L" -imagecheck:x = Quickly test that all files 

| in backup path x exist\n" 
3481 1 L" -backuptest = Verify registry settings for 

| disaster recovery backup\n" 
3482 1 L" -diskette = Create disaster recovery 

| diskette\n" 
3483| #endif /*DR_BACKUP_SUPPORTED7 
3484| L" -createcache = Create cache files on 

| volume(s) specified by '-l:x ..An" 
3485| ); 
3486| } 
3487| 

3488| void PrintHelpName ( const char *exeName ) 
3489| { 

3490| PrintHeader(exeName); 
3491| 

3492| WRITE( 

3493| L" The following can be used as substitution 
| strings for snapshot names :\n\n" 



3494| 


L" %%i = 


■■ Instance number (Unique per 


| snapshot) An" 




3495| 


L" %%M 


= Month (1-12).\n" 


3496| 


L" %%D 


= Day (1-31) An" 


3497| 


L" %%Y 


= Year (2000-20xx).\n" 


3498| 


L" %%m 


= Minute (0-59). \n" 


3499| 


L" %%h : 


= Hour in 12 hour format (1-12).\n" 


3500| 


L" %%H 


= Hour in 24 hour format (0-23).\n" 


3501| 


L" %%s = 


= Second (0-59) An" 


3502| 


L" %%w 


= Three letter weekday abbreviation 



| (Sun, Mon, etc..)An" 
3503| L" %%W = Full weekday name (Sunday, Monday, 
| etc.) An" 

3504| L" %%a = AM/PM markerAn" 
3505| L" %%p = Group numberAn" 
3506| L" %%P = Priority (0-255).\n M 
3507| L" %%k = Number of snapshots to keep for this 
| groupAn" 

3508| L" %%%% = Percent signAn" 

3509| L'YiExamplesAn" 

3510| L" '-name:Hourly' or" 

351 1 1 L" '-name:Snapshot at %%H :%%m'\n" 

351 2| L'YiThe above characters are case-sensitive, 

| and any duplicate names are postfixed\n" 
3513| L"with an unique numberAn" 
3514| ); 
3515| } 



3516| 

351 7| void PrintHelpFlags ( const char *exeName ) 
3518| { 

351 9| PrintHeader(exeName); 
3520| 

3521| WRITE( 

3522| L" Any one of the following snapshot flags can 
| be set:\n\n" 

3523| L" 0 = Virtual volumes are read-write, with 

| changes discarded after rebootAn" 
3524| L" 1 = Virtual volumes are read-only.\n" 
3525| L" 2 = Virtual volumes are read-write, with 

| persistent writesAn" 
3526| L" 3 = Virtual volumes are temporary and 

| read-onlyAn" 
3527| L" 4 = Virtual volumes are temporary and 

| read-writeAn" 
3528| L'YiExamplesAn" 
3529| L" '-f:r or '-f:2'\n M 
3530| ); 
3531| } 
3532| 

3533| PSMSTATUS PSMAPI Psm_TestFunction( ULONG Paraml, ULONG 

| Param2); 
3534| 

3535| void DoJobTest( ULONG Paraml, ULONG Param2 ) 
3536| { 

3537| #ifdef_DEBUG 

3538| Psm_TestFunction(Param1 ,Param2); 

3539| #endif 

3540| } 

3541| 

3542| 

3543| // 



3545| #ifdef_DEBUG 

3546| void FixNtVolumeName ( WCHAR *FileName ) 
3547| { 
3548| // 

3549| // FixNtVolumeNameO turns A\?\Volume{...}' into 

| A??\Volume{...}'. 
3550| // This is special voodoo that makes things work 

| real good. 
3551| // 

3552| const WCHAR *GuidPattern = L M \\\\?\\Volume{ M ; 

3553| const ULONG GuidPatternChars = wcslen(GuidPattern); 

3554| if ( 

| wcsncmp(FileName,GuidPattern,GuidPatternChars)==0 ) { 
3555| FileName[1] = L'?'; 



3556| } 
3557| } 

3558| #endif /*_DEBUG7 
3559| 

3560| //- 



3561| 

3562| #ifdef_DEBUG 

3563| BOOLEAN DeleteCacheFilesDuringCleanup = FALSE; 
3564| BOOLEAN ShouldDeletePsmFile ( const WCHAR *FileName ) 
3565| { 
3566| // 

3567| // ShouldDeletePsmFileO usually returns TRUE, 

| meaning that the file given 
3568| // should be deleted. It is called only with PSM 

| filenames. 

3569| // If the user did not specify '-cleanup:cache', 
| however, it 

3570| // returns FALSE when it sees a difference file. 

| Keeping the cache files 
3571 1 // by default makes things go much quicker when 

| we create the first snapshot later. 
3572| // 

3573| BOOLEAN Nukelt = TRUE; 
3574| 

3575| if ( IDeleteCacheFilesDuringCleanup ) { 
3576| const WCHAR *TailPattern = L".diff.psm"; 
3577| ULONG TailPatternChars = wcslen(Tail Pattern); 
3578| ULONG FileNameChars = wcslen(FileName); 
3579| if ( FileNameChars >= TailPatternChars ) { 
3580| if ( 

| wcsicmp(&FileName[FileNameChars-TailPatternChars],TailPa 

| ttern) == 0 ) { 
3581 1 Nukelt = FALSE; 

3582| } 
3583| } 
3584| } 
3585| 

3586| return Nukelt; 
3587| } 

3588| #endif /*_DEBUG7 
3589| 

3590| //- 



3591| 

3592| #ifdef_DEBUG 
3593| int DeleteAIIPsmFiles() 
3594| { 
3595| // 

3596| // DeleteAIIPsmFiles() looks in the 



I FilesNotToBackup key in the registry 
3597| // for entries put there by PSM. This is a 

| convenient way to get a list 
3598| // of all the PSM file names on the system. 
3599| // 
3600| int Err = 0; 
3601| inti = 0; 

3602| const ULONG ValueDataChars = 16384; // in case we 

| put multiple filenames in MULTI_SZ 
3603| const ULONG ValueDataBytes = sizeof(WCHAR) * 

| ValueDataChars; 
3604| DWORD ValueDataBytes Returned = 0; 
3605| WCHAR *RegPath = 

| L"SYSTEM\\CurrentControlSet\\Control\\BackupRestore\\Fil 

| esNotToBackup"; 
3606| HKEY KeyHandle = INVALID_HANDLE_VALUE; 
3607| WCHAR ValueName [256] = {0}; 
3608| DWORD ValueNameCharCount = 0; 
3609| DWORD ValueType = 0; 
361 0| WCHAR *ValueData = (WCHAR *) 

| malloc( ValueDataBytes); 
361 1 1 const WCHAR *FrontPattern = U'Persistent Storage 

| Manager ("; 

361 2| const WCHAR *MiddlePatterns[] = { L"Cache:", 

| U'Header:", L"lndex:", 0}; 
361 3| const ULONG FrontPatternChars = 

| wcslen(FrontPattern); 
3614| 

3615| if ( ValueData ) { 

361 6| DWORD KeyErr = RegOpenKeyExW ( 

361 7\ H KEY_LOC AL_MACH I N E, 

3618| Reg Path, 

3619| 0, 

3620| KEY_READ, 

3621| &KeyHandle); 

3622| 

3623| // Look in FilesNotToBackup list for values 

| that begin with 
3624| // "PersistentStorageManager (Cache:", "... 

| (Header:", or "... (Index:". 
3625| // The value of each such key will be a PSM 

| filename. 
3626| 

3627| if ( KeyErr == ERROR_SUCCESS ) { 
3628| // Enumerate all values within the key we 

| just opened... 
3629| 

3630| for ( i=0; KeyErr == ERROR_SUCCESS; ++i ) { 

3631 1 ValueNameCharCount = sizeof (ValueName) 

| /sizeof(ValueName[0]); 



3632| ValueDataBytesReturned = 

| ValueDataBytes; 
3633| KeyErr = RegEnumValueW( 

3634| KeyHandle, // 

| handle to key to query 
3635| i, // 

| index of value to query 
3636| ValueName, // 

| value buffer 

3637| &ValueNameCharCount, // 

| size of value buffer (IN/OUT) 
3638| NULL, // 

| reserved 

3639| &ValueType, // 

| type buffer 

3640| (unsigned char *)ValueData, // 

| data buffer 

3641 1 &ValueDataBytesReturned ); // 

| size of data buffer (IN/OUT) 
3642 1 

3643| if ( KeyErr == ERROR_SUCCESS ) { 

3644| if ( ValueType == REG_MULTI_SZ ) { 

3645| if ( 

| wcsncmp(ValueName,FrontPattern,FrontPatternChars) = 

l){ 

3646| // Okay, this value was 

| added by PSM, but is it really a PSM filename list? 
3647| WCHAR *Middle = ValueName + 

| FrontPatternChars; 
3648| BOOLEAN FoundPattern = 

| FALSE; 
3649| int pi; 

3650| for ( pi=0; 

| MiddlePatterns[pi]; ++pi ) { 
3651| ULONG 

| MiddlePatternChars = wcslen(MiddlePatterns[pi]); 
3652| if ( 

| wcsncmp(Middle,MiddlePatterns[pi], MiddlePatternChars) 

I ){ 

3653| FoundPattern = 

| TRUE; // Yes, it is a list of PSM filenames. 
3654| break; 
3655| } 
3656| } 
3657| 

3658| if ( FoundPattern ) { 

3659| ULONG DelStatus = 0; 

3660| WCHAR *FileName = 

| ValueData; 
3661| while ( *FileName ) { 



3662| 

| FixNtVolumeName(FileName); 
3663| if ( 

| ShouldDeletePsmFile(FileName) ) { 
3664| DelStatus = 

| Psm_DeletePsmFileW (FileName); 
3665| if ( DelStatus 

I == 0 ) { 
3666| 

| WRITE(L"Deleted file '%s'\n'\ FileName); 
3667| } else { 

3668| 

| //WRITE(L">» Psm_DeletePsmFile('%s') returned 

| %08x\n",FileName, DelStatus); 
3669| } 
3670| } else { 

3671| 

| WRITE(L"Retained file '%s\ri; FileName); 
3672| } 
3673| FileName += 1 + 

| wcslen(FileName); //skip to next string in MULTI_SZ 
3674| } 
3675| } 
3676| } 
3677| } 
3678| } 
3679| } 
3680| 

3681 1 RegCloseKey(KeyHandle); 

3682| } 

3683| 

3684| free (ValueData); 
3685| ValueData = NULL; 
3686| } else { 

3687| Err= ERROR_OUTOFM EMORY; 

3688| } 

3689| 

3690| return Err; 
3691| } 

3692| #endif /*_DEBUG7 
3693| 

3694| // 

I 

3695| 

3696| typedef struct sKeyNameListNode { 
3697| struct sKeyNameListNode *Next; 
3698| WCHAR *KeyName; 
3699| } tKeyNameListNode, *pKeyNameListNode; 
3700| 

3701 1 // FIXFIXFIX: This function should have an option to 



I determine whether 
3702| // child keys should be deleted, not just the values in 
| those keys. 

3703| // Will need to do something similar to the logic for 

| enumerating and 
3704| // putting names in linked list, then going back and 

| deleting everything 
3705| // in the linked list. This is because enumerator 

| functions have undefined 
3706| // behavior if the registry tree is being modified at 

| the same time. 
3707| 

3708| void RecursiveKeyDelete ( 

3709| HKEY parent, // 

| handle of key to search for values to delete 
3710| const WCHAR *parentName, // 

| keeps track of where we are for display 
3711| const WCHAR *listOfValuesToDelete[] ) // 

| array of names for the registry values to delete 
3712| { 
3713| // 

371 4 1 // RecursiveKeyDelete() looks through the given 

| registry key 'parent' 
371 5| // for any of the values whose names are specified 

| in NULL-terminated 
371 6| // array of wide strings 'HstOfValuesToDelete'. 

| After that, it recursively 
371 7| // opens all child keys of parent, one at a time, 

| and calls recursively 
371 8| // to delete any of the targeted values 

| underneath. 
3719| // 

3720| WCHAR keyName [256]; 

3721 1 const DWORD keyNameChars = sizeof (keyName) / 

| sizeof (WCHAR); 
3722| WCHAR *childName = malloc(sizeof(WCHAR) * 

| (keyNameChars + wcslen(parentName) + 1)); 
3723| int i = 0; 

3724| FILETIME lastWriteTime = {0}; 
3725| LONG KeyStatus = 0; 
3726| if ( childName ) { 

3727| // First try to delete each of the keys we are 
| told to kill, 

3728| // whether or not they are really there. 
3729| 

3730| if ( HstOfValuesToDelete ) { 

3731 1 for ( i=0; NstOfValuesToDeletefi]; ++i ) { 

3732| KeyStatus = RegDeleteValueW ( parent, 

| HstOfValuesToDelete[i] ); 
3733| swprintf ( childName, L"%s\\%s", 



I parentName, NstOfValuesToDelete[i] ); 
3734| if ( KeyStatus == ERROR_SUCCESS ) { 

3735| WRITE(L"Deleted registry value 

| '%sYi'\ childName); 
3736| } else { 

3737| DEBUG_WRITE(L"»> 

| RegDeleteKeyW('%s') returned %08x\n", childName, 

| KeyStatus); 
3738| } 
3739| } 
3740| } else { 

3741 1 // NstOfValuesToDelete==NULL. This means 

| delete all values in the key. 
3742| pKeyNameListNode valueNameList = NULL; 

3743| WCHAR valueNameBuffer [256]; 

3744| KeyStatus = 0; 

3745| for(i=0;;++i) 
3746| { 

3747| DWORD valueNameChars = 

| sizeof(valueNameBuffer) / sizeof(valueNameBuffer[0]); 
3748| KeyStatus = RegEnumValueW ( 

3749 1 parent, // handle to 

| key to query 
3750| i, // index of 

| value to query 
3751| valueNameBuffer, // 

| value buffer 
3752| &valueNameChars, // size of 

| value buffer 
3753| NULL, // reserved 

3754| NULL, //type buffer 

3755| NULL, //data buffer 

3756| NULL); //size of data 

| buffer 
3757| 

3758| if ( KeyStatus == 0 ) { 

3759| pKeyNameListNode newNode = 

| (pKeyNameListNode) malloc (sizeof(tKeyNameListNode)); 
3760| if ( newNode ) { 

3761 1 newNode->KeyName = 

| wcsdup(valueNameBuffer); 
3762| if ( newNode->KeyName ) { 

3763| newNode->Next = 

| valueNameList; 
3764| valueNameList = newNode; 

3765| } else { 

3766| free (newNode); 

3767| WRITE_ERROR(L"Out of memory 

| in RecursiveKeyDelete\n M ); 
3768| break; 



3769| } 

3770| } else { 

3771 1 WRITE_ERROR(L"Out of memory in 

| RecursiveKeyDelete\n"); 

3772| break; 

3773| } 

3774| } else { 

3775| break; // no more values in this 

I key 

3776| } 

3777| } 
3778| 

3779| while ( valueNameList ) { 

3780| pKeyNameListNode next = 

| valueNamel_ist->Next; 

3781 1 KeyStatus = RegDeleteValueW ( parent, 

| valueNameList->KeyName ); 

3782| swprintf ( childName, L"%s\\%s M , 

| parentName, valueNameList->KeyName ); 

3783| if ( KeyStatus == 0 ) { 

3784| DEBUG_WRITE(L"»> Deleted registry 

| value '%s'\n", childName); 

3785| } else { 

3786| WRITE_ERROR(L"Error %08x trying to 

| delete registry value VosVf, KeyStatus, childName); 

3787| } 

3788| free (valueNameList->KeyName); 

3789| free (valueNameList); 

3790| valueNameList = next; 

3791| } 

3792| } 

3793| 

3794| // Now recursively traverse subkeys... 
3795| 

3796| KeyStatus = ERROR_SUCCESS; 

3797| for ( i=0; KeyStatus == ERROR_SUCCESS; ++i ) { 

3798| DWORD keyNameCharCount = keyNameChars; 

3799| KeyStatus = RegEnumKeyExW ( 

3800| parent, 

3801| i, 

3802| keyName, 

3803| &keyNameCharCount, 

3804| NULL, 

3805| NULL, 

3806| NULL, 

3807| &lastWriteTime ); 

3808| 

3809| if ( KeyStatus == ERROR_SUCCESS ) { 

381 0| HKEY childKey = INVALID_HANDLE_VALUE; 

381 1 1 DWORD OpenStatus = 0; 



381 2| OpenStatus = RegOpenKeyExW ( parent, 

| keyName, 0, KEY_ALL_ACCESS, &childKey ); 

381 3| if ( OpenStatus == ERROR_SUCCESS ) { 

381 4| swprintf ( childName, L"%s\\%s M , 

| parentName, keyName ); 

381 5| RecursiveKeyDelete ( childKey, 

| childName, NstOfValuesToDelete ); 

381 6| RegCloseKey (childKey); 

3817| } 

3818| } 

3819| } 

3820| 

3821| free (childName); 
3822| } 
3823| } 
3824| 

3825| // 

| 

3826| 

3827| int CleanSakFromRegistry() 
3828| { 

3829| const WCHAR * const ParentNamel_ist[] = { 

3830| // EventFilter 

3831| 

| L M software\\Microsoft\\ServerAppliance\\EventFilter\\Eve 
| ntsWEventPSMWarnings", 
3832| 

| L"software\\Microsoft\\ServerAppliance\\EventFilter\\Eve 
| ntsWEventPSMErrors", 
3833| 

3834| // ElementManager 
3835| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSM", 
3836| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMSetup", 
3837| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMSetupList", 
3838| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMSched", 
3839| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMPI", 
3840| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMSysBackup", 
3841| 



I L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMDisaster", 
3842| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWTabsDisksPSMVolRestore", 
3843| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWAIertDefinitionsPSMEventl 
3844| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSchedList", 
3845| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSetupList", 
3846| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSchedNew", 
3847| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSchedDelete", 
3848| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSchedProp", 
3849| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMSetup", 
3850| 

| L M software\\Mjcrosoft\\ServerAppNance\\ElernentManager\\ 
| WebElementDefinitionsWContextHelpPSMSetupVols", 
3851| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPI Delete", 
3852| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIList", 
3853| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPINew", 
3854| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIProp", 
3855| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIUndo", 
3856| 

| L M software\\Mjcrosoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMVRList", 
3857| 

| L M software\\Microsoft\\ServerAppljance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMVRRestore", 



3858| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIContext", 
3859| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIBUStart", 
3860| 

| L M software\\Microsoft\\ServerAppljance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIBUStop", 
3861| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIBUMkDisk", 
3862| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIBUStatus", 
3863| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWContextHelpPSMPIBUProp", 
3864| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCDiskPSM", 
3865| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMSettingUp", 
3866| 

| L"software\\Microsoft\\SeiverAppljance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMManaginglmages", 
3867| 

| L M software\\Microsoft\\SeiverAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMManagingSchedules", 
3868| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMUsingVolRestore", 
3869| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMUsingDR", 
3870| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMVolumeStatus", 
3871| 

| L M software\\Mjcrosoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMVolumeConfig", 
3872| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMNewlmage", 
3873| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMDeletelmage", 
3874| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 



I WebElementDefinitionsWHelpTOCPSMUndoWrites", 
3875| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMImageProperties", 
3876| 

| L M software\\Microsoft\\SeiverAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMImageContext", 
3877| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMNewSchedule", 
3878| 

| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMDeleteSchedule", 
3879| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMScheduleProperties", 
3880| 

| L"software\\Mjcrosoft\\ServerAppljance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMRestoringlmageSet", 
3881| 

| L M software\\Microsoft\\ServerAppliance\\ElementManager\\ 

| WebElementDefinitionsWHelpTOCPSMChangeRecoverySettings" 



| L"software\\Microsoft\\ServerAppliance\\ElementManager\\ 
| WebElementDefinitionsWHelpTOCPSMMakeDiskette", 
3883| 

3884| //The End! 
3885| NULL 
3886| }; 
3887| 

3888| HKEY Key = INVALID HANDLE VALUE; 

3889| int i = 0; 

3890| 

3891 1 for ( i=0; ParentNameList[i] != NULL; ++i ) { 

3892| ULONG Err = RegOpenKeyExW ( HKEY_LOCAL_MACHINE, 

| ParentNameListp], 0, KEYALLACCESS, &Key ); 
3893| if ( Err == 0 ) { 
3894| RecursiveKeyDelete ( Key, 

| ParentNameList[i], NULL); 
3895| RegCloseKey(Key); 
3896| Key = INVALID_HANDLE_VALUE; 

3897| Err = RegDeleteKeyW ( HKEY_LOC AL_MACH I N E, 

| ParentNameList[i] ); 
3898| if ( Err == 0 ) { 

3899| DEBUG_WRITE(L">» Deleted key '%s'\n M , 

| ParentNameList[i] ); 
3900| } else { 

3901 1 WRITE_ERROR(L"Error %08x deleting key 

| '%s'\n M , Err, ParentNameList[i]); 



3902| } 

3903| } else { 

3904| if ( Err != 2 ) { 

3905| DEBUG_WRITE(L">» Error %08x opening 

| registry key '%s'\n M ,Err,ParentNameList[i]); 
3906| } 
3907| } 
3908| } 
3909| 

3910| return 0; 

3911| } 

3912| 

3913| // 
| 

3914| 

3915| #ifdef _DEBUG 

3916| int DeleteFileMapRegistryKeys() 

3917| { 

3918| // 

3919| // DeleteFileMapRegistryKeys() looks through a 

| list of registry keys 
3920| // for places where we store file maps, and 

| deletes them. 

3921 1 // File maps tell the PSM driver which clusters on 

| disk are used by 
3922| // various PSM files so that it can do direct I/O 

| to them before the 
3923 1 // filesystem is mounted. We need to erase these 

| whenever the PSM files 
3924| // themselves are erased, so that PSM doesn't try 

| to write directly to disk 
3925| // in places it shouldn't. 
3926| // 
3927| int Err = 0; 
3928| int i = 0; 
3929| 

3930| const WCHAR *NstOfValuesToDelete[] = { 

| U'HeaderMap", U'CacheMap", U'lndexMap", 0 }; 
3931 1 const WCHAR *ParentNameList[] = { 
3932| L"SYSTEM\\CurrentControlSet\\Services\\PSMan5", 
3933| U'ClusterWPersistentStorageManager", 
3934| 0 
3935| }; 
3936| 

3937| for ( i=0; ParentNamel_ist[i]; ++i ) { 

3938| HKEY ParentKey = I N VALI D_H AN DLE_VALU E; 

3939| DWORD KeyErr = RegOpenKeyExW ( 

394 0 1 H K E Y_LOC AL_M AC H I N E , 

3941 1 ParentNamel_ist[i], 

3942| 0, 



3943| KEY_ALL_ACCESS, 
3944| &ParentKey ); 

3945| 

3946| if ( KeyErr == ERROR_SUCCESS ) { 
3947| RecursiveKeyDelete ( ParentKey, 

| ParentNameList[i], NstOfValuesTo Delete ); 
3948| RegCloseKey (ParentKey); 

3949| } 
3950| } 
3951| 

3952| return Err; 
3953| } 

3954| #endif /*_DEBUG7 
3955| 

3956| // 



3958| #ifdef _DEBUG 
3959| int ResetPsmState() 
3960| { 
3961| // 

3962| // ResetPsmState() called by '-cleanup' option. 
3963| // If '-cleanup:cache' was used, the global 

| variable DeleteCacheFilesDuringCleanup 
3964| // will already have been set to TRUE (or FALSE 

| if just '-cache'). 
3965| // By default, we don't delete cache files so it 

| doesn't take forever to 
3966| // create a snapshot afterward. 
3967| // 
3968| int Err = 0; 
3969| WCHAR ch = 'V; 
3970| 

3971| if ( !AlwaysDelete ) { 

3972| WRITE(L"AII snapshots and PSM files will be 

| deleted An"); 
3973| if ( IDeleteCacheFilesDuringCleanup ) { 
3974| WRITE(L"(Difference files will be retained 

| for quick snapshot creation. )\n"); 
3975| } 

3976| WRITE(L"Continue (Y/N)? "); 
3977| do { 

3978| ch = (WCHAR)toupper(getch()); 

3979| } while((ch!='Y') && (ch!='N')); 
3980| WRITE(L"%c\n",ch); 
3981| } 
3982| 

3983| if ( ch == 'Y' ) { 

3984| Err = DeleteAIIExistingSnapShots(); 
3985| if ( Err == 0 ) { 



Err = DeleteAIIPsmFilesO; 
if ( Err == 0 ) { 

Err = DeleteFileMapRegistryKeys(); 

} 



return Err; 

} 

#endif /* DEBUG*/ 



//- 



3998| 








3999| 


#define JOBJHELP 


0 




4000| 


#define JOB_NEW 


1 




4001| 


#define JOB_DELETE 


2 




4002| 


#define JOB_DELETEALL 


3 




4003| 


#define JOBJJST 


4 




4004| 


#define JOBJNSTALL 


5 




4005| 


#define J O B_U N 1 N STALL 


6 




4006| 


#define JOB_LISTALL 


7 




4007| 


#define JOB_STATISTICS 


8 




4008| 


#define JOBJSINSTALLED 


9 




4009| 


#define JOB_HELP_NAME 


10 




4010| 


#define JOB_HELP_FLAGS 


11 




4011| 


#define JOB DELETE GROUP 


12 




4012| 


#define JOB_REVERT_TO_A_SNAPSHOT 


13 


4013| 


#define JOB_REVERT_SNAPSHOT_TO_PRISTINE_STATE 


4014| 


#define JOB_VERSION 


15 




4015| 


#define JOB_MODIFY_SNAPSHOT_FLAGS 


16 


4016| 


#define JOB_CREATE_VOLUME_BACKUP 


17 


4017| 


#define JOB_SET_CLUSTER_REGISTRY 


18 


4018| 


#define JOB_TURBO_SCRUB 


19 




4019| 


#define JOB_GET_GLOBAL_STATUS 




20 


4020| 


#define JOB_TEST_BACKUP_IMAGE_ 


_FULL 


21 


4021| 


#define JOB_TEST_BACKUP_IMAGE_ 


.QUICK 


22 


4022| 


#define JOB_CREATE_RECOVERY_DISKETTE 


23 


4023| 


#define JOB_TEST_BACKUP_PATHS 




24 


4024| 


#define JOB_ABORT_BACKUP 


25 




4025| 


#define JOB_CREATE_CACHE 


26 




4026| 


#define J O B_C L E AN_S AK 


27 




4027| 


#define JOB_TEST_BOOTINI 


28 




4028| 








4029| 


#ifdef _DEBUG 






4030| 


#define JOB_TEST 999 






4031| 


#endif 






4032| 








40331 


//- 







4034 
4035 
4036 
4037 
4038 
4039 
4040 
4041 
4042 
4043 
4044 
4045 

| in 
4046 
4047 
4048 
4049 
4050 
4051 
4052 
4053 
4054 
4055 
4056 
4057 
4058 
4059 
4060 

I 

4061 
4062 
4063 

I); 

4064 
4065 
4066 
4067 
4068 
4069 
4070 
4071 
4072 
4073 
4074 
4075 
I 

4076 
4077 
4078 
4079 



void SetJobToDo ( 
ULONG *JobToDo, 
ULONG WhatToDo, 
const char * JobCommandOption, 
const char *ExeName ) 

{ 

static const char *PrevJobOption = NULL; 

if ( PrevJobOption ) { 
fprintf ( stderr, 

"Error: Cannot specify both '%s' and '%s' 
the same run of %s\n\n", 
PrevJobOption, 
JobCommandOption, 
ExeName ); 

PrintHelp(ExeName); 

exit(1); 
} else { 

PrevJobOption = JobCommandOption; 
*JobToDo = WhatToDo; 



} 



} 



#define SET_JOB(Job) 
SetJobToDo(&JobToDo,(Job),ThisOption,ansi_argv[0]) 

//undocumented psm calls 

PSMSTATUS PSMAPI Psm_SetClusterRegistry( PVOID Snapshot 



int_cdecl main ( int ansi_argc, char *ansi_argv[] ) 
{ 



int i = 0; 

int errorlevel = 0; 
BOOLEAN Got List= FALSE; 
ULONG JobToDo = JOBJHELP; 
ULONG Err = 0; 
int argc = 0; 
LPWSTR *argv = 0; 
ULONG Snapshot = 0; 

int SnapshotRepeat = 1 ; // undocumented! (for 
tracking down a weird bug) 

ULONG View=VIEW_NORMAL; 
const char *ThisOption = NULL; 
#ifdef _DEBUG 

ULONG Paraml = 0; 



4080| ULONG Param2 = 0; 
4081|#endif 

4082| ULONG RevertFlags = 

4083| PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT | 
4084| PSM_REVERT_FLAG_DISMOUNT_AFFECTED_VOLUMES; 
4085| 

4086| // begin stuff for "-image" 



4087| const WCHAR *VolName = NULL; 
4088| // end stuff for "-image" 



4090| SetErrorMode ( SEM_FAILCRITICALERRORS | 

| SEM NOOPENFILEERRORBOX ); 
4091| 

4092| argv = CommandLineToArgvW(GetCommandLineW(), 

I &(argc) ); 
4093| 

4094| for(i=1 ;i<argc && errorlevel==0;i++) { 

4095| char *end = 0; 

4096| ThisOption = ansi_argv[i]; 

4097| if(stricmp(ThisOption,"-n")==0) { 

4098| SET_JOB (JOB_NEW); 

4099| } else if(stricmp(ThisOption,"-version")==0) { 

41 00| SET_JOB (JOB_VERSION); 

4101| #ifdef_DEBUG 

41 02| } else if(stricmp(ThisOption,"-test")==0) { 

4103| Paraml = strtoul(ansi_argv[++i],&end,16); 

41 04| Param2 = strtoul(ansi_argv[++i],&end,1 6); 

4105| SET_JOB (JOB_TEST); 

4106| #endif 

41 07| } else if(stricmp(ThisOption,"-quiet")==0) { 

4108| QuietMode = TRUE; 

41 09| } else if(stricmp(ThisOption,"-debug")==0) { 

41 1 0| DebugEnabled = TRUE; 

41 1 1 1 } else if(stricmp(ThisOption,"-y")==0) { 

41 1 2| AlwaysDelete = TRUE; 

41 1 3| } else if(stricmp(ThisOption,"-quiet:full")==0) 
|{ 

4114| QuietMode = TRUE; 

41 1 5| QuietModeError = TRUE; 

41 1 6| } else if(stricmp(ThisOption,"-d")==0) { 

41 1 7| // this option is for backwords 

| compatibilty, use -d: instead 

4118| Snapshot = strtoul(ansi_argv[++i],&end,16); 

4119| SET_JOB (JOB_DELETE); 

4120| } else if(strnicmp(ThisOption,"-d:",3)==0) { 

4121 1 Snapshot = strtoul(ansi_argv[i]+3,&end,16); 

4122| SET_JOB (JOB_DELETE); 

4123| } else if(strnicmp(ThisOption,"-scr:",5)==0) { 



4124| Snapshot = strtoul(ansi_argv[i]+5,&end,16); 

4125| SET_JOB (JOB_SET_CLUSTER_REGISTRY); 

4126| } else if(strnicmp(ThisOption, ,, -dg: ,, ,4)==0) { 
4127| GroupNumber = 

| strtoul(ansi_argv[i]+4,&end,1 6); 
4128| SET_JOB ( JOB_DELETE_G ROU P) ; 

4129| } else if(strnicmp(ThisOption,"-reset:",7)==0) 

|{ 

4130| Snapshot = strtoul(ansi_argv[i]+7,&end,16); 

4131| SET_JOB 

| (JOB_REVERT_SNAPSHOT_TO_PRISTINE_STATE); 
4132| } else if(strnicmp(ThisOption,"-revert: M ,8)==0) 

|{ 

4133| Snapshot = strtoul(ansi_argv[i]+8,&end,16); 

41 34| SET_JOB (JOB_REVERT_TO_A_SNAPSHOT); 

4135| } else if(stricmp(ThisOption,"-noundo")==0) { 
4136| RevertFlags &= 

| ~PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT; 
4137| } else if(stricmp(ThisOption,"-atboot")==0) { 
4138| RevertFlags |= PSM_REVERT_FLAG_ATBOOT; 

4139| }else 

| if(stricmp(ThisOption,"-abortbackup")==0) { 
4140| SET_JOB(JOB_ABORT_BACKUP); 
4141| } else if(strnicmp(ThisOption/'-name: M ,6)==0) { 
4142| wcscpy(PatternName,argv[i]+6); 
4143| } else if(strnicmp(ThisOption,"-repeat",7)==0) 

|{ 

4144| int numScanned = 

| sscanf(ThisOption,"-repeat:%i",&SnapshotRepeat); 
4145| if ( numScanned != 1 ) { 

4146| SnapshotRepeat = 3; 

4147| } 

4148| WRITE ( L"Just set snapshot repeat counter 

| to %d\n", SnapshotRepeat); 
4149| } else if(stricmp(ThisOption, M -listall M )==0 ) { 
41 50| // This undocumented job type added to test 

| new PSMLAPI functions. 
4151 1 SET_JOB (JOBJJSTALL); // list both 

| persistent and temporary snapshots 
4152| } else if(stricmp(ThisOption, M -deleteall M )==0) 

|{ 

4153| SET_JOB (JOB_DELETEALL); 

4154| } else if(strnicmp(ThisOption, M -v M ,2)==0) { 

4155| SET_JOB (JOBJJST); 

4156| if(toupper(ThisOption[2]) == 'S') { 

4157| View = VIEW_SHORT; 

4158| } else if(toupper(ThisOption[2]) == 'L') { 

4159| View = VIEW_LONG; 

4160| } 

41 61 1 } else if(stricmp(ThisOption, M -chron M )==0) { 



4162| 



ViewSortOrder = FO R WA R D_C H RO N ; 



41 63 1 } else if(stricmp(ThisOption,"-i")==0) { 

41 64| SET_JOB (JOBJNSTALL); 

41 65| } else if(stricmp(ThisOption, M -status")==0) { 

41 66| SET_JOB (JOB_GET_GLOBAL_STATUS): 

41 67| } else if(stricmp(ThisOption,"-u M )==0) { 

4168| SET_JOB (JOBJJN INSTALL); 

4169| }else 

| if(stricmp(ThisOption,"-isinstalled M )==0) { 
4170| SET_JOB (JOBJSINSTALLED); 

4171| }else 

| if(stricmp(ThisOption,"-createcache")==0) { 
4172| SET_JOB (JOB_CREATE_CACHE); 

41 73 1 } else if(strnicmp(ThisOption,"-g:",3)==0) { 
41 74| GroupNumber = strtoul(ThisOption+3,&end 

41 75\ } else if(strnicmp(ThisOption,"-f :",3)==0) { 
41 76| ULONG SnapShotType = 

| strtoul(ThisOption+3,&end,0); 
41 77| if ( ConvertTypeToFlags(SnapShotType, 

| &SnapShotFlags) != 0 ) { 
41 78| WRITE_ERROR(L"Error: Invalid snapshc 

| type %d after '-f:'\n",SnapShotType); 
4179| errorlevel = 1 ; 

4180| } 
4181| }else 

| if(stricmp(ThisOption,"-discardtemp")==0) { 
4182| SaveTempOnExit = FALSE; 

4183| DEBUG_WRITE(L"»> main: Turning off 

| SaveTempOnExit\n"); 
4184| } else if(strnicmp(ThisOption,"-p: M ,3)==0) { 
4185| Priority = 

| (BYTE)(strtoul(ThisOption+3,&end,0) & Oxff); 
41 86| } else if(strnicmp(ThisOption,"-k: M ,3)==0) { 
41 S7\ NumToKeep = strtoul(ThisOption+3,&end,0 

4188| } else if(strnicmp(ThisOption,"-l:",3)==0) { 
41 89| ULONG Continue=FALSE; 

4190| 

4191| if (strlen(ThisOption)==4) { 

4192| CHARCh=0; 
4193| ULONG c = 

| sscanf(ThisOption+3,"%c",&Ch); 
4194| if (c== 1){ 

4195| Ch = (char) toupper(Ch); 

4196| 

4197| //WRITE(L M Adding Volume %c\n M ,Ch); 

4198| lnVolumeMapData[NumVolumes][0] = 



|Ch; 
4199| 



lnVolumeMapData[NumVolumes][1] = 



4200| 



lnVolumeMapData[NumVolumes][2] = 



4201| Continue = TRUE; 

4202| } else { 

4203| goto OPTIONL_ERROR; 

4204| } 

4205| } else 

4206| if(strlen(ThisOption)>4) { 

4207| WR I TE(L" Adding Volume 

| , %s'\n" J argv[i]+3); 
4208| 

| wcscpy(lnVolumeMapData[NumVolumes],argv[i]+3); 
4209| Continue = TRUE; 

4210| }else{ 
4211| OPTIONL_ERROR: 

4212| WRITE_ERROR ( L"lnvalid syntax with 

| parameter '%s'\n", ThisOption ); 
4213| errorlevel = 1; 

4214| } 
4215| 

4216| if(Continue) { 

4217| 

| if(Psm_CanBePSMedW(lnVolumeMapData[NumVolumes])) { 
4218| 

| lnVolumeMap[NumVolumes]=lnVolumeMapData[NumVolumes]; 
4219| VolumeMapFlags[NumVolumes] = 

| PSM_VOLUME_MAP; 
4220| NumVolumes++; 
4221| GotList=TRUE; 
4222| } else { 

4223| 

| if(Psm_lsAnPSMVolumeW(lnVolumeMapData[NumVolumes])) { 
4224| WRITE_ERROR(L"Skipping '%s' as 

| it is an psm volume\n",lnVolumeMapData[NumVolumes]); 
4225| } else { 

4226| WRITE_ERROR(L"Skipping '%s' as 

| it is not a local hard 

| drive\n",lnVolumeMapData[NumVolumes]); 
4227| } 
4228| } 
4229| } else { 

4230| } 

4231 1 } else if(strnicmp(ThisOption,"-stats: M ,7)==0) 
|{ 

4232| WRITE_ERROR(L"This command is obsolete, 

| please use '-stats -l:x' instead\n\n M ); 
4233| } else if(strnicmp(ThisOption,"-stats M ,6)==0) { 
4234| SET_JOB(JOB_STATISTICS); 
4235| } else 

| if(strnicmp(ThisOption,"-readwrite:",1 1)==0) { 
4236| Snapshot = strtoul(ThisOption+1 1,&end,16); 



4237| SnapShotFlags = 

| PSM_SS_FLAG_P_READWRITE_PVW; 

4238| SET_JOB (JOB_MODIFY_SNAPSHOT_FLAGS); 

4239| } else 

| if(strnicmp(ThisOption, M -readonly:",10)==0) { 

4240| Snapshot = strtoul(ThisOption+10,&end,16); 

4241 1 SnapShotFlags = PSM_SS_FLAG_P_READONLY; 

4242| SET_JOB (JOB_MODIFY_SNAPSHOT_FLAGS); 

4243| } else if(stricmp(ThisOption,"-?")==0) { 

4244| if(i+1<argc) { 

4245| if(wcsicmp(argv[i+1],L"name")==0) { 

4246| SET_JOB (JOB_HELP_NAME); 

4247| } else 

4248| if(wcsicmp(argv[i+1 ],L"f lags")==0) { 

4249| SET_JOB (JOB_HELP_FLAGS); 

4250| } else { 

4251 1 SET_JOB (JOB_HELP); 

4252| } 

4253| 

4254| } else { 

4255| SET_JOB (JOB_HELP); 

4256| } 

4257| } else 

| if(strnicmp(ThisOption,"-imagecheck:",12)==0 ) { 

4258| SET_JOB (JOB_TEST_BACKUP_IMAGE_QUICK); 

4259| VolName = &argv[i][12]; 

4260| if ( !*VolName ) { 

4261 1 WRITE_ERROR(L"Error: expected backup 

| path after '-imagecheckAn"); 

4262 1 errorlevel = 1 ; 

4263| } 

4264| } else 

| if(strnicmp(ThisOption,"-imagetest:",11)==0 ) { 

4265| SET_JOB ( JOB_TEST_BACKU P_l MAG E FU LL) ; 

4266| VolName = &argv[i][1 1]; 

4267| If ( !*VolName ) { 

4268| WRITE_ERROR(L"Error: expected backup 

| path after '-imagetest:'\n M ); 

4269 1 errorlevel = 1 ; 

4270| } 

4271 1 } else if(strnjcmp(ThisOption,"-image:",7)==0) 
|{ 

4272| SET_JOB (JOB_CREATE_VOLUME_BACKUP); 

4273| VolName = &argv[i][7]; 

4274| if ( !*VolName ) { 

4275| WRITE_ERROR ( U'Error: expected volume 

| name after '-image:'\n M ); 

4276| errorlevel = 1 ; 

4277| } 

4278| } else if(stricmp(ThisOption, M -diskette")==0) { 



4279| SET_JOB (JOB_CREATE_RECOVERY_DISKETTE); 

4280| } else if(stricmp(ThisOption,"-backuptest")==0) 
|{ 

4281 1 SET_JOB (JOB_TEST_BACKUP_PATHS); 

4282| } else if(stricmp(ThisOption, M -cleansak M )==0) { 

4283| SET_JOB (JOB_CLEAN_SAK); 
4284| #ifdef _DEBUG 

4285| } else if(strnicmp(ThisOption,"-cleanup",8)==0 
l){ 

4286| SET_JOB (JOB_TURBO_SCRUB); 

4287| if ( ThisOption[8]==':' ) { 

4288| if ( stricmp(ThisOption+9, M cache")==0 ) 
|{ 

4289| DeleteCacheFilesDuringCleanup = 

| TRUE; 

4290| } else { 

4291 1 WRITE_ERROR ( U'Error: unknown 

| option '%S' after '-cleanup:'\n", ThisOption+9 ); 

4292| errorlevel = 1 ; 

4293| } 

4294| } 
4295| #endif /*_DEBUG7 

4296| } else 

| if(stricmp(ThisOption,"-testbootini")==0) { 

4297| SET_JOB (JOB_TEST_BOOTINI); 

4298| } else { 

4299| WRITE ERROR ( L"Error: Unknown command 

| line option '%SVT\ ThisOption ); 

4300| errorlevel = 1 ; 

4301| } 

4302| } 
4303| 

4304| // Psm_Register needs to be called before calling 
I any 

4305| // Psm_Enable* functions. 
4306| 

4307| if ( errorlevel == 0 ) { 

4308| if ( JobToDo == JOBJHELP ) { 

4309| PrintHelp (ansi_argv[0]); 

4310| errorlevel = 1; 

431 1 1 } else if ( JobToDo == JOB_HELP_NAME ) { 

431 2| PrintHelpName (ansi_argv[0]); 

4313| errorlevel = 1; 

431 4| } else if ( JobToDo == JOB_HELP_FLAGS ) { 

431 5| PrintHelpFlags (ansi_argv[0]); 

4316| errorlevel = 1; 

4317| }else{ 

431 8| Err = Psm_RegisterW(L M Columbia Data 

| Products, Inc", // Company name 

4319| U'ss.exe - Persistent 



I snapshot command line", // Product name 
4320| NULL, 

| // Version number 
4321 1 PSM_CODE_CDP_TPSM, 

| // Enabling code 
4322 1 

| PSM_CODE_CDP_TPSM_LICENSE // Key code 

4323| ); 
4324| 

4325| if(!Err) { 

4326| switch(JobToDo) { 

4327| case JOB_NEW: 

4328| if(GotList) { 

4329| int i; 

4330| for ( i=0; i<SnapshotRepeat 

| && errorlevel==0; ++i ) { 
4331| errorlevel = 

| MakeNewSnapShot(); 
4332| } 
4333| } else { 

4334| WRITE_ERROR ( L"No volumes 

| were specified... use -l:x for each volume x to be 
| PSM'ed\n M ); 

4335| errorlevel = 1 ; 

4336| } 

4337| break; 

4338| case JOB_REVERT_TO_A_SNAPSHOT: 

4339| errorlevel = 

| RevertToSnapShot(Snapshot, RevertFlags); 
4340| break; 
4341 1 case 

| JOB_REVERT_SNAPSHOT_TO_PRISTINE_STATE: 
4342| errorlevel = 

| RevertSnapShotToPristineState(Snapshot); 
4343| break; 
4344| case J O B_C R E AT E_C AC H E : 

4345| errorlevel = CreateCache(); 

4346| break; 
4347| case JOB_VERSION: 

4348| PrintVersion(ansi_argv[0]); 
4349| break; 
4350|#ifdef_DEBUG 
4351| case JOB_TEST: 

4352| DoJobTest(Param1 ,Param2); 

4353 1 break; 
4354| #endif 

4355| case JOB DELETE: 

4356| errorlevel = 

| DeleteExistingSnapShot(Snapshot); 
4357| break; 



4358| case JOB_DELETE_GROUP: 

4359| errorlevel = 

| DeleteAIISnapShotslnGroup(GroupNumber); 
4360| break; 
4361 1 case JOB_DELETEALL: 

4362| errorlevel = 

| DeleteAIIExistingSnapShots(); 
4363| break; 
4364| case JOB_LIST: 

4365| errorlevel = 

| ListExistingSnapShots(View); 
4366| break; 
4367| case JOB_LISTALL: 

4368| errorlevel = TestListQ; 

4369 1 break; 
4370| case JOBJNSTALL: 

4371 1 errorlevel = lnstallPsm(); 

4372| break; 
4373| case JOB UNINSTALL: 

4374| errorlevel = UninstallPsm(); 

4375| break; 
4376| case JOBJSINSTALLED: 

4377| errorlevel = lslnstalled(); 

4378| break; 

4379| case JOB_SET_CLUSTER_REGISTRY: 

4380| errorlevel = 

| Psm_SetClusterRegistry((pSnapShot)Snapshot); 
4381| if(errorlevel) { 

4382| 

| PrintWin32Error(errorlevel); 
4383| } 
4384| break; 

4385| case JOB_ABORT_BACKUP : { 

4386| HANDLE hEvent; 

4387| PSECURITY_DESCRIPTOR sd={0}; 

4388| SECURITY_ATTRIBUTES sa={0}; 

4389| sa.nLength = 

| sizeof(SECURITY_ATTRIBUTES); 
4390| sa.blnheritHandle = FALSE; 

4391 1 sa.lpSecurityDescriptor = sd; 

4392| 

4393| // Create Event 

4394| sd = 

| GetSecuritySD(FALSE,EVENT_ALL_ACCESS,EVENT_ALL_ACCESS,0) 

I; 

4395| if(sd) { 

4396| hEvent = CreateEvent(&sa, 

| TRUE, FALSE, TEXT("Global\\PSM_Backup_Abort_Event" )); 
4397| if(hEvent) { 

4398| BOOLEAN 



I BackupRunning=GetLastError()==ERROR_ALREADY_EXISTS; 

4399| // Set Event 

4400| SetEvent(hEvent); 

4401| // Close Handle 

4402| CloseHandle(hEvent); 
4403| 

4404| if(BackupRunning) { 

4405| WRITE(L"Backup 

| aborted\n M ); 

4406| } else { 

4407| WRITE(L"No backup 

| running\n M ); 

4408| } 

4409| } else { 

441 0| WRITE_ERROR(L"Error 

| %08x opening event\n",Getl_astError()); 

441 1 | } 

4412| LocalFree(sd); 

4413| }else{ 

441 4| Err = Getl_astError(); 

441 5| WRITE_ERROR(L"Error %08x 

| getting security\n M ,Err); 

4416| } 

4417| break; 

4418| } 

441 9| case J O B_G ET_G LO B A L_ST ATU S : { 

4420| tPSM_GetStatusOutW Status; 
4421| 

| errorlevel=Psm_GetStatusW(&Status,256,PSM_GLOBAL_STATUS) 

I ; 

4422| if(!errorlevel) { 

4423| WRITE(L" PSM 

| Status = %s\n", Status. StatusMessage); 
4424| } else { 

4425| 

| PrintWin32Error(errorlevel); 
4426| } 
4427| 

| errorlevel=Psm_GetStatusW(&Status,256,PSM_REVERT_STATUS) 

I ; 

4428| if(!errorlevel) { 

4429| WRITE(L" Revert 

| Status = %s\n", Status. StatusMessage); 
4430| } else { 

4431| 

| PrintWin32Error(errorlevel); 
4432| } 
4433| #if DR_BACKUP_SUPPORTED 
4434| 

| errorlevel=Psm_GetStatusW(&Status,256,PSM_ENGINE_STATUS) 



I ; 

4435| if(!errorlevel) { 

4436| WR I TE(L" Backup Engine 

| Status = %s\n", Status. StatusMessage); 
4437| } else { 

4438| 

| PrintWin32Error(errorlevel); 
4439| } 

4440| #endif /*DR_BACKUP_SUPPORTED7 
4441 1 break; 
4442 | } 

4443| case JOB_STATISTICS: 

4444| errorlevel = 

| DisplayPsmStatisticsO; 
4445| break; 

4446| case JOB_MODIFY_SNAPSHOT_FLAGS: 

444 7 1 errorlevel = 

| ModifySnapShot Flags (Snapshot, SnapShotFlags); 
4448| break; 

4449| case JOB_CREATE_VOLUME_BACKUP: 

4450| errorlevel = DoSnapShotBackup 

| (VolName); 
4451| break; 

4452| case JOB_TEST_BACKUP_IMAGE_FULL: 

4453| errorlevel = TestlmageBackup 

| (VolName, FALSE); 
4454| break; 

4455| case JOB_TEST_BACKUP_IMAGE_QUICK: 

4456| errorlevel = TestlmageBackup 

| (VolName, TRUE); 
4457| break; 

4458| case JOB_CREATE_RECOVERY_DISKETTE: 

4459| errorlevel = 

| CreateRecoveryDiskette(); 
4460| break; 

4461 1 case JOB_TEST_BACKUP_PATHS: 

4462| errorlevel = TestBackupPaths(); 

4463| break; 

4464| case JOB_CLEAN_SAK: 

4465| errorlevel = 

| CleanSakFromRegistry(); 
4466| break; 
4467| case JOB_TEST_BOOTINI: 

4468| UpdateBootlni(); 
4469 1 break; 
4470|#ifdef_DEBUG 

4471 1 case JOB_TURBO_SCRUB: 

4472| errorlevel = ResetPsmState(); 

4473| break; 
4474| #endif /*_DEBUG7 



4475 
4476 
4477 
4478 
4479 
4480 
4481 
4482 



| with psm\n",Err); 



4483 
4484 
4485 
4486 
4487 
4488 
4489 



if ( errorlevel>255 || errorlevekO ) { 

errorlevel = 255; // ??? Probably the 
| largest value supported by DOS/Windows. 
4490| 
4491| 
4492| 
44931 



4494 
4495 
4496 
4497 
4498 
4499 
4500 
4501 
4502 
4503 
4504 
4505 
4506 
4507 
4508 
4509 
4510 
4511 
4512 
4513 
4514 
4515 
4516 
4517 
4518 
4519 
4520 
4521 
4522 



default: 

WRITE_ERROR(L"Nothing to do\n M ); 

errorlevel = 1 ; 

break; 

} 

} else { 

WRITE_ERROR(L"Error %08x registering 



errorlevel = 1; 

} 

} 

} 



} 

return errorlevel; 



} 

/*— end of file ss.c —7 

File Listing: File: ss.h 

extern ULONG QuietMode; 
extern ULONG QuietModeError; 
extern ULONG DebugEnabled; 

#define WRITE if(!QuietMode) wprintf 

#define WRITE ERROR if(IQuietModeError) wprintf 

#define DEBUG_WRITE if (DebugEnabled) wprintf 

#ifndef NT_SUCCESS 

#define NT_SUCCESS(status) ((status)==0) 
#endif 

typedef unsigned long NTSTATUS; 

#define STATUS_SUCCESS ((NTSTATUS)O) 

#ifndef STATIC 
#ifdef_DEBUG 

#define STATIC 
#else 

#define STATIC static 
#endif 



4523| #endif 
4524| 

4525| //- 

| 

I- 
4526| 

4527| void UpdateBootlni(); 
4528| 

4529| //- 



4530| 

4531 1 /*— end of file ss.h —7 

4532| 

4533| 

4534| 

4535| File Listing: File: vimage.c 
4536| 

4537| #include "precomp.h" 
4538| 

4539| #define MAXJ.OCATIONS 3 

4540| #define M AX_I M AG ES_P E R_LOC AT I ON 9 

4541| 

4542| const WCHAR * const BackupRegistryPath = 
4543| 

| L"SYSTEM\\CurrentControlSet\\Services\\PSMan5\\Backup\\" 

I ; 

4544| 

4545| const WCHAR * const EXCLUSION_FILENAME = 

4546| L"Backup_ln_Progress"; 

4547| 

4548| /* 

I 

4549| 

4550| *************** Glossary of Numbers 

| **************** 

4551| 

4552| There are three different kinds of "Number" 

| variables in this code. 
4553| Here they are in descending order of hierarchy: 
4554| 

4555| 1. LocationNumber 

4556| We back up a volume to multiple output streams. 
4557| A LocationNumber tells you which of the streams 

| we are talking about. 
4558| LocationNumber is in the range 1 .. 

| MAX_LOCATIONS. 
4559| 

4560| 2. BackupNumber 

4561 1 For each backup location, we do the current 



I backup, but we keep 
4562| a maximum number of previously performed 
| backups. 

4563| The current backup is always BackupNumber==1 . 

| Older backups 
4564| are 2, 3, ... M AX_I MAG ES_P E FMLOC ATI ON . 
4565| 

4566| 3. ContinuationNumber 

4567| A given backup is broken up into multiple 

| files, based on the 
4568| maximum allowed file size. A 

| ContinuationNumber tells you which 
4569| file we are on inside a given backup. 

| ContinuationNumbers 
4570| start at 1 , and have no definite upper limit. 
4571| 

4572| Putting this all together: 
4573| 

4574| If 'd:\vimage.psm' is the first backup location, 

| then in the file name: 
4575| 

4576| d:\vimage.psm\Backup.3\image.007 
4577| 

4578| The LocationNumber is 1 , the BackupNumber is 3, and 

| the ContinuationNumber is 7. 
4579| 
4580| 



4581| 

4582| WCHAR GloballmageName [256] = L M image"; // 

| subdirectory prefix after location 
4583| 

4584| typedef struct s Re mote Logon Info { 

4585| BOOLEAN LoggedOn; 

4586| WCHAR Path [256]; // 

| L M d:\backup\ M 
4587| WCHAR Userld [128]; 
4588| WCHAR Password [128]; 
4589| } tRemoteLogonlnfo, *pRemoteLogonlnfo; 
4590| 

4591 1 typedef struct slmageCreationlnfo { 

4592| ULONG Max Size In Megabytes; // 

| If zero, no limit. Otherwise, maximum output file size 

| in MB. 

4593| ULONG NumToKeep; 

4594| ULONG LocationNumber; // 

| which set of files we are on (1 ..MAX_LOCATIONS) 
4595| WCHAR ExclusionFileName [256]; // 

| name of file we keep open during backup (delete when 

| done) 



4596| HANDLE ExclusionFileHandle; 
4597| tRemoteLogonlnfo Logonlnfo; 
4598| } tlmageCreationlnfo, *plmageCreationlnfo; 
4599| 

4600| typedef struct slmageOutput { 

4601| HANDLE Handle; 

4602| ULONG ByteCounter; 

4603| ULONG MegabyteCounter; 

4604| ULONG ImageStatus; 

4605| ULONG ContinuationNumber; // 

| which file within a set we are on 
4606| WCHAR FileName [256]; // 

| current filename (changes on each continuation) 
4607| tlmageCreationlnfo Openlnfo; 
4608| } tlmageOutput, *plmageOutput; 
4609| 

461 0| typedef struct sBackupManager { 
4611 1 pVolumelmage_Chunk ChunkBuffer; 
4612| ULONG ChunkBufferSize; 
4613| ULONG CumulativeChecksum; 
4614| ULONG ChunkCounter; 
4615| ULONG NonFatal Error; 

4616| ULONG NumlmageOutputs; 
4617| PVOID BackupAbortEvent; 
461 8| tlmageOutput ImageOutputArray 

| [MAX_LOCATIONS]; 
4619| } tBackupManager, *pBackupManager; 
4620| 

4621 1 typedef struct sLocalLogonlnfo { 
4622| WCHAR UserName[256]; 
4623| WCHAR Password[256]; 
4624| ULONG LogonResult; 
4625| ULONG Impersonate Result; 
4626| HANDLE UserToken; 
4627| } tLocalLogonlnfo, *pLocalLogonlnfo; 
4628| 

4629| // 

4630| 

4631 1 STATIC tBackupManager TheBackupManager = {0}; 
4632| 

4633| // 

| 

4634| 

4635| typedef ULONG (* BATCH FILE WRITER FUNC) ( 

4636| FILE *BatchFile, 

4637| const WCHAR * const BatchFilePath, 

4638| const tlmageCreationlnfo * const LocationArray, 

4639| ULONG NumLocations ); 

4640| 



4641 1 /A 



4643| ULONG BackupManager_CreateVolumelmage ( 

4644| pBackupManager Manager, 

4645| int NumOutputFiles, 

4646| plmageCreationlnfo OutputFileNames, 

4647| const WCHAR *VolumeName, 

4648| const WCHAR *OriginalVolumeName, 

4649| PVOID AbortEvent); 

4650| 

4651 1 ULONG GetTimeStamp ( WCHAR *ts ); // get current time 

| in string of the form 'yyyy 5 rnm,dd,hh,mm,ss' 
4652| 

4653| ULONG UpdateTimeStamp ( 
4654| const WCHAR * const RegPath, 
4655| const WCHAR * const ValueName, 
4656| const WCHAR * const TimeStamp ); 
4657| 

4658| ULONG UpdateEngineStatus ( ULONG Status ); 
4659| ULONG Update Path Status ( int LocationNumber, 

| ULONG Status ); 
4660| ULONG UpdateLast Backup Result ( int LocationNumber, 

| ULONG Status ); 
4661 1 ULONG UpdateBackupCount ( int LocationNumber, 

| ULONG BackupCount ); 
4662| 

4663| ULONG OpenlmageOutputFile ( plmageOutput Filelnfo ); 
4664| ULONG CloselmageOutputFile ( plmageOutput Filelnfo ); 
4665| 

4666| // 

| 

4667| 
4668| 

4669| void AppendBackslashlfNeeded ( WCHAR *string ) 
4670| { 

4671 1 int len = wcslen(string); 

4672| if ( len>0 && string[len-1]!='\V ) { 

4673| string[len++] = LAV; 

4674| string[len] = L'\0'; 

4675| } 

4676| } 

4677| 

4678| // 



4680| typedef struct sShareReference { 
4681 1 struct sShareReference *Next; 
4682| WCHAR *ShareName; 
4683| int Count; 



4684| } tShareReference, *pShareReference; 
4685| 

4686| STATIC pShareReference ShareReferenceList = NULL; 
4687| 

4688| STATIC pShareReference LocateShareReference ( const 

| WCHAR *ShareName ) 
4689| { 

4690| pShareReference p; 

4691 1 for ( p=ShareReferenceList; p; p = p->Next ) { 

4692| if ( _wcsicmp(ShareName,p->ShareName)==0 ) { 

4693| return p; 

4694| } 

4695| } 

4696| 

4697| return NULL; 

4698| } 

4699| 

4700| // 



4701| 

4702| STATIC ULONG ReferenceLogonShare ( const WCHAR 

| *ShareName ) 
4703| { 

4704| ULONG Err = 0; 
4705| pShareReference p = 

| LocateShareReference(ShareName); 
4706| if ( p ) { 
4707| ++(p->Count); 
4708| } else { 

4709| p = (pShareReference) malloc 

| (sizeof (tShareReference)); 
4710| if ( P ) { 

471 1 1 p->ShareName = (WCHAR *) 

| malloc(sizeof(WCHAR)*(1 + wcslen(ShareName))); 
4712| if ( p->ShareName ) { 

4713| wcscpy ( p->ShareName, ShareName ); 

471 4| p->Next = ShareReferenceList; 

4715| p->Count=1; 
471 6| ShareReferenceList = p; 

4717| }else{ 

471 8| WRITE_ERROR(L"Out of string memory in 

| ReferenceLogonShare\n"); 
4719| } 
4720| } else { 

4721 1 WRITE_ERROR(L"Out of node memory in 

| ReferenceLogonShare\n"); 
4722| Err = ERROR_OUTOFMEMORY; 

4723| } 
4724| } 

4725| return Err; 



4726| } 

4727| 

4728| // 
| 

4729| 

4730| STATIC ULONG DereferenceLogonShare ( const WCHAR 

| *ShareName ) 
4731| { 

4732| ULONG Err =0; 
4733| pShareReference p = 

| LocateShareReference(ShareName); 
4734| if ( p ) { 
4735| if (p->Count>0){ 
4736| if ( --(p->Count) == 0 ) { 

4737| DWORD CancelResult = 

| WNetCancelConnection2W ( p->ShareName, 0, FALSE ); 
4738| if ( CancelResult == 0 ) { 

4739| DEBUG_WRITE(L"»> Detached from 

| share '%s'\n",p->ShareName); 
4740| } else { 

4741| WRITE_ERROR(L"Warning: Could not 

| detach from network share '%s' 

| (result=%08x)\n",p->ShareName,CancelResult); 
4742| } 
4743| } 
4744| } else { 

4745| DEBUG_WRITE(L"»> !!! 

| DereferenceLogonShare: Count for '%s' was zero 

| M!\n",ShareName); 
4746| Err = PSM_ERROR_UNSUCCESSFUL; 

4747| } 
4748| } else { 

4749| Err = PSM_ERROR_NO_SUCH_OBJECT; 

4750| DEBUG_WRITE(L"»> !!! DereferenceLogonShare: 

| Could not find '%s'\n M , ShareName); 
4751| } 

4752| return Err; 

4753| } 

4754| 

4755| // 

| 

4756| 

4757| STATIC void LogonShareCleanup (void) 
4758| { 

4759| pShareReference p = ShareReferenceList; 
4760| while ( p ) { 

4761 1 pShareReference next = p->Next; 
4762| if (p->Count>0){ 

4763| DWORD CancelResult = WNetCancelConnection2W 

| ( p->ShareName, 0, FALSE ); 



4764| DEBUG_WRITE(L">» Canceled connection 

| during cleanup (result=%08x) to 

| '%s'\n M ,CancelResult,p->ShareName); 
4765| } 

4766| free (p->ShareName); 

4767| free (p); 

4768| p = next; 

4769| } 

4770| } 

4771| 

4772| // 



4774| ULONG GetSettingsForRecoveryDisketteCreation ( 

| pRemoteLogonlnfo Logonlnfo ) 

4775| { 

4776| // This function expects Logonlnfo->Path to be a 
| valid path. 

4777| // It is where to generate the diskette image. 

4778| // It could be a local path like 'a:Y. 

4779| // Or it could be a remote path like '\\server\a$\ 

4780| // 

4781 1 // The rest of the fields in Logonlnfo can be 

| garbage on entry. 
4782 1 

4783| ULONG Err = 0; 

4784| HKEY Key = INVALIDHANDLEVALUE; 

4785| ULONG DataSize = 0; 

4786| WCHAR Reg Path [256] = {0}; 
4787| 

4788| Logonlnfo->LoggedOn = FALSE; 

4789| Logonlnfo->Password[0] = 0; 

4790| Logonlnfo->Userld[0] = 0; 
4791| 

4792| swprintf ( Reg Path, L"%s%s M , BackupRegistryPath, 

| U'Diskette" ); 

4793| Err = RegOpenKeyExW ( 

4794| H KEY_LOCAL_M ACH I N E, 

4795| RegPath, 

4796| 0, 

4797| KEY_READ, 

4798| &Key); 
4799| 

4800| if ( Err == 0 ) { 

4801 1 DataSize = sizeof(Logonlnfo->Userld); 

4802| Err = RegQueryValueExW( 

4803| Key, 

4804| U'LogonUser", 

4805| NULL, //reserved 

4806| NULL, // address of buffer for value type 



4807| (char*)(Logonlnfo->Userld), 

4808| &DataSize ); 

4809| 

4810| if ( Err==0){ 

481 1 1 DataSize = sizeof(Logonlnfo->Password); 

481 2| Err = RegQueryValueExW( 

4813| Key, 

481 4| LTogonPassword", 

4815| NULL, //reserved 

4816| NULL, //address of buffer for value 
| type 

481 7| (char*)(Logonlnfo->Password), 

4818| &DataSize); 

4819| 

4820| if ( Err == 0 ) { 

482 1 1 // everything worked ! 

4822| } else { 

4823| WRITE_ERROR(L"FAIL: Error %08x getting 

| value 'LogonPassword' from registry path 

| '%s'\n",Err,RegPath); 

4824| } 

4825| } else { 

4826| WRITE_ERROR(L"FAIL: Error %08x getting 



| value 'LogonUser' from registry path 
| '%s'\n",Err,RegPath); 



4827| } 
4828| 

4829 1 RegC loseKey (Key ) ; 

4830| Key = INVALID_HANDLE_VALUE; 

4831| }else{ 

4832| WRITE_ERROR(L"FAIL: Error %08x opening registry 



| key '%s'\n", Reg Path); 
4833| } 
4834| 

4835| DEBUG_WRITE(L">» 

| GetSettingsForRecoveryDisketteCreation returning 

| %08x\n",Err); 
4836| return Err; 
4837| } 
4838| 

4839| // 

| 

4840| 

4841| ULONG GetSettingsForBackup( 
4842| HANDLE Parent, 
4843| const WCHAR *Child, 
4844| plmageCreationlnfo Info ) 
4845| { 

4846| ULONG Err = 0; 

4847| HKEY Key = INVALIDHANDLEVALUE; 



4848| ULONG DataSize = 0; 
4849| 

4850 1 wcscpy ( I nf o -> Logo n I nf o . Path , L"") ; 

4851 1 wcscpy(lnfo->Logonlnfo.Userld,L""); 

4852 1 wcscpy ( I nf o -> Logo n I nf o . Passwo rd , L M ") ; 

4853| lnfo->LocationNumber = 0; 

4854| lnfo->MaxSizelnMegabytes = 1000; 

4855| lnfo->NumToKeep = 2; 

4856| 

4857| Err = RegOpenKeyExW( 

4858| Parent, // handle of open key 

4859| Child, // address of name of subkey to open 

4860| 0, // reserved 

4861 1 KEY READ, // security access mask 
4862| &Key// address of handle of open key 
4863| ); 
4864| 

4865| if(Err==0) { 

4866| DataSize = sizeof(lnfo->Logonlnfo.Path); 
4867| Err = RegQueryValueExW( 
4868| Key, // handle of key to query 

4869| U'LocationPath", // address of name of 

| value to query 
4870| NULL, //reserved 

4871 1 NULL, // address of buffer for value type 

4872| (char*)&(lnfo->Logonlnfo.Path), // address 

| of data buffer 
4873| &DataSize // address of data buffer size 

4874| ); 
4875| if(Err==0) { 
4876| DataSize = 

| sizeof(lnfo->MaxSizelnMegabytes); 
4877| Err = RegQueryValueExW( 

4878| Key, // handle of key to query 

4879| L"LargestFileSizeLocation M , // address 

| of name of value to query 
4880| NULL, //reserved 

4881 1 NULL, // address of buffer for value 

| type 

4882| (char*)&(lnfo->MaxSizelnMegabytes), // 

| address of data buffer 
4883| &DataSize // address of data buffer 

| size 
4884| ); 
4885| if(Err==0) { 

4886| DataSize = sizeof(lnfo->NumToKeep); 

4887| Err = RegQueryValueExW( 

4888| Key, // handle of key to query 

4889| U'NumberToKeepLocation", // 

| address of name of value to query 



4890| NULL, //reserved 

4891| NULL, // address of buffer for 

| value type 

4892| (char*)&(lnfo->NumToKeep), // 

| address of data buffer 
4893| &DataSize // address of data 

| buffer size 
4894| ); 
4895| if(Err==0) { 

4896| if ( lnfo->NumToKeep > 

| MAX_IMAGES_PER_LOCATION ) { 
4897| WRITE_ERROR(L"Warning: 

| NumberToKeep (%d) is larger than max allowed (%d) - 

| decreasing to max 

| allowed\n M ,lnfo->NumToKeep,MAX_IMAGES_PER_LOCATION); 
4898| lnfo->NumToKeep = 

| MAXJ MAG ES_PE R LOCATION ; 
4899| } else if ( lnfo->NumToKeep < 1 ) { 

4900| WRITE_ERROR(L"Warning: 

| NumberToKeep (%d) is too small - setting to 

| 1.\n",lnfo->NumToKeep); 
4901 1 lnfo->NumToKeep = 1 ; 

4902| } 
4903| 

4904| DataSize = 

| sizeof(lnfo->Logonlnfo.Userld); 
4905| Err = RegQueryValueExW( 

4906| Key, 
4907| U'LogonUser", 
4908| NULL, 
4909| NULL, 
4910| (char 

| *)&(lnfo->Logonlnfo.Userld), 
4911| &DataSize); 
4912| if ( Err == 0 ) { 

4913| DataSize = 

| sizeof ( I nf o->Logon I nfo . Passwo rd) ; 
491 4| Err = RegQueryValueExW( 

4915| Key, 
491 6| L"LogonPassword", 
4917| NULL, 
4918| NULL, 
4919| 

| (char*)&(lnfo->Logonlnfo. Password), 
4920| &DataSize); 
4921| if ( Err == 0 ) { 

4922| } else { 

4923| WRITE_ERROR(L"Error %08x 

| accessing registry for%s LogonPassword\n",Err,Child); 
4924| } 



4925| } else { 

4926| WRITE_ERROR(L"Error %08x 

| accessing registry for %s LogonUser\n",Err,Child); 
4927| } 
4928| } else { 

4929| WRITE_ERROR(L"Error %08x accessing 

| registry for %s NumToKeep\n",Err,Child); 
4930| } 
4931| }else{ 

4932| WRITE_ERROR(L"Error %08x accessing 

| registry for %s Largest\n",Err,Child); 
4933| } 
4934| } else { 

4935| WRITE_ERROR(L"Error %08x accessing registry 

| for%s Location\n",Err,Child); 
4936| } 

4937| // close the registry 
4938| RegCloseKey(Key); 
4939| } else { 

4940| WRITE_ERROR(L"Error %08x opening registry for 

| %s\n",Err,Child); 
4941 | } 

4942| return Err; 

4943| } 

4944| 

4945| //- 

| 

4946| 

4947| BOOLEAN IsAIIWhitespace ( const WCHAR *string ) 
4948| { 

4949| BOOLEAN allWhitespace = TRUE; 
4950| int i; 

4951 1 for ( i=0; string[i]; ++i ) { 

4952| if ( string[i] !=' ' && string[i] !='\t' && 

| string[i]!='\n' && string[i]!=V ) { 
4953| allWhitespace = FALSE; 

4954| break; 
4955| } 
4956| } 
4957| 

4958| return allWhitespace; 

4959| } 

4960| 

4961 1 //- 



4963| ULONG ExtractShareNameFromPath ( 

4964| const WCHAR *Path, 

4965| WCHAR *Share, 

4966| ULONG ShareSizelnChars ) 



4967| { 

4968| ULONG Err = 0; 
4969| 

4970| if ( ShareSizelnChars > 0 ) { 

4971| Share[0] = 0; 

4972| } 
4973| 

4974| if ( Path[0]=='\V && Path[1]=='\Y ) { 

4975| // Expect something like 

| L M \\server\share[\...]" 

4976| ULONG index = 0; // skip over double 

| backslashes at the front 
4977| 

4978| if ( ShareSizelnChars < 2 ) { 

4979| return PSM_ERROR_INSUFFICIENT_BUFFER; 

4980| } 

4981| 

4982| Share[index++] = 'W; 

4983| Share[index++] = \Y; 
4984| 

4985| // skip to next backslash to delimit server 
| name 

4986| while ( Path[index] && Path[index]!='\Y ) { 

4987| if ( index >= ShareSizelnChars ) { 

4988| return PSM_ERROR_INSUFFICIENT_BUFFER; 

4989| } 

4990| Share[index] = Path[index]; 

4991| ++index; 

4992| } 
4993| 

4994| if ( Path[index] == 'W ) { 

4995| // skip to next backslash or end of string 

| to get share name 

4996| if ( index >= ShareSizelnChars ) { 

4997| return PSM_ERROR_INSUFFICIENT_BUFFER; 

4998| } 

4999| Share[index] = Path[index]; 

5000| ++index; 

5001 1 while ( Path[index] && Path[index]!='\V ) 
|{ 

5002| if ( index >= ShareSizelnChars ) { 

5003 1 return 

| PSM_ERROR_INSUFFICIENT_BUFFER; 

5004| } 

5005| Share[index] = Path[index]; 

5006| ++index; 

5007| } 
5008| 

5009| if ( index >= ShareSizelnChars ) { 

501 0| return PSM_ERROR_INSUFFICIENT_BUFFER; 



501 1 1 } 
5012| 

5013| Share[index] = 0; 

501 4| DEBUG_WRITE(L"»> Extracted VoS 1 as share 

| name from path '%s'\n", Share, Path); 
5015| }else{ 

501 6| WRITE_ERROR(L"Error: Share name missing in 

| network path '%s'\n",Path); 
501 7| Err = PSM_ERROR_INVALID_PATH; 

5018| } 
5019| }else{ 

5020| WRITE_ERROR(L"Error: Invalid network path 

| '%s'\n",Path); 
5021| Err= PSM_ERROR_INVALID_PATH; 
5022| } 
5023| 

5024| return Err; 

5025| } 

5026| 

5027| //- 



5029| ULONG ParseServerAndShareFromPath ( 
5030| const WCHAR * const Path, 
5031| WCHAR* Server, 
5032| WCHAR * Share, 
5033| WCHAR * RestOfPath ) 

5034| { 

5035| ULONG Err = 0; 
5036| int numScanned = 0; 
5037| 

5038| numScanned = swscanf (Path, 

| L"\\\\%[ A \\]\\%[ A \\]\\%s",Server,Share,RestOfPath); 
5039| if ( numScanned < 2 ) { 
5040| Err= PSM_ERROR_INVALID_PATH; 
5041 1 } else { 

5042| if ( numScanned < 3 ) { 
5043| RestOfPath[0] = '\0'; 

5044| } 
5045| } 
5046| 

5047| return Err; 

5048| } 

5049| 

5050| // 

I 

5051| 

5052| ULONG RemoteLogonCheck ( pRemoteLogonlnfo Logonlnfo ) 
5053| { 

5054| ULONG Err = 0; 



5055| Logonlnfo->LoggedOn = FALSE; 
5056| if ( Logonlnfo->Path[0]=='\Y && 

| Logonlnfo->Path[1]=='\Y ) { 
5057| // Assume it's a network path. 
5058| // Only log in if they specified a user... 
5059| if ( !lsAIIWhitespace(Logonlnfo->Userld) ) { 
5060| DWORD LogonResult = 0; 

5061 1 NETRESOURCEW NetResource = {0}; 

5062| WCHAR RemoteName[256] = {0}; 

5063| 

5064| Err = ExtractShareNameFromPath ( 

5065| Logonlnfo->Path, 
5066| RemoteName, 
5067| 

| sizeof(RemoteName)/sizeof(RemoteName[0]) ); 
5068| 

5069| if ( Err == 0 ) { 

5070| NetResource.dwType 

| RESOURCETYPEDISK; // we are attaching to a disk 
5071 1 NetResource. IpLocalName = NULL; 

| // do not redirect any local device name to network 

| resource 

5072| NetResource. IpRemoteName = 

| RemoteName; // "\\server\share" 
5073| NetResource.lpProvider = NULL; 

| // let Windows search for provider based on remote name 
5074| 

5075| Err = WNetAddConnection2W ( 

5076| &NetResource, // 

| connection details 
5077| Logonlnfo->Password, // 

| password 

5078| Logonlnfo->Userld, // user 

| name 

5079| 0 ); // 

| connection options 
5080| 

5081| if ( Err == 0 ) { 

5082| DEBUG_WRITE(L"»> Attached to '%s' 

| with user id '%s'\n M ,RemoteName,Logonlnfo->Userld); 

5083| Err = ReferenceLogonShare ( 

| RemoteName ); 

5084| if ( Err == 0 ) { 

5085| Logonlnfo->LoggedOn = TRUE; 

5086| } 

5087| } else { 

5088| WRITE_ERROR(L"Error %08x attaching 

| to '%s' with user id '%s' (maybe bad 

| password?)\n",Err,RemoteName,Logonlnfo->Userld); 
5089| } 



5090| } else { 

5091 1 WRITE_ERROR(L"Error %08x extracting 

| share name from path '%s'\n",Err,Logonlnfo->Path); 
5092| } 
5093| } 
5094| } else { 

5095| // Assume it's a local path. 
5096| } 

5097| return Err; 

5098| } 

5099| 

5100| // 

| 

5101| 

5102| ULONG RemoteLogoff ( pRemoteLogonlnfo Logonlnfo ) 
5103| { 

5104| ULONG Err =0; 

5105| if ( Logonlnfo->LoggedOn ) { 

51 06| WCHAR RemoteName [256] = {0}; 

5107| Err = ExtractShareNameFromPath ( 

5108| Logonlnfo->Path, 

5109| RemoteName, 

51 1 0| sizeof (RemoteName) / sizeof(RemoteName[0]) 

I); 

5111| 

5112| if ( Err==0){ 

51 13| DereferenceLogonShare (RemoteName); 

5114| Logonlnfo->LoggedOn = FALSE; 

5115| }else{ 

51 1 6| DEBUG_WRITE(L M »> Could not extract share 

| from '%s' for canceling connection; 

| error=%08x\n", Logonl nfo->Path, Err) ; 
5117| } 
5118| } 

5119| return Err; 
5120| } 
5121| 
5122| // 



5123| 

5124| ULONG LocalLogonCheck ( pLocalLogonlnfo Logonlnfo ) 
5125| { 

5126| // Get userid, password from 'Backup' in 
| registry... 

5127| HKEY Key = INVALID HANDLE VALUE; 
5128| Logonlnfo->lmpersonateResult = 

| PSM_ERROR_UNSUCCESSFUL; 
5129| Logonlnfo->UserToken = INVALID_HANDLE_VALUE; 
5130| Logonlnfo->LogonResult = RegOpenKeyExW( 
5131 1 HKEY_LOCAL_MACHINE, // handle of open key 



51 32| BackupRegistryPath, // address of name of 

| subkey to open 
5133| 0, //reserved 
5134| KEYREAD, // security access mask 

5135| &Key); // address of handle of 

| open key 
5136| 

5137| if ( Logonlnfo->LogonResult == 0 ) { 

5138| ULONG DataSize = sizeof(Logonlnfo->UserName); 

5139| Logonlnfo->LogonResult = RegQueryValueExW ( 

5140| Key, 

5141| L"LoginName", 

5142| NULL, //reserved 

5143| NULL, // address of buffer for value type 

51 44| (char*)&(Logonlnfo->UserName), 

5145| &DataSize); 

5146| 

5147| if ( Logon lnfo->LogonResult == 0 ) { 
5148| DataSize = sizeof(Logonlnfo->Password); 

5149| Logonlnfo->LogonResult = RegQueryValueExW ( 

5150| Key, 
5151| U'Password", 
5152| NULL, //reserved 

5153| NULL, //address of buffer for value 

| type 

5154| (char*)&(Logonlnfo->Password), 

5155| &DataSize); 

5156| 

5157| if ( Logonlnfo->LogonResult == 0 ) { 

5158| if( 

| lsAIIWhitespace(Logonlnfo->UserName) ) { 
5159| Logonlnfo->LogonResult = 

| PSM_ERROR_INVALID_PARAMETER; 
51 60| DEBUG_WRITE(L"»> LocalLogonCheck: 

| LoginName is all whitespace - skipping local loginW); 
5161| }else{ 
5162| int DidLogon = 0; 

51 63| DEBUG_WRITE(L"»> LocalLogonCheck: 

| Attempting to locally log on to 

| user='%s'\n",Logonlnfo->UserName); 
51 64| DidLogon = LogonUserW ( 

51 65| Logonlnfo->UserName, 
5166| NULL, 
5167| Logonlnfo->Password, 
5168| 

| LOGON32_LOGON_NETWORK_CLEARTEXT, 
5169| LOGON32PROVIDERDEFAULT, 
5170| &(Logonlnfo->UserToken) ); 

5171| 

5172| if ( DidLogon ){ 



5173| int Didlmpersonate = 

| ImpersonateLoggedOnUser (Logonlnfo->UserToken); 
5174| if ( IDidlmpersonate ) { 

5175| 

| Logonlnfo->lmpersonateResult = GetLastError(); 
51 76| DEBUG_WRITE(L"»> 

| LogonLocalCheck: ImpersonateLoggedOnUser '%s' failed 
| with code 

| %08x\n",Logonlnfo->UserName,Logonlnfo->lmpersonateResult 

I); 

5177| }else{ 
5178| 

| Logonlnfo->lmpersonateResult = 0; 
51 79| DEBUG_WRITE(L"»> 

| LogonLocalCheck: Successfully logged in as user 

| '%s'\n", Logon I nf o->UserName) ; 
5180| } 
5181| }else{ 
5182| Logonlnfo->LogonResult = 

| GetLastError(); 
51 83| DEBUG_WRITE(L"»> 

| LocalLogonCheck: LogonUser failed with code 

| %08x\n " , Lo go n I nf o -> Logo n Res u It ) ; 
5184| } 
5185| } 
5186| }else{ 

51 87\ DEBUG_WRITE(L"»> LocalLogonCheck: 

| Could not get 'Password' registry value\n"); 
5188| } 
5189| }else{ 

5190| DEBUG_WRITE(L"»> LocalLogonCheck: Could 

| not get 'LoginName' registry value\n"); 
5191| } 
5192| 

5193| RegCloseKey (Key); 

5194| Key = INVALID_HANDLE_VALUE; 

5195| }else{ 

5196| DEBUG_WRITE(L"»> LocalLogonCheck: Error %08x 
| opening registry key 

| '%s'\n",Logonlnfo->LogonResult,BackupRegistryPath); 
5197| } 
5198| 

5199| return Logonlnfo->LogonResult; 
5200| } 
5201| 
5202| // 



5203| 
5204| 

5205| ULONG LocalLogoff ( pLocalLogonlnfo Logonlnfo ) 



5206| { 

5207| ULONG Err = 0; 
5208| 

5209| if ( Logonlnfo->lmpersonateResult == 0 ) { 
521 0| int BackToMyOldSelf = RevertToSelf(); 
521 1 1 if ( BackToMyOldSelf ) { 

521 2| DEBUG_WRITE(L"»> Successfully reverted to 

| self An"); 
5213| }else{ 
5214| Err = Getl_astError(); 

521 5| DEBUG_WRITE(L"»> LocalLogoff : Error %08x 

| in RevertToSelf\n",Err); 
5216| } 
5217| } 
5218| 

5219| if ( Logonlnfo->LogonResult == 0 ) { 
5220| if ( Logonlnfo->UserToken != 

| INVALID_HANDLE_VALUE ) { 
5221 1 CloseHandle (Logonlnfo->UserToken); 

5222| Logonlnfo->UserToken = 

| INVALID_HANDLE_VALUE; 
5223| DEBUG_WRITE(L"» LocalLogoff: Closed user 

| token\n"); 
5224| } 
5225| } 
5226| 

5227| return Err; 

5228| } 

5229| 

5230| // 

| 

5231| 

5232| ULONG PathExists ( WCHAR *Path ) 
5233| { 

5234| ULONG Exists = FALSE; 

5235| struct _wfinddatai64_t FindData = {0}; 

5236| long hFile = -1 ; 

5237| int PathLen = wcslen(Path); 

5238| WCHAR *CopyOfPath = (WCHAR *) 

| malloc(sizeof(WCHAR)*(PathLen+1 )); 
5239| if ( CopyOfPath ) { 
5240| wcscpy ( CopyOfPath, Path ); 
5241 1 if ( PathLen>0 && CopyOfPath[PathLen-1 ] == 'W 

l){ 

5242| CopyOfPath[--PathLen] = 0; 

5243| } 

5244| hFile = _wfindfirsti64 ( CopyOfPath, &FindData 

I); 

5245| if ( hFile != -1 ) { 
5246| Jindclose (hFile); 



5247| hFile = -1 ; 

5248| Exists = TRUE; 

5249| } 

5250| free(CopyOfPath); 
5251 1 CopyOfPath = 0; 
5252| } else { 

5253| WRITE_ERROR(L"Error: Out of memory in 

| PathExists\n"); 
5254| } 

5255| DEBUG_WRITE(L"»> PathExists('%s') = 

| %s\n",Path,(Exists?L'TRUE":L"FALSE")); 
5256| return Exists; 
5257| } 
5258| 

5259| // 



5261 1 ULONG CreateEntirePath ( WCHAR *Path ) 
5262| { 

5263| ULONG Err = 0; 

5264| ULONG Index = 0; // index into 'Path' of 

| character after current backslash. 
5265| BOOLEAN Finished = FALSE; 
5266| WCHAR SaveChar = 0; 
5267| int MakeDirResult = 0; 
5268| 

5269| DEBUG_WRITE(L"»> CreateEntirePath '%s'\n", Path); 
5270| 

5271 1 // The path looks like L"d:\this\is\a\path\" or 

| L"\\server\share\this\is\a\path\" 
5272| // Create "d:\this\", then "d:\this\is\", 

| "d:\this\is\a\path\". 
5273| 

5274| if ( Path[0]=='\V && Path[1 ]=='\V ) { 
5275| // Looks like a server path... skip over 

| "\\server\share\" 
5276| DEBUG_WRITE(L"»> CreateEntirePath: looks like 

| server path\n"); 
5277| Index = 2; 

5278| while ( Path[lndex] && Path[lndex]!='\V ) { 
5279| ++lndex; 
5280| } 

5281 1 if ( Path[lndex] == 'W ) { 

5282| // skipped over "WserverN"; now skip one 

| more backslash. 
5283| while ( Path[lndex] && Path[lndex]!='\V ) 

|{ 

5284| ++ Index; 

5285| } 

5286| if ( !Path[lndex] ) { 



5287| Finished = TRUE; 

5288| } 

5289| } else { 

5290| Finished = TRUE; 

5291| } 

5292| } else { 

5293| // Looks like a local path... just skip over 
| first backslash. 

5294| DEBUG_WRITE(L"»> Create Entire Path: looks like 

| local path\n M ); 

5295| Index = 0; 

5296| while ( Path[lndex] && Path[lndex]!='\Y ) { 

5297| ++lndex; 

5298| } 

5299| if ( Path[lndex] != '\Y ) { 

5300| Finished = TRUE; 

5301| } 

5302| } 
5303| 

5304| if ( Finished ) { 

5305| Err = PSM_ERROR_INVALID_PATH; 

5306| WRITE_ERROR(L"CreateEntirePath: Path '%s' is 

| too short to be valid !\n M , Path); 

5307| } else if ( Err == 0 ) { 

5308| ULONG LoopCounter = 0; 

5309| while ( Finished ) { 

5310| if ( Path[lndex] == 'W ) { 

5311| SaveChar = Path[++lndex]; //skip 

| over the backslash. 

5312| Path[lndex] = 0; 

5313| }else{ 

5314| SaveChar = 0; 

5315| } 
5316| 

531 7| if ( LoopCounter++ > 0 ) { 

531 8| MakeDirResult = _wmkdir(Path); 

531 9| DEBUG_WRITE(L">» _wmkdir('%s')=%d, 

| errno=%d\n", Path, MakeDirResult, errno); 

5320| } 
5321| 

5322| if ( SaveChar ) { 

5323| Path[lndex] = SaveChar; 

5324| while ( Path[lndex] && 

| Path[lndex]!='\Y) { 

5325| ++lndex; 

5326| } 

5327| } else { 

5328| Finished = TRUE; 

5329| } 

5330| } 



5331| } 
5332| 

5333| DEBUG_WRITE(L"»> Create Entire Path returning 

| %08x\n",Err); 
5334| return Err; 
5335| } 
5336| 

5337| //- 

I 

5338| 

5339| ULONG DeleteAIIFilesAndDirectory ( const WCHAR *Path ) 
5340| { 

5341| ULONG Err = 0; 

5342| WCHAR FileSpec [256]; 

5343| struct _wfinddatai64_t FindData = {0}; 

5344| long hFile = 0; 

5345| int result = 0; 

5346| 

5347| DEBUG_WRITE(L"»> DeleteAIIFilesAndDirectory: 

| Path='%s'\n",Path); 
5348| 

5349| wcscpy ( FileSpec, Path ); 

5350| AppendBackslashlfNeeded (FileSpec); 

5351 1 wcscat ( FileSpec, L"*.*" ); 

5352| hFile = _wfindfirsti64 ( FileSpec, SFindData ); 

5353| if ( hFile != -1 ) { 

5354| do { 

5355| DEBUG_WRITE(L"»> FindFirst/FindNext: 

| '%s'\n",FindData.name); 
5356| if ( wcscmp(FindData.name,L".")!=0 && 

| wcscmp(FindData.name,L"..")l=0 ) { 
5357| wcscpy ( FileSpec, Path ); 

5358| AppendBackslashlfNeeded (FileSpec); 

5359| wcscat ( FileSpec, FindData.name ); 

5360| if ( FindData.attrib & _A_SUBDIR ) { 

5361 1 DEBUG_WRITE(L"»> Doing recursive 

| call for nested subdirectory.. An"); 
5362| Err = DeleteAIIFilesAndDirectory 

| (FileSpec); 
5363| if ( Err != 0 ) { 

5364| break; 
5365| } 
5366| } else { 

5367| result = _wremove (FileSpec); 

5368| if ( result != 0 ) { 

5369| DEBUG_WRITE(L"»> 

| _wremove('%s')=%d, errno=%d\n",FileSpec,result,errno); 
5370| } 
5371 | } 
5372| } 



5373| } while ( _wfindnexti64(hFile,&FindData)==0 && 

| Err==0 ); 
5374| Jindclose (hFile); 
5375| } else { 

5376| DEBUG_WRITE(L"»> FindFirst failed on 

| , %s'\n",FileSpec); 
5377| } 
5378| 

5379| result = _wrmdir (Path); 
5380| if ( result != 0 ) { 

5381 1 DEBUG_WRITE(L"»> _wrmdir('%s , )=%d, 

| errno=%d\n M , Path, result, errno); 
5382| Err = PSM_ERROR_INVALID_PATH; 
5383| } 
5384| 

5385| DEBUG_WRITE(L"»> DeleteAIIFilesAnd Directory 

| returning %08x\n", Err); 
5386| return Err; 
5387| } 
5388| 
5389| // 



5391| ULONG RenameOldBackupPaths ( 
5392| const WCHAR *BackupLocation, 
5393| const WCHAR *BackupName, 
5394| ULONG NumToKeep ) 

5395| { 

5396| // This function takes a path like 
| L"d:\backup\path\" and does the following: 

5397| // (Suppose NumToKeep is 5, and BackupName is 
| U'fred".) 

5398| // Delete the directory (and contained files) 

| L M d:\backup\path\fred.5" 
5399| // Rename L M d:\backup\path\fred.4" to be 

| L"d:\backup\path\fred.5". 
5400| // ... 

5401 1 // Rename L"d Abackup\path\f red . 1 " to be 

| L"d:\backup\path\fred.2". 
5402 1 

5403| ULONG Err = 0; 

5404| WCHAR Path [256]; 

5405| WCHAR NewName [256]; 

5406| ULONG LastOldBackupNumber = 0; 

5407| 

5408| ULONG BackupNumber; // see "Glossary of 

| Numbers" comments above 
5409| for ( BackupNumber = NumToKeep; Err==0 && 

| BackupNumber>=1; --BackupNumber) { 
541 0| swprintf ( Path, L"%s%s.%d\\", BackupLocation, 



I BackupName, BackupNumber ); 
541 1 1 if ( BackupNumber == NumToKeep ) { 
541 2| DeleteAIIFilesAndDirectory (Path); 

5413| }else{ 
541 4| int RenameResult = 0; 

541 5| swprintf ( NewName, L M %s%s.%d\\", 

| BackupLocation, BackupName, 1+BackupNumber ); 
541 6| RenameResult = _wrename(Path, NewName); 

541 7\ DEBUG_WRITE(L"»> Rename('%s','%s')=%d, 

| errno=%d\n", Path, NewName, RenameResult, errno); 
5418| } 
5419| } 
5420| 

5421 1 // If the user decreased the value of NumToKeep, we 

| don't want ancient backups 
5422| // sitting around forever. But we don't want to 

| immediately clobber all old 
5423| // backups past the NumToKeep if decreasing it was 

| an accident. Therefore, 
5424| // we find the last backup in excess of NumToKeep 

| and delete it alone. 
5425| // This causes the old backups to disappear 

| gradually, one each time a backup 
5426| // happens. 
5427| 

5428| for ( BackupNumber = 1+NumToKeep; ; ++BackupNumber 
l){ 

5429| swprintf ( Path, L"%s%s.%d\\", BackupLocation, 

| BackupName, BackupNumber ); 
5430| if ( PathExists(Path) ) { 
5431 1 LastOldBackupNumber = BackupNumber; 

5432| } else { 
5433| break; 
5434| } 
5435| } 
5436| 

5437| if ( LastOldBackupNumber ) { 

5438| swprintf ( Path, L"%s%s.%d\\", BackupLocation, 

| BackupName, LastOldBackupNumber); 
5439| DEBUG_WRITE(L"»> Killing old backup in path 

| '%s'\n",Path); 
5440| DeleteAIIFilesAndDirectory(Path); 
5441 | } 
5442 1 

5443 1 return Err; 

5444| } 

5445| 

5446| // 



5448| ULONG Test Backup Path ( plmageCreationlnfo Imagelnfo ) 
5449| { 

5450| ULONG Err = 0; 

5451 1 WCHAR TempFileName [256]; 

5452| FILE *TempFile = 0; 

5453| int result = 0; 

5454| 

5455| // Create a temporary file, then erase it, just to 

| see if we can write 
5456| // to where the next backup will go. 
5457| wcscpy ( TempFileName, lmagelnfo->Logonlnfo.Path ); 
5458| AppendBackslashlf Needed (TempFileName); 
5459| wcscat ( TempFileName, L'Vimage.tmp" ); 
5460| TempFile = _wfopen(TempFileName,L"wt"); 
5461| if ( TempFile ) { 

5462| DEBUG_WRITE(L"»> Successfully opened test file 

| '%s' forwrite\n", TempFileName); 
5463| fclose(TempFile); 
5464| TempFile = NULL; 
5465| result = _wremove (TempFileName); 
5466| if ( result == 0 ) { 

5467| DEBUG_WRITE(L">» Successfully deleted test 

| file '%sYi", TempFileName); 
5468| } else { 

5469| WRITE_ERROR(L"Error: Could not delete test 

| file VosYi", TempFileName); 
5470| Err = PSM_ERROR_INVALID_PATH; 

5471 | } 
5472| } else { 

5473| WRITE_ERROR(L"Error: Could not write temporary 

| file to path '%s'\n", lmagelnfo->Logonlnfo.Path); 
5474| Err = PSM_ERROR_INVALID_PATH; 
5475| } 
5476| 

5477| return Err; 

5478| } 

5479| 

5480| // 



5481| 

5482| ULONG CreateExclusionFile ( 
5483| const WCHAR *BackupPath, 
5484| HANDLE *ExclusionFileHandle, 
5485| WCHAR *ExclusionFileName ) 

5486| { 

5487| ULONG Err = 0; 
5488| 

5489| DEBUG_WRITE(L">» CreateExclusionFile: path='%s\ 

| fileptr=%08x\n M ,BackupPath,*ExclusionFileHandle); 
5490| 



5491 1 if ( *ExclusionFileHandle != NULL ) { 

5492| Err = PSM_BACKUP_ALREADY_IN_PROGRESS; 

5493| WRITE_ERROR(L"Error: Backup already in 

| progress (in same process)\n M ); 

5494| } else { 

5495| wcscpy ( ExclusionFileName, BackupPath ); 

5496| AppendBackslashlfNeeded ( ExclusionFileName ); 

5497| wcscat ( ExclusionFileName, EXCLUSION_FILENAME 

I); 

5498| *ExclusionFileHandle = CreateFileW( 
5499| ExclusionFileName, //file 

| name 

5500| GENERIC_READ | GENERIC_WRITE, // 

| access mode 
5501| 0, // 

| share mode 
5502| NULL, // SD 

5503| CREATE_ALWAYS, // how 

| to create 

5504| FILE_ATTRIBUTE_NORMAL, // file 

| attributes 

5505| NULL); // 

| handle to template file 
5506| 

5507| if ( *ExclusionFileHandle == 

| INVALID_HANDLE_VALUE ) { 
5508| // See if the file exists at all... 

5509| ULONG FileError = GetLastError(); 

551 0| DEBUG_WRITE(L">» CreateFileW failed: 

| error=%08x\n M ,FileError); 
551 1 1 if ( PathExists(ExclusionFileName) ) { 

551 2| // If the file exists, but we cannot 

| open it, assume a backup is in progress. 
551 3| Err = PSM_BACKU P_AL REA DY_I N_P ROG RESS ; 

551 4| WRITE_ERROR(L"Error: Backup already in 

| progress (in another process)\n"); 
5515| }else{ 

551 6| // The file does not exist, but we 

| cannot open it; assume invalid path. 
551 7| Err = PSM_ERROR_INVALID_PATH; 

551 8| WRITE_ERROR(L"Error: Invalid backup 

| path '%s' - cannot create exclusion 

| file\n M ,BackupPath); 
5519| } 

5520| *ExclusionFileHandle = NULL; 

5521| }else{ 

5522| DEBUG_WRITE(L">» Successfully created 

| exclusion file '%s'\n",ExclusionFileName); 
5523| } 
5524| } 



5525| 

5526| return Err; 

5527| } 

5528| 

5529| // 



5531| ULONG DeleteExclusionFile ( 
5532| HANDLE *ExclusionFileHandle, 
5533| WCHAR *ExclusionFileName ) 
5534| { 

5535| ULONG Err = 0; 
5536| int result = 0; 
5537| 

5538| DEBUG_WRITE(L">» DeleteExclusionFile: 

| filename='%s\n",ExclusionFileName); 
5539| 

5540| if ( *ExclusionFileHandle != NULL ) { 

5541 1 CloseHandle (*ExclusionFileHandle); 

5542| *ExclusionFileHandle = NULL; 

5543| result = _wremove (ExclusionFileName); 

5544| if ( result != 0 ) { 

5545| int ErrorCode = errno; 

5546| WRITE_ERROR(L"Error: Could not erase 

| exclusion file '%s'\n", ExclusionFileName); 
5547| if ( ErrorCode == EACCES ) { 

5548| WRITE_ERROR(L"The file is 

| read-only.\n"); 
5549| } else if ( ErrorCode == ENOENT ) { 

5550| WRITE_ERROR(L'The file does not 

| exist. \n M ); 
5551| }else{ 

5552| WR I TE_ERROR(L" Unexpected error 

| %d\n", ErrorCode); 
5553| } 

5554| Err = PSM_ERROR_INVALID_PATH; 

5555| } else { 

5556| DEBUG_WRITE(L"»> Successfully deleted 

| exclusion file '%s'\n", ExclusionFileName); 
5557| } 
5558| } else { 

5559| DEBUG_WRITE(L"»> Warning: called 
| DeleteExclusionFile when file was not open!\n"); 
5560| } 
5561| 

5562| return Err; 

5563| } 

5564| 

5565| // 
| 



5566| 

5567| ULONG PrepareForVolumelmage ( 

5568| plmageCreationlnfo OutputlmageArray, 

5569| ULONG OutputlmageArrayEntries, 

5570| BOOLEAN TestOnly, 

5571 1 ULONG *NumberOf Locations ) 

5572 1 { 

5573| ULONG Err = 0; 

5574| ULONG ThisErr= 0; 

5575| const ULONG OutputlmageArrayBytes = 

| sizeof(tlmageCreationlnfo) * OutputlmageArrayEntries; 

5576| ULONG DataSize=0; 

5577| HKEY Key = INVALID_HANDLE_VALUE; 

5578| WCHAR SubKeyName[64] = {0}; 

5579| WCHAR TempDir [256] = {0}; 

5580| WCHAR TempPath [256] = {0}; 
5581| 

5582| memset ( OutputlmageArray, 0, OutputlmageArrayBytes 

I); 

5583| *NumberOfLocations = 0; 
5584| // open the registry 
5585| Err = RegOpenKeyExW( 

5586| H KE Y_LOC AL_M ACH I N E, // handle of open key 
5587| BackupRegistryPath, // address of name of 

| subkey to open 
5588| 0, // reserved 

5589| KEYREAD, // security access mask 

5590| &Key); // address of handle of 

| open key 
5591| 

5592| if ( Err == 0 ) { 

5593| DataSize = sizeof(GloballmageName); 
5594| Err = RegQueryValueExW( 
5595| Key, // handle of key to 

| query 

5596| L"lmageName", // address of name 

| of value to query 
5597| NULL, // reserved 

5598| NULL, // address of 

| buffer for value type 
5599| (char*)GloballmageName, // address of data 

| buffer 

5600| &DataSize ); // address of data 

| buffer size 
5601| 

5602| if ( Err == 0 ) { 
5603| int i; 

5604| for ( i=0; i<MAX_LOCATIONS; ++i ) { 

5605| swprintf ( SubKeyName, L M Backup%d M , 1 +i 

I); 



5606| 

5607| ThisErr = GetSettingsForBackup ( 

5608| Key, 

5609| SubKeyName, 

5610| 

| &OutputlmageArray[*NumberOfLocations] ); 
5611| 

5612| if ( ThisErr == 0 ) { 

5613| if( 

| lsAIIWhitespace(OutputlmageArray[*NumberOfLocations].Log 

| onlnfo.Path) ) { 
5614| ThisErr = 

| PSM_BLANK_ENTRY_IGNORED; 
5615| }else{ 

561 6| AppendBackslashlfNeeded ( 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path ); 

561 7\ ThisErr = RemoteLogonCheck ( 

| &OutputlmageArray[*NumberOfLocations].Logonlnfo ); 

5618| if ( ThisErr == 0 ) { 

5619| if ( !TestOnly ) { 

5620| FILE *ExclusionFile = 

10; 

5621| ULONG 

| BackupPathAlreadyExisted = FALSE; 
5622| 

5623| // Check to see if we 

| can open the exclusion file on what is 
5624| // currently the first 

| backup path. (Even though we are about to rename) 
5625| wcscpy ( TempDir, 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path ); 
5626| AppendBackslashlfNeeded 

| (TempDir); 
5627| wcscat ( TempDir, 

| GloballmageName ); 
5628| wcscat ( TempDir, 

| L'MW); 
5629| 

| BackupPathAlreadyExisted = PathExists(TempDir); 
5630| if ( 

| BackupPathAlreadyExisted ) { 
5631 1 CreateEntirePath 

| (TempDir); 
5632 | } 
5633| ThisErr = 

| CreateExclusionFile (TempDir, &ExclusionFile, 

| TempPath); 
5634| if ( ThisErr == 0 ) { 

5635| ThisErr = 

| DeleteExclusionFile (&ExclusionFile, TempPath); 



5636| if ( ThisErr != 0 ) 

I { 

5637| 

| DEBUG_WRITE(L"»> Failed to delete exclusion file 

| before rename: %08x\n",ThisErr); 
5638| } 
5639| } else { 

5640| DEBUG_WRITE(L"»> 

| Failed to create exclusion file before rename: 

| %08x\n",ThisErr); 
5641 | } 
5642| 

5643| if ( ThisErr == 0 ) { 

5644| if ( 

| BackupPathAlreadyExisted ) { 
5645| 

| RenameOldBackupPaths ( 
5646| 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path, 
5647| 

| GloballmageName, 
5648| 

| OutputlmageArray[*NumberOfLocations].NumToKeep ); 
5649| } else { 

5650| 

| DEBUG_WRITE(L"»> Backup path did not yet exist - no 

| rename of '%s'\n",TempDir); 
5651 | } 
5652| } 
5653| } 
5654| 

5655| if ( ThisErr == 0 ) { 

5656| wcscat ( 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path, 

| GloballmageName ); 
5657| wcscat ( 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path, 

| L".1\V); 
5658| ThisErr = 

| CreateEntirePath ( 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path ); 
5659| 

5660| if ( ThisErr == 0 ) { 

5661| 

| OutputlmageArray[*NumberOfLocations].LocationNumber = 
1 1+i; 

5662| if ( TestOnly ) { 

5663| ThisErr = 

| TestBackupPath ( &OutputlmageArray[*NumberOfl_ocations] 

I); 



5664| } else { 

5665| // Now that we 

| have renamed the paths, create the 
5666| // real 

| exclusion file that we will keep open for 
5667| // the whole 

| backup... 

5668| ThisErr = 

| CreateExclusionFile ( 
5669| 

| OutputlmageArray[*NumberOfl_ocations].l_ogonlnfo.Path, 
5670| 

| &(OutputlmageArray[*NumberOf Locations]. ExclusionFileHand 
Me), 
5671| 

| OutputlmageArray[*NumberOfl_ocations].ExclusionFileName 

I); 

5672| } 
5673| if ( ThisErr == 0 ) 

I { 

5674| WRITE(L"Backup 
| Path%d = '%s'\n", 1+i, 

| OutputlmageArray[*NumberOfLocations].Logonlnfo.Path); 
5675| 

| ++(*NumberOfl_ocations); 
5676| } 
5677| } 
5678| } 
5679| } 
5680| } 
5681 | } 
5682| 

5683| UpdatePathStatus ( 1 +i, ThisErr ); 

5684| if ( Err == 0 ) { 

5685| if ( (ThisErr & OxfOOOOOOO) != 

| 0x60000000 ) { 
5686| DEBUG_WRITE (L"»> 

| PrepareForVolumelmage: Setting return code to 

| %08x\n",ThisErr); 
5687| Err = ThisErr; 

5688| } 
5689| } 
5690| } 
5691| }else{ 

5692| WRITE_ERROR(L"Error %08x getting registry 

| value 'ImageName' from key 

| '%s'\n",Err,BackupRegistryPath); 
5693| } 
5694| } else { 

5695| WRITE_ERROR(L"Error %08x opening registry key 



I '%s'\n M , Err, BackupRegistry Path) ; 
5696| } 
5697| 

5698| return Err; 

5699| } 

5700| 

5701| // 



5703| ULONG AdjustThreadPriority() 
5704| { 

5705| ULONG Err =0; 

5706| HANDLE hProcess = GetCurrentProcess(); 

5707| ULONG PriorityRet = FALSE; 

5708| ULONG PriorityClass = IDLE_PRIORITY_CLASS; 

5709| HKEY Key = INVALID_HANDLE_VALUE; 

5710| 

571 1 1 Err = RegOpenKeyExW ( 

5712| HKEY_LOCAL_MACH I N E, 

571 3| BackupRegistryPath, 

5714| 0, 

5715| KEYREAD, 

5716| &Key); 

5717| 

5718| if ( Err == 0 ) { 

5719| ULONG DataSize = sizeof (PriorityClass); 
5720| Err = 

| RegQueryValueExW(Key,L M ThreadPriority M ,NULL,NULL,(char*) 

| &PriorityClass,&DataSize); 
5721| if ( Err==0){ 

5722| DEBUG_WRITE(L"»> Got priority value %08x 

| from registry\n", PriorityClass); 
5723| } else { 

5724| DEBUG_WRITE(L">» Error %08x getting 

| priority from registry - setting to IDLE\n",Err); 
5725| PriorityClass = IDLE_PRIORITY_CLASS; 

5726| } 

5727| RegCloseKey(Key); 

5728| Key = INVALID_HANDLE_VALUE; 

5729| } else { 

5730| DEBUG_WRITE(L"»> Error %08x opening registry 

| key '%s'\n",Err,BackupRegistryPath); 
5731| } 
5732| 

5733| DEBUG_WRITE(L">» Current Process Handle = 

| %08x\n",hProcess); 
5734| PriorityRet = SetPriorityClass (hProcess, 

| PriorityClass); 
5735| if ( PriorityRet ) { 

5736| DEBUG_WRITE(L"»> Successfully set priority 



I class to %08x\n",PriorityClass); 
5737| } else { 

5738| Err = Getl_astError(); 

5739| DEBUG_WRITE(L"»> !!! Error %08x setting 

| priority class to %08x\n",Err,PriorityClass); 
5740| } 
5741| 

5742| return Err; 

5743| } 

5744| 

5745| // 



5747| void RestoreThreadPriority() 
5748| { 

5749| HANDLE hProcess = GetCurrentProcess(); 

5750| SetPriorityClass(hProcess, NORMAL PRIORITY CLASS); 

5751| } 

5752| 

5753| // 



5755| ULONG DoVolumelmageBackup ( 
5756| const WCHAR *VolumeName, 
5757| const WCHAR *OriginalVolumeName, 
5758| PVOID AbortEvent ) 
5759| { 

5760| ULONG Err = 0; 

5761 1 ULONG NumberOf Locations = 0; 

5762| ULONG OutputlmageArrayBytes = MAX_LOCATIONS * 

| sizeof(tlmageCreationlnfo); 
5763| plmageCreationlnfo OutputlmageArray = 

| (plmageCreationlnfo) malloc (OutputlmageArrayBytes); 
5764| 

5765| DEBUG_WRITE(L">» DoVolumelmageBackup: 
| VolumeName='%s\ 

| AbortEvent=%08x\n",VolumeName, AbortEvent); 
5766| 

5767| AdjustThreadPriority(); 
5768| 

5769| if ( OutputlmageArray ) { 

5770| tLocalLogonlnfo Logonlnfo = {0}; 

5771 1 LocalLogonCheck (&Logonlnfo); 

5772| 

5773| Err = PrepareForVolumelmage ( 

5774| OutputlmageArray, 

5775| MAX_LOCATIONS, 

5776| FALSE, 

5777| &NumberOf Locations ); 

5778| 



5779| if ( NumberOfLocations > 0 ) { 

5780| Err = BackupManager_CreateVolumelmage ( 

5781 1 &TheBackupManager, 

5782| NumberOfLocations, 

5783| OutputlmageArray, 

5784| VolumeName, 

5785| OriginalVolumeName, 

5786| AbortEvent); 

5787| } else { 

5788| WRITE_ERROR(L"Error %08x preparing for 

| backup\n",Err); 

5789| } 
5790| 

5791 1 free (OutputlmageArray); 

5792| OutputlmageArray = NULL; 
5793| 

5794| LocalLogoff (&Logonlnfo); 

5795| } else { 

5796| WRITE_ERROR(L"Error: Out of memory in 

| DoVolumelmageBackup!\n M ); 

5797| Err = ERROR_OUTOFMEMORY; 

5798| } 
5799| 

580 0 1 Resto reTh read P rio rity () ; 
5801| 

5802| return Err; 

5803| } 

5804| 

5805| // 



5807| ULONG BackupManager_ReadyChunkBuffer ( 
5808| pBackupManager Manager, 
5809| ULONG ChunkDataSizelnBytes ) 

5810| { 

5811| ULONG Status = 0; 

581 2| ULONG TotalChunkSizelnBytes = 

| sizeof(tVolumelmage_ChunkPrefix) + 

| ChunkDataSizelnBytes; 
581 3| if ( TotalChunkSizelnBytes > 

| Manager->ChunkBufferSize ) { 
581 4 1 pVolumelmage_Chunk NewBuffer = 

| (pVolumelmage_Chunk) malloc(TotalChunkSizelnBytes); 
581 5| if ( NewBuffer == NULL ) { 
581 6| Status = ERROR_OUTOFMEMORY; 

5817| }else{ 

5818| if ( (Manager->ChunkBuffer) != NULL ) { 

5819| free (Manager->ChunkBuffer); 

5820| } 
5821| 



5822| Manager->ChunkBuffer = NewBuffer; 

5823| Manager->ChunkBufferSize = 

| TotalChunkSizelnBytes; 
5824| } 
5825| } 
5826| 

5827| return Status; 

5828| } 

5829| 

5830| // 



5831| 

5832| void GenerateChunkChecksums ( pVolumelmage_Chunk chunk 
I) 

5833| { 

5834| // No more data modifications allowed after 

| ChunkChecksum is calculated! 
5835| 

5836| chunk->Prefix. ChunkChecksum = CalculateChecksum ( 
5837| chunk->Prefix.ChunkSizelnBytes, 
5838| chunk->Data ); 
5839| 

5840| // Prefix checksum ***must*** be the last thing 

| modified in the chunk! 
5841 1 // NOTE: Prefix checksum is checksum of all data 

| in the rest of the prefix, 
5842| // including the chunk checksum. This means 

| changing anything else in the 
5843| // prefix OR the data after the prefix will 

| invalidate the prefix checksum. 
5844| 

5845| chunk->Prefix.PrefixChecksum = CalculateChecksum ( 
5846| sizeof(tVolumelmage_ChunkPrefix) - 

| sizeof(chunk->Prefix.PrefixChecksum), 
5847| &(chunk->Prefix. ChunkChecksum) ); 
5848| } 
5849| 
5850| // 



5851| 

5852| void AbortBackupStream ( 
5853| plmageOutput output, 
5854| ULONG status ) 

5855| { 

5856| DEBUG_WRITE(L">» AbortBackupStream called on 

| '%s'\n M ,output->FileName); 
5857| output->lmageStatus = status; 
5858| CloselmageOutputFile (output); 
5859| } 
5860| 



5861 1 //- 



5863| ULONG WriteChunkData ( 

5864| plmageOutput output, 

5865| pVolumelmage_Chunk chunk, 

5866| ULONG numBytesTo Write ) 

5867| { 

5868| // NOTE: Assumes that prefix checksums are already 
| valid. 

5869| ULONG Status = 0; 
5870| 

5871 1 if ( output->Handle != INVALID_HANDLE_VALUE ) { 

5872| ULONG Num Bytes Written = 0; 

5873| ULONG DidWrite = WriteFile ( 

5874| output->Handle, 

5875| chunk, 

5876| numBytesTo Write, 

5877| &NumBytesWritten, 

5878| NULL ); 

5879| 

5880| if ( IDidWrite ) { 

5881 1 Status = GetLastError(); 

5882| } else if ( NumBytesWritten != numBytesToWrite 
I ){ 

5883| Status = PSM_ERROR_UNSUCCESSFUL; 

5884| } 

5885| 

5886| if ( Status != 0 ) { 

5887| WRITE_ERROR(L"M! Error %08x writing data 

| to file '%s'\n", Status, output->FileName); 

5888| AbortBackupStream (output, Status); 

5889| } 

5890| } 
5891| 

5892| return Status; 

5893| } 

5894| 

5895| //- 



5897| ULONG WriteChunkToSingleFile ( 

5898| plmageOutput output, 

5899| pVolumelmage_Chunk chunk, 

5900| ULONG numBytesToWrite ) 

5901| { 

5902| const ULONG ONE MEGABYTE = 1 024 * 1 024; 

5903| ULONG Status = 0; 

5904| tVolumelmage_Chunk ContinuationChunk; 
5905| 



5906| // Before performing the write, make sure we 

| haven't already failed this stream for some reason... 
5907| if ( output->Handle != INVALID_HANDLE_VALUE ) { 
5908| // Update output counters and determine whether 

| we have exceeded size limit... 
5909| output->ByteCounter += numBytesToWrite; 
591 0| if ( output->ByteCounter > ON E M EGABYTE ) { 
591 1 1 output->ByteCounter -= ON E_M EGABYTE ; 

591 2| ++(output->MegabyteCounter); 
5913| // If MaxSizelnMegabytes is zero, it means 

| that there is no limit to the output file size. 
591 4 1 if ( output->Openlnfo. MaxSizelnMegabytes > 

|0){ 

591 5| if ( output->MegabyteCounter >= 

| output->Openlnfo. MaxSizelnMegabytes ) { 
591 6| DEBUG_WRITE(L"»> Reached maximum 

| size of backup image '%s' - continuing in another 

| file.\n",output->FileName); 
591 7| memset ( &ContinuationChunk, 0, 

| sizeof(ContinuationChunk) ); 
5918| ContinuationChunk. Prefix. ChunkType 

| = VICT_END_CONTINUATION; 
5919| GenerateChunkChecksums ( 

| &ContinuationChunk ); 
5920| Status = WriteChunkData ( output, 

| &ContinuationChunk, sizeof(ContinuationChunk.Prefix) ); 
5921| if ( output->Handle != 

| INVALID_HANDLE_VALUE ) { 
5922| CloseHandle ( output->Handle ); 

5923| output->Handle = 

| INVALID_HANDLE_VALUE; 
5924| if ( Status == 0 ) { 

5925| 

| ++(output->ContinuationNumber); 
5926| Status = 

| OpenlmageOutputFile (output); 
5927| if ( Status == 0 ) { 

5928| memset ( 

| &ContinuationChunk, 0, sizeof (ContinuationChunk) ); 
5929| 

| ContinuationChunk. Prefix. ChunkType = 

| VICT_BEGIN_CONTINUATION; 
5930| DEBUG_WRITE(L"»> 

| Continuation OpenStatus=%08x\n", Status); 
5931 1 GenerateChunkChecksums 

| ( &ContinuationChunk ); 
5932| Status = WriteChunkData 

| ( output, &ContinuationChunk, 

| sizeof(ContinuationChunk.Prefix) ); 
5933| } 



5934| } 
5935| } 
5936| } 
5937| } 
5938| } 
5939| 

5940| if ( Status == 0 ) { 

5941 1 Status = WriteChunkData ( output, chunk, 



| numBytesTo Write ); 
5942| } 
5943| } 
5944| 

5945| if ( Status != 0 ) { 

5946| if ( output->lmageStatus == PSM_CREATING_FILES 
l){ 

5947| DEBUG_WRITE(L"»> WriteChunkToSingleFile: 

| setting '%s' status to 

| %08x\n",output->FileName,Status); 
5948| output->lmageStatus = Status; 

5949| } 
5950| } 
5951| 

5952| return Status; 

5953| } 

5954| 

5955| 

5956| // 

5957| 

5958| ULONG BackupManager_WriteChunk ( 

5959| pBackupManager Manager, 

5960| ULONG ChunkType, 

5961 1 const ULONG *UserData, 

5962| ULONG NumUserData, 

5963| const void *ChunkData, 

5964| ULONG ChunkDataSizelnBytes ) 

5965| { 

5966| ULONG Status = 0; 

5967| ULONG OpenStatus = 0; 

5968| ULONG NumberOfStreamsStillAlive = 0; 

5969| 

5970| if ( (NumUserData <= VOLIMAGE_MAX_USER_DATA) && 
5971 1 (NumUserData==0 || UserData!=NULL) && 
5972| (ChunkDataSizelnBytes==0 || ChunkData!=NULL) 
| && 

5973| Manager->NumlmageOutputs>0 ) { 

5974| Status = BackupManager_ReadyChunkBuffer 

| (Manager, ChunkDataSizelnBytes); 
5975| 

5976| if ( Status == 0 ) { 



5977| ULONG i=0; 

5978| BOOLEAN DidWrite= FALSE; 

5979| ULONG NumBytesTo Write = 

| sizeof(tVolumelmage_ChunkPrefix) + 

| ChunkDataSizelnBytes; 
5980| ULONG Num Bytes Written = 0; 

5981| 

5982| memcpy ( Manager->ChunkBuffer->Data, 

| ChunkData, ChunkDataSizelnBytes ); 
5983| memset ( &Manager->ChunkBuffer->Prefix, 0, 

| sizeof(tVolumelmage_ChunkPrefix) ); 
5984| Manager->ChunkBuffer->Prefix.ChunkType 

| = ChunkType; 
5985| 

| Manager->ChunkBuffer->Prefix.PrefixSizelnBytes = 
| sizeof(tVolumelmage_ChunkPrefix); 
5986| 

| Manager->ChunkBuffer->Prefix.ChunkSizelnBytes = 
| ChunkDataSizelnBytes; 
5987| 

5988| for ( i=0; kNumUserData; ++i ) { 

5989| 

| Manager->ChunkBuffer->Prefix.UserData[i] = UserData[i]; 
5990| } 
5991| 
5992| 

| Manager->ChunkBuffer->Prefix.CumulativeChecksum = 

| Manager->CumulativeChecksum; 
5993| Manager->ChunkBuffer->Prefix.ChunkNumber 

| = ++(Manager->ChunkCounter); 
5994| GenerateChunkChecksums ( 

| Manager->ChunkBuffer ); 
5995| Manager->CumulativeChecksum A = 

| Manager->ChunkBuffer->Prefix.PrefixChecksum; 
5996| 

5997| for ( i=0; i < Manager->NumlmageOutputs; 

!++'){ 

5998| ULONG WriteChunkStatus = 

| WriteChunkToSingleFile ( 
5999| &(Manager->lmageOutputArray[i]), 
6000| Manager->ChunkBuffer, 
6001 1 NumBytesTo Write ); 

6002| 

6003| if ( WriteChunkStatus==0 && 

| Manager->lmageOutputArray[i].Handle!=INVALID_HANDLE_VALU 
I E){ 

6004| ++NumberOfStreamsStillAlive; 
6005| } 
6006| } 
6007| 



6008 
6009 
6010 
6011 



streams have failed - aborting the backup!\n"); 



6012 
6013 
6014 
6015 
6016 
6017 
6018 
6019 
6020 
6021 
6022 

I- 
6023 
6024 
6025 
6026 
6027 
6028 
6029 
6030 
6031 
6032 
6033 
6034 
6035 
6036 
6037 
6038 
6039 

I " 
6040 
6041 
6042 
6043 
6044 
6045 
6046 



6047 
6048 
6049 
6050 
6051 
6052 
6053 



if ( NumberOfStreamsStillAlive == 0 ) { 
if ( Status == 0 ) { 

Status = PSM_ERROR_UNSUCCESSFUL; 
WRITE_ERROR(L"Error: All backup 



} 

} 

} 

} else { 

Status = PSM_ERROR_INVALID_PARAMETER; 

} 

return Status; 



ULONG BackupManager_Cleanup ( pBackupManager Manager ) 
{ 

ULONG Status = 0; 

if ( Manager->ChunkBuffer != NULL ) { 
free (Manager->ChunkBuffer); 
Manager->ChunkBuffer = NULL; 

} 

Manager->ChunkBufferSize = 0; 
LogonShareCleanupQ; 

return Status; 

} 

//. 



BOOLEAN AIIBytesSame ( 

pPSM_VIBM_Granule Granule ) 

{ 

int numBytes = Granule->GranuleSizelnBytes; 
if ( numBytes >= 2 ) { 
const unsigned char *data = (const unsigned 



char *)(Granule->Data); 



int i; 

for ( i=1 ; i < numBytes; ++i ) { 
if ( data[i] != data[0] ) { 
return FALSE; 

} 

} 



6054| return TRUE; // Crunch time 

6055| } 

6056| 

6057| return FALSE; // There's no need to compress less 

| than 2 bytes, now is there? 
6058| } 
6059| 

6060| //- 

I 

6061| 

6062| ULONG BackupManager_ProcessGranules ( 
6063| pBackupManager Manager, 
6064| pPSM_VIBM_Granule Granule ) 
6065| { 

6066| ULONG Status = 0; 
6067| ULONG UserData[5] = { 

6068| Granule->GranuleOffsetlnBytes.LowPart, // 
|[0] 

6069| Granule->GranuleOffsetlnBytes.HighPart, // 
I [1] 

6070| VI_COMPRESS_NONE, // 
I [2] 

6071 1 0, // 
I [3] 

6072| 0 // 

I [4] 

6073| }; 
6074| 

6075| const void *DataToWrite = Granule->Data; 

6076| ULONG BytesToWrite = Granule->GranuleSizelnBytes; 

6077| 

6078| if ( AIIBytesSame(Granule) ) { 

6079| UserData[2] = VI_COMPRESS_ALL_BYTES_SAME; 

6080| UserData[3] = (ULONG) ( "((unsigned char *) 

| (Granule->Data)) ); 

6081 1 UserData[4] = Granule->GranuleSizelnBytes; 

6082| BytesToWrite = 0; 

6083| DataToWrite = NULL; 

6084| } 
6085| 

6086| Status = BackupManager_WriteChunk ( 

6087| Manager, 

6088| VICT_GRANULE, 

6089| UserData, 

6090| sizeof(UserData) / sizeof(UserData[0]), 

6091| DataToWrite, 

6092| BytesToWrite ); 
6093| 

6094| if(Manager->BackupAbortEvent){ 
6095| 



I if(WaitForSingleObject(Manager->BackupAbortEvent,0)==WAI 

| T_OBJECT_0) { 
6096| Status = ERROR_REQUEST_ABORTED; 

6097| } 
6098| } 
6099| 

6100| return Status; 

6101| } 

6102| 

6103| 

6104| // 



6105| 

6106| DWORD SS_VolumelmageCallBack ( 

| pPSM_VolumelmageCallBackParms parms ) 
6107| { 

6108| DWORD Status = 0; // returning any nonzero value 

| will abort volume image operation 
6109| 

61 1 0| switch ( parms->MessageType ) { 
61 1 1 1 case PSM_VIBMT_START: { 
61 1 2| pPSM_VIBM_Start Start = 

| &parms->MessageData.Start; 
6113| ULONG UserData[] = { 

61 1 4| Start->SizelnBytes.LowPart, 
61 1 5| Start->SizelnBytes.HighPart, 
61 1 6| Start->NumUsedClusters.LowPart, 
61 1 7| Start->NumUsedClusters.HighPart, 
61 1 8| Start->ClusterSize }; 

6119| 

6120| TheBackupManager.CumulativeChecksum = 0; 

6121 1 TheBackupManager.ChunkCounter = 0; 

6122| 

6123| Status = BackupManager_WriteChunk ( 

61 24| &TheBackupManager, 
6125| VICT_START, 
6126| UserData, 

61 27| sizeof(UserData) / sizeof (UserData[0]), 

6128| NULL, 

6129| 0); 

6130| } break; 

6131| 

6132| case PSM_VIBMT_PARTITION_INFO: { 
6133| pPSM_VIBM_Partitionlnfo Partitionlnfo = 

| &parms->MessageData.Partitionlnfo; 
6134| DEBUG_WRITE(L">» Partitionlnfo An" ); 

61 35| DEBUG_WRITE(L">» Volume Serial Number 

| = %08x\n M , Partition lnfo->VolumeSerialNumber ); 
6136| DEBUG_WRITE(L">» Volume Unique Id 

| = %08x\n M , Partitionlnfo->VolumeUniqueld ); 



6137| DEBUG_WRITE(L">» Partition Length 

| = %016l64x\n", Partitionlnfo->PartitionLength.QuadPart 

I); 

6138| Status = BackupManager_WriteChunk ( 

61 39| &TheBackupManager, 

6140| VICT_PARTITION_INFO, 

6141| NULL, 

6142| 0, 

6143| Partitionlnfo, 

6144| sizeof(*Partitionlnfo) ); 

6145| } break; 

6146| 

6147| case PSM_VIBMT_GRANULE: { 
6148| pPSM_VIBM_Granule Granule = 

| &parms->MessageData.Granule; 
6149| Status = BackupManager_ProcessGranules 

| (&TheBackupManager, Granule); 
6150| } break; 
6151| 

6152| case PSM_VIBMT_FINISH: { 

6153| Status = BackupManager_WriteChunk ( 

| &TheBackupManager, VICT_FINISH, 0, 0, NULL, 0 ); 
6154| } break; 
6155| } 
6156| 

6157| return Status; 

6158| } 

6159| 

6160| // 



6161| 

6162| ULONG OpenlmageOutputFile ( plmageOutput Filelnfo ) 
6163| { 

6164| ULONG Err =0; 
6165| 

6166| Filelnfo->ByteCounter 

| sizeof(tVolumelmage_ChunkPrefix); // allow room for 

| continuation chunk at end 
6167| Filelnfo->MegabyteCounter =0; 
6168| Filelnfo->lmageStatus = STATUS_PENDING; 
6169| 

6170| swprintf ( Filelnfo->FileName, L"%simage.%03d", 
6 1 7 1 1 Fi le I nf o -> Open I nf o . Logo n I nf o . Path , 
61 72 1 Filelnfo->ContinuationNumber ); 
6173| 

61 74| Filelnfo->Handle = CreateFileW( 
61 75| Filelnfo->FileName, // file 

| name 

6176| GENERIC_READ | GENERIC_WRITE, // access 
| mode 



6177| 0, //share 
| mode 

6178| NULL, //SD 
61 79| CREATEALWAYS, // how to 

| create 

6180| FILE_ATTRIBUTE_NORMAL, //file 
| attributes 

6181| NULL); //handle 

| to template file 
6182| 

6183| if ( Filelnfo->Handle == I N VAL I D_H AN DL E_VALU E ) { 
6184| Filelnfo->lmageStatus = Err = GetLastError(); 
6185| UpdatePathStatus ( 

| F i le I nf o -> Ope n I nf o . Locat io n N u m be r, 

| PSM_ERROR_INVALID_PATH ); 
6186| WRITE_ERROR(L"Error %08x trying to open image 

| output file '%s'\n",Err,Filelnfo->FileName); 
6187| }else{ 

61 88| DEBUG_WRITE(L"»> OpenlmageOutputFile: 
| Successfully created '%s'\n",Filelnfo->FileName); 

6189| UpdatePathStatus ( 

| F i le I nf o -> Ope n I nf o . Locat io n N u m be r, 
| PSM_BACKING_UP_VOLUME ); 

6190| Filelnfo->lmageStatus = PSM_CREATING_FILES; 

6191| } 

6192| 

6193| return Err; 

6194| } 

6195| 

6196| // 

6197| 

6198| void EraseOldSummaryFile ( plmageOutput Filelnfo ) 
6199| { 

6200| WCHAR SummaryFileName [256]; 

6201| int result = 0; 

6202| 

6203| // delete summary file... 

6204| wcscpy ( SummaryFileName, 
| Filelnfo->Openlnfo.Logonlnfo.Path ); 

6205| AppendBackslashlfNeeded ( SummaryFileName ); 

6206| wcscat ( SummaryFileName, L M image.000 M ); 

6207| result = _wremove ( SummaryFileName ); 

6208| DEBUG_WRITE(L"»> EraseOldSummaryFile: 
| SummaryFileName='%s\ result=%d, 
| errno=%d\n",SummaryFileName,result,errno); 

6209| 

6210| //delete html log file... 
621 1 1 wcscpy ( SummaryFileName, 
| Filelnfo->Openlnfo.Logonlnfo.Path ); 



621 2| AppendBackslashlfNeeded ( SummaryFileName ); 

6213| wcscat ( SummaryFileName, L" image. htm" ); 

621 4| result = _wremove ( SummaryFileName ); 

621 5| DEBUG_WRITE(L">» EraseOldSummaryFile: 
| HtmlFileName='%s', result=%d, 
| errno=%d\n",SummaryFileName,result,errno); 

6216| } 

6217| 

6218| // 



6219| 

6220| ULONG GenerateSummaryFile ( 
6221| plmageOutput Filelnfo, 
6222| ULONG WarningCode ) 

6223| { 

6224| ULONG Err = 0; 

6225| WCHAR FileName [256]; 

6226| WCHAR *RegPath = FileName; // scary aliasing! 

| can't use RegPath and FileName at same time. 
6227| FILE *SummaryFile = NULL; 
6228| ULONG BackupNumber = 0; 
6229| ULONG BackupCount = 0; 
6230| ULONG TimeStampErr = 0; 
6231 1 WCHAR TimeStamp [64]; 
6232| WCHAR Identity [256]; 
6233| 

6234| wcscpy ( FileName, 

| Filelnfo->Openlnfo.Logonlnfo.Path ); 
6235| AppendBackslashlfNeeded ( FileName ); 
6236| wcscat ( FileName, L"image.000" ); 
6237| 

6238| DEBUG_WRITE(L"»> GenerateSummaryFile: 
| FileName='%s', 

| WarningCode=%08x\n",FileName,WarningCode); 
6239| SummaryFile = _wfopen(FileName,L M wt"); 
6240| if ( SummaryFile == NULL ) { 

6241 1 WRITE_ERROR(L"Error: Could not open summary 

| file '%s' for write!\n",FileName); 
6242| Err = PSM_ERROR_INVALID_PATH; 
6243 1 } else { 

6244| ULONG NameLength = 0; 
6245| 

6246| wcscpy ( Identity, 

| Filelnfo->Openlnfo.Logonlnfo.Path ); 
6247| NameLength = wcslen(ldentity); 
6248| if ( NameLength > 1 ) { 
6249| // The path will be something like 

| 'd:\vimage.psm\backup.1V. 
6250| // Truncate at the final 7 to get 

| 'd:\vimage.psm\backup' 



6251| 

6252| ULONG NamePos = NameLength-1 ; 

6253| if ( ldentity[NamePos] == 'W ) { 

6254| --NamePos; 
6255| } 
6256| 

6257| while ( NamePos > 0 ) { 

6258| if ( ldentity[NamePos] == 7 ) { 

6259| DEBUG_WRITE(L"»> 

| GenerateSummaryFile: Before truncate: 

| ldentity='%s'\n M , Identity); 
6260| ldentity[NamePos] = '\0'; 

6261 1 DEBUG_WRITE(L"»> 

| GenerateSummaryFile: After truncate: 

| ldentity='%s'\n", Identity); 
6262| break; 

6263| } else if ( ldentity[NamePos] == 'W ) 

|{ 

6264| // Looks like there wasn't a '.' 

| where there was supposed to be. 
6265| //Oh well... 

6266| break; 
6267| } 
6268| --NamePos; 
6269| } 
6270| } 
6271| 

6272| fprintf 

| (SummaryFile,"NumFileslnBackup=%d\n",Filelnfo->Continuat 

| ionNumber); 
6273| fprintf 

| (SummaryFile,"WarningCode=%d\n",WarningCode); 
6274| fprintf (SummaryFile, M ldentity=%S\n M ,ldentity); 
6275| fclose(SummaryFile); 
6276| SummaryFile = NULL; 
6277| 

6278| // Now update "CurrentCopies" in the registry. 
6279| // Do this by counting up the number of 

| "image. 000" files that are openable... 
6280| BackupCount = 0; 

6281 1 for ( BackupNumber=1 ; BackupNumber <= 

| MAXJ MAG ES_PE R LOCATI ON ; ++BackupNumber ) { 
6282| wcscpy ( FileName, 

| Filelnfo->Openlnfo.Logonlnfo.Path );// 

| "d:\blahblah\blah\fred.3[\]" 
6283| AppendBackslashlfNeeded ( FileName ); 

| // "d:\blahblah\blah\fred.3\" 
6284| NameLength = wcslen(FileName); 

6285| if ( NameLength >= 2 ) { 

6286| FileName[NameLength-2] = (WCHAR) 



I (BackupNumber + '0'); 
6287| wcscat(FileName,L"image.OOO"); 
6288| DEBUG_WRITE(L">» CurrentCopies check: 

| FileName='%s'\n",FileName); 
6289| SummaryFile = _wfopen(FileName,L M rt"); 

6290| if ( SummaryFile != NULL ) { 

6291 1 fclose(SummaryFile); 
6292| SummaryFile = NULL; 

6293| ++BackupCount; 
6294| } 
6295| } 
6296| } 
6297| 

6298| DEBUG_WRITE(L"»> CurrentCopies check: 

| BackupCount=%d\n", BackupCount); 
6299| UpdateBackupCount ( 

| Filelnfo->Openlnfo.LocationNumber, BackupCount); 
6300| 

6301 1 TimeStampErr = GetTimeStamp(TimeStamp); 

6302| if ( TimeStampErr == 0 ) { 

6303| swprintf ( RegPath, L M %sBackup%d", 

| BackupRegistryPath, Filelnfo->Openlnfo.LocationNumber 

I); 

6304| UpdateTimeStamp ( RegPath, U'LastBackup", 

| TimeStamp ); 
6305| } else { 

6306| WRITE_ERROR(L"Warning: Could not update 

| LastBackup time stamp in registry for location #%d 
| (error 

| %08x)\n",Filelnfo->Openlnfo.LocationNumber,TimeStampErr) 

I ; 

6307| } 
6308| } 
6309| 

6310| return Err; 
6311| } 
6312| 
6313| // 



6314| 

6315| ULONG CloselmageOutputFile ( plmageOutput Filelnfo ) 
6316| { 

6317| ULONG Err=0; 
6318| 

631 9| if ( Filelnfo->Openlnfo.ExclusionFileHandle!=NULL 
l){ 

6320| Err = DeleteExclusionFile ( 
6321| &(Filelnfo->Openlnfo.ExclusionFileHandle), 
6322| Filelnfo->Openlnfo.ExclusionFileName ); 

6323| } 



6324| 

6325| if ( Filelnfo->Handle != NULL && Filelnfo->Handle 

| != INVALID_HANDLE_VALUE ) { 
6326| CloseHandle (Filelnfo->Handle); 
6327| Filelnfo->Handle = INVALID_HANDLE_VALUE; 
6328| if ( Filelnfo->lmageStatus == 

| PSM_CREATING_FILES ) { 
6329| Filelnfo->lmageStatus = STATUS_SUCCESS; 

6330| } else { 

6331 1 DeleteAIIFilesAndDirectory ( 

| Filelnfo->Openlnfo.Logonlnfo.Path ); 
6332| } 

6333| UpdateLastBackupResult ( 

| F i le I nf o -> Ope n I nf o . Locat io n N u m be r, 

| Filelnfo->lmageStatus ); 
6334| UpdatePathStatus ( 

| Filelnfo->Openlnfo.LocationNumber, PSM_VALID_PATH ); 
6335| } 
6336| 

6337| RemoteLogoff ( &(Filelnfo->Openlnfo.Logonlnfo) ); 
6338| return Err; 
6339| } 
6340| 

6341 1 // 



6343| void BackupManager_SetAIIErrorCodes ( 
6344| pBackupManager Manager, 
6345| ULONG Error ) 

6346| { 

6347| // This function is called when an error is 

| encountered that affects 
6348| // all backup streams, such as the backup being 

| aborted. 

6349| // We set all the error codes so that the backups 

| will be deleted 
6350 1 // after the files are closed. 
6351| 

6352| ULONG i; 

6353| for ( i=0; i < Manager->NumlmageOutputs; ++i ) { 
6354| // Only set error codes for streams that 

| currently think they are successful... 
6355| if ( Manager->lmageOutputArray[i].lmageStatus 

| == PSM_CREATING_FILES ) { 
6356| DEBUG_WRITE(L"»> Setting ImageStatus for 

| '%s' to 

| %08x\n",Manager->lmageOutputArray[i].FileName, Error); 
6357| Manager->lmageOutputArray[i]. ImageStatus = 

| Error; 
6358| } 



6359| } 
6360| } 
6361| 
6362| //— 



6364| ULONG BackupManager_CreateVolumelmage ( 

6365| pBackupManager Manager, 

6366| int NumOutputFiles, 

6367| plmageCreationlnfo OutputArray, 

6368| const WCHAR *_VolName, 

6369| const WCHAR *_OriginalVolumeName, 

6370| PVOID AbortEvent) 

6371| { 

6372| ULONG Err = 0; 

6373| WCHAR *OriginalVolumeName = NULL; 
6374| 

6375| DEBUG_WRITE(L">» CreateVolumelmage: 

| NumOutputFiles=%d, _VolName='%s\ 

| ^riginakVoS'Vn^NumOutputFiles^VolName^OriginalVolurri 

| eName); 
6376| 

6377| Manager->BackupAbortEvent = AbortEvent; 
6378| 

6379| if ( NumOutputFiles<1 || 

| NumOutputFiles>MAX_LOCATIONS ) { 
6380| Err = PSM_ERROR_INVALID_PARAMETER; 
6381 1 WRITE_ERROR(L"Error: Invalid number of image 

| output files: %d\n",NumOutputFiles); 
6382| } else { 
6383| int i; 

6384| for ( i=0; i<NumOutputFiles; ++i ) { 

6385| Manager->lmageOutputArray[i].Openlnfo = 

| Output Array[i]; 
6386| 

| Manager->lmageOutputArray[i].ContinuationNumber = 1; 
6387| Err = OpenlmageOutputFile ( 

| &Manager->lmageOutputArray[i] ); 
6388| 

6389| UpdateLastBackupResult ( 

6390| 

| Manager->lmageOutputArray[i].Openlnfo.LocationNumber, 
6391| 

| Manager->lmageOutputArray[i].lmageStatus ); 
6392| 

6393| if ( Err == 0 ) { 

6394| EraseOldSummaryFile ( 

| &Manager->lmageOutputArray[i] ); 
6395| } else { 

6396| while ( -i >= 0 ) { 



6397| CloselmageOutputFile ( 

| &Manager->lmageOutputArray[i] ); 
6398| } 
6399| 

6400| break; 
6401| } 
6402| } 
6403| 

6404| if ( Err == 0 ) { 

6405| Manager->NumlmageOutputs = NumOutputFiles; 

6406| if (_VolName) { 

6407| int VolNameLength = wcslen(_VolName); 

6408| WCHAR *VolName = (WCHAR *) 

| LocalAlloc(LPTR,sizeof(WCHAR)*(2+VolNameLength)); 
6409| if ( VolName ) { 

641 0| const unsigned VOLUME_GUID_CHARS = 

I 256; 

641 1 1 const unsigned VOLU M E_GU I D_BYTES = 

| sizeof(WCHAR) * VOLUME_GUID_CHARS; 

641 2| WCHAR *VolumeGuid = 

| LocalAI loc(LPTR, VOLU M E_GU I D_BYTES) ; 

6413| 

641 4 1 wcscpy ( VolName, _VolName ); 

641 5| if ( VolNameLength>0 && 

| VolName[VolNameLength-1]!='\Y ) { 
641 6| VolName[VolNameLength++] = 

I 'W; 

6417| VolName[VolNameLength] = 0; 

6418| } 

6419| 

6420| if ( VolumeGuid ) { 

6421| BOOL GotName = 

| GetVolumeNameForVolumeMountPointW ( 
6422| VolName, 
6423| VolumeGuid, 
6424| VOLUME_GUID_BYTES ); 

6425| 

6426| if ( GotName ) { 

6427| // Fix Volume Guids... need 

| final backslash to be ABSENT! 
6428| int VolumeGuidLength = 

| wcslen(VolumeGuid); 
6429| if ( VolumeGuidLength>0 && 

| VolumeGuid[VolumeGuidLength-1]=='\V ) { 
6430| 

| VolumeGuid[VolumeGuidLength-1] = 0; 
6431| } 

6432| WRITE(L m %s' = '%s'\n M , 

| VolName, VolumeGuid); 
6433| 



6434| OriginalVolumeName = (WCHAR 

| *)LocalAlloc(LPTR,sizeof(WCHAR)*(2+wcslen(_OriginalVolum 
| eName))); 

6435| if ( OriginalVolumeName ) { 

6436| 

| wcscpy(OriginalVolumeName, _OriginalVolumeName); 
6437| AppendBackslashlfNeeded 

| (OriginalVolumeName); 
6438| UpdateEngineStatus ( 

| PSM_BACKING_UP_VOLUME ); 
6439| Err = 

| Psm_VolumelmageDumpW ( VolumeGuid, OriginalVolumeName, 

| SS_VolumelmageCallBack ); 
6440| UpdateEngineStatus ( 

| PSMJDLE ); 
6441| 

6442| if ( Err != 0 ) { 

6443| 

| BackupManager_SetAIIErrorCodes (Manager, Err); //kill 
| backups on close (later) 
6444| 

| WRITE_ERROR(L"Error: Volume Image Dump returned 

| %08x\n",Err); 
6445| WRITE_ERROR(L"The 

| backup has been canceled An"); 
6446| } 
6447| 

| LocalFree(OriginalVolumeName); 
6448| OriginalVolumeName = 0; 

6449| } else { 

6450| Err = 

| ERROR_OUTOFMEMORY; 
6451 1 WRITE_ERROR(L"Error: 

| Out of memory (OriginalVolumeName)\n"); 
6452| } 
6453| } else { 

6454| Err = Getl_astError(); 

6455| WRITE_ERROR(L"Could not get 

| volume guid for '%s'; error=%08x\n", VolName, Err ); 
6456| } 
6457| 

6458| LocalFree(VolumeGuid); 
6459| VolumeGuid = NULL; 

6460| } else { 

6461 1 WRITE_ERROR(L"Out of memory 

| (VolumeGuids) in CreateVolumelmageFile()\n"); 
6462| Err = ERROR_OUTOFMEMORY; 

6463| } 
6464| } else { 

6465| WRITE_ERROR(L"Out of memory 



I (VolumeNames) in CreateVolumelmageFile()\n"); 
6466| Err= ERROR_OUTOFMEMORY; 

6467| } 
6468| 

6469| if ( VolName ) { 

6470| LocalFree( VolName); 

6471| VolName = NULL; 

6472| } 
6473| } else { 

6474| WRITE_ERROR(L"lnternal error: invalid 

| parameter to CreateVolumelmageFile()\n"); 
6475| Err = PSM_ERROR_INVALID_PARAMETER; 

6476| } 
6477| 

6478| for ( i=0; kNumOutputFiles; ++i ) { 

6479| if ( 

| Manager->lmageOutputArray[i]. Handle != 

| INVALID_HANDLE_VALUE ) { 
6480| if ( 

| Manager->lmageOutputArray[i].lmageStatus == 

| PSM_CREATING_FILES ) { 
6481 1 GenerateSummaryFile ( 

| &Manager->lmageOutputArray[i], Manager->NonFatalError 

I); 

6482| } 

6483| CloselmageOutputFile ( 

| &Manager->lmageOutputArray[i] ); 
6484| } 
6485| 

6486| UpdateLastBackupResult ( 

6487| 

| Manager->lmageOutputArray[i].Openlnfo.LocationNumber, 
6488| 

| Manager->lmageOutputArray[i].lmageStatus ); 
6489| } 

6490| Manager->NumlmageOutputs = 0; 

6491 1 BackupManager_Cleanup ( Manager ); 

6492| } 
6493| } 
6494| 

6495| Manager->BackupAbortEvent = NULL; 
6496| 

6497| if ( Err == 0 ) { 

6498| if ( Manager->NonFatalError != 0 ) { 
6499| Err = Manager->NonFatalError; 

6500| } 
6501| } 
6502| 

6503| Manager->NonFatalError = 0; 
6504| 



6505| DEBUG_WRITE(L">» CreateVolumelmage returning 

| %08x\n M ,Err); 
6506| return Err; 
6507| } 
6508| 

6509| // 



6510| 

651 1 1 ULONG CalculateChecksum ( 
6512| ULONG DataSizeln Bytes, 
6513| const void *DataBuffer) 
6514| { 

6515| ULONG sum = 0xc9d4b5a2; 

651 6| ULONG multiplier = 0x1 a2b3c4d; 

651 7| const unsigned char *p = (const unsigned char *) 

| DataBuffer; 
6518| ULONG i; 
6519| 

6520| for ( i=0; i < DataSizelnBytes; ++i ) { 
6521 1 sum A = (0x1 00 + *p++) * multiplier++; 
6522| sum = (sum « 9) | (sum » (32-9)); // 

| rotate left 9 bits 
6523| } 
6524| 

6525| if ( sum == CHECKSUM_IGNORE_DWORD ) { 
6526| sum = Oxffffffff; // not allowed to be 

| CHECKSUM IGNORE DWORD 
6527| } 
6528| 

6529 1 return sum; 
6530| } 
6531| 
6532| // 



6534| BOOLEAN ValidateChecksum ( 
6535| ULONG DataSizelnBytes, 
6536| const void *DataBuffer, 
6537| ULONG Stored Checksum ) 
6538| { 

6539| BOOLEAN isValid = TRUE; 
6540| 

6541 1 // If the stored checksum is CHECKSUM_IGNORE_DWORD, 

| it means we should ignore it. 
6542| 

6543| if ( StoredChecksum != CHECKSUM_IGNORE_DWORD ) { 
6544| ULONG CalcChecksum = CalculateChecksum 

| (DataSizelnBytes, DataBuffer); 
6545| isValid = (CalcChecksum == StoredChecksum); 
6546| } 



6547| 

6548| return isValid; 

6549| } 

6550| 

6551 1 //- 



6553| ULONG UpdateBackupStatus ( 
6554| const WCHAR * const RegPath, 
6555| const WCHAR * const ValueName, 
6556| ULONG Status ) 
6557| { 

6558| HKEY Key = INVALID_HANDLE_VALUE; 

6559| ULONG Err = RegOpenKeyExW( 

6560| HKEY_LOCAL_MACHINE, // handle of open key 

6561 1 RegPath, // address of name of 

| subkey to open 
6562| 0, // reserved 

6563| KEY_ALL_ACCESS, // security access mask 
6564| &Key ); // address of handle of 

| open key 
6565| 

6566| if ( Err == 0 ) { 

6567| Err = RegSetValueExW ( 

6568| Key, 

6569| ValueName, 

6570| 0, 

6571| REG_DWORD, 

6572| (const unsigned char *)&Status, 

6573| sizeof(ULONG) ); 

6574| 

6575| if ( Err != 0 ) { 

6576| WRITE_ERROR(L"UpdateBackupStatus: Could 

| not write value '%s' to key '%s', error 

| %08x\n",ValueName,RegPath,Err); 
6577| } else { 

6578| DEBUG_WRITE(L"»> Just wrote %08x to value 

| '%s' in key '%sV)",Status,ValueName,RegPath); 
6579| } 
6580| 

6581| RegCloseKey(Key); 

6582| Key = INVALID_HANDLE_VALUE; 

6583| } else { 

6584| WRITE_ERROR(L"UpdateBackupStatus: Could not 

| open registry key '%s', error %08x\n",RegPath,Err); 
6585| } 
6586| 

6587| return Err; 

6588| } 

6589| 



6590| //- 



6591| 

6592| ULONG UpdateTimeStamp ( 

6593| const WCHAR * const RegPath, 

6594| const WCHAR * const ValueName, 

6595| const WCHAR * const TimeStamp ) 
6596| { 

6597| ULONG Err=0; 

6598| DWORD len=0; 

6599| HKEY Key = INVALID_HANDLE_VALUE; 
6600| 

6601 1 len = wcslen (TimeStamp); 

6602| len = (len*sizeof(WCHAR))+(sizeof(WCHAR)*2); 

6603| 

6604| Err = RegOpenKeyExW( 

6605| HKEYLOCALMACHINE, // handle of open key 

6606| RegPath, // address of name of 

| subkey to open 

6607| 0, // reserved 

6608| KEY_ALL_ACCESS, // security access mask 

6609| &Key); // address of handle of 

| open key 
6610| 

661 1 1 if ( Err == 0 ) { 

661 2| Err = RegSetValueExW ( 

6613| Key, 

6614| ValueName, 

6615| 0, 

661 6| REG_SZ, 

661 7| (const unsigned char *)TimeStamp, 

6618| len); 

6619| 

6620| if ( Err != 0 ) { 

6621 1 WRITE_ERROR(L"UpdateBackupResult: Could not 

| write value '%s' to key '%s', error 

| %08x\n",ValueName,RegPath,Err); 

6622| } else { 

6623| DEBUG_WRITE(L"»> Just wrote %s to value 

| '%s' in key '%s'\n",TimeStamp,ValueName,RegPath); 

6624| } 
6625| 

6626| RegCloseKey(Key); 

6627| Key = I N V AL I D_H AN D L E_VALU E ; 

6628| } else { 

6629| WRITE_ERROR(L"UpdateBackupResult: Could not 

| open registry key '%s', error %08x\n", Reg Path, Err); 

6630| } 
6631| 

6632| return Err; 



6633| } 
6634| 

6635| //- 

| 

6636| 

6637| ULONG ConvertErrorCodeToRegistryStatus ( ULONG 

| ErrorCode ) 
6638| { 

6639| // This function converts an error code into a code 
| that 

6640| // the WebUI can display as a brief string. 
6641| 

6642| ULONG StatusCode = PSM_ERROR_UNSUCCESSFUL; 

6643| if ( ErrorCode & 0x20000000 ) { 

6644| // If the customer bit is set, assume it's a 

| valid message. 
6645| StatusCode = ErrorCode; 
6646| } else { 

6647| // Figure out what the error is and translate 

| it if possible... 
6648| switch ( ErrorCode ) { 

6649| case STATUS_SUCCESS: StatusCode 

| = PSM_OPERATION_SUCCESSFUL; break; 

6650| case ERROR_REQUEST_ABORTED: StatusCode 

| = PSM_CANCELED_BY_USER; break; 

6651| case ERROR_OUTOFMEMORY: StatusCode 

| = PSM_ERROR_OUT_OF_MEMORY; break; 

6652| } 

6653| } 

6654| 

6655| DEBUG_WRITE(L"»> ConvertErrorCodeToRegistryStatus: 

| %08x translated into %08x\n",ErrorCode,StatusCode); 
6656| return StatusCode; 
6657| } 
6658| 

6659| //- 

| 

6660| 

6661 1 ULONG UpdateEngineStatus ( ULONG Status ) 
6662| { 

6663| ULONG Err = 0; 

6664| DEBUG_WRITE(L"»> UpdateEngineStatus: 

| Status=%08x\n", Status); 
6665| Status = ConvertErrorCodeToRegistryStatus (Status); 
6666| Err = UpdateBackupStatus ( BackupRegistryPath, 

| U'EngineStatus", Status ); 
6667| return Err; 
6668| } 
6669| 

6670| // 



I 

6671| 

6672| ULONG UpdateLast Backup Result ( int LocationNumber, 

| ULONG Status ) 
6673| { 

6674| WCHAR RegPath [256]; 
6675| ULONG Err = 0; 
6676| 

6677| DEBUG_WRITE(L"»> Update Last Backup Result: 

| LocationNumber=%d, 

| Status=%08x\n",LocationNumber,Status); 
6678| Status = ConvertErrorCodeToRegistryStatus (Status); 
6679| swprintf ( RegPath, L"%sBackup%d\\", 

| BackupRegistryPath, LocationNumber ); 
6680| Err = UpdateBackupStatus ( RegPath, 

| LTastBackupResult", Status ); 
6681| 

6682| return Err; 
6683| } 
6684| 
6685| // 



6687| ULONG Update Path Status ( int LocationNumber, ULONG 

| Status ) 
6688| { 

6689| WCHAR RegPath [256]; 
6690| ULONG Err = 0; 
6691| 

6692| if ( !(Status & 0x20000000) ) { 
6693| // customer bit not set... need to translate! 
6694| if ( Status == STATUS_SUCCESS ) { 
6695| Status = PSM_VALID_PATH; 

6696| } else { 

6697| DEBUG_WRITE(L">» Update Path Status: 

| translating error %08x into 

| PSM_ERRORJNVALID_PATH\n",Status); 
6698| Status = PSM_ERROR_INVALID_PATH; 

6699| } 
6700| } 
6701| 

6702| DEBUG_WRITE(L"»> Update Path Status: 

| LocationNumber=%d, 

| Status=%08x\n",LocationNumber,Status); 
6703| swprintf ( RegPath, L"%sBackup%d\\", 

| BackupRegistryPath, LocationNumber ); 
6704| Err = UpdateBackupStatus ( RegPath, U'PathStatus", 

| Status ); 
6705| 

6706| return Err; 



6707| } 
6708| 

6709| // 

6710| 

6711| ULONG UpdateBackupCount ( int LocationNumber, ULONG 

| BackupCount ) 
6712| { 

671 3| WCHAR RegPath [256]; 
6714| ULONG Err = 0; 
6715| 

671 6| DEBUG_WRITE(L"»> UpdateBackupCount: 
| LocationNumber=%d, 

| Count=%d\n",LocationNumber,BackupCount); 
671 7| swprintf ( RegPath, L"%sBackup%d\\", 

| BackupRegistryPath, LocationNumber ); 
6718| Err = UpdateBackupStatus ( RegPath, 

| U'CurrentCopies", BackupCount); 
6719| 

6720| return Err; 
6721| } 
6722| 
6723| // 



6725| ULONG ChunkFilelsCorrupt ( 
6726| const WCHAR *FileName, 
6727| FILE *BackupFile, 
6728| int ContinuationNumber, 
6729| int TotalNumberOfFiles, 
6730| ULONG *CumulativeChecksum, 
6731| ULONG *ChunkCounter ) 
6732| { 

6733| tVolumelmage_ChunkPrefix prefix = {0}; 

6734| int ChunkNumber = 0; // chunk number in this 

| file only (not to be confused with ChunkCounter for all 

| files) 

6735| BOOLEAN ValidChecksum = FALSE; 
6736| ULONG Err =0; 

6737| const ULONG MaxDataBytes = 128 * 1024; 

6738| char *DataBuffer = (char *)malloc (MaxDataBytes); 

6739| BOOLEAN FoundFinishChunk = FALSE; 

6740| BOOLEAN FoundEndContinuationChunk = FALSE; 

6741| 

6742| DEBUG_WRITE(L"»> Checking file '%s'\n M , FileName); 
6743| 

6744| if ( DataBuffer ) { 
6745| while ( Err==0 && 

| fread(&prefix,sizeof(prefix),1,BackupFile)==1 ) { 
6746| ++ChunkNumber; 



6747| ValidChecksum = ValidateChecksum ( 

6748| sizeof(prefix) - 

| sizeof(prefix.PrefixChecksum), 
6749| ((const char *)&prefix) + 

| sizeof(prefix.PrefixChecksum), 
6750| prefix. PrefixChecksum ); 

6751| 

6752| if ( IValidChecksum ) { 

6753| Err = PSM_CORRUPT_BACKUP; 

6754| WRITE_ERROR(L"Error: Prefix checksum 

| failure in '%s' - file is corrupt (chunk number = 

| %d)\n'\FileName,ChunkNumber); 
6755| } else if ( prefix. ChunkSizelnBytes > 

| MaxDataBytes ) { 
6756| Err = PSM_CORRUPT_BACKUP; 

6757| WRITE_ERROR(L"Error: Data size invalid 

| in '%s' - file is corrupt\n",FileName); 
6758| } else { 

6759| if ( prefix. ChunkSizelnBytes > 0 ) { 

6760| ULONG NumBytesRead = 

| fread(DataBuffer,1 , prefix. ChunkSizelnBytes, BackupFile); 
6761 1 if ( NumBytesRead != 

| prefix. ChunkSizelnBytes ) { 
6762| Err = PSM_CORRUPT_BACKUP; 

6763| WRITE_ERROR(L"Error: File '%s' 

| is too short - file is corrupt\n",FileName); 
6764| } else { 

6765| ValidChecksum = 

| ValidateChecksum ( prefix. ChunkSizelnBytes, DataBuffer, 

| prefix. ChunkChecksum ); 
6766| if ( IValidChecksum ) { 

6767| Err = PSM_CORRUPT_BACKUP; 

6768| WRITE_ERROR(L"Error: Data 

| checksum failure in '%s' - file is corrupt (chunk 

[ number = %d)\n",FileName, ChunkNumber); 
6769| } 
6770| } 
6771| } 
6772| 

6773| if ( Err == 0 ) { 

6774| if ( ChunkNumber==1 ) { 

6775| if ( ContinuationNumber==1 ) { 

6776| // The first chunk in the 

| first file must be of type VICT_START... 
6777| if ( prefix.ChunkType != 

| VICT_START ) { 
6778| WRITE_ERROR(L"Error: 

| Missing START chunk in '%s' - file is 

| corrupt\n",FileName); 
6779| Err = 



I PSM_CORRUPT_BACKUP; 
6780| } 
6781| }else{ 
6782| // The first chunk in every 

| other file must be VICT_BEGIN_CONTINUATION 
6783| if ( prefix. ChunkType != 

| VICT_BEGIN_CONTINUATION ) { 
6784| WRITE_ERROR(L"Error: 

| Missing BEGIN CONTINUATION chunk in '%s' - file is 

| corrupt\n",FileName); 
6785| Err = 

| PSM_CORRUPT_BACKUP; 
6786| } 
6787| } 
6788| } 
6789| 

6790| if ( Err == 0 ) { 

6791 1 FoundFinishChunk = FALSE; 

6792| FoundEndContinuationChunk = 

| FALSE; 

6793| if ( prefix. ChunkType == 

| VICT_FINISH ) { 
6794| FoundFinishChunk = TRUE; 

6795| } else if ( prefix. ChunkType == 

| VICT_END_CONTINUATION ) { 
6796| FoundEndContinuationChunk = 

| TRUE; 
6797| } 
6798| 

6799| if ( !(prefix.ChunkType & 

| VICT_RESERVED_BIT) ) { 
6800| if ( 

| prefix. CumulativeChecksum != *CumulativeChecksum ) { 
6801 1 WRITE_ERROR(L"Error: 

| Cumulative checksum failure in '%s' - file is 

| corrupt.\n",FileName); 
6802| Err = 

| PSM_CORRUPT_BACKUP; 
6803| } else { 

6804| if ( prefix.ChunkNumber 

| != *ChunkCounter ) { 
6805| 

| WRITE_ERROR(L"Error: Expected chunk counter %d but 
| found %d in '%s' - file is 

| corrupt.\n M ,*ChunkCounter,prefix.ChunkNumber,FileName); 
6806| Err = 

| PSM_CORRUPT_BACKUP; 
6807| } else { 

6808| *CumulativeChecksum 

| A = prefix. PrefixChecksum; 



6809| ++(*ChunkCounter); 

681 0| } 

681 1 1 } 

6812| } 

6813| } 

6814| } 

6815| } 

681 6| } 

6817| 

6818| free (DataBuffer); 
681 9| DataBuffer = NULL; 
6820| 

6821| if ( Err == 0 ) { 

6822| if ( ContinuationNumber == 

| TotalNumberOfFiles ) { 
6823| if ( IFoundFinishChunk ) { 

6824| WRITE_ERROR(L"Error: Missing 

| FINISH chunk at end of '%s' - file is 

| corrupt\n",FileName); 
6825| Err= PSM_CORRUPT_BACKUP; 

6826| } 
6827| } else { 

6828| if ( IFoundEndContinuationChunk ) { 

6829| WRITE_ERROR(L"Error: Missing 

| END_CONTINUATION chunk at end of '%s' - file is 

| corrupt\n",FileName); 
6830| Err= PSM_CORRUPT_BACKUP; 

6831| } 
6832| } 
6833| } 
6834| } else { 

6835| WRITE_ERROR(L"Error: Out of memory in file 

| verifier!\n"); 
6836| Err= ERROR_OUTOFMEMORY; 
6837| } 
6838| 

6839| return Err; 

6840| } 

6841| 

6842| // 

6843| 

6844| ULONG TestlmageFile ( 
6845| const WCHAR *BackupPath, 
6846| int ContinuationNumber, 
6847| int TotalNumberOfFiles, 
6848| BOOLEAN QuickTestOnly, 
6849| ULONG *CumulativeChecksum, 
6850| ULONG *ChunkCounter ) 
6851 | { 



6852 
6853 
6854 
6855 
6856 
6857 
6858 
6859 
|L' 
6860 
6861 
6862 
6863 
6864 
6865 
6866 
6867 
6868 
6869 
6870 
6871 
6872 
6873 
6874 
6875 

|fl 
6876 

6877 

6878 

6879 

6880 

6881 



ULONG Err= PSM_CORRUPT_BACKUP; 
WCHAR FileName [256]; 
FILE *BackupFile = NULL; 
ULONG FileError = 0; 

wcscpy ( FileName, BackupPath ); 
AppendBackslashlfNeeded ( FileName ); 
swprintf ( &FileName[wcslen(FileName)], 
image.%03d", ContinuationNumber ); 
BackupFile = _wfopen( FileName, L"rb"); 
if ( BackupFile ) { 
if ( IQuickTestOnly ) { 

FileError = ChunkFilelsCorrupt ( 
FileName, 
BackupFile, 
ContinuationNumber, 
TotalNumberOfFiles, 
CumulativeChecksum, 
ChunkCounter ); 

} 

fclose (BackupFile); 
BackupFile = NULL; 
Err = FileError; 
} else { 

WRITE_ERROR(L"Error: Could not open backup 
le '%s'\n", FileName); 
} 



6882 
6883 
6884 
6885 
6886 
6887 
6888 
6889 
6890 
6891 
6892 
6893 
6894 
6895 
6896 
6897 
6898 



return Err; 



ULONG TestlmageBackup ( 
const WCHAR *BackupPath, 
BOOLEAN QuickTestOnly ) 



{ 



ULONG Err= PSM_CORRUPT_BACKUP; 

WCHAR FileName [256]; 

FILE *SummaryFile = NULL; 

char Line [128]; 

char Name [128]; 

int Value = 0; 

int NumBackupFiles = 0; 

int ContinuationNumber = 0; 

BOOLEAN FoundCorruptFile = FALSE; 

ULONG CumulativeChecksum = 0; 

ULONG ChunkCounter = 1 ; 



6899| wcscpy ( FileName, BackupPath ); 

6900| AppendBackslashlfNeeded ( FileName ); 

6901 1 wcscat ( FileName, L"image.OOO" ); 

6902| SummaryFile = _wfopen(FileName,L"rt M ); 

6903| if ( SummaryFile ) { 

6904| while ( fgets(Line,sizeof(Line), SummaryFile) ) 
|{ 

6905| if ( 

| sscanf(Line,"%[a-zA-Z0-9]=%d",Name,&Value) == 2 ) { 

6906| DEBUG_WRITE(L">» Test I mage Backup: 

| Name='%S\ Value=%d\n",Name,Value); 

6907| if ( strcmp(Name,"NumFileslnBackup")==0 

l){ 

6908| NumBackupFiles = Value; 

6909| } else if ( 

| strcmp(Name, M WarningCode M )==0 ) { 

6910| if (Value != 0 ) { 

691 1 1 WRITE(L"Warning Code %08x found 

| in backup '%s'\n",Value,BackupPath); 

6912| } 

6913| } 

6914| } 

6915| } 

691 6| fclose (SummaryFile); 

691 7| SummaryFile = NULL; 
6918| 

691 9| if ( NumBackupFiles > 0 ) { 

6920| ULONG FileError = 0; 
6921| 

6922| for ( ContinuationNumber=1 ; 

| ContinuationNumber <= NumBackupFiles; 

| ++ContinuationNumber ) { 

6923| FileError = TestlmageFile ( 

6924| BackupPath, 

6925| ContinuationNumber, 

6926| NumBackupFiles, 

6927| QuickTestOnly, 

6928| &CumulativeChecksum, 

6929| &ChunkCounter ); 
6930| 

6931| if ( FileError != 0 ) { 

6932| FoundCorruptFile = TRUE; 

6933| break; 

6934| } 

6935| } 

6936| 

6937| if ( FoundCorruptFile ) { 

6938| if ( QuickTestOnly ) { 

6939| WRITE(L"AII backup image files are 
| present in '%s\\n",BackupPath); 



6940| WRITE(L"Note: The files were not 

| tested for internal correctnessAn"); 
6941 1 } else { 

6942| WRITE(L"Backup image is valid in 

| '%s'\n",BackupPath); 
6943| } 
6944| Err = 0; 

6945| } 
6946| } else { 

6947| WRITE_ERROR(L"Error: Could not find valid 

| number of backup files in file '%s'\n",FileName); 
6948| } 
6949| } else { 

6950| WRITE_ERROR(L"Error: Cannot open file '%s' - 

| backup is corrupt\n",FileName); 
6951| } 
6952| 

6953| return Err; 
6954| } 
6955| 
6956| // 



6958| ULONG Test Backup Paths (void) 
6959| { 

6960| ULONG Err = 0; 

6961 1 ULONG NumberOf Locations = 0; 

6962| ULONG OutputlmageArrayBytes = MAX_LOCATIONS * 

| sizeof(tlmageCreationlnfo); 
6963| plmageCreationlnfo OutputlmageArray = 

| (plmageCreationlnfo) malloc (OutputlmageArrayBytes); 



6964| 

6965| DEBUG_WRITE(L">» Entering TestBackupPaths()\n"); 
6966| 

6967| if ( OutputlmageArray ) { 

6968| tLocalLogonlnfo Logonlnfo = {0}; 

6969| LocalLogonCheck (&Logonlnfo); 

6970| 

6971 1 Err = PrepareForVolumelmage ( 

6972| OutputlmageArray, 

6973| MAX_LOCATIONS, 

6974| TRUE, 

6975| &NumberOfLocations ); 

6976| 

6977| if ( Err == 0 ) { 

6978| WRITE(L"The backup settings in the registry 

| are valid. \n"); 

6979| } else { 

6980| WRITE_ERROR(L"Error: Backup settings in 
| the registry are not validAn"); 



6981 | } 
6982| 

6983| free (OutputlmageArray); 
6984| OutputlmageArray = NULL; 
6985| 

6986| LocalLogoff (&Logonlnfo); 
6987| } else { 

6988| WRITE_ERROR(L"Error: Out of memory in 

| TestBackupPaths!\n"); 
6989| Err = ERROR_OUTOFM EMORY; 
6990| } 
6991| 

6992| DEBUG_WRITE(L"»> TestBackupPaths() returning 

| %08x\n",Err); 
6993| return Err; 
6994| } 
6995| 

6996| //- 



6998| ULONG CopyRecoveryFile ( const WCHAR *fSrc, const WCHAR 

| *fDst ) 
6999| { 

7000| ULONG Err = 0; 

7001 1 BOOL ItWorked = FALSE; 

7002| 

7003| DEBUG_WRITE(L"»> CopyRecoveryFile: source='%s', 

| dest='%s'\n",fSrc,fDst); 
7004| 

7005| ItWorked = CopyFileW ( fSrc, fDst, FALSE ); 

7006| if ( MtWorked ) { 

7007| ULONG Copy Err = GetLastError(); 

7008| WRITE_ERROR(L">» Error %08x copying file '%s' 

| to '%s'\n",CopyErr,fSrc,fDst); 
7009| Err= PSM_ERROR_INVALID_PATH; 
7010| } 
7011| 

7012| return Err; 

7013| } 

7014| 

7015| //- 

| 

7016| 

7017| ULONG CopyAIIFilesAndDirectory ( const WCHAR *SrcPath, 

| WCHAR *DstPath ) 
7018| { 

7019| ULONG Err = 0; 
7020| WCHAR FileSpec [256]; 
7021 1 WCHAR wTmpStr [256] = {0}; 
7022| WCHAR wTmpStr2[256]={0}; 



7023| struct _wfinddatai64_t FindData = {0}; 
7024| long hFile = 0; 
7025| int result = 0; 
7026| 

7027| DEBUG_WRITE(L">» CopyAIIFilesAnd Directory: Source 

| Path='%s'\n M ,SrcPath); 
7028| DEBUG_WRITE(L">» CopyAIIFilesAndDirectory: 

| Destination Path='%s'\n M ,DstPath); 
7029| 

7030| wcscpy ( FileSpec, SrcPath ); 

7031 1 AppendBackslashlf Needed (FileSpec); 

7032| wcscat ( FileSpec, !_"*.*" ); 

7033| hFile = _wfindfirsti64 ( FileSpec, &FindData ); 

7034| if (hFile != -1 ){ 

7035| do { 

7036| DEBUG_WRITE(L">» FindFirst/FindNext: 

| '%s'\n M ,FindData.name); 
7037| if ( wcscmp(FindData.name,L". M )!=0 && 

| wcscmp(FindData.name,L".. M )!=0 ) { 
7038| wcscpy ( FileSpec, SrcPath ); 

7039| AppendBackslashlf Needed (FileSpec); 

7040| wcscat ( FileSpec, FindData.name ); 

7041 1 if ( FindData.attrib & _A_SUBDIR ) { 

7042| wcscpy(wTmpStr2,DstPath); 
7043| AppendBackslashlfNeeded (wTmpStr2); 

7044| wcscat(wTmpStr2, Find Data. name) ; 

7045| result = _wmkdir(wTmpStr2); 

7046| if ( result != 0 ) { 

7047| DEBUG_WRITE(L">» 

| _wmkdir('%s')=%d, errno=%d\n M ,wTmpStr,result,errno); 
7048| } 

7049| DEBUG_WRITE(L"»> Doing recursive 

| call for nested subdirectory... \n"); 
7050| Err = CopyAIIFilesAndDirectory 

| (FileSpec, wTmpStr2); 
7051| if ( Err != 0 ) { 

7052| break; 
7053| } 
7054| } else { 

7055| wcscpy(wTmpStr,DstPath); 

7056| AppendBackslashlfNeeded(wTmpStr); 

7057| wcscat(wTmpStr,FindData.name); 

7058| 

| Err=CopyRecoveryFile(FileSpec,wTmpStr); 
7059| if ( Err != 0 ) { 

7060| break; 
7061| } 
7062| } 
7063| } 

7064| } while ( _wfindnexti64(hFile,&FindData)==0 && 



I Err==0 ); 
7065| Jindclose (hFile); 
7066| } else { 

7067| DEBUG_WRITE(L"»> FindFirst failed on 

| '%s'\n",FileSpec); 
7068| } 
7069| 
7070| 

7071| DEBUG_WRITE(L"»> CopyAIIFilesAndDirectory 

| returning %08x\n", Err); 
7072| return Err; 
7073| } 
7074| 

7075| //- 

| 

7076| 

7077| ULONG GetTimeStamp( WCHAR *ts) { 
7078| ULONG Err=0; 
7079| SYSTEMTIME tNow; 
7080| 

7081| GetLocalTime(&tNow); 

7082| 

7083| 

| swprintf(ts,L"%04u,%02u,%02u,%02u,%02u,%02u",tNow.wYear, 
| tNow.wMonth,tNow.wDay,tNow.wHour,tNow.wMinute,tNow.wSeco 
|nd); 

7084| DEBUG_WRITE(L"»> Creating GetTimeStamp: 

| '%s'\n",ts); 
7085| return Err; 
7086| } 
7087| 

7088| // 



7090| ULONG TestDiskettePath( const WCHAR *dp) 
7091| { 

7092| ULONG Err=0; 

7093| WCHAR TempFileName [256]; 

7094| FILE *TempFile = 0; 

7095| int result = 0; 

7096| 

7097| // Create a temporary file, then erase it, just to 

| see if we can write 

7098| // to the diskette path given . 

7099| wcscpy ( TempFileName, dp ); 

71 00| AppendBackslashlfNeeded (TempFileName); 

71 01 1 wcscat ( TempFileName, L'Vimage.tmp" ); 

71 02| TempFile = _wfopen(TempFileName,L"wt"); 

7103| if ( TempFile ) { 

71 04| DEBUG_WRITE(L"»> Successfully opened test file 



I '%s' forwrite\n", TempFileName); 
71 05| fclose(TempFile); 
7106| TempFile = NULL; 
71 07| result = _wremove (TempFileName); 
7108| if ( result == 0 ) { 

71 09| DEBUG_WRITE(L">» Successfully deleted test 

| file '%s'\n M , TempFileName); 
7110| }else{ 

71 1 1 1 WRITE_ERROR(L"Error: Could not delete test 

| file '%s'\n", TempFileName); 
7112| Err= PSM_ERROR_INVALID_PATH; 

7113| } 
7114| }else{ 

71 1 5| WRITE_ERROR(L"Error: Could not write temporary 

| file to path '%s'\n", dp); 
7116| Err= PSM_ERROR_INVALID_PATH; 
7117| } 

7118| return Err; 

7119|} 

7120| 

7121| // 



7123| #define ENABLE_bprintf ULONG PastLabel= FALSE 
7124| 

71 25| #define bprintf(args) \ 
7126| if((fprintf args) < 0) { 

|\ 

7127| Err=PSM_ERROR_UNSUCCESSFUL; 
|\ 

7128| WRITE_ERROR(L"Error writing to 

| '%sYi M ,BatchFilePath); \ 
7129| if(! Past Label) goto PrintError; 

|\ 

7130| } 
7131| 

7132| #define DISABLE_bprintf PrintError: PastLabel=TRUE 
7133| 

7134| // 



7135| 

7136| WriteBatchFile_AppSets ( 

7137| FILE *BatchFile, 

7138| const WCHAR * const BatchFilePath, 

7139| const tlmageCreationlnfo * const LocationArray, 

7140| ULONG NumLocations ) 

7141| { 

7142| ENABLE_bprintf; 

71 43 1 ULONG Err = 0; // Set by bprintf macro if a 
| write error occurs 



7144| ULONG ParseErr=0; 

7145| SYSTEMTIME now = {0}; 

7146| ULONG LocationNumber = 0; 

7147| WCHAR Server [256]; 

7148| WCHAR ShareOnly [256]; 

71 49| WCHAR RestOf Path [256]; 

7150| WCHAR Drive [16]; 

7151| WCHAR NextRemoteDriveLetter = 'Z'; 

7152| int Logonlndex = -1 ; 

7153| BOOLEAN DidLogonCode = FALSE; 

7154| 

7155| GetLocalTime(&now); 
7156| 

7157| bprintf ((BatchFile, "@echo off\n")); 
7158| bprintf ((BatchFile, "rem call appjogo 

| APP_SETS.BAT ***\n")); 
7159| bprintf ((BatchFile, "rem Set NIC over-ride (blank 

| for auto-detect)\n")); 
7160| bprintf ((BatchFile, "rem SET NETCARD=\n")); 
7161 1 bprintf ((BatchFile, "rem SET NOLOGON=\n")); 
7162| bprintf ((BatchFile, "rem If over-riding NIC, or 

| updating drivers, copy here\n")); 
7163| bprintf ((BatchFile, "rem copy 

| %%RAM D%%\\sys%%N ETCA RD%%. ini 

| %% RAM D%%\\i n i\\sys%%N ETCA R D%% . i n i\n")) ; 
7164| bprintf ((BatchFile, "rem copy 

| %%RAMD%%\\pro%%NETCARD%%.ini 

| %% RAM D%%\\i n i\\pro%%N ETCA R D%% . i n i\n") ) ; 
71 65| bprintf ((BatchFile, "\nREM *** Set context for 

| this application^")); 
7166| 

7167| wcscpy(Drive,L"X:"); 

7168| for ( LocationNumber=0; LocationNumber < 

| NumLocations; ++LocationNumber ) { 
7169| bprintf ((BatchFile, "\nREM *** Settings for 

| backup location %d\n",1+ LocationNumber)); 
7170| ParseErr = ParseServerAndShareFromPath ( 
7171| 

| LocationArray[LocationNumber].Logonlnfo.Path, 
7172| Server, 
7173| ShareOnly, 
7174| RestOf Path ); 

7175| 

7176| if ( ParseErr == 0 ) { 

7177| Drive[0] = NextRemoteDriveLetter--; 

7178| if( 

| !lsAIIWhitespace(LocationArray[LocationNumber].Logonlnfo 

| .Userld) && 
7179| 

| !lsAIIWhitespace(LocationArray[LocationNumber].Logonlnfo 



I Password) && 
7180| NsANWhitespace(Server) ) { 

7181 1 Logonlndex = LocationNumber; // 

| remember the first valid server/user/password combo 
7182| } 
7183| }else{ 

7184| // Looks like a local drive... 

7185| Server[0] = '\0'; 

7186| ShareOnly[0] = '\0'; 

7187| wcscpy ( RestOfPath, 

| LocationArray[LocationNumber].Logonlnfo.Path ); 
7188| if ( RestOfPath[1] == ':' ) { 

7189| Drive[0] = RestOfPath[0]; 

7190| }else{ 
7191| Drive[0] = 'D'; //???? 

7192| } 
7193| } 
7194| 

7195| bprintf ((BatchFile, "SET 

| DRIVE%d=%S\n",1+LocationNumber,Drive)); 
7196| bprintf ((BatchFile, "SET 

| SERVER%d=%S\n",1+LocationNumber,Server)); 
7197| bprintf ((BatchFile, "SET 

| SHARE%d=%S\n",1+LocationNumber,ShareOnly)); 
7198| bprintf ((BatchFile, "SET 

| LOCATION%d=%S\n",1 +LocationNumber,LocationArray[Location 

| Number]. Logonlnfo. Path)); 
7199| } 
7200| 

7201 1 while ( LocationNumber++ < MAX_LOCATIONS ) { 
7202| bprintf ((BatchFile, "\nREM *** Placeholders 

| for backup location %d\n", LocationNumber)); 
7203| bprintf ((BatchFile, "REM SET 

| DRIVE%d=\n",LocationNumber)); 
7204| bprintf ((BatchFile, "REM SET 

| SERVER%d=\n",LocationNumber)); 
7205| bprintf ((BatchFile, "REM SET 

| SHARE%d=\n",LocationNumber)); 
7206| bprintf ((BatchFile, "REM SET 

| LOCATION%d=\n",LocationNumber)); 
7207| } 
7208| 

7209| bprintf ((BatchFile, "\nREM *** Set context for 

I logon\n")); 
7210| if (Logonlndex >= 0 ) { 
721 1 1 // Getting here means we found a valid 

| server/user/password 
721 2| // combo in the list of remote connections. 
7213| 

721 4| ParseErr = ParseServerAndShareFromPath ( 



721 5| LocationArray[Logonlndex].Logonlnfo.Path, 

7216| Server, 

7217| ShareOnly, 

7218| RestOfPath ); 

7219| 

7220| if ( ParseErr == 0 ) { 

7221| WCHAR *p; 

7222| const WCHAR *user; 

7223| const WCHAR *domain; 

7224| WCHAR Buffer[40]; 

7225| DidLogonCode = TRUE; 

7226| p = 

| wcsch r(LocationArray[Logon I ndex] . Logo n I nfo . Userld , L'W) 

I ; 

7227| if(!p) { 

7228| p = 

| wcsch r(LocationArray[Logon I ndex] . Logo n I nfo . Userld , L7) ; 
7229| } 
7230| if(p) { 

7231 1 // user name is in the form 

| "domain\name" 
7232| user=p+1 ; 

7233| 

| wcsncpy(Buffer,LocationArray[Logonlndex].Logonlnfo.Userl 
| d,p-LocationArray[Logonl ndex] .Logonl nfo .Userld) ; 
7234| 

| Buffer[p-LocationArray[Logonlndex].Logonlnfo.Userld]=L'\ 
Iff; 

7235| domain = Buffer; 

7236| } else { 

7237| user = 

| Location Array [Logo n I ndex] . Logo n I nf o . Userl d ; 
7238| domain=NULL; 
7239| } 
7240| 

7241 1 if(domain) { 

7242| bprintf ((BatchFile, "SET 

| DOMAIN=%S\n",domain)); 
7243| bprintf ((BatchFile, "REM SET 

| WORKGROUP=%S\n\n",domain)); 
7244| } else { 

7245| bprintf ((BatchFile, "REM SET 

| DOMAIN=psm-domain\n")); 
7246| bprintf ((BatchFile, "REM SET 

| WORKGROUP=psm-domain\n\n")); 
7247| } 

7248| bprintf ((BatchFile, "SET 

| SERVER=%S\n",Server)); 
7249| bprintf ((BatchFile, "SET 

| USER=%S\n",user)); 



7250| bprintf ((BatchFile, "SET 

| PASS WO RD=%S\n" , Locatio n Array [Logo n I ndex] . Logo n I nf o . Passw 

I ord)); 
7251| } 
7252| } 
7253| 

7254| if ( IDidLogonCode ) { 
7255| DidLogonCode = TRUE; 
7256| bprintf ((BatchFile, "REM SET 

| DOMAIN=psm-domain\n")); 
7257| bprintf ((BatchFile, "REM SET 

| WORKGROUP=psm-domain\n\n")); 
7258| bprintf ((BatchFile, "REM SET 

| SERVER=psm-server\n")); 
7259| bprintf ((BatchFile, "REM SET 

| USER=psm-user\n")); 
7260| bprintf ((BatchFile, "REM SET 

| PASSWORD=psm-password\n")); 
7261| } 
7262| 

7263| bprintf ((BatchFile, "SET 

| NETBIOSNAME=DR%01d%02d%03d\n",(now.wMinute%10),now.wSeco 

| nd,now.wMilliseconds)); 
7264| 

7265| DISABLE_bprintf; 

7266| DEBUG_WRITE(L"»> WriteBatchFile_AppSets returning 

| %08x\n",Err); 
7267| return Err; 
7268| } 
7269| 

7270| // 

| 

7271| 
7272| /* 

7273| WriteBatchFile_AppCopy ( 

7274| FILE *BatchFile, 

7275| const WCHAR * const BatchFilePath, 

7276| const tlmageCreationlnfo * const LocationArray, 

7277| ULONG NumLocations ) 

7278| { 

7279| ENABLE_bprintf; 

7280| ULONG Err = 0; // Set by bprintf macro if a 

| write error occurs 
7281| 

7282| bprintf ((BatchFile, "@echo off\n")); 

7283| bprintf ((BatchFile, "REM *** Ram drive is ready, 

| before file copy, DOS and NET still compressed\n")); 
7284| bprintf ((BatchFile, "SET 

| LOGFILE=%%RAMD%%\\drlog.txt\n")); 
7285| bprintf ((BatchFile, "call APP_LOGO Logging To 



I %%LOGFILE%%\n")); 
7286| 

7287| DISABLE_bprintf; 

7288| DEBUG_WRITE(L"»> WriteBatchFile_AppCopy returning 

| %08x\n",Err); 
7289| return Err; 
7290| } 
7291| 7 
7292| 

7293| //- 



7295| WriteBatchFile_AppDoes ( 

7296| FILE 'BatchFile, 

7297| const WCHAR * const Batch File Path, 

7298| const tlmageCreationlnfo * const Location Array, 

7299| ULONG NumLocations ) 

7300| { 

7301| ENABLE_bprintf; 

7302| ULONG Err = 0; // Set by bprintf macro if a 

| write error occurs 
7303| 

7304| bprintf ((BatchFile, "@ECHO OFF\n")); 

7305| bprintf ((BatchFile, "I F NOT \"%%RESULT%%\"==\"OK\" 

| GOTO FAULTAn")); 
7306| bprintf ((BatchFile, "@rem NOTE: Startup SET'S are 

| NOT available hereAn")); 
7307| bprintf ((BatchFile, "@echo Running Disaster 

| Recovery Program. .An")); 
7308| bprintf ((BatchFile, "%%RAMD%%\n")); 
7309| bprintf ((BatchFile, "cd \\\n")); 
731 0| bprintf ((BatchFile, "dr /auto\n")); 
731 1 1 bprintf ((BatchFile, "goto end\n")); 
7312| bprintf ((BatchFile, ":FAULT\n")); 
731 3| bprintf ((BatchFile, "ECHO Can't run 

| (%%result%%)\n")); 
7314| bprintf ((BatchFile, ":end\n")); 
7315| 

7316| DISABLE_bprintf; 

731 7| DEBUG_WRITE(L"»> WriteBatchFile_AppDoes returning 

| %08x\n",Err); 
7318| return Err; 
7319| } 
7320| 

7321 1 // 

I 

7322| 

7323| WriteBatchFile_AppLogo ( 

7324| FILE 'BatchFile, 

7325| const WCHAR * const BatchFilePath, 



7326| const tlmageCreationlnfo * const LocationArray, 
7327| ULONG NumLocations ) 

7328| { 

7329| ENABLE_bprintf; 

7330| ULONG Err = 0; // Set by bprintf macro if a 

| write error occurs 
7331| 

7332| bprintf ((Batch File, M @echo off\n M )); 

7333| bprintf ((Batch File, M echo *** %%1 %%2 %%3 %%4 %%5 

| %%6 %%7 %%8 %%9 »%%LOGFILE%%\n")); 

7334| bprintf((BatchFile, M cls\n")); 

7335| bprintf ((Batch File,"echo 
| \ n .. )); 

7336| bprintf ((Batch File,"echo Disaster 

| Recovery\n")); 
7337| // bprintf ((Batch File,"echo Version 

| XX.YY.ZZXn")); 
7338| bprintf ((Batch File, M echo Copyright (c) 2001 , CDP, 

| IncAn")); 

7339| bprintf ((Batch File, M echo www.cdp.com\n M )); 

7340| bprintf ((Batch File, M echo 
I \ n .. )); 

7341 1 bprintf ((Batch File, M echo *** %%1 %%2 %%3 %%4 %%5 

| %%6 %%7 %%8 %%9\n")); 
7342 1 

7343| DISABLE_bprintf; 

7344| DEBUG_WRITE(L">» WriteBatchFile_AppLogo returning 

| %08x\n",Err); 
7345| return Err; 
7346| } 
7347| 

7348| // 



7350| /* 

7351 1 WriteBatchFile_AppOkay ( 

7352| FILE *BatchFile, 

7353| const WCHAR * const BatchFilePath, 

7354| const tlmageCreationlnfo * const LocationArray, 

7355| ULONG NumLocations ) 

7356| { 

7357| ENABLE_bprintf; 

7358| ULONG Err = 0; // Set by bprintf macro if a 

| write error occurs 
7359| 

7360| bprintf((BatchFile, M @ECHO OFF\n")); 

7361 1 bprintf ((Batch File, M echo *** APP_OKAY.BAT ***\n")); 

7362| bprintf ((Batch File, M echo *** APP_OKAY.BAT 

| ***»%%LOGFILE%%\n M )); 
7363| 



7364| DISABLE_bprintf; 

7365| DEBUG_WRITE(L M »> WriteBatchFile_AppOkay returning 

| %08x\n",Err); 
7366| return Err; 
7367| } 
7368| 7 
7369| 

7370| // 

| 

7371| 

7372| ULONG GenAppBatchFile ( 

7373| const WCHAR * const DestPath, 

7374| const WCHAR * const BatchFileName, 

7375| BATCHFILEWRITERFUNC WriteBatchFile, 

7376| const tlmageCreationlnfo * const LocationArray, 

7377| ULONG Num Locations ) 

7378| { 

7379| ULONG Err = 0; 

7380| FILE *BatchFile = NULL; 

7381 1 WCHAR BatchFilePath[256]; 

7382| int CloseResult = 0; 

7383| 

7384| wcscpy ( BatchFilePath, DestPath ); 
7385| AppendBackslashlf Needed ( BatchFilePath ); 
7386| wcscat ( BatchFilePath, BatchFileName ); 
7387| DEBUG_WRITE(L"»> GenAppBatchFile: 

| BatchFilePath='%s'\n",BatchFilePath); 
7388| 

7389| BatchFile = _wfopen(BatchFilePath,L"wt"); 

7390| if ( BatchFile ) { 

7391 1 Err = (*WriteBatchFile) (BatchFile, 

| BatchFilePath, LocationArray, NumLocations); 
7392| CloseResult = fclose(BatchFile); 
7393| if ( Err==0 && CloseResult!=0 ) { 
7394| WRITE_ERROR(L"Error closing batch file 

| '%s'\n",BatchFilePath); 
7395| Err = PSM_ERROR_UNSUCCESSFUL; 

7396| } 

7397| BatchFile = NULL; 
7398| } else { 

7399| WRITE_ERROR(L"Error opening batch file '%s' for 

| write\n M ,BatchFilePath); 
7400| } 
7401| 

7402| DEBUG_WRITE(L">» GenAppBatchFile: returning 

| %08x\n",Err); 
7403| return Err; 
7404| } 
7405| 

7406| // 



I 

7407| 

7408| ULONG Ge ne rate RecoveryD is ketteApp Files ( const WCHAR * 

| const _DestPath ) 
7409| { 

7410| ULONG Err =0; 
741 1 1 ULONG LocationErr = 0; 
741 2| ULONG Location Index = 0; 
741 3| ULONG NumLocations = 0; 
741 4| WCHAR DestPath [256]; 
741 5| WCHAR BackupName [64]; 
741 6| WCHAR ImageName [256]; 

741 7| tlmageCreationlnfo LocationArray [MAX_LOCATIONS] = 
|{0}; 

7418| HKEY Key = INVALID_HANDLE_VALUE; 

741 9| ULONG BatchFilelndex = 0; 

7420| 

7421 1 struct sBatchFileEntry { 

7422| BATCH FILE WRITER FUNC WriterFunc; 
7423| const WCHAR * const BatchFileName; 
7424| } Batch FileArray[] = { 

7425| { WriteBatchFile_AppSets, L"app sets . bat" }, 

7426| // { WriteBatchFile_AppCopy, L"app_copy.bat" }, 
7427| { WriteBatchFile_AppDoes, L"app_does.bat" }, 
7428| { WriteBatchFile_AppLogo, L"app_logo.bat" }, 
7429| // { WriteBatchFile_AppOkay, L"app_okay.bat" }, 
7430| { NULL, NULL } // marks end of list 
7431| }; 
7432| 

7433| wcscpy ( DestPath, _DestPath ); 
7434| AppendBackslashlfNeeded (DestPath); 
7435| wcscat ( DestPath, L"app\\" ); 
743 6 1 _wm kd i r ( DestPath) ; 

7437| DEBUG_WRITE(L">» Gene rate RecoveryDisketteApp Files: 

| DestPath='%s'\n", DestPath); 
7438| 

7439| Err = RegOpenKeyExW( 

7440| H KE Y_LOC AL_M ACH I N E, // handle of open key 
7441 1 BackupRegistryPath, // address of name of 

| subkey to open 
7442| 0, // reserved 

7443| KEY READ, // security access mask 

7444| &Key ); // address of handle of 

| open key 
7445| 

7446| if ( Err == 0 ) { 

7447| ULONG DataSize = sizeof(lmageName); 
7448| Err = RegQueryValueExW( 
7449| Key, // handle of key to 

| query 



7450| U'lmageName", // address of name 

| of value to query 
7451| NULL, //reserved 

7452| NULL, // address of 

| buffer for value type 
7453| (char*)lmageName, // address of data 

| buffer 

7454| &DataSize ); // address of data 

| buffer size 
7455| 

7456| if ( Err == 0 ) { 

7457| for ( Locationlndex=1 ; Locationlndex <= 

| MAX_LOCATIONS; ++Locationlndex ) { 
7458| swprintf ( BackupName, L"Backup%d", 

| Locationlndex ); 
7459| LocationErr = GetSettingsForBackup ( 

| Key, BackupName, &LocationArray[NumLocations] ); 
7460| if ( LocationErr == 0 ) { 

7461| if ( MsAIIWhitespace 

| (LocationArray[NumLocations].Logonlnfo.Path) ) { 
7462| AppendBackslashlfNeeded ( 

| LocationArray[NumLocations].Logonlnfo.Path ); 
7463| wcscat ( 

| LocationArray[NumLocations].Logonlnfo.Path, ImageName 

I); 

7464| DEBUG_WRITE(L">» 

| GenerateRecoveryDisketteAppFiles: path %d = 

| '%s'\n",1+NumLocations,LocationArray[NumLocations]. Logon 

| Info. Path); 

7465| 

| LocationArray[NumLocations].LocationNumber = 

| Locationlndex; 
7466| ++NumLocations; 
7467| } 
7468| } 
7469| } 
7470| 

7471 1 if ( Num Locations > 0 ) { 

7472| for ( BatchFilelndex=0; Err==0 && 

| BatchFileArray[BatchFilelndex].WriterFunc; 

| ++BatchFilelndex ) { 
7473| Err = GenAppBatchFile ( 

7474| DestPath, 
7475| 

| BatchFileArray[BatchFilelndex].BatchFileName, 
7476| 

| BatchFileArray[BatchFilelndex].WriterFunc, 
7477| Location Array, 

7478| NumLocations ); 

7479| } 



7480| 

7481| if ( Err == 0 ) { 

7482| DEBUG_WRITE(L"»> 

| GenerateRecoveryDisketteAppFiles: All batch files 

| created successfully\n M ); 
7483| } 
7484| } else { 

7485| WRITE_ERROR(L"Error: Could not find 

| any valid backup locations in registryAn"); 
7486| Err = PSM_ERROR_UNSUCCESSFUL; 

7487| } 
7488| } else { 

7489| WRITE_ERROR(L"Error %08x getting value of 

| 'ImageName' from registry key 
| '%s'\n M , Err, BackupRegistry Path); 



7490| } 
7491| 

7492| RegCloseKey(Key); 

7493| Key = INVALIDHANDLEVALUE; 

7494| } else { 

7495| WRITE_ERROR(L"Error %08x getting backup 



| registry settings.\n",Err); 
7496| } 
7497| 

7498| DEBUG_WRITE(L M GenerateRecoveryDisketteAppFiles 

| returning %08x\n",Err); 
7499| return Err; 
7500| } 
7501| 

7502| // 

| 

7503| 

7504| ULONG CreateRecoveryDiskette (void) 
7505| { 

7506| ULONG Err = 0; 

7507| ULONG DataSize=256; 

7508| WCHAR w Recovery Path[256]={0}; 

7509| WCHAR wts[256]={0}; 

7510| WCHAR wTmpStr[256]={0}; 

751 1 1 struct _wfinddatai64_t FindData={0}; 

7512| long hFile=0; 

7513| DWORD Recovery Result=PSM_ERROR_UN SUCCESSFUL; 

7514| HKEY Key = INVALID_HANDLE_VALUE; 

7515| ULONG StringLength = 0; 

751 6| const WCHAR * const TailPattern = U'ss.exe"; 

751 7| const ULONG TailPatternLength = 

| wcslen(TailPattern); 
7518| tRemoteLogonlnfo RemoteLogonlnfo = {0}; 
7519| tLocal Logon Info LocalLogonlnfo = {0}; 
7520| 



7521 1 // open the registry 
7522| Err = RegOpenKeyExW( 

7523| H KEY_LOCAL_M ACH I N E, // handle of open key 
7524| BackupRegistryPath, // address of name of 

| subkey to open 
7525| 0, // reserved 

7526| KEY_READ, // security access mask 

7527| &Key); // address of handle of 

| open key 
7528| 

7529| if ( Err == 0 ) { 

7530| LocalLogonCheck (&LocalLogonlnfo); 
7531| 

7532| // Get The Backup Initiator Path 
7533| DataSize = sizeof(wRecoveryPath); 
7534| Err = RegQueryValueExW( 
7535| Key, // handle of key to 

I query 

7536| L"Backuplnitiator", // address of name 

| of value to query 
7537| NULL, // reserved 

7538| NULL, // address of 

| buffer for value type 
7539| (char*)wRecoveryPath, // address of data 

| buffer 

7540| &DataSize ); // address of data 

| buffer size 
7541| 

7542| RegCloseKey(Key); // Closes Backup Key 
7543| Key = INVALID_HANDLE_VALUE; 
7544| 

7545| if (Err == 0 ) { 

7546| // Setup Path to Recovery Diskette 

| Directory 
7547| 

7548| // We figure out the path to the recovery 

| diskette image based on 
7549| // the path to the Backuplnitiator. In 

| other words, the RecoveryDiskette 
7550| // subdirectory must be in the same place 

| as ss.exe. 
7551| 

7552| wcscpy (wTmpStr, wRecoveryPath); 

7553| StringLength = ExpandEnvironmentStringsW 

| (wTmpStr,wRecoveryPath,sizeof(wRecoveryPath)/sizeof(wRec 

| overyPath[0])); 

7554| DEBUG_WRITE(L">» ExpandEnvironmentStringsW 

| returned %d, 

| wRecoveryPath='%s'\n",StringLength,wRecoveryPath); 
7555| if ( StringLength>TailPatternLength && 



I _wcsicmp(&wRecoveryPath[StringLength-TailPatternLength-1 

| ],TailPattern)==0 ) { 
7556| --StringLength; // we don't want 

| null terminator included in the length 
7557| 

| wRecoveryPath[StringLength-TailPatternLength]='\0'; 
7558| 

| wcscat(wRecoveryPath,L"RecoveryDiskette\V); 
7559| DEBUG_WRITE(L">» Obtained diskette 

| path '%s' from registry value 

| '%s'\n M ,wRecoveryPath,wTmpStr); 
7560| 

7561 1 // Open Diskette SubKey 

7562| wcscpy(wTmpStr,BackupRegistryPath); 

7563| wcscat(wTmpStr,L" Diskette"); 

7564| Err = RegOpenKeyExW( 

7565| H KE Y_LOC AL_M ACH I N E, //handle 

| of open key 
7566| wTmpStr, // address 

| of name of subkey to open 
7567| 0, // reserved 

7568| KEYREAD, // security 

| access mask 
7569| &Key); //address 

| of handle of open key 
7570| 

7571| DataSize = 

| sizeof(RemoteLogonlnfo.Path); 
7572| if (Err == 0) { 

7573| Err = RegQueryValueExW( 

7574| Key, // 

| handle of key to query 
7575| U'DiskettePath", // 

| address of name of value to query 
7576| NULL, // 

| reserved 

7577| NULL, // 

| address of buffer for value type 
7578| (char*) RemoteLogon Info. Path, 

| // address of data buffer 
7579| &DataSize ); // 

| address of data buffer size 
7580| 

7581| if (Err==0) { 

7582| RegCloseKey(Key); // Closes 

| Diskette SubKey 
7583| Err = 

| GetSettingsForRecoveryDisketteCreation ( 

| &RemoteLogonlnfo ); 
7584| if ( Err == 0 ) { 



7585| Err = RemoteLogonCheck 

| (&RemoteLogonlnfo); 
7586| if ( Err == 0 ) { 

7587| Err = 

| TestDiskettePath(RemoteLogonlnfo.Path); 
7588| if (Err == 0) { 

7589| 

| Err=TestDiskettePath(wRecoveryPath); 
7590| if (Err==0) { 

7591| 

| Err=GetTimeStamp(wts); 
7592| UpdateTimeStamp 

| ( wTmpStr, U'LastUpdate", wts ); 
7593| 

| UpdateBackupStatus( wTmpStr, LTastUpdateResult", 

| PSM_RUNNING); 
7594| // Copy 

| Recovery Files 
7595| Err = 

| CopyAIIFilesAndDirectory ( wRecoveryPath, 

| RemoteLogonlnfo.Path ); 
7596| if (Err ==0) { 

7597| Err = 

| Generate Recovery DisketteAppFiles ( RemoteLogonlnfo.Path 

I); 

7598| if ( Err == 

|0){ 
7599| 

| RecoveryResult=PSM_OPERATION_SUCCESSFUL; 
7600| } 
7601| } 
7602| // Write RESULT 

| to Diskette SubKey 
7603| 

| UpdateBackupStatus ( wTmpStr, L"PathStatus", 
| PSM_VALID_PATH ); 
7604| 

| UpdateBackupStatus ( wTmpStr, L"LastUpdateResult", 

| RecoveryResult ); 
7605| } // End If Not a 

| Valid Recovery Path 
7606| else { 

7607| 

| UpdateBackupStatus ( wTmpStr, U'PathStatus", 
| PSM_VALID_PATH); 
7608| 

| UpdateBackupStatus ( wTmpStr, U'LastUpdateResult", 

| PSM_ERROR_INVALID_PATH ); 
7609| } 
7610| 



761 1 1 RemoteLogoff ( 

| &Remotel_ogonlnfo ); 
7612| } 
7613| else{ 
761 4| UpdateBackupStatus 

| (wTmpStr, U'PathStatus", Err); 
761 5| UpdateBackupStatus 

| (wTmpStr, U'LastUpdateResult", Recovery Result ); 
7616| } 
7617| }else{ 
7618| WRITE_ERROR(L"FAIL: 

| Error %08x connecting to diskette destination 

| '%s'\n", Err, RemoteLogon Info. Path) ; 
7619| UpdateBackupStatus ( 

| wTmpStr, U'PathStatus", Err ); 
7620| UpdateBackupStatus ( 

| wTmpStr, L"LastUpdateResult", Recovery Result ); 
7621| } 
7622| } else { 

7623| WRITE_ERROR(L M FAIL: Error 

| %08x getting registry settings for remote 

| logon\n",Err); 
7624| } 

7625| } // End if Registry Could Read 

| Diskette Path 
7626| else { 

7627| RegCloseKey(Key); // Closes 

| Diskette SubKey 
7628| WRITE_ERROR(L"FAIL: Couldn't 

| Access Diskette Path An"); 
7629| } 

7630| } // End if Valid Diskette SubKey 

7631| else{ 

7632| WRITE_ERROR(L"FAIL: Couldn't Access 

| Diskette Registry SubKeyAn"); 
7633| } 

7634| } // End if StringLength > 

| TailPatternLength 
7635| else { 

7636| WRITE_ERROR(L"FAIL: Invalid 

| Backuplnitiator registry value '%s'\n", wTmpStr); 
7637| Err = PSM_ERROR_INVALID_PARAMETER; 

7638| } 

7639| } // End if Valid Backup Initiator Key Read 
7640| else { 

7641 1 WRITE_ERROR(L"FAIL: Could not access 

| Backuplnitiator value in key '%s'\n", 

| BackupRegistryPath); 
7642| } 
7643| 



7644| LocalLogoff (&LocalLogonlnfo); 

7645| } // End if Could Open Backup Registry Key 

7646| else { 

7647| WRITE_ERROR(L"FAIL: Couldn't Access Backup 

| Registry Key.\n M ); 
7648| } 

7649| if (RecoveryResult==PSM_OPERATION_SUCCESSFUL) { 
7650| WRITE(L"Recovery diskette creation 

| CompletedAn"); 
7651| } 
7652| else { 

7653| WRITE_ERROR(L"Recovery diskette creation 

| FailedAn"); 
7654| } 
7655| 

7656| return Err; 

7657| } 

7658| 

7659| /*— end of file vimage.c —7 

7660| 

7661| 

7662| 

7663| File Listing: File: vimage.h 
7664| 

7665| #define DR_BACKUP_SUPPORTED 1 
7666| 

7667| // 

| 

7668| // Volume Image Chunk Types... 
7669| #define VICT_UNDEFINED 0 
7670| #define VICT_START 1 
7671 1 #define VICT GRANULE 2 
7672| #define VICT_FINISH 3 
7673| #define VICT_PARTITION_INFO 4 
7674| 

7675| // Volume Image Internal Chunk Types 

7676| // If VICTRESERVEDBIT is set in a chunk type, it 

| means that the chunk type 
7677| // is for internal chunk file management and should not 

| be used by anything else. 
7678| #define VICT_RESERVED_BIT 0x8000 
7679| #define VICT_BEGIN_CONTINUATION (VICT RESERVED BIT 

IM) 

7680| #define VICT_END_CONTINUATION (VICT_RESERVED_BIT 

I I 2) 
7681| 

7682| // 



7683| #define VI_COMPRESS_UNDEFINED 
7684| #define VI_COMPRESS_NONE 1 



7685| #define VI_COMPRESS_ALL_BYTES_SAME 2 
7686| 

7687| // 

| 

7688| 

7689| #define VO L I M AG EM AXU S E R_D ATA 20 
7690| 

7691 1 typedef struct sVolumelmage_ChunkPrefix { 
7692| 

| // 



7693| // The following checksums *MUST* remain at the 

| beginning of the structure! 
7694| ULONG PrefixChecksum; //checksum of 

| prefix, starting after ChunkChecksum 
7695| ULONG ChunkChecksum; // checksum of data 

| after the prefix 

7696| 

| // 



7698| ULONG ChunkType; 

7699| ULONG Prefix Size In Bytes; // 

| sizeof(tVolumelmage_ChunkPrefix) 
7700| ULONG ChunkSizelnBytes; //size 

| of data following this prefix 
7701| ULONG U se r D ata [ VO L I M AG EM AXU S E R_D ATA] ; //may 

| be used on a per chunk type basis 
7702| ULONG CumulativeChecksum; //the 

| XOR of all non-continuation prefix checksums before 

| this chunk in backup set 
7703| ULONG ChunkNumber; // 

| ordinal number of this chunk in the backup set, 

| starting at 1 
7704| ULONG Reserved [5]; // 

| reserved for internal chunk use 
7705| } tVolumelmage_ChunkPrefix, *pVolumelmage_ChunkPrefix; 
7706| 

7707| typedef struct sVolumelmage_Chunk { 

7708| tVolumelmage_ChunkPrefix Prefix; 

7709| char Data[0]; 

7710| } tVolumelmage_Chunk, *pVolumelmage_Chunk; 

7711| 

7712| // 



7713| 

7714| ULONG UpdateEngineStatus ( ULONG Status ); // updates 

| psman5\Backup\EngineStatus reg value 
7715| 

7716| ULONG DoVolumelmageBackup ( 



7717 
7718 
7719 
7720 
7721 

I- 
7722 

7723 
7724 
7725 
7726 
7727 
7728 
7729 
7730 



7731 
7732 
7733 
7734 
7735 
7736 
7737 
7738 
7739 
7740 
7741 
7742 
7743 
7744 
7745 
7746 
7747 
7748 
7749 
7750 
7751 



7753 
7754 
7755 
7756 
7757 
7758 
7759 
7760 
7761 
7762 
7763 



const WCHAR *VolumeName, 

const WCHAR *OriginalVolumeName, 

PVOID AbortEvent); 



ULONG TestlmageBackup ( 
const WCHAR *BackupPath, 
BOOLEAN QuickTestOnly ); 

ULONG CreateRecoveryDiskette (void); 
ULONG TestBackupPaths (void); 



//- 



#define CHECKSUM IGNORE DWORD 0xf5e4d3c1 



ULONG CalculateChecksum ( 
ULONG DataSizelnBytes, 
const void *DataBuffer ); 

BOOLEAN ValidateChecksum ( 
ULONG DataSizelnBytes, 
const void *DataBuffer, 
ULONG StoredChecksum ); 

/*— end of file vimage.h —7 



File Listing: File: vimage.inc 

I* 



Source code included by ss.c to either define or 
| stub out DoSnapShotBackup function. 
7752 | * 

7 



int DoSnapShotBackup ( const WCHAR *VolumeName ) 
{ 

int Err = 0; 

SECURITY ATTRIBUTES sa={0}; 
PSECURITY_DESCRIPTOR sd={0}; 
HANDLE EventHandle = I N VAL I D_H AN DL E VALU E ; 
ULONG EventResult = 0; 

sd = 



I GetSecuritySD(FALSE,EVENT_ALL_ACCESS,EVENT_ALL_ACCESS,0) 



7764| if(!sd) { 

7765| Err = GetLastErrorQ; 

7766| WRITE_ERROR(L"Error %08x getting 

| security\n",Err); 
7767| return Err; 



7768| } 
7769| 

7770| sa.nLength = sizeof(SECURITY_ATTRIBUTES); 
7771 1 sa.blnheritHandle = FALSE; 
7772| sa.lpSecurityDescriptor = sd; 
7773| 

7774| EventHandle = CreateEventW ( &sa, TRUE, FALSE, 
7775| 

| L"Global\\PersistentStorageManager_DisasterRecovery_Back 
I up" ); 
7776| 

7777| EventResult = GetLastError(); 
7778| 

7779| if ( EventHandle == NULL ) { 

7780| if ( EventResult == ERROR_ACCESS_DENIED ) { 
7781 1 WRITE_ERROR(L"Error: A backup is already 

| in progress on this machine\n"); 
7782| Err = PSM_BACKUP_ALREADY_IN_PROGRESS; 

7783| } else { 

7784| WRITE_ERROR(L"Error: Could not create 

| backup event (%08x)\n M , EventResult); 
7785| } 

7786| Err = EventResult; 
7787| } else { 

7788| if ( EventResult == ERROR_ALREADY_EXISTS ) { 
7789| Err = PSM_BACKUP_ALREADY_IN_PROGRESS; 

7790| WRITE_ERROR(L"Error: A backup is already 

| in progress on this machine\n M ); 
7791 1 DEBUG_WRITE(L">» (Backup event was already 

|set.)\n"); 
7792| } else { 

7793| if ( VolumeName[0] && !VolumeName[1] ) { 

7794| // If it's a single-letter name, assume 

| it's a drive to take a snapshot of... 
7795| swprintf ( lnVolumeMapData[0], 

| L"%c:\\", toupper(VolumeName[0]) ); 
7796| if ( 

| !Psm_CanBePSMedW(lnVolumeMapData[0]) ) { 
7797| Err = 1 ; 

7798| WRITE_ERROR(L"Volume '%s' cannot be 

| PSMed\n",lnVolumeMapData[0]); 
7799| } else { 

7800| 



7801| InVolumeMapfO] = 

| lnVolumeMapData[0]; 
7802| VolumeMapFlags[0] = PSM_VOLUME_MAP; 

7803| NumVolumes = 1 ; 

7804| 
7805| 

| memset(&ln,0,sizeof(tOpenTransactionlnPersistentW)); 
7806| 

7807| ln.Size = 

| sizeof(tOpenTransactionlnPersistentW); 
7808| Err = 

| GetSnapShotCreationFlags(SnapShotFlags, &ln. Flags); 
7809| if ( Err == 0 ) { 

781 0| In.CallerPrivateUse = 

| (PVOID)GroupNumber; 
7811| In.NumToKeep 

| NumToKeep; 
7812| 

781 3| // this is the snapshot name or 

| L"" if none 

781 4| wcscpy(ln.SnapShotName,L"System 

| Backup"); 
7815| 

781 6| // not used 

7817| In.ErrorEvent = NULL; 

7818| 

781 9| // set event so they can cancel 

| waiting for q period 
7820| // pass in a null dacl so 

| anyone can access it, otherwise 
7821 1 // passing in null, gives it 

| "default" which doesnt allow normal users 
7822| // also, create in the global 

| namespace instead of the session namespace 
7823| AbortEvent = In.AbortEvent = 

| CreateEvent( &sa, TRUE, FALSE, 

| TEXT("Global\\PSM_Backup_Abort_Event")); 
7824| 

7825| // Set our Control - C handler 

7826| wcscpy(AbortMessage,L", 

| cancelling creation of snapshotAn"); 
7827| SetConsoleCtrlHandler( 

| (PHANDLER_ROUTINE)CtrlHandlerRoutine, TRUE ); 
7828| 

7829| In. Priority = (unsigned 

| char)PRIORITY_HIGHEST; 
7830| In.SnapShotFlags = 

| SnapShotFlags; 
7831| 

7832| OutVolumeMapByteSize = 32768; 



7833| OutVolumeMap = 

| malloc(OutVolumeMapByteSize); 
7834| if(OutVolumeMap) { 

7835| WRITE(L M Creating snapshot 

| for backup... \n M ); 
7836| UpdateEngineStatus 

| (PSM_CREATING_SNAPSHOT); 
7837| Snapshot = NULL; 

7838| Err = Psm_CreateSnapShotW( 

7839| 

| (pOpenTransactionlnW)&ln, 



7840| 


NumVolumes, 


7841| 


InVolumeMap, 


7842| 


VolumeMapFlags, 


7843| 


OutVolumeMapByteSize, 


7844| 


OutVolumeMap, 


7845| 


&Out, 


7846| 


&SnapShot, 


7847| 


NULL, 


7848| 


NULL ); 


7849| 




7850| 


if(!Err) { 


7851| 


if ( Snapshot ) { 


7852| 


WRITE(L"Snapshot 



| %08x created successfully\n",(ULONG)SnapShot); 
7853| WRITE(L'"%s' = 

| , %s'\n",lnVolumeMap[0],OutVolumeMap[0]); 
7854| 

| wcscpy(AbortMessage,L", cancelling backupAn"); 
7855| Err = 

| DoVolumelmageBackup 

| (OutVolumeMap[0],lnVolumeMapData[0],AbortEvent); 
7856| UpdateEngineStatus 

| ( PSM_DESTROYING_SNAPSHOT ); 
7857| 

| DeleteExistingSnapShot ( (ULONG)SnapShot ); 
7858| } else { 

7859| 

| WRITE_ERROR(L"lnternal error: SnapShot==NULL after 

| Psm_CreateSnapShotW returned 0\n"); 
7860| } 
7861 1 } else { 

7862| WRITE_ERROR(L"Error 

| %08x creating snapshot\n",Err); 
7863| } 
7864| 

7865| free(OutVolumeMap); 
7866| OutVolumeMap = NULL; 

7867| } else { 

7868| WRITE_ERROR(L"Out of 



I memory\n"); 

7869| Err = ERROR_OUTOFMEMORY; 

7870| } 

7871| 

7872| if(AbortEvent) { 

7873| CloseHandle(AbortEvent); 

7874| AbortEvent = 

| INVALID_HANDLE_VALUE; 
7875| } 
7876| } else { 

7877| WRITE_ERROR(L"Error: Invalid 

| snapshot creation flagsAn"); 
7878| } 
7879| 

7880| if(Err) { 

7881 1 PrintWin32Error(Err); 

7882 | } 

7883| } 

7884| } else { 

7885| // Assume they directly want to back up 

| a volume, not via a snapshot... 
7886| // set event so they can cancel waiting 

| for q period 

7887| // pass in a null dacl so anyone can 

| access it, otherwise 
7888 1 // passing in null, gives it "default" 

| which doesnt allow normal users 
7889| // also, create in the global namespace 

| instead of the session namespace 
7890| AbortEvent = CreateEvent( &sa, TRUE, 

| FALSE, TEXT("Global\\PSM_Backup_Abort_Event")); 
7891| 

7892| // Set our Control - C handler 

7893| wcscpy(AbortMessage,L", cancelling 

| backupAn"); 
7894| SetConsoleCtrlHandler( 

| (PHANDLERROUTINE)CtrlHandlerRoutine, TRUE ); 
7895| Err = DoVolumelmageBackup (VolumeName, 

| VolumeName, AbortEvent); 
7896| if(AbortEvent) { 

7897| CloseHandle(AbortEvent); 
7898| AbortEvent = INVALIDHANDLEVALUE; 

7899| } 
7900| if(Err) { 

7901 1 PrintWin32Error(Err); 
7902| } 
7903| } 
7904| } 

7905| CloseHandle (EventHandle); 
7906| EventHandle = NULL; 



7907 
7908 
7909 
7910 
7911 
7912 
7913 
7914 
7915 
7916 
7917 
7918 
7919 
7920 
7921 



| up to three local hard drives or network share volumes. 



I- 
7922 
7923 
7924 
7925 
7926 
7927 
7928 
7929 
7930 
7931 
7932 
7933 
7934 
7935 
7936 
7937 
7938 
7939 
7940 
7941 
7942 
7943 
7944 
7945 
7946 
7947 
7948 
7949 
7950 
7951 
7952 
7953 
7954 



} 

if(sd) { 

LocalFree(sd); 

} 

UpdateEngineStatus (PSMJDLE); 
return Err; 



PSM Disaster Recovery Backup Source 



Backup creates an image of the current system volume on 



LPW 

File Listing: drbackup.c 

I* 

* This is the main source file for drbackup.dll, 

* the PSM Disaster Recovery Backup module. 

7 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 
#include <assert.h> 
#define ASSERT assert 

#include <winioctl.h> 

#include <undoc.h> 

// psm api 

#include <psm.h> 

// ioctls we need to send down 

#include "..\..\driver\ioctl.h" 

#include "volume. h" 

#include "defrag.h" 



7955 
7956 
7957 
7958 
7959 
7960 
7961 
7962 
7963 
7964 
7965 
7966 
7967 
7968 
7969 
7970 
7971 
7972 
7973 
7974 
7975 
7976 
7977 
7978 
7979 
I- 
I- 
7980 
7981 
7982 
7983 
7984 
7985 
7986 
I- 

I- 
7987 

7988 
7989 
7990 
I- 
I- 
7991 
7992 



7993 
7994 
7995 
7996 
7997 



#include <mountdev.h> 
#include <ntddstor.h> 
#include <ntddvol.h> 
#include <aclapi.h> 
#include <clusapi.h> 

#include "setup5.h" 
#include "setup4.h" 
#include "service. h" 
#include "cluster.h" 

#ifdef DEBUG 

#define STATIC 
#else 

#define STATIC static 
#endif 

#define STATUS_SUCCESS ((ULONG)O) 
#ifdef WIN32 

#define DLLEXPORT declspec( dllexport ) 

#define DLLIMPORT declspec( dllimport ) 

#endif 



II- 



typedef struct sThreadStorage { 
HINSTANCE hlnstance; 
DWORD fdwReason; 

} tThreadStorage, *pThreadStorage; 



II- 



STATIC DWORD Tlslndex = Oxffffffff; 

/I 



STATIC void InitThreadLocalStorage ( pThreadStorage 



| ThreadStorage ) 



{ 

memset (ThreadStorage, 0, sizeof(tThreadStorage)); 

} 



//- 



I 



7999| r 

8000| When a process uses load-time linking with this DLL, 

| the entry-point 
8001 1 function is sufficient to manage the thread local 

| storage. Problems can 
8002| occur with a process that uses run-time linking because 

| the entry-point 
8003| function is not called for threads that exist before 

| the LoadLibrary 
8004| function is called, so TLS memory is not allocated for 

| these threads. 

8005| The following example solves this problem by checking 

| the value returned 
8006| by the TIsGetValue function and allocating memory if 

| the value indicates 
8007| that the TLS slot for this thread is not set. 
8008| 7 

8009| STATIC pTh read Storage GetThreadStorage() 
8010| { 

801 1 1 pThreadStorage ThreadStorage = (pThreadStorage) 

| TlsGetValue(Tlslndex); 
8012| 

801 3| // If NULL, allocate memory for this thread. 
8014| 

801 5| if (ThreadStorage == NULL) { 

801 6| ThreadStorage = LocalAlloc(LPTR, 

| sizeof(tThreadStorage)); 
801 7| if ( ThreadStorage ) { 
801 8| TlsSetValue(Tlslndex, ThreadStorage); 

8019| InitThreadLocalStorage (ThreadStorage); 

8020| } 
8021| } 

8022| return ThreadStorage; 

8023| } 

8024| 

8025| // 

| 
| 

8026| 

8027| STATIC WCHAR NibbleToHexWChar( unsigned char In, 

| BOOLEAN TakeUpper ) 
8028| { 

8029| In = TakeUpper?(ln » 4):(ln & Oxf); 

8030| return (WCHAR)( ( In > 9 )?(ln - 10 + 'a'):(ln + 

I '0') ); 
8031| } 
8032| 



8033| 

8034| STATIC ULONG BufferToHexWChar( PVOID Buffer, ULONG 

| NumBytes, PWCHAR Out, ULONG *OutSize) 
8035| { 

8036| ULONG Status = 0; 
8037| ULONG i; 

8038| unsigned char *ln = (unsigned char*) Buffer; 
8039| 

8040| //Round to take whole number of D_words 

8041 1 NumBytes = (NumBytes+3)/4*4; 

8042| 

8043| if (Out==NULL) { 

8044| *OutSize = (NumBytes*2+1)*sizeof(WCHAR); 

8045| } else { 

8046| if fOutSize < 2) { 

8047| // just give back bad status as not room to 

| put even an empty string 
8048| Status = ERROR_INSUFFICIENT_BUFFER; 

8049| 

8050| } else { 
8051| 

8052| if ((NumBytes*2+1 )*sizeof(WCHAR) > *OutSize 

l){ 

8053| //not enough room for all we have pack 

| the limit and give bad status 
8054| NumBytes = 

| (*OutSize/sizeof(WCHAR)-1)/2; 
8055| Status = ERROR_BUFFER_OVERFLOW; 

8056| } 

8057| *OutSize = (NumBytes*2+1)*sizeof(WCHAR); 

8058| 

8059| for (i=0;i<NumBytes;ln++,i++,Out+=2) { 

8060| Out[0] = NibbleToHexWChar(ln[0],1); 

8061 1 Out[1] = NibbleToHexWChar(ln[0],0); 

8062| } 

8063| Out[0] = L'\0'; 

8064| } 

8065| } 

8066| return Status; 

8067| } 

8068| 

8069| 

8070| 

8071 1 STATIC ULONG GetVolumeldentifiers ( 
8072| const WCHAR *OriginalVolumeName, 
8073| HANDLE VolumeHandle, 
8074| DWORD *SerialNumber, 
8075| DWORD *Uniqueld ) 
8076| { 

8077| ULONG Err = 0; 



8078| BOOL ReadGood = GetVolumelnformationW ( 
8079| OriginalVolumeName, // root directory 
8080| NULL, // volume name buffer 

8081| 0, // length of name 

| buffer 

8082| SerialNumber, //volume serial number 
8083| NULL, // maximum file name 

| length 

8084| NULL, // file system options 

8085| NULL, // file system name 

| buffer 

8086| 0); // length of file 

| system name buffer 
8087| 

8088| if ( IReadGood ) { 
8089| Err = GetLastError(); 
8090| } else { 

8091 1 HANDLE OriginalVolumeHandle = 

| INVALID_HANDLE_VALUE; 
8092| BYTE UniqueRaw [256] = {0}; 
8093| PMOUNTDEVJJNIQUEJD UniquePtr = 

| (PMOUNTDEVJJNIQUEJD) UniqueRaw; 
8094| ULONG dwBytes Returned = 0; 
8095| ULONG Length = 0; 
8096| WCHAR OriginalVolumePath [256] = {0}; 
8097| 

8098| wcscpy ( OriginalVolumePath, L"\\\\.\\" ); 

8099| wcscat ( OriginalVolumePath, OriginalVolumeName 

I); 

81 00| Length = wcslen(OriginalVolumePath); 
8101| if ( Length>0 && 

| OriginalVolumePath[Length-1]=='\V ) { 
8102| OriginalVolumePath[--Length] = 0; 

8103| } 
8104| 

81 05| OriginalVolumeHandle = CreateFileW( 
8106| OriginalVolumePath, // 

| file name 

8107| GEN ERIC J^EAD, // access 

| mode 

8108| FILE_SHARE_READ|FILE_SHARE_WRITE, 

| // share mode 
8109| NULL, //SD 

81 1 0| OPEN_EXISTING, // how to 

| create 

81 1 1 1 FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
8112| NULL); //handle 

| to template file 
8113| 



81 1 4| if ( OriginalVolumeHandle != 

| INVALID_HANDLE_VALUE ) { 
81 1 5| ReadGood = DeviceloControl ( 

81 1 6| OriginalVolumeHandle, 

8117| IOCTL_MOUNTDEV_QUERY_UNIQUE_ID, 

8118| NULL, 

8119| 0, 

8120| UniqueRaw, 

8121 1 sizeof(UniqueRaw), 

8122| &d wBytes Retu rned , 

8123| NULL); 

8124| 

8125| if ( !ReadGood){ 

8126| Err = GetLastError(); 

8127| if ( Err == ERROR_MORE_DATA ) { 

8128| Err = 0; 

8129| ReadGood = TRUE; 

8130| } 

8131| } 

8132| 

8133| if ( ReadGood ) { 

81 34| ULONG ConvertErr = 0; 

8135| WCHAR DumpString [128] = {0}; 

8136| ULONG DumpStringLength = 

| sizeof(DumpString) / sizeof(DWORD); 
8137| if ( dwBytes Retu rned >= 

| sizeof(USHORT)+sizeof(DWORD) && 
8138| UniquePtr->UniqueldLength >= 

| sizeof(DWORD) ) { 
8139| *Uniqueld = *((DWORD *) 

| UniquePtr->Uniqueld); 
81 40| ConvertErr = BufferToHexWChar( 

8141| UniquePtr->Uniqueld, 
8142| 

| min(dwBytesReturned,UniquePtr->UniqueldLength), 
8143| DumpString, 
8144| &DumpStringLength ); 

8145| 

8146| //DLOG((TEXT("GetVolumeldentifiers: 
| Uniqueld=%08x, ConvertErr=%08x, StringLen=%d, 
| String='%S'\n M ),*Uniqueld,ConvertErr,DumpStringLength,Du 
| mpString)); 

8147| }else{ 

8148| Err = PSM_ERROR_UNSUCCESSFUL; 

8149| } 
8150| } 
8151| 

8152| CloseHandle (OriginalVolumeHandle); 

81 53 1 OriginalVolumeHandle = 

| INVALID_HANDLE_VALUE; 



8154| }else{ 

8155| Err = Getl_astError(); 

81 56| //DLOG((TEXT("GetVolumeldentifiers: 
| CreateFileW('%S') returned 
| %08x\n"),OriginalVolumePath,Err)); 

8157| } 

8158| } 

8159| 

81 60| return Err; 

8161| } 

8162| 

8163| // 

I 

| 

8164| 

8165| DLL EXPORT PSMSTATUS PSMAPI 

| Psm_DisasterRecoveryBackupSupported (void) 
8166| { 

8167| return STATUS_SUCCESS; 

8168| } 

8169| 

8170| //- 

I 



8171| 

8172| DLL EXPORT PSMSTATUS PSMAPI Psm_VolumelmageDumpW ( 
8173| WCHAR *VolumeGuid, // 

| L"Volume{...}" with no trailing backslash 
8174| WCHAR 

| *OriginalVolumeName, 
8175| PSM_SS_VOLUME_IMAGE_CALLBACK CallBackFunc ) 
8176| { 

81 77| PSMSTATUS Status = 0; 
81 78| PSMSTATUS TempStatus = 0; 
81 79| DWORD BytesRead = 0; 
8180| BOOL ReadGood = FALSE; 

8181| const unsigned GRANULE_SIZE= 64* 1024; // ??? 

| Get from driver ??? 
8182| ULONG GranulesPerWorkUnit = 16*1024; 
8183| ULONG GranulesLeftlnWorkUnit = 0; 
81 84| ULONG SectorsPerCluster = 0; 
81 85| ULONG Bytes PerSector = 0; 
8186| ULONG NumberOfFreeClusters = 0; 
81 87| ULONG TotalNumberOfClusters = 0; 
8188| ULONG VolumeGuidChars = wcslen(VolumeGuid); 
8189| WCHAR *VolumeGuidWithBackslash = 

| LocalAlloc(LPTR,sizeof(WCHAR)*(1 0+VolumeGuidChars)); 
8190| PARTITIONJNFORMATION partitionlnfo = {0}; 
8191| 

8192| if ( IVolumeGuidWithBackslash ) { 



8193| Status = ERROR_OUTOFM EMORY; 
8194| }else{ 

8195| wcscpy ( VolumeGuidWithBackslash, VolumeGuid ); 
81 96| VolumeGuidWithBackslash[VolumeGuidChars++] = 

I 'W; 

8197| VolumeGuidWithBackslash[VolumeGuidChars] = 0; 
8198| 

8199| ReadGood = GetDiskFreeSpaceW ( 

8200| VolumeGuidWithBackslash, 

8201 1 &SectorsPerCluster, 

8202 1 & Bytes PerSecto r, 

8203| &NumberOfFreeClusters, 

8204| &TotalNumberOfClusters ); 

8205| 

8206| if ( IReadGood ) { 

8207| Status = GetLastError(); 

8208| } else { 

8209| ULONG ClusterSizelnBytes = Bytes PerSector * 

| SectorsPerCluster; 
821 0| ULONG ClustersPerGranule = GRANULE_SIZE / 

| ClusterSizelnBytes; 
821 1 1 ULONG ClustersPerWorkUnit = 

| GranulesPerWorkUnit * ClustersPerGranule; 
821 2| ULONG VolumeBitmapSize = 

| (ClustersPerWorkUnit + 7) / 8; 
821 3| ULONG VolumeBitmapBufferSize = 

| VolumeBitmapSize + sizeof(VOLUME BITMAP BUFFER); 
821 4| STARTING_LCN_INPUT_BUFFER StartingLcn = 

|{0}; 

8215| 

821 6| HANDLE VolumeHandle = CreateFileW( 

8217| VolumeGuid, //file 

| name 

8218| GENERIC_READ, // 

| access mode 

8219| FILE_SHARE_READ|FILE_SHARE_WRITE, 

| // share mode 
8220| NULL, // SD 

8221 1 OPEN_EXISTING, // how 

| to create 

8222| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
8223| NULL); // 

| handle to template file 
8224| 

8225| if ( VolumeHandle != INVALID_HANDLE_VALUE ) 

|{ 

8226| char *GranuleBuffer = 

| LocalAlloc(LPTR,GRANULE_SIZE); 
8227| VOLUMEBITMAPBUFFER 



I *VolumeBitmapBuffer = 
| LocalAlloc(LPTR,VolumeBitmapBufferSize); 
8228| 

8229| if ( GranuleBuffer && 

| VolumeBitmapBuffer ) { 
8230| DWORD CallBackStatus = 0; 

8231 1 tPSM_VolumelmageCallBackParms 

| CallBackParms = {0}; 
8232| ULARGEJNTEGER VolSizelnBytes = 

|{0}; 
8233| 

8234| VolSizelnBytes. QuadPart = 
8235| ((unsigned int64) 

| TotalNumberOfClusters) * 
8236| ((unsigned int64) 

| ClusterSizelnBytes); 
8237| 

8238| CallBackParms. MessageType = 

| PSM_VIBMT_START; 
8239| 

| CallBackParms. MessageData.Start. Handle = VolumeHandle; 
8240| 

| CallBackParms. MessageData.Start. SizelnBytes = 
| VolSizelnBytes; 
8241| 

| CallBackParms. MessageData.Start. ClusterSize = 
| ClusterSizelnBytes; 
8242| 

| CallBackParms. MessageData.Start. NumUsedClusters. QuadPart 
| = TotalNumberOfClusters - NumberOfFreeClusters; 
8243| 

8244| Status = (*CallBackFunc) 

| (&CallBackParms); // send back START chunk 
8245| if ( Status == 0 ) { 

8246| ReadGood = DeviceloControl ( 

8247| VolumeHandle, 
8248| 

| IOCTL_DISK_GET_PARTITION_INFO, // dwIoControlCode 

| operation 
8249| NULL, 

| // IplnBuffer; must be NULL 
8250| 0, 

| // nlnBufferSize; must be zero 
8251| &partitionlnfo, 

| // output buffer 
8252 1 sizeof (partition I nf o) , 

| // size of output buffer 
8253| &BytesRead, 

| // number of bytes returned 
8254| NULL); 



I // OVERLAPPED structure 
8255| 

8256| if ( IReadGood ) { 

8257| Status = GetLastErrorQ; 

8258| } else { 

8259| Status = 

| GetVolumeldentifiers ( 
8260| OriginalVolumeName, 
8261 1 VolumeHandle, 
8262| 

| &CallBackParms.MessageData.Partitionlnfo.VolumeSerialNurn 
I ber, 
8263| 

| &CallBackParms.MessageData.Partitionlnfo.VolumeUniqueld 

I); 

8264| 

8265| if ( Status == 0 ) { 

8266| 

| CallBackParms.MessageType = PSM_VIBMT_PARTITION_INFO; 
8267| 

| Call BackParms . MessageData. Partitio n I nf o . StartingOff set 
| = partitioning. StartingOffset; 
8268| 

| CallBackParms.MessageData.Partitionlnfo.PartitionLength 
| = partitioning. PartitionLength; 
8269| 

| CallBackParms.MessageData.Partitionlnfo.PartitionNumber 
| = partitionlnfo.PartitionNumber; 
8270| 

| CallBackParms.MessageData.Partitionlnfo.PartitionType 
| = partitionlnfo.PartitionType; 
8271| 

| CallBackParms.MessageData.Partitionlnfo.Bootlndicator 
| = partitioning. Bootlndicator; 
8272| 

| Call BackParms . MessageData. Partitio n I nf o . Recognized Partit 
| ion = partitioning. RecognizedPartition; 
8273| 

| Call BackParms . MessageData. Partitio n I nf o . Reserved 

| = 0xa5; 
8274| Status = 

| (*CallBackFunc) (&CallBackParms); // send back 

| PARTITIONJNFO chunk 
8275| 

8276| if ( Status == 0 ) { 

8277| ULARGEJNTEGER 

| GranuleOffset = {0}; 
8278| ULONG 

| BitMapByteCount = (ClustersPerGranule + 7) / 8; 
8279| 



I CallBackParms.MessageType = PSM_VIBMT_G RANULE; 
8280| 

| CallBackParms.MessageData.Granule.Data = GranuleBuffer; 
8281| 

| CallBackParms.MessageData.Granule.ClusterSizelnBytes = 
| ClusterSizelnBytes; 
8282| 

| CallBackParms.MessageData.Granule.BitMapSizelnBytes = 

| BitMapByteCount; 
8283| while ( Status==0 

| && GranuleOffset.QuadPart<VolSizelnBytes.QuadPart ) { 
8284| ULONG 

| GranulelnUse = FALSE; 
8285| ULONG 

| BitMapBytelndex = 0; 
8286| 

8287| if ( 

| GranulesLeftlnWorkUnit == 0 ) { 
8288| 

| GranulesLeftlnWorkUnit = GranulesPerWorkUnit; 
8289| 

| StartingLcn.StartingLcn.QuadPart = 
| GranuleOffset.QuadPart / ClusterSizelnBytes; 
8290| 

8291| ReadGood = 

| DeviceloControl ( 
8292| 

| VolumeHandle, 
8293| 

| FSCTL_GET_VOLUME_BITMAP, 
8294| 

| &StartingLcn, 
8295| 

| sizeof(StartingLcn), 
8296| 

| VolumeBitmapBuffer, 
8297| 

| VolumeBitmapBufferSize, 
8298| 

| &BytesRead, 
8299| NULL); 
8300| 

8301| if( 

| !ReadGood ) { 
8302| ULONG 

| BitMapError = GetLastError(); 
8303| if ( 

| BitMapError != ERROR_MORE_DATA ) { 
8304| 

| Status = BitMapError; 



8305| 
| break; 

8306| } 
8307| } 
8308| 
8309| 

| CallBackParms.MessageData.Granule.ClusterUsedBitMap = 

| VolumeBitmapBuffer->Buffer; 
8310| } 
8311| 

8312| //Figure out 

| whether any of the clusters in the current granule 
8313| //are in use. 

| If so, the entire granule is in use and must be 
8314| //read and 

| sent to the callback routine. 
8315| //Otherwise, 

| we can skip the granule. 
8316| 

8317| for( 

| BitMapBytelndex=0; BitMapByte Index < BitMapByteCount; 

| ++BitMapBytelndex ) { 
8318| if( 

| CallBackParms.MessageData.Granule.ClusterUsedBitMap[BitM 

| apByte Index] ) { 
8319| 

| GranulelnUse = TRUE; 
8320| break; 
8321| } 
8322| } 
8323| 

8324| if ( 

| GranulelnUse ) { 
8325| ReadGood = 

| ReadFile ( 
8326| 

| VolumeHandle, 
8327| 

| GranuleBuffer, 
8328| 

| GRANULE_SIZE, 
8329| 

| &BytesRead, 
8330| NULL); 
8331| 

8332| if ( 

| IReadGood ) { 
8333| Status 

| = GetLastError(); 
8334| break; 



8335| } 

8336| 

8337| 

| CallBackParms.MessageData.Granule.GranuleSizelnBytes = 
| Bytes Read; 
8338| 

| CallBackParms.MessageData.Granule.GranuleOffsetlnBytes.Q 
| uadPart = GranuleOffset.QuadPart; 
8339| 

8340| Status = 

| (*CallBackFunc) (SCallBackParms); 
8341| 

8342| if ( 

| BytesRead < GRANULE SIZE ) { 
8343| break; 
8344| } 
8345| } else { 

8346| 

| LARGEJNTEGER DistanceToMove; 
8347| 

| DistanceToMove.QuadPart = GRANULE_SIZE; 
8348| ReadGood = 

| SetFilePointerEx ( 
8349| 

| VolumeHandle, 
8350| 

| DistanceToMove, 
8351| NULL, 
8352| 

| FILE_CURRENT ); 
8353| 

8354| if ( 

| ! ReadGood ) { 
8355| Status 

| = GetLastError(); 
8356| break; 
8357| } 
8358| } 
8359| 
8360| 

| GranuleOffset.QuadPart += GRANULE_SIZE; 
8361| 

| -GranulesLeftlnWorkUnit; 
8362| 

| CallBackParms.MessageData.Granule.ClusterUsedBitMap += 

| ClustersPerGranule/8; 
8363| } 
8364| 
8365| 

| CallBackParms.MessageType = PSM_VIBMT_FINISH; 



8366| 

| CallBackParms.MessageData. Finish. Status = Status; 
8367| TempStatus = 

| (*CallBackFunc) (&CallBackParms); 
8368| if ( Status == 0 ) 

|{ 

8369| Status = 

| TempStatus; 
8370| } 
8371 | } 
8372| } 
8373| } 
8374| } 
8375| } else { 

8376| Status = ERROR_OUTOFMEMORY; 

8377| } 

8378| 

8379| if ( GranuleBuffer ) { 

8380| LocalFree(GranuleBuffer); 

8381 1 GranuleBuffer = NULL; 

8382| } 

8383| 

8384| if ( VolumeBitmapBuffer ) { 

8385| LocalFree(VolumeBitmapBuffer); 

8386| VolumeBitmapBuffer = NULL; 

8387| } 

8388| 

8389| CloseHandle (VolumeHandle); 

8390| VolumeHandle = INVALID_HANDLE_VALUE; 

8391| }else{ 

8392| Status = GetLastError(); 

8393| } 

8394| } 

8395| 

8396| LocalFree(VolumeGuidWithBackslash); 
8397| VolumeGuidWithBackslash = NULL; 
8398| } 
8399| 

8400| return Status; 

8401| } 

8402| 

8403| // 

I 

8404| 

8405| STATIC BOOL PerThreadlnit ( 
8406| HINSTANCE hlnstance, 
8407| DWORD fdwReason ) 
8408| { 

8409| BOOL bResult = TRUE; 

841 0| pThreadStorage ThreadStorage = (pThreadStorage) 



I LocalAlloc(LPTR,sizeof(tThreadStorage)); 
8411| 

8412| if(!ThreadStorage) { 
8413| bResult = FALSE; 
8414| }else{ 

8415| InitThreadLocalStorage (ThreadStorage); 
8416| ThreadStorage->hlnstance = hlnstance; 
841 7| ThreadStorage->fdwReason = fdwReason; 
841 8| TlsSetValue(Tlslndex,ThreadStorage); 
8419| } 
8420| 

8421| return bResult; 

8422| } 

8423| 

8424| // 



8426| STATIC BOOL PerThreadCleanup() 
8427| { 

8428| BOOL bResult = TRUE; 

8429| pThreadStorage ThreadStorage = GetThreadStorage(); 
8430| 

8431| if ( ThreadStorage ) { 

8432| LocalFree((HLOCAL) ThreadStorage); 

8433| } 

8434| 

8435| return bResult; 

8436| } 

8437| 

8438| // 

| 

8439| 

8440| BOOL WINAPI DIIMain ( 
8441| HINSTANCE hDlllnst, 
8442| DWORD fdwReason, 
8443| LPVOID Ipv Reserved ) 
8444| { 

8445| BOOL bResult = TRUE; 
8446| 

8447| switch (fdwReason) { 

8448| case D LL_P ROC ESS_ATTAC H : { 

8449| // The DLL is being loaded for the first 

| time by a given process. 
8450| // Perform per-process initialization here. 

| If the initialization 
8451 1 // is successful, return TRUE; if 

| unsuccessful, return FALSE. 
8452| Tlslndex = TlsAlloc(); 

8453| if (Tlsl ndex==Oxffffffff ) { 

8454| bResult = FALSE; 



8455| } else { 

8456| bResult = PerThreadlnit (hDlllnst, 

| fdwReason); 
8457| } 
8458| } break; 
8459| 

8460| case DLL_THREAD_ATTACH: { 

8461 1 // A thread is being created in a process 

| that has already loaded 
8462| // this DLL. Perform any per-thread 

| initialization here. The 
8463| // return value is ignored. 

8464| bResult = PerThreadlnit (hDlllnst, 

| fdwReason); 
8465| } break; 
8466| 

8467| case DLL_PROCESS_DETACH: { 

8468| bResult = PerThreadCleanup(); 

8469| TlsFree(Tlslndex); 

8470| Tlslndex = Oxffffffff; 

8471 1 } break; 

8472| 

8473| case DLL_THREAD_DETACH: { 

8474| // A thread is exiting cleanly in a process 

| that has already 
8475| // loaded this DLL. Perform any per-thread 

| clean up here. The 
8476| // return value is ignored. 

8477| bResult = PerThreadCleanupO; 

8478| } break; 
8479| 

8480| default: { 

8481 1 // What in tarnation is going on around 

| here? 

8482| bResult = FALSE; 

8483| } break; 
8484| } 
8485| 

8486| return bResult; 

8487| } 

8488| 

8489| /*— end of file drbackup.c —7 

8490| 

8491| 

8492| 

8493| File Listing: drbackup.h 

8494| 

8495| /* 

8496| //- 

| 



I — 

8497| // The following function returns STATUS_SUCCESS if 
| DR Backup is supported by this version of drbackup.dll. 

8498| // It returns PSM_ERROR_NOT_IMPLEMENTED if DR Backup 
| is NOT supported. 

8499| // 

8500| PSMSTATUS PSMAPI Psm_DisasterRecoveryBackupSupported 

I (void); 
8501| 
8502| 
8503| // 

| 

| 

8504| // The following function is the engine that drives a 

| volume image traversal. 
8505| // VolumeGuid is the device name of a snapshot. 

| Actually, it can be live volume, but that's silly! 
8506| // OriginalVolumeName is the name of the live volume 

| that the snapshot is of. 
8507| // CallBackFunc is a pointer to a function that 

| handles all the backup image events. 
8508| // If it returns anything other than STATUS_SUCCESS, 

| the backup is immediately aborted. 
8509| // 

8510| PSMSTATUS PSMAPI Psm_VolumelmageDumpW ( 
8511| WCHAR *VolumeGuid, 

| // L"Volume{...}" with no trailing backslash 
8512| WCHAR 

| *OriginalVolumeName, // Whether or not VolumeGuid is 

| a snapshot, this needs to be original volume 
8513| PSM_SS_VOLUME_IMAGE_CALLBACK CallBackFunc ); 
8514| 

8515| /*— end of file drbackup.h —7 

8516| 

8517| 

8518| 

8519| PSM Disaster Recovery Boot System Source 
8520| 

8521 1 The Recovery Boot disk is a single floppy that when 

| booted will attach to a server or local drive 

| containing a corresponding backup. --LPW 
8522| 
8523| 
8524| 

8525| File Listing: AUTOEXEC.bat 
8526| 

8527| ©echo Off 

8528| set DEBUG= 

8529| set WPWAIT=WPWAIT 

8530| set WEWAIT=WEWAIT 



8531 
8532 
8533 
8534 
8535 
8536 
8537 
8538 



| AUTOEXEC.BAT 



8539 
8540 
8541 
8542 

I ; 

8543 
8544 
8545 
8546 
8547 
8548 
8549 
8550 
8551 
8552 
8553 
8554 
8555 
8556 
8557 
8558 
8559 
8560 
8561 
8562 
8563 
la 
8564 
8565 
8566 
8567 
8568 
8569 
8570 
8571 
8572 
8573 
8574 
8575 



set OKWAIT=OKWAIT 

IF "%DEBUG%"=="" SET ToNul=Nul 

IF "%DEBUG%"=="" SET ToOff=Off 

IF NOT "%DEBUG%"=="" SET ToNul=Con 

IF NOT "%DEBUG%"=="" SET ToOff=On 

@echo %ToOff% 

set LOGFILE=NUL 

if exist A:\APP\APP LOGO. BAT call A:\APP\APP LOGO 



echo *** Building RamDisk 
call a:\dos\setramd.bat 
%RAMD% 

path=%RAMD%\APP;%RAMD%\;%RAMD%\DOS;%RAMD%\NET;%RAMD%\INI 
prompt $p$g 

copy A:\command.com %RAMD%\ >%ToNul% 

set comspec=%RAMD%\command.com 

copy a:\*.bat >%ToNul% 

copy a:\fixboot.exe >%ToNul% 

call %ramd%\wp_wait.bat 

call %ramd%\startup.bat 

%ramd% 

CD\ 

call %ramd%\RESULT.BAT 

if exist %ramd%\APP_DOES.BAT call %ramd%\APP_DOES.BAT 
%ramd% 

echo Update Log File(s) 

if exist %RAMD%\*.LOG goto relog 

goto fin 

: relog 

rem Check for Write Enable 
call %ramd%\we_wait 

copy a:\head.txt + %RAMD%\*.LOG + a:\end.txt 
\results.htm /Y 
:fin 

%ramd%\ok_WAIT.bat 
:end 



File Listing: CHANGE. bas 
'CHANGE.BAS 



'Function: 

' Does global search and replace on a file (wildcards 
| are okay) 

8576| ' has ability to handle special batch file characters, 



I deal 

8577| ' with quoted strings, and embedded double quotes. 
8578| ' 

8579| ' Handy for revising BAT and INI files on a grand 
| scale 

8580| ' Originally developed to setup PROTOCOL.INI AND 

| SYSTEM.INI 
8581 T for a DOS boot disk. 
8582| ' 

8583| ' Very fast and smart 

8584| ' Does in-place update to keep ver control happy 
8585| ' 
8586| 'Bugs: 

8587| ' Won't process files longer than 31 K 
8588| ' Very little error checking 
8589| ' 

8590 1 ' run with /? to see instructions 

8591|' 

8592| 'Make: 

8593| ' Get PowerBasic 3.5 for DOS from www.powerbasic.com 
8594| ' Get PKLite for DOS from www.pkware.com 
8595| 'Use PB Ul to compile change. bas -> change.exe 
8596| 'Use PKLite to compress change.exe -> gsr.exe 
8597| ' 

8598| 'History: 

8599| ' 04/13/2001 Lou Witt: 
8600| ' Original Work 
8601|' 
8602| ' 

8603| defint a-z 

8604| declare sub qtrim(a$) 

8605| declare sub parse_args( cmd$, param$(), paramcount, 

| pparamlimit) 
8606| declare sub SayHelp() 
8607| declare sub GSR 

| (WorkString$,Search$,Repl$,NoCase,Hits,Changes) 
8608| declare function YesNo$(Flag) 
8609| ' 

8610| %paramlimit=15 

861 1 1 dim param$(%paramlimit) paramcount = 0: 
8612|flags$ = "" 

861 3| fixcase = -1 'case insensitive flag 
8614| fixbat = -1 'batch mode flag 
8615| verbose = 0 'noisy 
8616| FileCount = 1 

8617| dim dynamic WorkFiles$(FileCount) 

8618| handle = 1 

8619| FileSizeLimit = 32000 

8620| Quote$ = chr$(34) 

8621| Really = -1 



8622 
8623 
8624 
8625 
8626 
8627 
8628 
8629 
8630 
8631 
8632 
8633 
8634 
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8636 
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8667 
8668 
8669 
8670 
8671 



parse_args command$, param$(), paramcount, %paramlimit 

'help? or null? 

if (paramcount=0) then 

paramcount = 1 

param$(1) = 7H" 
end if 

'parse flags 
aparam$ = param$(1) 
do while instr(7-",left$(aparam$,1)) 
'do the flag 

flags$ = flags$ + lcase$(mid$(aparam$,2,1)) 
if paramcount>1 then 

for n = 2 to paramcount 

param$(n-1) = param$(n) 

next 

aparam$ = param$(1) 
else 

aparam$="x" 
end if 

param$(paramcount)="" 
deer paramcount 
loop 



if instr(Flags$, Any "h?") then 

SayHelp 

end 
end if 

if instr(Flags$, Any "!") then 
replace"!" with "" in Flags$ 
fixcase = 0 

end if 

if instr(Flags$, Any "=") then 
replace "=" with "" in Flags$ 
fixbat = 0 

end if 

if instr(Flags$, Any "v") then 
replace "v" with "" in Flags$ 
verbose = -1 
end if 

if Flags$<>"" then 

print "Unexpected Argument "' ; 



8672 
8673 
8674 
8675 
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8678 
8679 
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print flags$; 
print 
SayHelp 
end 
end if 

if paramcount=2 then 

Really = 0 
end if 

if (paramcount <> 3) and (paramcount <> 2) then 
Print "Bad Parameter Count" 

SayHelp 

end 
end if 

FileMask$ = Param$(1) 
Search$ = Param$(2) 
Repl$ = Param$(3) 

if FixBat then 

' Make it command line compatible 

'NOT replace {!}~@ with <|>&% in search and replace 

replace "{" with "<" in Search$ 

replace "!" with "|" in Search$ 

replace "}" with ">" in Search$ 

replace "~" with "&" in Search$ 

replace with "%" in Search$ 

replace "{" with "<" in Repl$ 

replace"!" with "\" in Repl$ 

replace "}" with ">" in Repl$ 

replace "~" with "&" in Repl$ 

replace with "%" in Repl$ 
end if 

' *** Split out the path *** 
WorkPath$="" 

if instr(FileMask$,any "\:")>0 then 
' has some kind of path 
mp = len(FileMask$) 
do 

cp = instr(mp,FileMask$,any "\:") 
deer mp 

loop until mp=0 or cp>0 
WorkPath$ = left$(FileMask$,cp) 
end if 

if verbose then 

? "Files: ";Quote$;FileMask$;Quote$ 
? "Search:",Quote$;Search$;Quote$ 



8722| ? "Replace:",Quote$;Repl$;Quote$ 
8723| ? "Batch Xlate:",YesNo$(FixBat) 
8724| ? "Any Case:'\YesNo$(FixCase) 
8725| end if 
8726| 

8727| ' *** Get the file list *** 
8728| WorkFile$ = Dir$(FileMask$) 
8729| if WorkFile$ = then 
8730| End 
8731 1 end if 
8732| 

8733| Do While WorkFile$ <> 

8734| WorkFiles$(FileCount) = WorkFile$ 

8735| WorkFile$ = Dir$ 

8736| if WorkFile$<> then 

8737| Incr FileCount 

8738| Redim preserve WorkFiles$(FileCount) 

8739 1 end if 

8740| Loop 

8741| 

8742| 

8743| ' *** Work the File List *** 

8744| For FileNum = 1 to FileCount 'and files? 

8745| 'for this file 

8746| WorkFile$ = WorkFiles$(FileNum) 
8747| if verbose then 
8748| ? "File:",WorkFile$, 
8749 1 end if 

8750| Open WorkPath$ & WorkFile$ for Binary as Handle 
8751 1 Hits = 0: Changes = 0 
8752| FileLen = Lof(Handle) 

8753| if (FileLen >0) and (FileLen < FileSizeLimit) then 
8754| Get$ Handle, FileLen, FileBody$ 

8755| GSR FileBody$,Search$,Repl$,FixCase,Hits,Changes 

8756| end if 

8757| if Hitso 0 then 

8758| if Really then 

8759| 'write the update 

8760| Seek Handle,0 

8761 1 Put$ Handle, FileBody$ 

8762| SetEof Handle 

8763| end if 

8764| end if 

8765| Close Handle 

8766| if verbose then 

8767| ? "Hits:";Hits; 

8768| if really then 

8769| print ,"Changes:";Changes 

8770| else 

8771| print 



8772| end if 

8773| end if 

8774| next 

8775| if verbose then 

8776| print "Job Done" 

8777| end if 

8778| end 

8779| 

8780| '*** Application Subroutines *** 

8781 1 function YesNo$(Flag) 

8782| if Flag <> 0 then 

8783| YesNo$ = "Yes" 

8784| else 

8785| YesNo$ = "No" 

8786| end if 

8787| end function 

8788| 

8789| sub SayHelp 
8790| 'show help 

8791 1 print "Change [/!][/h][/?][/=][/v] file search 
| replace" 

8792| print" file filename or wildcard mask" 

8793| print" /! causes case SENSITIVE search" 

8794| print" /= to NOT replace with <|>&% in search 

| and replace" 
8795| print" /?,/H displays this help" 
8796| print" /v Verbose output" 
8797| print" Search and Replace may be quoted" 
8798| print" To include or embed quotes, double them" 
8799| end sub 
8800| 
8801| 

8802| sub GSR 

| (WorkString$,Search$,Repl$,FixCase,Hits,Changes) 
8803| Hits = 0 
8804| Changes = 0 
8805| RLen = Len(Repl$) 
8806| if len(WorkString$)=0 then Exit Sub 
8807| SLen = Len(Search$) 
8808| if len(Search$)=0 then Exit Sub 
8809| if 0=FixCase then 
8810| 'this is fast way 

881 1 1 replace Search$ with Repl$ in WorkString$ 
8812| exit sub 
8813| else 

881 4 1 'have to do it the slowwww way 
881 5| cx$ = LCase$(WorkString$) 
881 6| s$ = LCase$(Search$) 
881 7| pad$ = String$(RLen,255) 
8818| cp = instr(cx$,s$) 



8819| do while cp>0 

8820| 'we have a hit 

8821| IncrHits 

8822| ' clean the mask 

8823| cx$ = left$(cx$,cp-1) & Pad$ & 

| mid$(cx$,cp+SLen) 
8824| ' if redundant, skip it 
8825| Hit = -1 
8826| if Slen = Rlen then 

8827| Hit = Repl$ <> Mid$(WorkString$,Cp,Rlen) 
8828| end if 
8829| if Hit then 

8830| WorkString$ = left$(WorkString$,cp-1) & Repl$ & 

| Mid$(WorkString$,cp+Slen) 
8831| I ncr Changes 

8832| end if 
8833| cp = instr(cx$,s$) 
8834| loop 
8835| end if 
8836| end sub 
8837| 
8838| 
8839| 

8840| ************ Library Routines ********** 

8841 1 sub parse_args( cmd$, pparam$(), pparamcount, 

| pparamlimit) 
8842| 

8843| '*** unquote commands to cmx$ 
8844| cmx$ = lcase$(cmd$) + " " 
8845| iq = 0 
8846| aq = 0 

8847| for cp = 1 to len(cmd$) 

8848| ch = asc(cmx$,cp) 

8849 1 aq = ch = 34 

8850 1 if aq then 

8851| iq = notiq 

8852| ch = 95 

8853| end if 

8854| if iq then 

8855| asc(cmx$,cp) = 95 

8856| else 

8857| asc(cmx$,cp) = ch 
8858| end if 
8859| next 
8860| 

8861 1 '*** parse multiple arguments 
8862| 

8863| cp = 1 
8864| inarg = 0 
8865| anarg$ = 



8866 
8867 
8868 
8869 
8870 
8871 
8872 
8873 
8874 
8875 
8876 
8877 
8878 
8879 
8880 
8881 
8882 
8883 
8884 
8885 
8886 
8887 
8888 
8889 
8890 
8891 
8892 
8893 
8894 
8895 
8896 
8897 
8898 
8899 
8900 
8901 
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aspace = 0 

do while cp <= len(cmx$) 
ch = asc(cmx$,cp) 
cmm$ = space$(cp-1)+" A " 
aspace = (ch = 32) or (ch = 9) 
jf inarg then 
if aspace then 
incr pparamcount 

if pparamcount <= pparamlimit then 
qtrim anarg$ 

pparam$(pparamcount) = anarg$ 
end if 
inarg = 0 
else 

anarg$ = anarg$ + mid$(cmd$,cp,1) 
end if 
else 

if not aspace then 
inarg = -1 

anarg$ = mid$(cmd$,cp,1) 
end if 
end if 
incr cp 
loop 

if inarg then 

incr pparamcount 

if pparamcount < pparamlimit then 

qtrim anarg$ 

pparam$(pparamcount) = anarg$ 

end if 
end if 

pparamcount = min(pparamlimit,pparamcount) 
end sub 

sub qtrim(a$) 

'trim a string of leading/trailing quotes, singulate 



| doubles 



if (asc(a$,1) = 34) and (asc(a$,len(a$)) = 34) then 

a$ = mid$(a$,2) 

a$ = left$(a$,len(a$)-1) 
end if 

cm$ = chr$(34) + chr$(34) 
cn = 1 

cp = instr(cn,a$,cm$) 
do while cp<>0 

a$ = left$(a$,cp) + mid$(a$,cp+2) 
cn = cp + 1 

cp = instr(cn,a$,cm$) 
loop 
end sub 



8915| 
8916| 
8917| 

8918| File Listing: CONNECT.bat 
8919| 

8920| rem @echo %ToOff% $ 
8921 1 REM *** Attempt three shares 
8922| echo %user% >up.txt 
8923| echo %password% »up.txt 
8924| type up.txt|net use /Y 
8925| REM Try1 

8926| if ""=="%SERVER1%" goto Try2 

8927| echo *** Connecting %DRIVE1% TO %SERVER1%\%SHARE1% 
8928| echo *** Connecting %DRIVE1% TO 

| %SERVER1%\%SHARE1%»%LOGFILE% 
8929| net use %DRIVE1% \\%SERVER1%\%SHARE1% %password% 

| /SAVEPW:NO /PERSISTENT:NO /YES 
8930| :Try2 

8931 1 if ""=="%SERVER2%" goto Try3 

8932| echo *** Connecting %DRIVE2% TO %SERVER2%\%SHARE2% 
8933| echo *** Connecting %DRIVE2% TO 

| %SERVER2%\%SHARE2%»%LOGFILE% 
8934| net use %DRIVE2% \\%SERVER2%\%SHARE2% %password% 

| /SAVEPW:NO /PERSISTENT:NO /YES 
8935| :Try3 

8936| if ""=="%SERVER3%" goto DoApp 

8937| echo *** Connecting %DRIVE3% TO %SERVER3%\%SHARE3% 
8938| echo *** Connecting %DRIVE3% TO 

| %SERVER3%\%SHARE3%»%LOGFILE% 
8939| net use %DRIVE3% \\%SERVER3%\%SHARE3% %password% 

| /SAVEPW:NO /PERSISTENT:NO /YES 
8940| REM Let the App check for errors 
8941| :DoApp 
8942| :END 
8943| 
8944| 
8945| 

8946| File Listing: CRS.bat 
8947| 

8948| This file contains three carriage returns --LPW 

8949| 

8950| 

8951| 

8952| File Listing: FATAL.bat 
8953| 

8954| rem @echo %ToOff% $ 

8955| SET RESULT=%1%2%3%4%5%6%7%8%9 

8956| echo A Fatal Error Occured (%RESULT%) 

8957| echo A Fatal Error Occured (%RESULT%) »%LOGFILE% 

8958| rem Redefine the result value for calling shell 



8959| echo SET R E S U LT=% R ES U LT% >RESULT.BAT 

8960| EXIT 

8961| 

8962| 

8963| 

8964| File Listing: MAKEDISK.bas 
8965| 

8966| ' PowerBASIC 3.2 source code for formatting floppy 
| disks 

8967| ' Original by Thaddy De Konig 

8968| ' Additions and modifications by Dave Navarro, Jr. 

| (dave@powerbasic.com) 
8969| ' Revised to run silent w/o format by Lou Witt 

| (lwitt@cdp.com) 4/17/2001 
8970| ' Post Proc: PKLite -c -o MakeDisk.exe MKD.Exe 
8971 1 ' Function: Writes a Win95/98 boot sector to floppy 

| in A: 

8972| ' Revised for retry, message, error return LouWitt 

| 8/23/01 
8973 1 ' 

8974| '======================================================= 

| ======================= 

8975| 

8976| $DIM ALL 
8977| 

8978| DECLARE FUNCTION PBFORMAT(BYVAL drive AS INTEGER, BYVAL 

| media AS INTEGER) AS INTEGER 
8979| 

8980| DECLARE FUNCTION ValidateDisk(BYVAL drive AS INTEGER, 

| BYVAL media AS INTEGER) AS INTEGER 
8981| DECLARE FUNCTION FormatDisk(BYVAL drive AS INTEGER) AS 

| INTEGER 

8982| DECLARE FUNCTION WriteBoot(BYVAL drive AS INTEGER) AS 
| INTEGER 

8983| DECLARE FUNCTION Write FAT(BYVAL drive AS INTEGER) AS 
| INTEGER 

8984| DECLARE FUNCTION WriteDir(BYVAL drive AS INTEGER) AS 
| INTEGER 

8985| DECLARE SUB lnitFormatParms(BYVAL media AS INTEGER) 

8986| DECLARE SUB ResetFDC(BYVAL drive AS INTEGER) 

8987| DECLARE FUNCTION FormatTrack(BYVAL drive AS INTEGER, 

| BYVAL track AS INTEGER, BYVAL head AS INTEGER) AS 

| INTEGER 

8988| DECLARE FUNCTION WriteBootSector(BYVAL drive AS 

| INTEGER) AS INTEGER 
8989| DECLARE SUB ComputeCHS( LogSec AS INTEGER, cyl AS 

| INTEGER, hd AS INTEGER, sec AS INTEGER) 
8990| DECLARE FUNCTION WriteSector( BYVAL drive AS INTEGER, 

| BYVAL cylinder AS INTEGER, BYVAL head AS INTEGER, BYVAL 

| sector AS INTEGER, BYVAL Buffer AS DWORD) AS INTEGER 
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%True = -1 
%False = 0 



%FLAGS = 0 
%AX = 1 
%BX = 2 
%CX = 3 
%DX = 4 
%SI = 5 
%DI = 6 
%BP = 7 
%DS = 8 
%ES = 9 

%F360 = &HFD 
%F1200 = &HF9 

%F720 = - &HF9 ' media byte is NEGATIVE to differ from 
F1200 

%F1440 = &HF0 

%F2880 = - &HF0 ' media byte is negative to differ from 
F1440 

%RETRIES = 5 '% RETRIES on BIOS error 

TYPE ADDRFIELDtype 

track AS STRING * 1 

head AS STRING * 1 

sector AS STRING * 1 

bytesec AS STRING * 1 
END TYPE '4 

TYPE INFOtype 

OEM AS STRING * 8 'system name 

BS AS WORD 'bytes/sector 

SC AS BYTE 'STRING * 1 'sectors/cluster 

RS AS WORD 'reserved sectors 

NF AS BYTE 'STRING * 1 'FATs 

DE AS WORD 'root directory entries 

TS AS WORD 'total sectors on volume 

MB AS STRING * 1 'media byte 

SF AS WORD 'sectors/FAT 

ST AS WORD 'sectors/track 

NH AS WORD 'heads 

HS AS WORD 'hidden sectors 
END TYPE '27 

TYPE BOOTRECtype 



jmp AS STRING* 3 
parms AS INFOtype 
code AS STRING * 482 
END TYPE '512 



dim SAt as integer 
dim SVal as integer 
dim SStr as string 
DIM ECount as WORD 
DIM Verbose as integer 
dim prompt as integer 
dim TheKey as string 
dim HelpMe as integer 
dim Melody as integer 

'INT 1 Eh disk parameter table vectors 
DIM OldDPTseg AS SHARED WORD 
DIM OldDPToff AS SHARED WORD 
DIM NewDPTseg AS SHARED WORD 
DIM NewDPToff AS SHARED WORD 

'Number of tracks on media 
DIM NoTracks AS SHARED INTEGER 

'format info for media 
DIM Info AS SHARED INFOtype 

'interface with INTERUPTX routine 
'boot record buffer 

DIM BootRec AS SHARED BOOTRECtype 

'sector buffer to write FAT & root directory sectors 
DIM SectorBuff AS SHARED STRING * 512 

DIM Drive AS SHARED INTEGER 
DIM Media AS SHARED INTEGER 
DIM verifydisk AS SHARED INTEGER 

$STATIC 

'Allocate address field data to max possible sectors 
per track 

DIM AddrField( 1 TO 36 ) AS SHARED ADDRFIELDtype 



DIM xerr AS INTEGER 
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DIM errl AS INTEGER 
DIM errc AS INTEGER 



Verbose = %False 

if instr(Command$,Any "vV") then Verbose = %True 
Prompt = %True 

if instr(Command$,Any "qQ") then Prompt = %False 
HelpMe = %False 

if instr(Command$,Any "?hH") then HelpMe = %True 

if HelpMe Then 

print "FixBoot (c)2001 Columbia Data Products" 



pn 
pr 
pr 
pr 
pn 
pri 
pr 
pr 
pr 
pn 
pri 
pr 
pr 
pr 
pri 
pri 
pr 
pr 
pr 
pn 
pr 
pr 
pr 
pri 
pri 



nt " 

nt "Args:" 

nt " /? /H Displey this help" 

/+ /- Play a scale up or down" 
/s### Delay ### seconds" 
/q /Q Run Quiet" 

/v /V Run with Verbose messages" 
/qv Don't prompt, but display errors" 



nt 
nt 
nt 
nt 
nt 
nt 

nt "Returns:" 
nt " 0:no error 

nt " 1 :invalid function request 

nt " 2:address mark not found 

nt " 3: write protected 

nt " 4:sector not found 

nt " 6:diskette changed 

nt " 8:DMA overrun 

nt " 9: DMA boundary error 

nt " 12:media type not available 

nt" 16:badCRC 

nt " 32:diskette controller failed 

nt " 64 :seek failed 

nt " 128:time-out/drive not ready 

nt " 99:operator abort 

nt 



end 0 
end if 

'check for sound work 
Melody = %false 

if instr(Command$, "/+") then Melody= %True 
if instr(Command$, "-+") then Melody= %True 
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if Melody then 

gosub PlayUp 

end 0 
end if 

Melody = %false 

if instr(Command$, "/-") then Melody= %True 
if instr(Command$, "--") then Melody= %True 
if Melody then 

gosub PlayDown 

end 0 
end if 

'check for delay work 

if instr(Command$,ANY "sS") then 

Sat = instr(Command$, ANY "sS") + 1 

SStr= trim$(Mid$(Command$,Sat)) 

if Len(SStr)>0 then 

SVal = Val(SStr) 
Sleep SVal 

end if 

end 0 
end if 

Drive = 0 
media = %F1 440 



do while inkey$<>"" 

sleep 0.1 
loop 

if prompt then 

PRINT "Insert 1 .44 disk to make bootable in drive 
and" 

PRINT "Press ENTER to continue..."; 
TheKey$ = "" 
Do 

TheKey$ = lnkey$ 
Loop Until TheKey$ <> "" 
print 

if asc(TheKey$) <> 13 then 

print "Aborted. <"; 

print asc(TheKey$);">" 

sleep 15 

end 99 
end if 
print 

PRINT "Writing boot sector..." 
PRINT 
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| " code:"; errc 
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end if 



ECount = 5 'we will several times 

do while ECount > 0 
xerr = PBFORMAT( drive, media ) 
IFxerr THEN 
errl = xerr \ 256 
errc = xerr AND 255 

if Verbose then PRINT "*** Error level:"; errl; 



if errc = 3 then 

ECount = 1 'force error exit 
end if 
ELSE 

exit loop 
END IF 
Deer ECount 
loop 

If ECount <> 0 then 

'we succeeded without error 

if prompt then PRINT "done.":sleep 15 

end 0 
end if 



If Verbose or Prompt then 

'display error level 

Select Case errl 'level error codes 

Case 0: '0:no error 

Case 1 : ?'"1 validate error 

Case 2: ?"'2:format error 

Case 3: ?"'3:boot record write error 

Case 4: ?"'4:FAT write error 

Case 5: ?"'5:directory write error 

Case Else: ?"'?:Unknown error level 
End Select 

'display floppy error code 
Select Case errc 'floppy disk error codes (xerrjn 



decimal): 



Case 0'0:no error 

Case 1 : ?'"1 :invalid function request 
Case 2: ?"'2:address mark not found 
Case 3: ?"'3:write protected 
Case 4: ?"'4:sector not found 
Case 6: ?"'6:diskette changed 
Case 8: ?"'8:DMA overrun 
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Case 9: ?"'9:DMA boundary error 



Case 12 
Case 1 6 
Case 32 
Case 64 
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9271| FUNCTION PBFORMAT(BYVAL drive AS INTEGER, 
9272| BYVAL media AS INTEGER) PUBLIC AS 

| INTEGER 
9273| 

DIMxerr AS INTEGER 
DIM level AS INTEGER 



?'"12:media type not available 
? m 16:badCRC 
?'"32 diskette controller failed 
? m 64:seek failed 
Case 128: ?'"128:time-out/drive not ready 
Case Else: ?'"?:Unknown floppy error 
End Select 
end if 



if prompt then 
print "FixBoot Failed." 
sleep 15 

TheKey$ = inkey$ 
end if 
end errc 
END 

PlayUp: 

Play "03 L8 C D E F G A B 04 C L4 CCCCCCC" 
RETURN 

PlayDown: 

Play "03 L8 C 02 B A G F E D C L4 CCCCCCCC" 
RETURN 



'level error codes 

'0:no error 

'1 validate error 

'2:format error 

'3:boot record write error 

'4: FAT write error 

'5:directory write error 



xerr = ValidateDisk( drive, media ) 
goto skipIO 
IF xerr = 0 THEN 
xerr = FormatDisk( drive ) 
ELSE 
level = 1 
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END iF 
skipIO: 
IF xerr = 0 THEN 

xerr = WriteBoot( drive ) 
ELSEIF level = 0 THEN 

level = 2 
END IF 
goto skip20 
IF xerr = 0 THEN 

PRINT "Creating FAT tables..." 

xerr = WriteFAT( drive ) 
ELSEIF level = 0 THEN 

level = 3 
END IF 

IF xerr = 0 THEN 

xerr = WriteDir( drive ) 
ELSEIF level = OTHEN 

level = 4 
END IF 
IF xerr THEN 

IF level = 0 THEN 
level = 5 

END IF 
END IF 
skip20: 

'reset INT 1 Eh vector to original, check both for <>0 
IF OldDPTseg <> 0 OR OldDPToff <> 0 THEN 

REG %ax, &H251 E 

REG %ds, OldDPTseg 

REG %dx, OldDPToff 

CALL INTERRUPT &H21 
END IF 

FUNCTION = ( level * 256 ) + xerr 
END FUNCTION 

'check if media supported by program, by drive, and if 



| drive is ready 

9319| FUNCTION ValidateDisk(BYVAL drive AS INTEGER, _ 
9320| BYVAL media AS INTEGER) PRIVATE 

| AS INTEGER 
9321| 

DIM CMOS AS INTEGER 
DIM checks AS INTEGER 
DIMzerrAS INTEGER 



InitFormatParms media 
IF Info. ST THEN 

'check to see if there is CMOS RAM (means we have an 
| AT BIOS) 
9329| OUT&H70, &H10 



9330| CMOS = ( INP( &H71 ) < > &HFF ) 

9331| ResetFDC drive 

9332| IF CMOS THEN 

9333| 'get original INT 1 Eh vector to disk parameter 
| table 

9334| REG %ax, &H351 E 

9335| CALL INTERRUPT &H21 

9336| OldDPTseg = REG( %es ) 

9337| OldDPToff = REG( %bx ) 

9338| 'set media type for format on AT BlOS/multi-media 
| drive 

9339| 'let BIOS determine if drive can format media with 

| a DPT in BIOS ROM 

9340| FOR checks = 1 TO %RETRIES 'zerr=0 no error 

9341| REG %ax, &H1800 

9342| REG %cx,(( NoTracks - 1 ) * 256 ) + Info.ST 

9343| REG %dx, drive 

9344| CALL INTERRUPT &H13 

9345| zerr = REG( %ax ) \ 256 'zerr=&H0C unknown 

| media/maybe invalid CMOS 

9346| IF zerr THEN ResetFDC drive ELSE EXIT FOR 

9347| NEXT 

9348| 'set INT 1 Eh vector to this media's disk parameter 

| table in BIOS ROM 

9349| IF zerr = 0 THEN 

9350| NewDPTseg = REG( %es ) 

9351 1 NewDPToff = REG( %di ) 

9352| REG %ax, &H251E 

9353| REG %ds, NewDPTseg 

9354| REG %dx, NewDPToff 

9355| CALL INTERRUPT &H21 

9356| ELSE 

9357| OldDPTseg = 0 

9358| OldDPToff = 0 

9359| END IF 

9360| END IF 

9361| ELSE 

9362| zerr = &HC 'media not supported by program 

9363| END IF 

9364| 'physical check for disk in the drive 

9365| IF zerr = 0 THEN 

9366| REG %ax, &H401 'verify 1 sector from drive 

9367| REG %cx, &H1 'track=0 sector=1 

9368| REG %dx, drive 'head=0 drive=drive 

9369| FOR checks = 1 TO %RETRIES 

9370| CALL INTERRUPT &H13 

9371 1 IF REG(( %flags ) AND 1 ) THEN 'bad read 

9372| zerr = REG( %ax ) 

9373| 'need to detect an unformatted disk 

9374| SHIFT RIGHT zerr, 8 '= e \ 256 



9375| ResetFDC drive 
9376| ELSE 

9377| zerr = 0 'good read, already formatted disk in 

| drive 
9378| EXIT FOR 
9379| END IF 
9380| NEXT 

9381 1 'zerr may be any of the BIOS diskette error codes if 
| non-zero here 

9382| 'address mark not found(2)=unformatted disk in drive 

9383| 'sector not found(4)= wacko disk but okay to proceed 

9384| IF zerr = 2 OR zerr = 4 THEN zerr = 0 

9385| END IF 

9386| ValidateDisk = zerr 

9387| END FUNCTION 

9388| 

9389| 

9390| 'format a track at a time a side at a time 
9391 1 'any error aborts format, diskette presumed unreliable 
9392| 'retry format 1 or 2 more times before trashing the 
| diskette 

9393| FUNCTION FormatDisk(BYVAL drive AS INTEGER) AS INTEGER 
9394| 

9395| DIM y AS INTEGER 
9396| DIM x AS INTEGER 
9397| DIM track AS INTEGER 
9398| DIM head AS INTEGER 
9399| DIM xerr AS INTEGER 
9400| DIM i AS INTEGER 
9401| 

9402| y = POS( 0 ) 
9403| x = CSRLIN 
9404| LOCATE „1 

9405| FOR track = 0 TO( NoTracks - 1 ) 

9406| LOCATE x, y: PRINT "Formatting track:"; track; 

9407| 'This is where you insert any printed info. 

9408| 'If you don't want it, remove it 

9409| FOR head = 0 TO( Info.NH - 1 ) 

941 0| FOR i = 1 TO %RETRIES 

941 1 1 xerr = FormatTrack( drive, track, head ) 

9412| IF xerr = 0 THEN 

9413| EXIT FOR 

9414| END IF 

9415| NEXT 

9416| IF xerr THEN 

9417| PRINT 

9418| FUNCTION = xerr 

9419| EXIT FUNCTION 

9420| END IF 

9421| NEXT 
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NEXT 
PRINT 

FUNCTION = 0 
END FUNCTION 

FUNCTION WriteBoot(BYVAL drive AS INTEGER) AS INTEGER 

DIM offset AS WORD 
DIM i AS INTEGER 
DIM Byte AS INTEGER 
DIMxerr AS INTEGER 

RESTORE BootSector 

'read default boot record data 
DEF SEG = VARSEG( BootRec ): offset = VARPTR( BootRec 

FOR i = 0 TO 511 

READ Byte 

POKE offset + i, Byte 
NEXT 
DEF SEG 

'update OEM name and BIOS parameter block 
BootRec. parms = Info 

'write the boot record 
FOR i = 1 TO %RETRIES 
xerr = WriteBootSector( drive ) 
IF xerr = 0 THEN EXIT FOR 
NEXT 

FUNCTION = xerr 
END FUNCTION 

FUNCTION WriteFAT(BYVAL drive AS INTEGER) AS INTEGER 

DIM FAT1 AS STRING 
DIM FAT2 AS STRING 
DIM i AS INTEGER 
DIM LogSec AS INTEGER 
DIM j AS INTEGER 
DIM k AS INTEGER 
DIMxerr AS INTEGER 
DIMcyl AS INTEGER 
DIM hd AS INTEGER 
DIM sec AS INTEGER 

FAT1 = Info. MB + CHR$( 255 ) + CHR$( 255 ) 



9471 1 FAT2 = CHR$( 0 ) + CHR$( 0 ) + CHR$( 0 ) 

9472| FOR i = 1 TO 512: MID$( SectorBuff, i, 1 ) = CHR$( 0 
| ): NEXT 

9473| LogSec = Info.RS + Info.HS 'first logical FAT sector 

9474| FOR i = 1 TO Info.NF 

9475| FOR j = 1 TO Info.SF 

9476| IF j = 1 THEN 

9477| MID$( SectorBuff, 1 ) = FAT1 

9478| ELSE 

9479| MID$( SectorBuff, 1 ) = FAT2 

9480| END IF 

9481 1 ComputeCHS LogSec, cyl, hd, sec 

9482| FOR k = 1 TO %RETRIES 

9483| xerr = WriteSector( drive, cyl, hd, sec, 

| VARPTR32(SectorBuff) ) 

9484| IF xerr = 0 THEN EXIT FOR 

9485| NEXT 

9486| IF xerr THEN 

9487| FUNCTION = xerr 

9488| EXIT FUNCTION 

9489| END IF 

9490 1 LogSec = LogSec + 1 

9491| NEXT 

9492| NEXT 

9493| FUNCTION = 0 
9494| END FUNCTION 
9495| 

9496| FUNCTION Write Dir(BYVAL drive AS INTEGER) AS INTEGER 
9497| 

9498| DIM i AS INTEGER 

9499| DIM LogSec AS INTEGER 

9500| DIM k AS INTEGER 

9501 1 DIM xerr AS INTEGER 

9502| DIM cyl AS INTEGER 

9503| DIM hd AS INTEGER 

9504| DIM sec AS INTEGER 
9505| 

9506| MID$( SectorBuff, 1 , 1 ) = CHR$( 0 ) 

9507| FORi = 2T0 512 

9508| IF ( i - 1 ) MOD 32 = 0 THEN 

9509| MID$( SectorBuff, i, 1 ) = CHR$( 0 ) 

9510| ELSE 

951 1 1 MID$( SectorBuff, i, 1 ) = CHR$( &HF6 ) 

9512| END IF 

9513| NEXT 

9514| LogSec = Info.RS + Info.HS + ( Info.SF * Info.NF ) 

| 'first logical dir sector 

951 5| FOR i = 1 TO( Info.DE \ 1 6 ) 'sectors needed for root 

| directory 

951 6| ComputeCHS LogSec, cyl, hd, sec 
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VARPTR32(SectorBuff) ) 
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FOR k = 1 TO%RETRIES 
xerr = WriteSector( drive, cyl, hd, sec, 



IF xerr = 0 THEN EXIT FOR 
NEXT 

IF xerr THEN WriteDir = xerr: EXIT FUNCTION 
LogSec = LogSec + 1 
NEXT 

WriteDir = 0 
END FUNCTION 

'set up media's format data 

SUB lnitFormatParms(BYVAL media AS INTEGER) 
Info.OEM = "IBM PB3" 'avoid changing 'IBM' 
Info.BS = 512 
Info.RS = 1 
Info.NF = 2 
Info.NH = 2 
Info.HS = 0 

SELECT CASE media 
CASE %F360 

Info.SC = 2 

lnfo.DE = 112 

Info.TS = 720 

Info. MB = CHR$( %F360 ) 

Info.SF = 2 

Info.ST = 9 
CASE %F1200 

Info.SC = 1 

Info.DE = 224 

Info.TS = 2400 

Info. MB = CHR$( %F1200 ) 

Info.SF = 7 

Info.ST = 15 
CASE %F720 

Info.SC = 2 

Info.DE = 112 

Info.TS = 1440 

Info. MB = CHR$( ABS( %F720 )) 

Info.SF = 3 

Info.ST = 9 
CASE %F1440 

Info.SC = 1 

Info.DE = 224 

Info.TS = 2880 

Info. MB = CHR$( %F1440 ) 

Info.SF = 9 

Info.ST = 18 
CASE %F2880 

Info.SC = 2 
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Info.DE = 240 
Info.TS = 5760 

Info. MB = CHR$( ABS( %F2880 )) 
Info.SF = 9 
Info.ST = 36 
CASE ELSE 
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| formatted media 

OldDPTseg = 0 'original- 
OldDPToff = 0 '-vector 
END SUB 
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END SELECT 

NoTracks = Info.TS \ Info.NH \ Info.ST 
NewDPTseg = 0 'INT 1 Eh vector 
NewDPToff = 0 'new -> disk parameter table for 



'reset the controller after any BIOS FDC error 
SUB ResetFDC(BYVAL drive AS INTEGER) 
! push DS 

! mov AX, 0 
! mov DX, drive 
! int &H13 

! pop DS 
END SUB 

FUNCTION FormatTrack(BYVAL drive AS INTEGER, _ 
BYVAL track AS INTEGER, _ 
BYVAL head AS INTEGER) AS INTEGER 

DIM sec AS INTEGER 
DIM cf AS INTEGER 
DIM e AS WORD 

'Initialize address field for each sector on this track 
FOR sec = 1 TO Info.ST 
AddrField( sec ). track = CHR$( track ) 
AddrField( sec ).head = CHR$( head ) 



961 5| AddrField( sec ). sector = CHR$( sec ) 

961 6| AddrField( sec ).bytesec = CHR$( 2 ) 'bytecode 2 = 

| 512-byte sector 
9617| NEXT 
9618| 

961 9| REG %ax, &H500 + Info.ST 'format track with 

| sectors/track 
9620| REG %cx,( track * 256 ) + 1 'track to 

| format,start with sector 1 
9621| REG %dx,( head* 256) + drive 'head,drive 
9622| REG %es, VARSEG( AddrField( 1 )) 'point to address 

| field data 

9623| REG %bx, VARPTR( AddrField( 1 )) 

9624| CALL INTERRUPT &H13 

9625| 

9626| cf = REG( %flags ) AND 1 'cf=1 if disk error 
9627| IF cf THEN 
9628| E = REG( %ax ) 

9629| SHIFT RIGHT e, 8 'return with status 

| byte 

9630| FUNCTION = e 
9631| ResetFDC drive 
9632| ELSE 

9633| IF verifydiskTHEN 

9634| REG %ax, &H400 + Info.ST 'ok, verify track 
| integrity- 

9635| CALL INTERRUPT &H1 3 '-optional but 

| recommended on format 
9636| cf = REG( %flags ) AND 1 'cf=1 if disk 

| error 
9637| IF cf THEN 
9638| e = REG( %ax ) 

9639| SHIFT RIGHT e, 8 'return with status 
| byte 

9640| FUNCTION = e 

9641| ResetFDC drive 

9642| END IF 

9643| END IF 

9644| END IF 

9645| 

9646| FUNCTION = 0 'format ok 

9647| 

9648| END FUNCTION 
9649| 

9650| 'convert a DOS logical sector to BIOS form 

9651 1 SUB ComputeCHS( LogSec AS INTEGER, cyl AS INTEGER, hd 

| AS INTEGER, sec AS INTEGER) 
9652| 

9653| DIM CylSec AS INTEGER 
9654| DIM rm AS INTEGER 
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9665| FUNCTION WriteBootSector(BYVAL drive AS INTEGER) AS 

| INTEGER 
9666I 

DIMcf AS INTEGER 
DIM e AS WORD 



CylSec = Info. ST * Info.NH 

cyl = LogSec \ CylSec 

rm = LogSec - ( cyl * CylSec ) 

hd = rm \ Info.ST 

sec = rm - ( hd * Info.ST ) + 1 

END SUB 
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! push DS ; save DS for PowerBASIC 

mov AX, &H301 ; write 1 sector 
mov CX, 1 ; track 0,sector 1 

mov DX, drive ; head 0, drive 
push SS 

pop ES ; ES:BX points to BootRec 

lea BX, BootRec 
int &H13 ;call BIOS 

pop DS 

jnc WriteBootDone 

mov FUNCTION^], AH ; AH holds error code 



ResetFDC Drive ' reset floppy controller 
WriteBootDone: 
END FUNCTION 

'BIOS write a FAT or directory sector 
FUNCTION WriteSector( BYVAL drive AS INTEGER, 
BYVAL cylinder AS INTEGER, _ 
BYVAL head AS INTEGER, _ 
BYVAL sector AS INTEGER, _ 
BYVAL Buffer AS DWORD ) AS 



! push DS 

! mov AX, &H301 
! mov CL, Byte Ptr sector 
! mov CH, Byte Ptr cylinder 
! mov DL, Byte Ptr drive 
! mov DH, Byte Ptr head 



9703| ! les BX, Buffer 

9704| !int&H13 

9705| ! jnc WriteSectorDone 

9706| ! xchg AL, AH 

9707| ! xor AH, AH 

9708| ! mov FUNCTION[0], AX 

9709| ! push drive 

9710| ! call WriteSector 

971 1 1 WriteSectorDone: 

9712| 

9713| IpopDS 
9714| 

9715| END FUNCTION 
9716| 

971 7| BootSector: 

9718| DATA &HEB,&H3E,&H90,&H4D,&H53,&H57,&H49,&H4E,&H34,&H2E 
971 9| DATA &H30,&H00,&H02,&H01 ,&H01 ,&H00,&H02,&HE0,&H00,&H40 
9720| DATA &H0B,&HF0,&H09,&H00,&H12,&H00,&H02,&H00,&H00,&H00 
9721 1 DATA &H00,&H00,&H00,&H00,&H00,&H00,&H00,&H00,&H29,&HAA 
9722| DATA &H1 6,&H9C,&HD4,&H4E,&H4F,&H20,&H4E,&H41 ,&H4D,&H45 
9723| DATA &H20,&H20,&H20,&H20,&H46,&H41 ,&H54,&H31 ,&H32,&H20 
9724| DATA &H20,&H20,&HF1 ,&H7D,&HFA,&H33,&HC9,&H8E,&HD1 ,&HBC 
9725| DATA &HFC,&H7B,&H16,&H07,&HBD,&H78,&H00,&HC5,&H76,&H00 
9726| DATA &H1 E,&H56,&H1 6,&H55,&HBF,&H22,&H05,&H89,&H7E,&H00 
9727| DATA &H89,&H4E,&H02,&HB1 ,&H0B,&HFC,&HF3,&HA4,&H06,&H1 F 
9728| DATA &HBD,&H00,&H7C,&HC6,&H45,&HFE,&H0F,&H8B,&H46,&H18 
9729| DATA &H88,&H45,&HF9,&HFB,&H38,&H66,&H24,&H7C,&H04,&HCD 
9730| DATA &H13,&H72,&H3C,&H8A,&H46,&H10,&H98,&HF7,&H66,&H16 
9731| DATA&H03,&H46,&H1C,&H13,&H56,&H1E,&H03,&H46,&H0E,&H13 
9732| DATA &HD1 ,&H50,&H52,&H89,&H46,&HFC,&H89,&H56,&HFE,&HB8 
9733| DATA &H20,&H00,&H8B,&H76,&H1 1 ,&HF7,&HE6,&H8B,&H5E,&H0B 
9734| DATA &H03,&HC3,&H48,&HF7,&HF3,&H01 ,&H46,&HFC,&H1 1 ,&H4E 
9735| DATA &HFE,&H5A,&H58,&HBB,&H00,&H07,&H8B,&HFB,&HB1 ,&H01 
9736| DATA &HE8,&H94,&H00,&H72,&H47,&H38,&H2D,&H74,&H19,&HB1 
9737| DATA &H0B,&H56,&H8B,&H76,&H3E,&HF3,&HA6,&H5E,&H74,&H4A 
9738| DATA &H4E,&H74,&H0B,&H03,&HF9,&H83,&HC7,&H15,&H3B,&HFB 
9739| DATA &H72,&HE5,&HEB,&HD7,&H2B,&HC9,&HB8,&HD8,&H7D,&H87 
9740| DATA &H46,&H3E,&H3C,&HD8,&H75,&H99,&HBE,&H80,&H7D,&HAC 
9741 1 DATA &H98,&H03,&HF0,&HAC,&H84,&HC0,&H74,&H1 7,&H3C,&HFF 
9742| DATA &H74,&H09,&HB4,&H0E,&HBB,&H07,&H00,&HCD,&H1 0,&HEB 
9743| DATA &HEE,&HBE,&H83,&H7D,&HEB,&HE5,&HBE,&H81 ,&H7D,&HEB 
9744| DATA &HE0,&H33,&HC0,&HCD,&H1 6,&H5E,&H1 F,&H8F,&H04,&H8F 
9745| DATA &H44,&H02,&HCD,&H19,&HBE,&H82,&H7D,&H8B,&H7D,&H0F 
9746| DATA &H83,&HFF,&H02,&H72,&HC8,&H8B,&HC7,&H48,&H48,&H8A 
9747| DATA &H4E,&H0D,&HF7,&HE1 ,&H03,&H46,&HFC,&H13,&H56,&HFE 
9748| DATA &HBB,&H00,&H07,&H53,&HB1 ,&H04,&HE8,&H1 6,&H00,&H5B 
9749| DATA &H72,&HC8,&H81 ,&H3F,&H4D,&H5A,&H75,&HA7,&H81 ,&HBF 
9750| DATA &H00,&H02,&H42,&H4A 3 &H75,&H9F,&HEA,&H00,&H02,&H70 
9751 1 DATA &H00,&H50,&H52,&H51 ,&H91 ,&H92,&H33,&HD2,&HF7,&H76 
9752| DATA &H18,&H91 ,&HF7,&H76,&H18,&H42,&H87,&HCA,&HF7,&H76 
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DATA &H1A,&H8A,&HF2,&H8A,&H56,&H24,&H8A,&HE8,&HD0,&HCC 
DATA&HD0,&HCC,&H0A,&HCC,&HB8,&H01,&H02,&HCD,&H13,&H59 
DATA &H5A,&H58,&H72 5 &H09,&H40,&H75,&H01 ,&H42,&H03,&H5E 
DATA&H0B,&HE2,&HCC,&HC3,&H03,&H18,&H01,&H27,&H0D,&H0A 
DATA &H49,&H6E,&H76,&H61 ,&H6C,&H69,&H64,&H20,&H73,&H79 
DATA&H73,&H74,&H65,&H6D,&H20,&H64,&H69,&H73,&H6B,&HFF 
DATA &H0D,&H0A,&H44,&H69,&H73,&H6B,&H20,&H49,&H2F,&H4F 
DATA&H20,&H65,&H72,&H72,&H6F,&H72,&HFF,&H0D,&H0A,&H52 
DATA &H65,&H70,&H6C,&H61 ,&H63,&H65,&H20,&H74,&H68,&H65 
DATA &H20,&H64,&H69,&H73,&H6B,&H2C,&H20,&H61 ,&H6E,&H64 
DATA&H20,&H74,&H68,&H65,&H6E,&H20,&H70,&H72,&H65,&H73 
DATA &H73,&H20,&H61 ,&H6E,&H79,&H20,&H6B,&H65,&H79,&H0D 
DATA&H0A,&H00,&H49,&H4F,&H20,&H20,&H20,&H20,&H20,&H20 
DATA&H53,&H59,&H53,&H4D,&H53,&H44,&H4F,&H53,&H20,&H20 
DATA &H20,&H53,&H59,&H53,&H80,&H01 ,&H00,&H57,&H49,&H4E 
DATA&H42,&H4F,&H4F,&H54,&H20,&H53,&H59,&H53,&H00,&H00 
DATA &H55,&HAA 



File Listing: NET_SETS.bat 
©echo Off 

rem *** Set default LAN connect parameters 

rem this is mostly documentation for APP_SETS 

echo *** Setting Connection Parameters... 

echo *** Setting Connection Parameters.. .»%LOGFILE% 

rem 

rem *** To use Static IP uncomment and change next two 



| lines 



rem SET SubNetMask=255 255 255 0 
rem SET IPAddress=192 168 1 222 
rem 

SET NETBIOSNAME=IPTEST 
rem SET NOLOGON=NOLOGON 
SET NETCARD=E1 00B 
SET SLOT= 

SET SERVER=ISSERVER 

SET USER=ISUSER 

SET PASSWORD=ISPASSWORD 

SET DOMAIN=ISDOMAIN 

SET WORKGROUP=ISWORKGROUP 

rem 

SET DRIVE1 = 
SET SERVER1 = 
SET SHARE1 = 
SET DRIVE2= 
SET SERVER2= 
SET SHARE2= 
SET DRIVE3= 



9802| SET SERVER3= 

9803| SET SHARE3= 

9804| 

9805| 

9806| 

9807| File Listing: NETCARD.bat 
9808| 

9809| @echo %ToOff% 

981 0| rem check that we know how to do this card 
9811| 

9812| IF "%NETCARD% M =="3C90X" goto Found 
9813| IF M %NETCARD% M =="3COM" goto Found 
9814| IF M %NETCARD% M =="3C556" goto Found 
9815| IF "%NETCARD%"=="NFLX3" goto Found 
9816| IF "%N ETC A R D%" == " I B M F E " goto Found 
9817| IF "%NETCARD% M =="E100B" goto Found 
9818| IF "%N ETCARD%"=="PCNTN D" goto Found 
9819| goto NoDriver 
9820| 

9821| : Found 

9822| ECHO *** LAN CARD IS %N ETC A R D% 

9823| ECHO *** LAN CARD IS %NETCARD% »%LOGFILE% 

9824| 

9825| REM *** Create system.ini and protocol.ini 

9826| copy %RAMD%\ini\s_base.ini + % RAM D%\i n i\s_% N ETC A R D% . i n i 

| %RAMD%\net\system.ini /a >%ToNul% 
9827| copy % R A M D %\i n i\p_% N ETC A R D% . i n i %RAMD%\net\protocol.ini 

| >%ToNul% 
9828| 

9829| ECHO *** COMPUTER NAME IS %NETBIOSNAME% »%LOGFILE% 

9830| ECHO *** COMPUTER NAME IS %NETBIOSNAME% 

9831| 

9832| REM ***Change system.ini session settings 
9833| gsr %RAMD%\NET\SYSTEM.INI "A AN ET" "%RAM D%\N ET" 
| >%ToNul% 

9834| gsr % RAM D%\N ETVS YST E M . I N I "LOCALGROUP" "%WORKGROUP%" 
| >%ToNul% 

9835| gsr %RAMD%\NET\SYSTEM.INI "DOMAINLOGON" "%USER%" 
| >%ToNul% 

9836| gsr %RAMD%\NETVSYSTEM.INI "NETBIOSNAME" "%NETBIOSNAME%" 

| >%ToNul% 
9837| IF "%IPAddress%"== MM GOTO Skip 
9838| gsr%RAMD%\NET\PROTOCOL.INI "SubNetMask0=" 

| "Su bNetMaskO=%S U BN ETM ASK%" 
9839| gsr%RAMD%\NET\PROTOCOL.INI "IPAddress0= M 

| M IPAddressO=%IPAddress%" 
9840| gsr%RAMD%\NET\PROTOCOL.INI "DisableDHCP=0" 

| "DisableDHCP=1 M 
9841| :Skip 

9842| IF "%SLOT%"== MM GOTO NoSlot 
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gsr%RAMD%\NET\PROTOCOL.INI "SLOT=" "SLOT=%SLOT%" 

goto End 

:NoSlot 

gsr %RAMD%\NET\PROTOCOL.INI "SLOT= 
goto END 

:NoDriver 

ECHO *** No driver for %NETCARD%. *** 

ECHO *** No driver for %NETCARD%. *** »%LOGFILE% 

FATAL.BAT NO NIC DRIVER 

:NODETECT 

ECHO *** Failed to find a PCI NIC. *** 

ECHO *** Failed to find a PCI NIC »%LOGFILE% 

FATAL.BAT NO NIC AUTODETECT 



:END 



File Listing: NETLOGON.bat 

@echo %ToOff% 

echo *** Logon to the Lan 

echo *** Logon to the Lan»%LOG Fl LE% 

echo %PASSWORD% >%RAMD%\passwd.txt 

echo %PASSWORD% »%RAMD%\passwd.txt 

net logon %USER% %PASSWORD% /Domain :%DOMAIN% /yes 



| /savepw:YES 



del %RAMD%\passwd.txt >%ToNul% 
:END 



File Listing: NETMAIN.bat 

©echo %ToOff% 
rem Call each of the sub modules 
if not "%NOLOGON%"=="" goto :end 
if "%result%" == "OK" call NETCARD.bat 
if "%result%" == "OK" call netstart.bat 
if "%result%" == "OK" call netlogon.bat 
if "%result%" == "OK" call connect.bat 
:end 



File Listing: NETSTART.bat 
@echo %ToOff% 
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ECHO *** Starting LAN... 

echo *** Starting LAN...»%LOGFILE% 

%RAMD%\net\net initialize >%ToNul% 

%RAMD%\net\net start NETBIND >%ToNul% 

%RAMD%\net\tcptsr.exe >%ToNul% 

%RAMD%\net\tinyrfc.exe <CRS.bat >%ToNul% 

:end 



File Listing: OK_WAIT.bat 

IF NOT "%OKWAIT%"=="OKWAIT" goto end 
:again 

echo DONE 

echo . 

echo . Remove the floppy and REBOOT now. 
echo . 

echo 

fixboot /+ 

echo DONE 

echo . 

echo . Remove the floppy and REBOOT now. 
echo . 

echo 

fixboot I- 

echo DONE 

echo . 

echo . Remove the floppy and REBOOT now. 
echo . 

echo 

fixboot /+ 

echo DONE 

echo . 

echo . Remove the floppy and REBOOT now. 
echo . 

echo 

fixboot I- 
goto again 
:end 



File Listing: P_e100b.ini 

[network.setup] 
version=0x31 1 0 
netcard=$e1 00b, 1 ,$E1 00B, 1 
transport=tcpip,TCPIP 
Iana0=$e100b,1,tcpip 
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[$e100b] 

DRIVERNAME=E1 00B$ 
SLOT= 

[protman] 

drivername=PROTMAN$ 
[tcpip] 

NBSessions=6 

DefaultGatewayO= 

SubNetMaskO= 

IPAddressO= 

DisableDHCP=0 

DriverName=TCPIP$ 

BINDINGS=$e100b 

LANABASE=0 



File Listing: RESULT.bat 

@echo %ToOff% 
SET RESULT=OK 



File Listing: S_e100b.ini 

[network drivers] 
netcard=e1 OOb.dos 
transport=tcpdrv.dos,nemm.dos 
devdir=A:\NET 
LoadRMDrivers=yes 



File Listing: SETRAMD.bat 

@echo off 
set RAMD= 
a:\dos\findramd 

if errorlevel 255 goto no_ramdrive 
if errorlevel 3 set RAMD=C: 
if errorlevel 4 set RAMD=D: 
if errorlevel 5 set RAMD=E: 
if errorlevel 6 set RAMD=F: 
if errorlevel 7 set RAMD=G: 
if errorlevel 8 set RAMD=H: 
if errorlevel 9 set RAMD=I: 



9992| if errorlevel 10 set RAMD=J: 
9993| if errorlevel 11 set RAMD=K: 
9994| if errorlevel 12 set RAMD=L: 
9995| if errorlevel 13 set RAMD=M: 
9996| if errorlevel 14 set RAMD=N: 
9997| if errorlevel 15 set RAMD=0: 
9998| if errorlevel 16 set RAMD=P: 
9999| if errorlevel 17 set RAMD=Q: 
10000| if errorlevel 18 set RAMD=R: 
10001 1 if errorlevel 19 set RAMD=S: 
10002| if errorlevel 20 set RAMD=T: 
10003| if errorlevel 21 set RAMD=U: 
10004| if errorlevel 22 set RAMD=V: 
10005| if errorlevel 23 set RAMD=W: 
10006| if errorlevel 24 set RAMD=X: 
10007| if errorlevel 25 set RAMD=Y: 
10008| if errorlevel 26 set RAMD=Z: 
10009| goto okay 
10010| 

10011| :no_ramdrive 

10012| echo There has been an error booting your server. Boot 

| was not able 
10013| echo to create a RAMDRIVE. To reboot, 
10014| pause 
10015| reboot 
10016| 
10017| :okay 
10018| 
10019| 
10020| 

10021| File Listing: STARTUP.bat 
10022| 

10023| @echo %ToOff% 
10024| ECHO *** STARTUP.BAT *** 
10025| @prompt $p$g 
10026| set RESULT=OK 
10027| rem call a:\dos\setramd.bat 
10028| rem *** Setup path; APP is first so it may capture 
| calls 

10029| path=%RAMD%\APP;%RAMD%\;%RAMD%\DOS;%RAMD%\NET;%RAMD%\INI 

I ; 

10030| %ramd% 
10031| rem *** 

10032| rem *** Allow application to set LOGFILE, and signon 

| screen 
10033| REM *** 

10034| COPY A:\APPW >%ToNul% 

10035| rem LOGFILE = valid file name or NUL 

10036| set LOGFILE=%RAMD%\LOG.TXT 

10037| if exist %ramd%\APP_COPY.BAT call %ramd%\APP_COPY.BAT 
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echo *** Copying files... 

ECHO *** Copying files... »%LOGFILE% 

copy A:\*.bat >%ToNul% 

copy a:\*.cab %RAMD%\ >%ToNul% 

copy a:\fixboot.exe %RAMD%\ >%ToNul% 

rem 

echo *** Installing files... 

echo *** Installing files... »%LOGFILE% 

rem 

md \dos 
cd \dos 

copy a:\dos\*.* >%ToNul% 
cd\ 

extract /Y /E %RAMD%\data.cab >%ToNul% 
del %RAMD%\data.cab >%ToNul% 

ren % R A M D%\N ETVLM H OSTS . SAM LMHOSTS >%ToNul% 
rem 

call Net_sets.bat 

if exist %ramd%\APP_SETS.BAT call %ramd%\A PP_SETS.BAT 

call netmain.bat 

:end 



File Listing: TCPUTILS.ini 



[tcpglobal] 

drivername=GLOBAL$ 
[sockets] 

drivername=SOCKETS$ 

bindings=TCPIP_XIF 

numsockets=4 

numthreads=32 

poolsize=3200 

maxsendsize=1 024 

[telnet] 

drivername=TELN ET$ 
bindings=TCPIP_XIF 
nsessions=0 
max out sends=0 



File Listing: WE_Wait.bat 

@if NOT "%WEWAIT%" == "WEWAIT" goto end 

:again 

f ixboot /q 
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if errorlevel 1 goto oops 

goto end 

:oops 

echo STOP 

echo . You must Write Enable the floppy to . 
echo . update the status file. 

echo 

fixboot /- 
fixboot /s15 
fixboot /- 
fixboot /s15 
goto again 
:end 



File Listing: WP_Wait.bat 

@if NOT "%WPWAIT%" == "WPWAIT" goto end 
fixboot /q 

if errorlevel 4 goto waitloop 
if errorlevel 3 goto okay 
:waitloop 

echo STOP 

echo . You must Write Protect the floppy and . 
echo . reboot the computer to run restore. . 

echo 

fixboot /+ 
fixboot /s5 
goto :waitloop 
:okay 
:end 



PSM Disaster Recovery Restore Source 



The Restore system is the DOS application that will 
| restore a previously backed up system drive. --LPW 
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File Listing: CHECKSUM.pas 

unit Checksum; 

interface 

const 

CHECKSUM_IGNORE_DWORD = $f5e4d3c1 ; 
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type 

ChecksumEngine = object 
( * da ta *) 

SumAccumulator: longint; 
SumMultiplier: longint; 

(* methods *) 

procedure Start ( 

DataSizelnBytes: word; 

var Data: array of byte ); 

procedure Continue ( 
DataSizelnBytes: word; 
var Data: array of byte ); 

function GetCheckSum: longint; 
end; 



procedure WriteHex ( x: longint ); 
procedure WriteHexByte ( x: byte ); 

implementation 

const 

CHECKSUM_MULTIPLIER = $1a2b3c4d; 
CHECKSUMJNIT = $c9d4b5a2; 



r 



-*) 



procedure WriteHex ( x: longint ); 
var i: integer; 

n: integer; 
begin 

for i := 0 to 7 do begin 

n := (x SHR ((7-i)*4)) AND $0f; 
if n < 10 then 

write(n:1) 
else 

write(Chr(ord('a') + (n-10))); 

end; 
end; 



r 



procedure WriteHexByte ( x: byte ); 
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10225 
10226 
10227 
10228 
10229 



var i: integer; 

n: integer; 
begin 

for i := 0 to 1 do begin 

n := (x SHR ((1-i)*4)) AND $0f; 
if n < 10 then 

write(n:1) 
else 

write(Chr(ord('a') + (n-10))); 

end; 
end; 



*) 



procedure ChecksumEngine. Start ( 

DataSizelnBytes: word; 

var Data: array of byte ); 
begin 

SumAccumulator := CHECKSUMJNIT; 
SumMultiplier := CHECKSUMMULTIPLIER; 
Continue ( DataSizelnBytes, Data ); 
end; 

( * 

*) 



procedure ChecksumEngine. Continue ( 

D at aS ize I n Bytes : wo rd ; 

var Data: array of byte ); 
var 

i: longint; 
begin 

for i := 0 to longint(DataSizelnBytes)-1 do begin 

SumAccumulator := SumAccumulator XOR ((($100 + 



longint(Data[i])) * SumMultiplier)); 



INC (SumMultiplier); 

SumAccumulator := (SumAccumulator SHL 9) OR 



| (SumAccumulator SHR (32-9)); 



end; 
end; 



(* 

*) 



function ChecksumEngine. GetChecksum: longint; 
begin 

if SumAccumulator = CHECKSUM_IGNORE_DWORD then 
GetChecksum := $ffffffff 



10230| 


else 


10231| 


GetChecksum := SumAccumulator 


10232| 


end; 


10233| 




10234| 


begin {Unit initialization} 


10235| 


end. {Unit initialization} 


10236| 




10237| 


(*— end of file checksum. pas — *) 


10238| 




10239| 




10240| 




10241| 


File Listing: DR. pas 


10242| 




10243| 


{$define NOLOGO} 


10244| 


{ $ define NOOVERLAY} 


10245| 


{.define DEBUGOVERLAY} 


10246| 


{$define OVERLAYSCSI} 


10247| 


uses 


10248| 


{$ifndef NOOVERLAY} 


10249| 


overlay, 


10250| 


overinit, { Overlay control } 


10251| 


{$endif} 


10252| 


dos, 


10253| 


versionu, 


10254| 


in it, 


10255| 


vwinhigh, 


10256| 


vwinlow, 


10257| 


vtypes, 


10258| 


scsi, 


10259| 


scsihigh, 


10260| 


snaptype, 


10261| 


vert, 


10262| 


bitedit, 


10263| 


vgen, 


10264| 


{ ini, } 


10265| 


{ drivers,} 


10266| 


int13, 


10267| 


vbios, 


10268| 


Vlmage, Checksum, Expand; 


10269| 




10270| 


{$ifndef NOOVERLAY} 


10271| 


{$ifndef DPMI} 


10272| 


{$o viewfile} 


10273| 


{$o PCI} 


10274| 




10275| 


{$o HugeNum} 


10276| 


{$o init} 


10277| 


{$o scsihigh} 


10278| 


{$o vdos} 


10279| 


{$o vdoshigh} 



10280| 


{$o vdates} 


10281| 


{$o vtext} 


10282| 


{$ifdef OVERLAYSCSI} 


10283| 


{$o vaspi} 


10284| 


{$o vcam} 


10285| 


{$o ncrscsii} 


10286| 


{$o Compaq} 


10287| 


{$o cpqpci} 


10288| 


{$o dell} 


10289| 


{$o mylex} 


10290| 


{$o mylex3} 


10291| 


{$o amipci} 


10292| 


{$endif} 


10293| 


{$endif} 


10294| 


{$endif} 


10295| 




10296| 




10297| 


var 


10298| 


Log File : Text; 


10299| 


const 


10300| 


LogFileName = 'PSMDR.LOG'; 


10301| 




10302| 


type 


10303| 


PartitionlnfoPtr = A VolumePartitionlnformation; 


10304| 


var 


10305| 


Partitionlnfo: PartitionlnfoPtr; 


10306| 




10307| 


type 


10308| 


optype = (manual, auto); 


10309| 


var 


10310| 


opmode : optype; 


10311| 


Autotask : integer; 


10312| 




10313| 


type 


10314| 


int64parts = (lowpart,highpart); 


10315| 


int64 = array [int64parts] of longint; 


10316| 




10317| 


pDeviceArray = A tDeviceArray; 


10318| 


tDeviceArray = Array[1 ..10] of longint; 


10319| 




10320| 


tVolume = record 


10321| 


Drive : pSCSIUnit; 


10322| 


VolStartSector : Longint; 


10323| 


{ VolumeSizeinSectorsNTFS : Longint; } 


10324| 


PartitionSizeinSectorsMBR : Longint; 


10325| 


{ SerialNumber: Longint; } 


10326| 


end; 


10327| 




10328| 


Sourceltem = record 


10329| 


PathName : string; 



10330| State : String; 
1 0331 1 StatusMsg : String; 
10332| VolSize : int64; 
10333| end; 

10334| { tSourcelmageList = Array[1 ..15] of Sourceltem; } 

10335| { pSourcelmageList = A tSourcelmagel_ist; } 

10336| 

1 0337| const 

1 0338| MaxBackupDepth = 9; 
1 0339| MaxBackupLocations = 3; 
10340| 
10341| var 

10342| Sou reel mageList : 

| Array[1..MaxBackupLocations*MaxBackupDepth] of 

| Sourceltem; 
10343| NumSourcelmages : longint; 
1 0344| Target : tVolume; 
1 0345| Task : integer; 
10346| 
1 0347| const 

10348| ProgramLongName = 'PSM DR'; 
10349| 

10350| cValidate =1; 
10351| cValidateAII =2; 
10352| cRecover =3; 
10353| cFind =4; 
10354| 

10355| SECTOR_SIZE =512; 
10356| 

10357| NumTasks = 4; 

1 0358| TaskList : Array[1 ..NumTasks] of string = 

| ('ValidateWalidate Air, 
10359| 

| 'RecoverVFind'); 
10360| 

1 0361 1 TaskDone : Array[1 ..NumTasks] of string = 

| ('ValidWalid', 
10362| 

| 'Restored','Exists'); 
10363| 

1 0364| TaskReached : Array[1 ..NumTasks] of string = 

| ('ValidatedWalidated 1 , 
10365| 

| 'RestoredVThisisaBug'); 
10366| 

1 0367| TaskFail : Array[1 ..NumTasks] of string = 

| CFailedVFailed', 
10368| 

| 'FailedVFailed 1 ); 
10369| 



10370| TaskDoneLog : Array[1 ..NumTasks] of string = ( 
1 0371 1 The backup image is 

| completely valid.', 
1 0372 1 The backup image is 

| completely valid.', 
1 0373| The backup image has been 

| restored and is rebootable.', 
1 0374| 'The backup image has been 

| located.'); 

10375| { 'This message should not be 

I logged.'; } 
10376| 
10377| 
10378| { 

1 0379| Callback procedure from init to display help when 

| the user does /? on the 
10380| command line 
10381| } 

10382| Procedure PSMDRHelp; far; 

10383| Var 

10384| i : integer; 

10385| Ch : Char; 

10386| Begin 

10387| i:=1; 

10388| 

10389| while(i>0)do 

10390| Begin 

10391| clrscr; 

10392| writeln; 

1 0393| writelnC PSM DR v1 .0'); 

10394| {$ifdef NOCOPYRIGHT} 

10395| writeln('(c) Copyright 1989-2001 CDP, Inc.'); 
10396| {$else} 

10397| writelnf(c) Copyright 1989-2001 Columbia Data 

| Products, Inc.'); 
10398| {$endif} 
10399| writeln; 
10400| 

10401| case i of 
10402| 1: Begin 

10403| writeln('Misc. Command line options'); 

10404| writeln; 

1 0405| writelnf/? = This screen'); 

10406| writeln; 
10407| end; 
10408| 2: Begin 

10409| writeln('SCSI and RAID Controller 

| command line options'); 
10410| writeln; 

1 041 1 1 writeln (Vaspi = Force using ASPI'); 



10412| writeln(Vsdlp = Force using SDLP'); 

10413| writeln(Vcompaq= Force using Compaq 

| SMART Array'); 
10414| writeln(Vcpqpci= Force using Compaq 

| PCI SMART Array 2'); 
10415| writeln(Vdell = Force using DELL 

| RAID'); 

1 041 6| writeln(Vmylex = Force using Mylex 

| DAC960 Firmware version < 3.00'); 
10417| writeln('/mylex3= Force using Mylex 

| DAC960 Firmware version >= 3.00'); 
10418| writeln('/amimega=Force using AMI 

| MegaRAID'); 
10419| writeln('/cam = Force using CAM'); 

10420| writeln('/ncr = Force using NCR 

| SCSI'); 

10421 1 writeln('/int13 = Force using INT 

I 13h'); 
10422| writeln; 

10423| writeln ('/wide = Scan target id"s 

| 0-16 (Default is 0-7)'); 
10424| writeln('/lun = Scan lun"s 0-7 

| (Default is to scan LUN 0 only)'); 
10425| writeln('/eb = Use alternate method 

| of locating INT 13h devices'); 
10426| writeln ('/bios = Use the bios instead 

| of cmos for drive types'); 
10427| writeln; 
10428| end; 
10429| end; 
10430| 

1 0431 1 writeln('Press <1 > for general options, <2> for 

| scsi options, <ESC> to quit'); 
10432| ch := Readkey; 
10433| case ch of 
10434| T:i:=1; 
10435| '2' : i := 2; 

10436| #27 : i := 0; 

10437| #13, 
10438| ":inc(i); 
10439| end; 
10440| 

10441| if (l>2)then l:=1; 
10442| 

10443| end; 
10444| Halt; 
10445| End; 
10446| 

10447| Function DecideOpMode :BOOLEAN ; 
10448| 



10449| var 

10450| ch :Char; 

10451| DelayTicks : Longint; 

10452| 

10453| const 

10454| timelimit = 15; 

10455| 

10456| BEGIN 
10457| 

10458| { OpMode := auto;} 
1 0459| if AutoBackup then 
10460| begin 

1 0461 1 WNewMsg('Splash',White,Blue,Blue,Cyan, 
10462| 

| Programl_ongName+T+ 
10463| 'Automatic 

| processing will begin in xx seconds|'+ 
1 0464| '| A keypress now 

| or anytime during program|'+ 
10465| 'operation will 

| return to manual control. |'); 
10466| 
10467| 

10468| DelayTicks := BiosMemMap A .TimerTicksToday + 

| (timelimit* 18); 
10469| 

10470| Repeat 

1 0471 1 if keypressed then 

10472| 

10473| Begin 

10474| { OpMode := manual;} 

1 0475| AutoBackup:=false; 

10476| 

10477| Ch := ReadKey; 

1 0478| if upcase(ch)='P' then 

10479| Readkey 

10480| Else 

10481| Begin 

10482| if ch = #0then 

10483| Readkey; 

10484| 

10485| DelayTicks := 0 

10486| End; 
10487| End; 
10488| 

10489| gotoxy (38,03); 

1 0490| write((DelayTicks - 

| BiosMemMap A .TimerTicksToday) div 18+1:2); 
10491| 

1 0492| Until BiosMemMap A .TimerTicksToday >= 



I DelayTicks; 
104931 

WDispose('Splash'); 
end; 



10494 
10495 
10496 
10497 
10498 
10499 
10500 



state 



10501 
10502 

I) 
10503 
10504 
10505 
10506 
10507 
10508 
10509 
10510 
10511 
10512 
10513 
10514 
10515 
10516 
10517 
10518 
10519 
10520 
10521 
10522 
10523 
10524 
10525 
10526 
10527 
10528 
10529 
10530 
10531 
10532 
10533 
10534 
10535 
10536 
10537 
10538 
10539 



{ if Opmode=auto then} 
if AutoBackup then 
begin 

{ need code here to look at a:\ write protect 



to decide if autovalidate or autorecover. 
For now let's autorecover. 

Task := cRecover; 
end; 

END; 
{ 

I really need to move this to a library... 

} 

Function Zero ( W : Word ) : String; 
Var 

s : String; 
Begin 

Str(w:2,s); 

If s[1]="Then 
s[1] := -0'; 

Zero := s; 
End; 

Function Hex ( x: longint ): string; 
var 

i: integer; 

n: integer; 

h: string; 

begin 
h := "; 

for i := 0 to 7 do begin 

n := (x SHR ((7-i)*4)) AND $0f; 
if n < 1 0 then 

h := h + chr(ord('0')+n) 
else 

h := h + Chr(ordCa')+n-10); 

end; 

Hex := h; 
end; 

Function HexByte ( x: longint ): string; 



10540 
10541 
10542 
10543 
10544 
10545 
10546 
10547 
10548 
10549 
10550 
10551 
10552 
10553 
10554 
10555 
10556 
10557 
10558 
10559 
10560 
10561 
10562 
10563 
10564 
10565 
10566 
10567 
10568 
10569 
10570 
10571 
10572 
10573 
10574 
10575 
10576 
10577 
10578 
10579 
10580 
10581 
10582 
10583 
10584 
10585 
10586 
10587 
10588 
10589 



var 

i: integer; 
n: integer; 
h: string; 

begin 

h := "; 

for i := 0 to 1 do begin 

n := (x SHR ((1-i)*4)) AND $0f; 
if n < 1 0 then 

h := h + chr(ord('0')+n) 
else 

h := h + Ch^ordCa'J+n-IO); 

end; 

Hex Byte := h; 
end; 



Procedure OpenLogFile; 
var 

Open : Boolean; 
BEGIN 

System. assign (LogFile, LogFileName); 
{$!-} 

System. append (LogFile); 

if System. lOresult <> 0 then begin 

System. rewrite (LogFile); 
end; 
{$!+} 



{fixfixfix — need to report to screen I guess. 
} 

if System. lOresult <> 0 then begin 

Open := false; 
end else begin 

Open := true; 
end; 

end; 

Procedure CloseLogFile; 
BEGIN 
{$!-} 



10590| System.close (LogFile); 

10591| {$1+} 

10592| 

10593| end; 

10594| 

10595| { 

10596| } 

10597| Function VolBytesToSectors( NumBytes: int64 ) : 

| Longint; 
10598| 
10599| var 

10600| SectorUpper : longint; 
1 0601 1 SectorLower : longint; 
10602| SectorCarry : longint; 
10603| 

10604| Begin 
10605| 
10606| { 

1 0607| true 32+ bit voladdress handling code 

10608| NEED TO CHECK -1: not greater than 40 bit ( ie 

| sectornum < 32bit !!!! 
10609| } 

10610| SectorUpper := (NumBytes[HighPart] shl 1 6 + 

| NumBytes[LowPart] shr 16 ) 
10611| 

| div SECTOR_SIZE; 
10612| SectorCarry := (NumBytes[HighPart] shl 16 + 

| NumBytes[LowPart] shr 16 ) 
10613| 

| mod SECTOR_SIZE; 
1 061 4| SectorLower := (SectorCarry shl 1 6 + 

| NumBytes[LowPart] and $ffff ) 
10615| 

| div SECTOR_SIZE; 
10616| { 

10617| NEED TO CHECK -2: 

10618| 0 = (SectorNumCarryPart1«16 + 

| Prefix. UserData[0]& 16 ) 
10619| 

| mod SECTOR_SIZE ) 
10620| NEED TO CHECK -3: 
10621 1 0 = DataSize2<>0 and (DataSizel mod 

| SECTOR_SIZE )<>0 
10622| } 

1 0623| VolBytesToSectors := (SectorUpper shl 1 6) or 

| SectorLower; 
10624| 
10625| end; 
10626| 
10627| 



10628| {$1 fscommon.inc} 
10629| { 

1 0630| Builds an MBR partition record for the target 

| volume. 
10631| } 

10632| Function BuildPartitionRec( var Mbr: tMBR; var 
| VolSizeinBytes ) : Longint; 



10633| 






10634| 


var 




10635| 


VolSizelnSectors : Longint; 


10636| 


VolLastSectorNTFS : Longint; 


10637| 


PartitionLastSectorMBR : Longint; 


10638| 


Cylinder 


Word; 


10639| 






10640| Const 




10641| 


Partitionl : 


tPartRec = ( 


10642| 




Bootable : $80; 


10643| 




BeginHead :$01; 


10644| 




BeginSector : $01 ; 


10645| 




BeginCyl :$00; 


10646| 




FileSystem : cNTFS; 


10647| 




EndHead : $99; 


10648| 




EndSector : $aa; 


10649| 




EndCyl : $bb; 


10650| 




StartSector : $cdefcdef; 


10651| 




Sectors ize : $fcdefcde ); 


10652| 






10653| Begin 




10654| 






10655| 


Mbr.Part[1] 


:= Partitionl ; 


10656| 


Mbr.Part[1].StartSector := Target.Drive 


10657| 






10658| 


VolSizelnSectors := 



| VolBytesToSectors(int64(VolSizeinBytes)); 
1 0659| { add Vol start which is start of 2nd absolute 
| track - i.e 

1 0660| allow for first track which the MBR has to itself 
I} 

1 0661 1 VolLastSectorNTFS := VolSizelnSectors + 

| Target. Drive A .SPT -1; 
10662| 

1 0663| LBAToCHS( VolLastSectorNTFS, 



1 0664| Target.Drive A .SPT, 

1 0665| Target.Drive A . Heads, 

10666| Cylinder, 

10667| Mbr.Part[1]. EndHead, 

1 0668| Mbr. Part[1 ] .EndSector ) ; 

10669| 



10670| { looks like NOT NEEDED as Ntfs gives back the 
| true rounded partition } 



1 0671 1 { leave for now as leads to setting value in 

| PartitionLastSectorMBR } 
10672| 

10673| {Round Partition in MBR terms to a cylinder 
| boundary } 

10674| Mbr.Part[1].EndHead := Target. Drive A . Heads -1; 
10675| Mbr.Part[1].EndSector := Target.Drive A .SPT; 
10676| 

1 0677| {Then need to reevaluate Last sector } 
10678| CHStoLBA( Cylinder, 



10679| Mbr.Part[1].EndHead, 

10680| Mbr.Part[1].EndSector, 

1 0681 1 Target.Drive A .SPT, 

1 0682| Target.Drive A . Heads, 

10683| PartitionLastSectorMBR ); 
10684| 



10685| Mbr.Part[1].SectorSize := PartitionLastSectorMBR 

| +1 -Target.Drive A .SPT; 
10686| 

1 0687| ConvertCHSToPackedCHS( 



10688| Cylinder, 

10689| Mbr.Part[1].EndHead, 

10690| Mbr.Part[1].EndSector); 

10691| 



10692| Mbr.Part[1].EndCyl := Cylinder; 

10693| 

10694| 

10695| end; 

10696| 

10697| { 

1 0698| Find or create target Volume partition. 
10699| Handles validation and write if nec. of MBR. 
1 0700 1 Returns the partition's Start Sector number. 
10701| } 

10702| Function FindTargetVolume(var SourcePart : 
| VolumePartitionlnformation; Action :longint ) : 
| Longint; 

10703| var 

10704| VolSizelnSectors : Longint; 
10705| VolStartSector : Longint; 
10706| TargetMbr : tMBR; 
10707| Err : Longint; 
10708| 

10709| Const 

10710| DosMBR : Array[0..51 1] of byte = ( 

1 071 1 1 $FA,$33,$C0,$8E, $D0,$BC,$00,$7C, 

| $8B,$F4,$50,$07, $50,$1 F,$FB,$FC, 
10712| $BF,$00,$06,$B9, $00,$01 ,$F2,$A5, 

| $EA,$1 D,$06,$00, $00,$BE,$BE,$07, 
10713| $B3,$04,$80,$3C, $80,$74,$0E,$80, 



I $3C,$00,$75,$1C, $83,$C6,$10,$FE, 
1 071 4| $CB,$75,$EF,$CD, $1 8,$8B,$1 4,$8B, 

| $4C,$02,$8B,$EE, $83,$C6,$10,$FE, 
1 071 5| $CB,$74,$1 A,$80, $3C,$00,$74,$F4, 

| $BE,$8B,$06,$AC, $3C,$00,$74,$0B, 
1 071 6| $56,$BB,$07,$00, $B4,$0E,$CD,$1 0, 

| $5E,$EB,$F0,$EB, $FE,$BF,$05,$00, 
1 071 7| $BB,$00,$7C,$B8, $01 ,$02,$57,$CD, 

| $13,$5F,$73,$0C, $33,$C0,$CD,$13, 
10718| $4F,$75,$ED,$BE, $A3,$06,$EB,$D3, 

| $BE,$C2,$06,$BF, $FE,$7D,$81 ,$3D, 
10719| $55,$AA,$75,$C7, $8B,$F5,$EA,$00, 

| $7C,$00,$00,$49, $6E,$76,$61,$6C, 
1 0720| $69,$64,$20,$70, $61 ,$72,$74,$69, 

| $74,$69,$6F,$6E, $20,$74,$61 ,$62, 
1 0721 1 $6C,$65,$00,$45, $72,$72,$6F,$72, 

| $20,$6C,$6F,$61, $64,$69,$6E,$67, 
1 0722| $20,$6F,$70,$65, $72,$61 ,$74,$69, 

| $6E,$67,$20,$73, $79,$73,$74,$65, 
10723| $6D,$00,$4D,$69, $73,$73,$69,$6E, 

| $67,$20,$6F,$70, $65,$72,$61 ,$74, 
10724| $69,$6E,$67,$20, $73,$79,$73,$74, 

| $65,$6D,$00,$00, $00,$00,$00,$00, 
10725| $00,$00,$00,$00, $00,$00,$00,$00, 

| $00,$00,$00,$00, $00,$00,$00,$00, 
10726| $00,$00,$00,$00, $00,$00,$00,$00, 

| $00,$00,$00,$00, $00,$00,$00,$00, 
10727| $00,$00,$00,$00, $00,$00,$00,$00, 

| $00,$00,$00,$00, $00,$00,$00,$00, 
10728| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10729| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10730| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
1 0731 1 $00,$00,$00,$00, $00,$00,$00,$00, 

| $00,$00,$00,$00, $00,$00,$00,$00, 
10732| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10733| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10734| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10735| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10736| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10737| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
10738| $00,$00,$00,$00, $00,$00,$00,$00, 



I $00,$00,$00,$00, $00,$00,$00,$00, 
1 0739| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
1 0740| $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
1 0741 1 $00,$00,$00,$00, $00,$00,$00,$00, 

I $00,$00,$00,$00, $00,$00,$00,$00, 
1 0742| $00,$00,$00,$00, $00,$00,$00,$00, 

| $00,$00,$00,$00, $00,$00,$55,$AA 
10743| ); 
10744| 
10745| 

10746| Begin 
10747| 

1 0748| Target. PartitionSizeinSectorsMBR 
10749| := 

| VolBytesToSectors(int64(SourcePart.PartitionLength)); 
1 0750| Target.VolStartSector := 

| VolBytesToSectors(int64(SourcePart.StartingOffset)); 
10751| 

10752| Err := Scsi_DasdRead( Target. Drive, 1 , 0, 512, 

| @TargetMbr ); 
10753| if Err=0then 
10754| begin 

1 0755| {log what we found} 

10756| write (Logfile, 'MBR - SerialNum = Ox' ); 

10757| write (Logfile, Hex(TargetMbr.SerialNumber)); 

10758| writeln(Logfile); 

10759| write (Logfile, 'MBR - Partition ' ); 

10760| write (Logfile, 

| HexByte(SourcePart.PartitionNumber)); 
10761 1 write (Logfile, ': Type = Ox' ); 
10762| write (Logfile, HexByte(TargetMbr.Part 
10763| 

| [SourcePart.PartitionNumber].FileSystem)); 
1 0764| write (Logfile, ' StartSector = Ox' ); 
10765| write (Logfile, Hex(TargetMbr.Part 
10766| 

| [Sou rcePart.PartitionNumber]. StartSector)); 
10767| write (Logfile, ' Size in sectors = Ox' ); 
1 0768| write (Logfile, Hex(TargetMbr. Part 
10769| 

| [Sou rcePart. PartitionNu mber] . SectorSize)) ; 
10770| writeln(Logfile); 
10771| writeln(Logfile); 
10772| 

10773| if ( TargetMbr.ld = cFDISKID ) and 
10774| ( 

| TargetMbr.Part[SourcePart.PartitionNumber].FileSystem = 

| cNTFS ) and 



10775| ( 

| TargetMbr.Part[SourcePart.PartitionNumber].SectorSize = 
10776| 

| Target. PartitionSizelnSectorsMBR ) and 
10777| ( 

| TargetMbr.Part[SourcePart.PartitionNumber].StartSector 

1 = 
10778| 

| Target.VolStartSector ) and 
1 0779| ( TargetMbr.SerialNumber = 

| SourcePart.DiskSerialNumber ) then 
10780| 

1 0781 1 Begin {use existing mbr} 
10782| { FindTargetVolume := 

10783| 

| TargetMbr.Part[SourcePart.PartitionNumber].StartSector;} 
10784| end else 
10785| begin 

10786| if (TargetMbr.ld <> cFDISKID) or 

10787| 

10788| (( TargetMbr.ld = cFDISKID ) and 

10789| ( TargetMbr.Part[1].FileSystem = 0 ) 

| and 

10790| ( TargetMbr.Part[2].FileSystem = 0 ) 

| and 

10791 1 ( TargetMbr.Part[3].FileSystem = 0 ) 

| and 

10792| ( TargetMbr.Part[4].FileSystem = 0 )) 

| then 
10793| 

1 0794| Begin {create new mbr with single 

| partition} 

1 0795| if Action = cRecover then 

10796| begin 

10797| 

| move(DosMBR,TargetMbr,sizeof(tMBR)); 
10798| 

| BuildPartitionRec(TargetMbr,SourcePart.PartitionLength); 
1 0799| TargetMbr.SerialNumber := 

| SourcePart.DiskSerialNumber; 
10800| 

1 0801 1 Err := Scsi_DasdWrite( 

| Target. Drive, 1, 0, 512, @TargetMbr ); 
10802| end; 
10803| end else 

1 0804| Begin {Give up (for now). We daren't 

| overwrite the target} 
10805| Err := -1; 

10806| end; 
10807| end; 



10808| end; 
10809| 

10810| FindTargetVolume := Err; 
10811| End; 
10812| 
10813| var 

10814| GlobalScreenUpdate : Integer; 

10815| { 

| , 

10816| { Code basically filched from VITEST.PAS 

| } 

10817| { (only amended to run as function 

| instead of program) — } 

10818| { 

| } 

10819| Function ProcessChunk ( 

10820| var Prefix: ChunkPrefix; 

1 0821 1 var Datal : array of byte; 

10822| var Data2: array of byte; 

10823| DataSizel: word; 

10824| DataSize2: word; 

10825| ImageNum : Longint; 

1 0826| Action: Longint ) : tSCSIError; 

10827| 

10828| var 

10829| Where:String; 
10830| Where2:String; 
10831| Err : tSCSIError; 
10832| SectorNumChunkPartl : Longint; 
10833| bigint : int64; 
10834| ch :Char; 
10835| 
10836| begin 
10837| 
| { 

| 

1 0838| This procedure gets called every time a valid 
| chunk is read. 

1 0839| Valid means that the correct amount of data was 
| available in 

1 0840| the file, and that both the prefix and data 

| checksums were 
10841| correct. 
10842| 



10843| 

10844| Err:=0; 
10845| 

1 0846| case Prefix. ChunkType of 



1 0847| VICT_START: begin 

1 0848| (* Put code here to process START chunk *) 

10849| writeln (Logfile, 'Found START chunk.' ); 
10850| 
10851| { 

10852| SourcelmageList[lmageNum].VolSize[LowPart] 

| := Prefix. UserData[0]; 

10853| SourcelmageList[lmageNum].VolSize[HighPart] 

| := Prefix.UserData[1]; 
10854| } 

10855| write (Logfile, 'Volume Size In Bytes = 
I Ox' ); 

10856| Write (Logfile, Hex(Prefix.UserData[1])); 

1 0857| Write (Logfile, Hex(Pref ix.UserData[0])); 

10858| writeln(Logfile); 
10859| 

10860| write (Logfile, 'Number of Used Clusters = 
I Ox' ); 

1 0861 1 Write (Logfile, Hex(Pref ix.UserData[3])); 

1 0862| Write (Logfile, Hex(Pref ix.UserData[2])); 

10863| writeln(Logfile); 
10864| 

1 0865| write (Logfile, 'Cluster Size in Bytes = 
I Ox' ); 

1 0866| Write (Logfile, Hex(Pref ix.UserData[4])); 

10867| writeln(Logfile); 

10868| writeln(Logfile); 
10869| 

10870| end; 
10871| 

10872| VICT_PARTITION_INFO: begin 

1 0873| (* Put code here to process the volume's 

| partition information *) 
10874| 

10875| Partitioning := NIL; 
10876| 

10877| writeln (Logfile, 'Found PARTITIONJNFO 

| chunk. (Data size is ', 

10878| DataSizel, 

10879| ', struct size is ', 

1 0880| sizeof(VolumePartitionlnformation), 

10881| ')'); 
10882| 

10883| Partitioning := PartitionlnfoPtr(@Data1); 
10884| 

1 0885| write (Logfile, 'Starting Offset = Ox' 

I); 

10886| write (Logfile, 

| Hex(Partitionlnfo A .StartingOffset.HighPart)); 

10887| write (Logfile, 



I Hex( Partitio n I nf o A .Starti ngOffset . LowPart)) ; 
10888| writeln(Logfile); 
10889| 

10890| write (Logfile, 'Partition Length = Ox' 

I); 

10891| write (Logfile, 

| Hex(Partitionlnfo A .PartitionLength.HighPart)); 
10892| write (Logfile, 

| Hex(Partitionlnfo A .PartitionLength. LowPart)); 
10893| writeln(Logfile); 
10894| 

10895| write (Logfile, 'Partition Number = Ox' 

I); 

10896| write (Logfile, 

| Hex(Partitionlnfo A .PartitionNumber)); 
10897| writeln(Logfile); 
10898| 

1 0899| write (Logfile, 'Partition Type = Ox' 

I); 

10900| write (Logfile, 

| HexByte(Partitionlnfo A .PartitionType)); 
10901| writeln(Logfile); 
10902| 

10903| write (Logfile, 'Boot Indicator = Ox' 

I); 

10904| write (Logfile, 

| HexByte(Partitionlnfo A .Bootlndicator)); 
10905| writeln(Logfile); 
10906| 

10907| write (Logfile, 'Recognized Partition = 

I Ox'); 

10908| write (Logfile, 

| HexByte(Partitionlnfo A .RecognizedPartition)); 
10909| writeln(Logfile); 
10910| 

1 091 1 1 write (Logfile, 'Reserved 

I Ox'); 

10912| write (Logfile, 

| HexByte(Partitionlnfo A . Reserved)); 
10913| writeln(Logfile); 
10914| 

10915| write (Logfile, 'DiskSerialNumber = Ox'); 

10916| write (Logfile, 

| Hex(Partitionlnfo A . DiskSerialNumber)); 
10917| writeln(Logfile); 
10918| writeln(Logfile); 
10919| 

10920| SourcelmageList[lmageNum].VolSize[HighPart] 

I > 
10921| 



I Partitionlnfo A .PartitionLength.HighPart; 
10922| SourcelmageList[lmageNum].VolSize[LowPart] 

I > 
10923| 

| Partitionlnfo A .PartitionLength.LowPart; 
10924| 

10925| { SourcelmageList[lmageNum].SerialNumber := 
10926| 

| Partitionlnfo A .DiskSerialNumber;} 
10927| 

10928| Err := FindTargetVolume(Partitionlnfo A , 

| Action); 
10929| 

10930| end; 
10931| 

1 0932| VICT_GRANULE: begin 

10933| (* Put code here to process GRANULE chunk 

D 
10934| 

10935| { SectorNumChunkPartl := Prefix. UserData[0] 

| div SECTOR_SIZE;} 
10936| Biglnt[lowpart] := Prefix. UserData[0]; 

10937| Biglnt[highpart] := Prefix.UserData[1]; 

10938| SectorNumChunkPartl := 

| VolBytesToSectors(Biglnt); 
10939| 

1 0940| if Action = cRecover then 

10941| begin 

1 0942| if DataSizel <>0 then 

10943| begin 

10944| Err := Scsi_DasdWrite( 

| Target. Drive, 
10945| 

| (DataSizel +SECTOR_SIZE-1) div SECTOR_SIZE, 
10946| 

| SectorNumChunkPartl + Target. VolStartSector, 



10947| DataSizel, 
10948| @Data1 
10949| ); 
10950| 

1 0951 1 if (Err=0) and (DataSize2<>0) then 

10952| Begin 

1 0953| Err := Scsi_DasdWrite( 



| Target. Drive, 
10954| 

| (DataSize2+SECTOR_SIZE-1) div SECTOR_SIZE, 
10955| 

| SectorNumChunkPartl + Target. VolStartSector 
10956| 

| +(DataSize1 div SECTOR_SIZE) , 



10957| DataSize2, 
10958| @Data2 
10959| ); 
10960| End; 
10961| 

10962| if ErroO then 

10963| Begin 

10964| write(Logfile, 'Error \Err, ' 

| writing chunk starting at sector Ox'); 
10965| Write(Logfile, 

| Hex(SectorNumChunkPartl)); 
10966| writeln(Logfile); 
10967| end; 
10968| end; 
10969| end; 
10970| 

1 0971 1 inc(GlobalScreenUpdate); 

1 0972| if(GlobalScreenUpdate>=50) and (Err=0) then 

10973| Begin 

1 0974| GlobalScreenUpdate:=0; 
10975| 

10976| str((SectorNumChunkPart1 div 

| 2048), Where); 
1 0977| str(SectorNumChunkPart1 ,Where2); 

10978| Wmessage(TaskDone[Action] + ' up to '+ 

| Where + ' MB' + ' Sector='+Where2, White, Blue); 
1 0979 1 if keypressed then 

10980| begin 

10981 1 while keypressed do Ch := ReadKey; 

1 0982| writeln (LogFile, 'Operator pressed 

| key at sector ', Where2); 
10983| WNewMsgC ',White,Blue,Blue,Cyan, 

10984| 'The'+ 

| Taskl_ist[Action] + 
10985| 'has been 

| interrupted from the keyboard. |'+ 
10986| '|Abandoning here 

| will lose whatever has |'+ 
1 0987| 'been achieved so 

| far and if recovering |'+ 
10988| 'may leave disk 

| inconsistent!'+ 
10989| '| | Press escape to 

| continue the '+ Taskl_ist[Action]+ 
10990| '|Any other key to 

| abandon the '+ Taskl_ist[ Action]); 
10991| 

10992| Ch := ReadKey; 

1 0993| if (chochr(27)) then 

10994| Err := -3; 



10995| while keypressed do Ch := ReadKey; 

10996| 

1 0997| AutoBackup := false; 

10998| WDisposef '); 

10999| end; 

11000| End; 

11001| end; 

11002| 

11003| VICT_FINISH: begin 

1 1 004| (* Put code here to process FINISH chunk *) 

11005| end; 
11006| end; 

1 1 007| ProcessChunk := Err; 
11008| end; 
11009| 
11010| { 

1 101 1 1 procedure DumpPrefix ( var Prefix: ChunkPrefix ); 

11012| var i: integer; 

11013| begin 

11014| writeln ( 'Prefix 

11015| 

11016| write ( ' PrefixChecksum = ' ); 

1 1017| WriteHex ( Prefix. PrefixChecksum ); 

11018| writeln; 

11019| 

1 1 020| write ( ' ChunkChecksum = ' ); 

1 1 021 1 WriteHex ( Prefix. ChunkChecksum ); 

11022| writeln; 

11023| 

1 1 024 1 write ( ' ChunkType = ' ); 

1 1 025| WriteHex ( Prefix. ChunkType ); 

11026| writeln; 
11027| 

1 1 028 1 write ( ' PrefixSize = ' ); 

1 1 029| WriteHex ( Prefix. PrefixSizelnBytes ); 

11030| writeln; 

11031| 

11032| writeC ChunkSize = ' ); 

1 1 033| WriteHex ( Prefix.ChunkSizelnBytes ); 

11034| writeln; 

11035| 

1 1 036| for i := 0 to VOLIMAGE_MAX_USER_DATA do begin 

1 1 037| write ( ' UserData[\ i:2, '] = ' ); 

1 1 038| WriteHex ( Prefix. UserData[i] ); 

11039| writeln; 

11040| end; 

11041| 

1 1 042| for i := 0 to 6 do begin 

11043| writeC Reserved[\ i:1, '] = ' ); 



1 1 044| WriteHex ( Prefix. Reserved[i] ); 

11045| writeln; 

11046| end; 
11047| 

11048| writeln ( 

| ); 

11049| end; 
11050| } 
11051| 

11052| function GetStatusMsg(status: tSCSIError): string; 

11053| begin 

11054| case status of 

11055| -1: 

| GetStatusMsg := 'Valid MBR - partition mismatch'; 
11056| -2: 

| GetStatusMsg := 'Source image not found'; 
11057| -3: 

| GetStatusMsg := 'Process cancelled by operator'; 
1 1 058| { CFE READ ERROR: 

| GetStatusString := 'Error reading from input file'; 
1 1 059| CFE_OUT_OF_MEMORY: GetStatusString 

| := 'Out of memory'; 
1 1060| CFE_CHECKSUM_FAILURE: GetStatusString 

| := 'Checksum failure'; 
1 1061 1 CFE_UNKNOWN_COMPRESSION_TYPE: GetStatusString 

| := 'Unknown data compression type'; 
1 1062| CFE_CANNOT_OPEN_CONTINUATION: GetStatusString 

| := 'Cannot open continuation file'; 
1 1063| CFE_CHUNK_COUNTER_MISMATCH: GetStatusString 

| := 'Chunk counter mismatch'; 
1 1 064| CFE_MISSING_CONTINUATION_CHUNK: GetStatusString 

| := 'Missing continuation chunk'; 
11065| } 

1 1 066| else GetStatusMsg := 

| 'Unknown MyStatus'; 
11067| end; 
11068| end; 
11069| 
11070| { 
11071| } 

11072| function ActOnlmage(lmageNum : Longint ; Action 

| :Longint ): boolean; 
11073| 
11074| type 

1 1 075| ChunkDataPointer = A ChunkDataBuffer; 
1 1 076| ByteArray = array [0..0] of byte; 
11077| 
11078| var 

11079| Prefix: ChunkPrefix; 

11080| Processor: ChunkFileProcessor; 



11081| FilePath: string; 

1 1 082| Datal : ChunkDataPointer; 

1 1 083| Data2: ChunkDataPointer; 

11084| DataSizel: word; 

11085| DataSize2: word; 

1 1 086| Status: ChunkFileStatus; 

11087| MyStatus: tSCSI Error; 

11088| ChunkNumber: longint; 

1 1 089| Happy, Finished: boolean; 

11090| 

11091| 

11092| begin 

11093| new (Datal); 

11094| new(Data2); 

11095| Happy := true; 

11096| Finished := false; 

1 1 097| Status := CFE_SUCCESS; 

11098| 

11099| FilePath := SourcelmageList[lmageNum].PathName; 

11100| ChunkNumber := 0; 

11101| if NOT Processor.OpenPath_SearchAIIDrives(FilePath) 
| then begin 

1 1 1 02| writeln (LogFile, 'Error: Could not open backup 

| set in path "', FilePath, ); 

11103| MyStatus := -2; 

11104| Happy := false; 

11105| end else begin 

1 1 1 06| if action <> cFind then 

11107| begin 

1 1 1 08| while Happy and not Finished do begin 

1 1 1 09 1 Happy := Processor.GetNextChunk ( 

11110| Prefix, 

11111| Datal A , 

11112| Data2 A , 

11113| DataSizel, 

11114| DataSize2, 

11115| Status); 

11116| 

11117| if not Happy then begin 

11118| writeln (Logfile, '!!! Could not 

| read chunk number ', ChunkNumber ); 

11119| writeln (Logfile, '!!! Continuation 

| Number = Processor.ContinuationNumber ); 

11120| writeln (Logfile, 

| GetStatusString(Status) ); 

11121| end else begin 

11122| Happy := 

| ExpandData(Prefix,Data1 A ,Data2 A ,DataSize1,DataSize2); 

1 1 1 23 1 if Happy then begin 

1 1 1 24| MyStatus := ProcessChunk ( 



I Prefix, Data1 A , Data2 A , DataSizel, DataSize2, ImageNum, 
| Action ); 

1 1 1 25| if MyStatus <> 0 then begin 

1 11 26| write (LogFile, 'Process 

| chunk Returned error ' ); 
11127| write (Logfile, 

| Hex(MyStatus)); 
11128| writeln (Logfile); 

11129| Happy := false; 

11130| end; 
11131| INC (ChunkNumber); 

1 1 1 32 1 if Prefix. ChunkType = 

| VICT_FINISH then begin 
11133| writeln (LogFile, 'Found 

| FINISH chunk - backup image is complete.' ); 
11134| Finished := true; 

11135| end; 
11136| end; 
11137| end; 
11138| end; 
11139| end; 
11140| 

11141| Processor.Close; 

11142| end; 

11143| 

1 1 1 44| if Happy then begin 

11145| SourcelmageList[lmageNum]. State := 

| TaskDone[Action]; 
1 1 146| writeln (LogFile, TaskDoneLog[Action] ); 
1 1 147| { if Action = cRecover then begin 
1 1 148| SourcelmageList[lmageNum]. State := 

| 'Restored'; 

1 1 149| writeln (LogFile, 'The backup image has 

| been restored and is rebootable.' ); 
11150| end; 
11151| } end else begin 

11152| SourcelmageList[lmageNum]. State := 

| TaskFail[Action]; 
11153| 

1 1 1 54| { FIXFIXFIX restore old status ??????? - can't if 

| doing restore!!!!!! 
11155| need to think this out - tomorrow!!!} 
11156| if Mystatus=-3 then 
1 1 157| SourcelmageList[lmageNum]. State := 

| TaskDone[cFind]; 
11158| 

111 59 1 if finished then begin 
11160| writeln (LogFile, '!!! The backup image is 

| corrupt!' ); 

1 1 1 61 1 { SourcelmageList[lmageNum]. State := 



I 'Invalid';} 

1 1 1 62| SourcelmageList[lmageNum].StatusMsg := 

| GetStatusString(Status); 
11163| end else begin 

1 1 164| writeln (LogFile, '!!! The backup cannot be 

| used!' ); 

1 1 1 65| { SourcelmageList[lmageNum]. State := 
| 'Invalid'; } 

1 1 1 66| SourcelmageList[lmageNum].StatusMsg := 

| GetStatusMsg(Mystatus); 
11167| end; 
11168| end; 
11169| 

1 1 1 70| writeln (Logf ile, 'Number of chunks processed = 

| ', ChunkNumber ); 
1 1 1 71 1 writeln (Logfile, 'Number of compressed granules = 

| ', Expand. GetNumCompressedGranules ); 
11172| 

11173| dispose (Datal); 
11174| dispose (Data2); 
11175| 

1 1 1 76| ActOnlmage := Happy; 

11177| end; 

11178| 

11179| { 

| , 

11180| { 

| } 

11181| { END ....Code basically filched from 

| VITEST.PAS } 

11182| { 

| } 

11183| { 

| } 

11184| 
11185| { 
11186| } 

11187| Procedure MakeSourcelmageList; 

11188| 

11189| var 

11190| i,j : Longint; 
11191| ImageName :string; 
11192| PathName :string; 
11193| const 

1 1 194| HdgPSM = 'PSM Disaster Recovery'; 
11195| 

11196| BEGIN 
11197| 

1 1 1 98| NumSourcelmages:=0; 

1 1 199| for i:=1 to MaxBackupDepth do 



11200| Begin 

1 1201 1 { ImageName := GetOption( 

| HdgPSM,'lmageName'+chr(i+48));} 
11202| { ImageName := 

| GetEnv('lmageName'+chr(i+ord('0'))); } 
1 1203| { if ImageName <> " then 

1} 

11204| begin 

1 1205| for j:=1 to MaxBackupLocations do 

11206| begin 

1 1207| { PathName := GetOption( 

| HdgPSM,'PathName'+chr(j+48));} 
11208| PathName := 

| GetEnv('Location'+chr(j+ord('0'))); 
1 1 209| if PathName <> " then 

11210| begin 
11211| NumSou reel mages := 

| NumSourcelmages+1; 
11212| 

| SourcelmageList[NumSourcelmages]. PathName := 
11213| 

| PathName+V+chrO+ordfO')); 



11214-1 ActOnlmage(NumSourcelmages,cFind); 

11215| end; 

11216| end; 

11217| end; 

11218| End; 

11219| 

11220| if NumSourcelmages=0 then 

1 1221 1 writeln (LogFile, 'No Source paths provided in 



| the enevironment variables.' ); 
11222| 
11223| { 

11224| NumSourcelmages := 5; 
11225| 

11226| for i:=1 to 5 do 
11227| Begin 

1 1228| Sou reel magel_ist[i]. PathName := '..ASourceFile' 

| +chr(i+48) + '.dri' ; 
1 1229| Sou reel magel_ist[i]. PathName := 'vimage.dri'; 
11230| End; 
11231| 

11232| Sourcelmagel_ist[4]. PathName := 'vimage.dri'; 

1 1233| Sourcelmagel_ist[5]. PathName := 'o:\vimage'; 

11234| } 

11235| 

11236| END; 

11237| 

11238| { 

1 1239| Finds which int13 device is the boot device. 



11240 
11241 



| pSCSIUnit; 



11242 
11243 
11244 
11245 
11246 
11247 
11248 
11249 
11250 
11251 
11252 
11253 
11254 
11255 
11256 
11257 
11258 
11259 
11260 
11261 
11262 
11263 
11264 
11265 
11266 
11267 
11268 
11269 
11270 
11271 
11272 
11273 
11274 
11275 
11276 
11277 
11278 
11279 
11280 
11281 
11282 
11283 
11284 
11285 
11286 
11287 
11288 



} 

Function GetTargetBootDevice( Count : Longint ) 



var 

i : Longint; 
Begin 

GetTargetBootDevice := nil; 

for i:=1 to Count do 
Begin 

if ((Command. FakeDasd=0) and 

(Dasd[l] A . Method = cUselnt13) and 
(Dasd[l] A .Lun = 0) ) or 

((Command. FakeDasd>0) and 
(Dasd[l] A . Method = 0) and 
(Dasd[l] A .Lun = 1))then 

Begin 

GetTargetBootDevice := Dasd[i]; 
break; 
End; 
End; 

End; 
{ 

Init the user interface, and scsi interface 

} 

Procedure Initialize; 

Var 

S : ST80; 
Loopy : INTEGER; 
ch : Char; 
i : Integer; 
b : Byte; 
sunit : pSCSIUnit; 
Trans : translation; 

BEGIN 

iVersion := lntToStr(BCDToDec(Hi(nVersion)))+7+ 
Zero(BCDToDec(Lo(nVersion)))+ 
Chr(nRevision+$60); 

fillchar(Version,16,0); 



11289 
11290 
11291 
11292 
11293 
11294 
11295 
11296 
11297 
11298 
11299 
11300 
11301 
11302 
11303 
11304 
11305 
11306 
11307 
11308 
11309 
11310 
11311 
11312 
11313 
11314 
11315 
11316 
11317 



11326 
11327 
11328 
11329 
11330 
11331 
11332 
11333 
11334 
11335 
11336 



For i := 1 to Length(iVersion) do 
Version[i-1]:=jVersion[i]; 



{ } 

{ Here we accumulate all the information that } 

{ will be passed on to the window init call. } 
{ } 

Command. NoWarn := False; 
Command. noNet := False; 
Command. NewName := "; 
Command. Graphics := True; 
Command. Mono := False; 
Command. SAIInitC := 0; 
Command. ScanLuns := False; 
Command. Bios := False; 
Command. MaxTarget := 7; 



AutoBackUp := False; 
ReadRetry := 2; 

S := "; 

DoSnapBackCommand := cDoNothing; 



{ do default processing } 

ProcessCommandl_ine( Command, '@default.cfg' 
| PSMDRHelp ); 
11318 

11319| { now do command line processing } 
1 1320| For Loopy := 1 to ParamCount Do 
11321| Begin 

1 1322| ProcessCommandl_ine( Command, Paramstr( Loopy ) 

| PSMDRHelp ); 
11323 
11324 
11325 



End; { For paramcount } 

S := S + 'SAVESCREEN,KHITS=2,LOOK=2,MOUSE,CLOCK,'; 
{ LoadlniFile('PSMDR.INI');} 



{ } 

{ Initialize the window library and the } 
{ FILETEXT Unit. } 
{ } 

If (LastMode = 7) or (CRTIsMono) then 
Begin 

Command. Mono := True; 



11337| WinEnv.MenuLineColor :=0; 

11338| WinEnv.MenuLineColorF :=7; 

11339| End; 
11340| 

1 1 341 1 If Command. Mono Then 

11342| Begin 

11343| CRTLoadMonoColorMap; 

11344| End; 

11345| 

1 1346| If Not Command. Mono Then 

11347| BEgin 

1 1348| If (command.graphics) and ((CrtlsVga) and 

| (ScreenRows=25)) Then 

1 1349| WOpen( ' Mgray, Mgray, 

| S+'PALETTE=BLUEGRAY,WIDGETFONT' ) 

11350| Else 

1 1351 1 WOpen( '+-', black, blue, S); 
11352| 

11353| WinEnv.Look := 2; 

11354| 

11355| End 

11356| else 

11357| BEgin 

1 1358| WOpen( '+-', LightGray, Black, S); 

11359| WinEnv.Border := 1; 

11360| WinEnv.Look := 0; 

11361| WinEnv.MenuLineColor :=0; 

11362| WinEnv.MenuLineColorF :=7; 

11363| End; 

11364| 

11365| WCursorOFF; 
11366| 

11367| WPrgNameMsg(ProgramLongName+' Disaster Recovery V|3 

| Date 00/00/00 3 Time 00:00:00 AM', BLUE, CYAN); 
11368| 

1 1369| WinEnv.HelpFile:='diskedit.HLP'; 

1 1370| WSubmitHelpProc(@WNewHelp); 

11371| WSubmitDefKeys; 
11372| 

11373| NumDev:=0; 
11374| 

1 1 375| WMessage('Scanning for devices|3 Please 

| Wait...',WHITE,BLUE); 

11376| WlnfoMsg(",BLUE,CYAN); 
11377| 

1 1378| If Command.SAIInitC = 0 Then 

11379| Begin 

1 1 380| if Not GlobalWin95lnstalled Then 

1 1381 1 Command.SAIInitC := cUseAspiBit+ 

11382| cUseSdlpBit+ 



11383| cUseCamBit+ 

11384| cUselnt13Bit+ 

1 1 385| cllseNcrScsiBit+ 

1 1 386| cUseCompaqBit+ 

1 1 387| cUseCpqpciBit+ 

11388| cUseDellBit+ 

1 1 389| cUseAmiMegaBit+ 

11390| cUseMylex3Bit+ 

11391| cUseMylexBit 

11392| Else 

1 1393| Command.SAIInitC := cUseAspiBit+ 

11394| cUseSdlpBit+ 

11395| cllselnt13Bit+ 

11396| cllseNcrScsiBit+ 

1 1 397| cUseCompaqBit+ 

1 1 398| cUseCpqpciBit+ 

11399| cUseDellBit+ 

1 1 400| cllseAmiMegaBit+ 

11401| cUseMylex3Bit+ 

11402| cUseMylexBit; 

11403| End; 
11404| 

1 1405| IF (SCSI_Open( Command.SAIInitC )) Then 
11406| 

| SCSI_ScanSystem(Command.Scanl_uns, Command. MaxTarget) 

11407| ELSE 

11408| BEGIN 

1 1409| writeln('Error no devices found'); 

11410| Halt(5); 

11411| END; 
11412| 

11413| if Command. FakeTape>0 then 

11414| Begin 

11415| for i := NumDev+1 to NumDev+Command.FakeTape+1 do 

11416| Begin 

11417| New(Sunit); 

11418| fillchar(Sunit A ,sizeof(Sunit A ),0); 

11419| 

11420| Dev[i] := Sunit; 

1 1421 1 Sunit A .BIockSize := 32768; 

11422| Sunit A .VendorlD := 'CDP '; 

11423| Sunit A .ProdName := TEST TapeDrive '; 

1 1424| Sunit A .RevLevel := '1 .0 '; 

1 1425| Sunit A .Name := Sunit A .VendorlD + 

| Sunit A .ProdName + Sunit A .RevLevel; 

1 1426| Sunit A .DeviceType:= 1 ; 

11427| Sunit A .Host := 0; 

11428| Sunit A .Target := (i-1) div 8; 

11429| Sunit A .Lun :=(i-1)mod8; 

11430| Sunit A .Method := 0; 



11431| End; 

11432| NumDev := NumDev + Command. FakeTape; 

11433| End; 

11434| 

1 1435| if Command. FakeDasd>0 then 

11436| Begin 

11437| for i := NumDev+1 to NumDev+Command.FakeDasd+1 do 

11438| Begin 

11439| New(Sunit); 

1 1440| fillchar(Sunit A ,sizeof(Sunit A ),0); 

11441| 

11442| Dev[i] := Sunit; 

11443| Sunit A .VendorlD := 'CDP '; 

11444| Sunit A .ProdName := TEST Hard Drive '; 

11445| Sunit A .RevLevel :='1.0'; 

1 1446| Sunit A .Name := Sunit A .VendorlD + 

| Sunit A .ProdName + Sunit A .Revl_evel; 

1 1447| Sunit A .DeviceType:= 0; 

11448| Sunit A .Host := 0; 

11449| Sunit A .Target :=(i-1)div8; 

11450| Sunit A .Lun :=(i-1)mod8; 

11451| Sunit A . Method := 0; 

11452| Sunit A .SPT := 63; 

11453| Sunit A .Heads := 255; 

11454| Sunit A .BIockSize := 512; 

11455| SUnit A . Blocks := 

| longint(Command.FakeDasdSize)*longint(2048); 

11456| SUnit A .DevSizeM := SUnit A . Blocks DIV 

| (1048576 DIV SUnit A .BIockSize); 

11457| End; 

11458| NumDev := NumDev + Command. FakeDasd; 

11459| End; 

11460| 

11461| 

11462| WMessage('Making DASD device list|3 Please 

| wait...\WHITE,BLUE); 
11463| 

11464| MakeDASDList; 

1 1465| Target.Drive := GetTargetBootDevice(NumDASD); 
11466| 

11467| { lnt13_GetTranslation(Target.Drive,@Trans);} 

11468| 

11469| { 

11470| WNew(3, 3, 

11471| 60, 15, 

11472| BLUE,Cyan, 

11473| Cyan,Blue, 

11474| 'Data' ); 

11475| 

11476| writeln('Method= , ,Target.Drive A . Method,', 



I MType=\Target.Drive A .mtype,', 

| Host=',Target.Drive A .host); 
11477| writeln('target=\ Target. Drive A .target,', 

| lun=',Target.Drive A .lun,\ 

| channel=', Target. Drive A . channel); 
1 1478| writeln('Heads=',Target.Drive A . heads,', 

| spt= , Target. Drive A .spt, 
1 1479| ', blocks=',Target.Drive A .blocks,', 

| bs=',Target.Drive A .blocksize); 
11480| writeln('Vendorid=', Target. Drive A .vendorid,', 

| prodname=',Target.Drive A .prodname,\ 

| revlevel=',Target.Drive A .revlevel); 
1 1481 1 writeln('name=\ Target. Drive A . name); 
11482| 
11483| 

11484| WReadkey; 
11485| WDispose('Data'); 
11486| } 

1 1 487| MakeSourcelmageList; 
11488| 

11489| WMessageC ',White,Blue); 

11490| DecideOpMode; 

11491| 

11492| END; 

11493| 

11494| { 

| , 

11495| { 

1 1 496| Lets the user pick from a list of source images 
11497| } 

11498| Function SelectASourcelmage( Header : String; 



11499| x : longint; 

11500| y : longint; 

11501| Count : Longint; 

11502| DevicesToUse : 



| pDeviceArray ) : Longint; 
11503| const 

11504| NumTokens = 4; {Num columns in menu table} 

11505| 

11506| var 

11507| m : pMenuMax; 
11508| i : integer; 
11509| Choice : Integer; 
11510| fs :Word; 
11511| s : String; 
11512| Numltems : Word; 
11513| LastHac : Byte; 
11514| RowTemplate : String; 
11515| TempStr : String; 

11516| ColumnSeq : Array [1 ..NumTokens] of Longint; 



11517| 

11518| Begin 
11519| 

11520| Fs:=1; 
11521| 

11522| New(m); 

11523| m A [1] := '-Source Volume Image Pathname Status 

| Size Error Encountered '; 
11524| m A [2] := 

| '-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 

| AAA A AAAA A AAAA A AA' ; 
11525| Numltems:=2; 
11526| 

1 1 527| RowTemplate := '%-30s%-8s%1 1 d %-20s'; 
11528| 

11529| if Count>0 then 
11530| begin 

11531| for i:=1 to Count do 

11532| Begin 

11533| 

11534| 

| str(SourcelmageList[i].VolSize[LowPart]:1 1,TempStr); 
11535| m A [Numltems+1] := 

| Pad(Copy(SourcelmageList[i].PathName,1 ,30),30,OnRight,' 

I ') + 
11536| 

| Pad(Copy(SourcelmageList[i]. State, 1,8),8,OnRight,' ') + 
11537| TempStr+"+ 
11538| 

| Pad(Copy(SourcelmageList[i].StatusMsg,1 ,20),20,OnRight,' 

I '); 

11539| 
11540| 
11541| { 

11542| ColumnSeq[1] := 

| Longint(@Sourcelmagel_ist[i].PathName); 
11543| ColumnSeq[2] := 

| Longint(@Sourcelmagel_ist[i]. State); 
11544| ColumnSeq[3] := 

| Sourcelmagel_ist[i].VolSize[LowPart]; 
11545| ColumnSeq[4] := 

| Longint(@Sourcelmagel_ist[i].StatusMsg); 
11546| FormatStr(m A [Numltems+1], RowTemplate, 

| ColumnSeq); 
11547| } 
11548| 
11549| 
11550| { 

11551| for j:=1 to 40 do 

1 1552| S[i] := Sourcelmagel_ist[i].PathName[i]; 



11553| 
11554| 
11555| 

11556| S:=S + 

| ByteToHex(Dasd[DevicesToUse A [l]]\ Method) + ':' + 
11557| 

| ByteToHex(Dasd[DevicesToUse A [l]] A .MType) + ':' + 
11558| 

| lntToStr(Dasd[DevicesToUse A [l]] A .Host) + ':' + 
11559| 

| lntToStr(Dasd[DevicesToUse A [l]] A .Channel) + ':' + 
11560| 

| lntToStr(Dasd[DevicesToL)se A [l]] A .Target) + ':' + 
11561| 

| lntToStr(Dasd[DevicesToL)se A [l]] A .Lun); 



11562| 

11563| S:=S + '- 

| '+Dasd[DevicesTollse A [l]] A .Name; 
11564| } 

11565| Inc(Numltems); 
11566| { m A [Numltems] := s;} 
11567| End; 
11568| 

11569| repeat 

1 1570| Choice := WAutoMenu (m, 

11571| Numltems, 
11572| 1, 
11573| 

| Lesserint(Numltems,WinEnv.LastRow-8), 
11574| 

11575| x, 
11576| y, 
11577| Blue, 
11578| Cyan, 
11579| Cyan, 
11580| Blue, 
11581| Header, 
11582| fs); 
1 1583| until (choice>2) or (Choice<0); 
11584| 

11585| Dispose(m); 
11586| 

11587| if(Choice>0) then 

11588| SelectASou reel mage := Choice-2 

11589| else 

1 1 590 1 SelectASou reel mage := -1 ; 

11591| 

11592| end else 
11593| begin 

11594| WNewMsg(ProgramLongName,White,Blue,Blue,Cyan, 



1 1 595| 'No source image 

| paths have been defined. |'+ 
11596| 'Define at least 

| one of the Environment Variables |'+ 
11597| '| "Locationl" 

| "Location2" "Location3"||'+ 
11598| 'before calling 

| this program. |'+ 
11599| '| 1 1 Press any key 

| to exit.D; 
11600| 

1 1 601 1 while not keypressed do ; 
11602| 

1 1 603| WDispose(ProgramLongName); 

1 1 604| SelectASourcelmage := -1 ; 

11605| End; 

11606| 

11607| End; 

11608| 

11609| { 

| } 

11610| { 

1 1 61 1 1 Lets the user pick task to run 
11612| } 

11613| Function SelectATask( Header : String; 
11614| x : longint; 

11615| y : longint; 

11616| Count : Longint; 

11617| DevicesToUse : 

| pDeviceArray ) : Longint; 
11618| var 

11619| m : pMenuMax; 
11620| i : integer; 
11621| Choice : Integer; 
11622| fs :Word; 
11623| s : String; 
11624| Numltems : Word; 
11625| LastHac : Byte; 
11626| 

11627| Begin 
11628| 

11629| Fs := 1; 
11630| 

11631| New(m); 

1 1 632| m A [1 ] := '-Action to perform '; 

11633| m A [2] := '-AAAAAAAAAAAAAAAAAAAAA'; 

11634| Numltems := 2; 

11635| 

11636| for i:=1 to NumTasks do 
11637| Begin 



11638| S := TaskListp]; 
11639| { 

11640| S:="; 
11641| 

11642| S:=S + 

| ByteToHex(Dasd[DevicesToUse A [l]] A . Method) + ':' + 
11643| 

| ByteToHex(Dasd[DevicesToUse A [l]]\MType) + ':' + 
11644| 

| lntToStr(Dasd[DevicesToUse A [l]] A .Host) + ':' + 
11645| 

| lntToStr(Dasd[DevicesToUse A [l]] A . Channel) + ':' + 
11646| 

| lntToStr(Dasd[DevicesToUse A [l]] A .Target) + ':' + 
11647| 

| I ntToStr( Dasd[DevicesTo Use A [l]] A . Lun) ; 
11648| 

1 1 649| S := S + ' - '+Dasd[DevicesToUse A [l]] A .Name; 
11650| } 

11651| Inc(Numltems); 

1 1652| m A [Numltems] := s; 

11653| End; 

11654| 

11655| 

1 1 656| repeat 

1 1657| Choice := WAutoMenu (m, 
11658| Numltems, 
11659| 1, 
11660| 

| Lesserint(Numltems,WinEnv.LastRow-8), 
11661| 

11662| x, 
11663| y, 
11664| Blue, 
11665| Cyan, 
11666| Cyan, 
11667| Blue, 
11668| Header, 
11669| fs); 
1 1 670| until (choice>2) or (Choice<0); 
11671| 

11672| Dispose(m); 

11673| 

11674| 

11675| 

11676| if(Choice>0) then 

1 1 677| SelectATask := Choice-2 

11678| else 

11679| SelectATask := 0; 
1 1 680| WDispose(Header); 



11681| End; 
11682| 

11683| { 

| , 

11684| 

11685| procedure SuccessSound; 
11686| var i: integer; 
1 1687| const NumNotes = 3; 
11688| begin 

1 1 689| Delay(1 ); {calibrate timer} 

1 1 690| for i := 1 to NumNotes do begin 

11691| Sound(440); 

11692| Delay(125); 

11693| Sound(880); 

11694| Delay(500); 

11695| NoSound; 

1 1 696| if i < NumNotes then 

11697| Delay(1000); 

11698| end; 

11699| end; 

11700| 

11701| { 

| } 

11702| 

11703| procedure FailureSound; 
11704| var i: integer; 
1 1 705| const NumNotes = 1 ; 
11706| begin 

11707| Delay(1); {calibrate timer} 

1 1708| for i := 1 to NumNotes do begin 

11709| Sound(220); 

11710| Delay(1000); 

11711| NoSound; 

11712| if i < NumNotes then 

11713| Delay(1000); 

11714| end; 

11715| end; 

11716| 

11717| { 

| } 

11718| procedure MainMenu; 

11719| Var 

11720| Ch :Char; 

11721| i : Integer; 

1 1 722| Sources : pDeviceArray; 

1 1 723| Sourcelmage : integer; 

11724| { Task : integer;} 

1 1725| Finished, Happy, Targetlntact: boolean; 
11726| 

11727| Begin 



1 1 728| GetMem(Sources,NumDasd*sizeof(Longint)); 
11729| 

11730| Sourcelmage := 0; 
11731| 

1 1 732| Targetlntact := true; 
11733| Happy := false; 
11734| Finished := false; 
1 1 735| while not Finished do 
11736| Begin 
11737| { 

1 1 738| for i:= 1 to NumDASD do 
11739| Sources A [i] := i; 

11740| } 

1 1 741 1 GlobalScreenUpdate:=0; 
11742| WlnfoMsgC \Blue,cyan); 

1 1 743| Wmessage('Select a source image to process|3 

| <ESC> Exits <F1> Help',White,Blue); 
11744| 

1 1 745| { if(OpMode = manual) then} 
1 1 746| if not AutoBackup then 
11747| Begin 

1 1748| Sourcelmage := SelectASourcelmage( 'Source 

| Images', 1,3, NumSourcelmages, Sources ); 
1 1 749| if (Sourcelmage<0) then 

11750| begin 
1 1 751 1 if Targetlntact then 

11752| begin 
1 1 753| Finished := true; 

11754| end else 

11755| begin 

1 1756| while keypressed do Ch := ReadKey; 

1 1 757| WNewMsgC ',White,Blue,Blue,Cyan, 

1 1 758| ' An incomplete 

| restore operation has left '+ 
11759| ' the target drive 

| compromised. |'+ 
11760| '| !! Exiting now 

| may leave the device unbootable !! |'+ 
11761| '| | Press the "Y" 

| key to exit anyway' + 
11762| '|Any other key 

| will return to the main menu'); 
11763| 

11764| Ch := ReadKey; 

1 1 765| if upcase(ch)='Y' then 

11766| begin 

11767| Finished := true; 

1 1 768| writeln (LogFile, 'Operator 

| confirmed to exit with drive compromised'); 
11769| end; 



11770| 


while keypressed do Ch := ReadKey; 


11771| 




11772| 


WDisposeC '); 


11773| 


end; 


1 1 774| 


end; 


11775| 


End 


11776| 


else 


11777| 


Begin 


11778| 


Sourcelmage := Sourcelmage+1 ; 


11779| 


if(Sourcelmage>NumSourcelmages) then 


11780| 


Finished := true; 


11781| 


End; 


11782| 




11783| 


if (Sourcelmage>0) and not Finished then 


11784| 


Begin 


11785| 


Wmessage('Select an action to perform |3 


| <ESC> Exits <F1> Help',White,Blue); 


11786| { 


if(OpMode = manual) then} 


11787| 


if not AutoBackup then 


11788| 


Begin 


11789| 


Task := SelectATask( 'Action', 5,5 


| ,NumDASD, Sources ); 


11790| { 


End 


11791| 


else 


11792| 


Begin 


11793| 


Task := AutoTask; 


11794| } 


End; 


11795| 


case Task of 


11796| 


cValidate : begin 


11797| 


Happy := 


| ActOnlmage(Sourcelmage,cValidate); 


11798| 


end; 


11799| 




11800| 


cValidate All : begin 


11801| 


for i:= 1 to NumSourcelmages do 


| begin 




11802| 


ActOnlmage(i,cValidate); 


11803| 


end; 


11804| 


end; 


11805| 




11806| 


cRecover : begin 


11807| 


Targetlntact := False; 


11808| 


Happy := 


| ActOnlmage(Sourcelmage,cRecover); 


11809| 


if Happy then 


11810| 


Targetlntact := True; 


11811| 


if AutoBackup then 


11812| 


Finished := Happy; 


11813| 


end; 


11814| 





11815| end; 
11816| End; 
11817| 

11818| End; 
11819| 

1 1 820 1 if AutoBackup then begin 
1 1 821 1 if Happy then begin 
11822| SuccessSound; 
11823| end else begin 
11824| FailureSound; 
11825| end; 
11826| end; 
11827| 

1 1828| FreeMem( Sources, NumDasd*sizeof(Longint)); 

11829| End; 

11830| 

11831| { 

| } 

11832| 

11833| Procedure ShutDown; 

11834| BEGIN 

11835| { UnLoadlniFile;} 

11836| WCIose; 

11837| END; 

11838| 

11839| Begin 
11840| 

11841| OpenLogFile; 
11842| 

11843| Initialize; 
11844| 

11845| MainMenu; 
11846| 

11847| ShutDown; 
11848| 

11849| CloseLogFile; 

11850| 

11851| End. 

11852| 

11853| 

11854| 

11855| File Listing: expand. pas 
11856| 

11857| unit Expand; 
11858| 

11859| (* 

| *) 

11860| interface 

11861| uses Vlmage, Checksum; 
118621 



11863| function Expand Data ( 

11864| var Prefix: ChunkPrefix; 

1 1 865| var Datal : ChunkDataBuffer; 

11866| varData2: ChunkDataBuffer; 

1 1867| var DataSizel : word; 

1 1868| var DataSize2: word ): boolean; 

11869| 

11870| function GetNumCompressedGranules: longint; 
11871| 

11872| (* 

| *) 

11873| implementation 
11874| 

11875| var NumCompressedGranules: longint; 
11876| 

11877| function GetNumCompressedGranules: longint; 
11878| begin 

11879| GetNumCompressedGranules := NumCompressedGranules; 

11880| end; 

11881| 

11882| 

11883| function Expand Data ( 

11884| var Prefix: ChunkPrefix; 

1 1 885| var Datal : ChunkDataBuffer; 

11886| varData2: ChunkDataBuffer; 

1 1887| var DataSizel : word; 

1 1888| var DataSize2: word ): boolean; 

11889| var 

11890| DataByte: byte; 

1 1891 1 i, ByteCount: longint; (* signed 32 bits because 

| we want 0-1 to be negative! *) 
11892| begin 

1 1893| (*— figure out what kind of data representation 

| is being used — *) 
1 1894| if Prefix. ChunkType = VICT_GRANULE then begin 
1 1895| if Prefix. UserData[2] <> VI_COMPRESS_NONE then 

| begin 

1 1896| INC (NumCompressedGranules); 

11897| end; 

11898| 

1 1 899| case Prefix. UserData[2] of 

11900| VI_COMPRESS_NONE: begin 

1 1901 1 ExpandData := true; (* data is not 

| compressed *) 
11902| end; 
11903| 

1 1904| VI_COMPRESS_ALL_BYTES_SAME: begin 

1 1905| if Prefix. UserData[4] <= 

| 2*MAX_CHUNK_BUFFER_SIZE then begin 
1 1906| ByteCount := Prefix. User Data[4]; 



11907| DataByte := 

| byte(Prefix.UserData[3] AND $ff); 
11908| if ByteCount > 

| MAX_CHUNK_BUFFER_SIZE then begin 
1 1 909| (* need to split expanded data 

| across 2 buffers *) 
11910| DataSizel := 

| MAX_CHUNK_BUFFER_SIZE; 
1 191 1 1 DataSize2 := ByteCount - 

| MAX_CHUNK_BUFFER_SIZE; 
11912| end else begin 

11913| (* all the data will fit in the 

| first buffer *) 
11914| DataSizel := ByteCount; 

11915| DataSize2 := 0; 

11916| end; 
11917| 

11918| for i := 0 to DataSizel -1 do begin 

11919| Data1[i] := DataByte; 

11920| end; 
11921| 

1 1922| for i := 0 to DataSize2-1 do begin 

11923| Data2[i] := DataByte; 

11924| end; 
11925| 

1 1 926| ExpandData := true; 

11927| end else begin 

11928| (* data is too big!*) 

1 1 929| ExpandData := false; 

11930| end; 
11931| end; 
11932| 

11933| else begin 

1 1934| (* unknown compression algorithm! *) 

1 1 935| ExpandData := false; 

11936| end; 
11937| end; 
11938| end else begin 

1 1939| ExpandData := true; (* no need to do anything; 

| it's not a granule chunk *) 
11940| end; 
11941| end; 
11942| 
11943| 

11944| begin {unit initialization} 

11945| NumCompressedGranules := 0; 

11946| end. {unit initialization} 

11947| 

1 1948| (*— end of file expand. pas — *) 
11949| 



11950 
11951 
11952 
11953 
11954 
11955 
11956 
11957 
11958 
11959 
11960 
11961 
11962 
11963 
11964 
11965 
11966 
11967 
11968 
11969 
11970 
11971 

I) 
11972 
11973 
11974 
11975 

I): 
11976 
11977 



11978 
11979 
11980 

I) : 
11981 
11982 



11983 
11984 
11985 

I): 
11986 
11987 
11988 
11989 
11990 
11991 
11992 
11993 



File Listing: OVERINIT.pas 

unit Overinit; 

interface 

implementation 
uses 

versionu, 

overlay; 

Var 

BufSize : Longint; 
FileName : String; 
Save : Longint; 
FSize : Longint; 
f : File; 
EmsRes : Longint; 

{ routines we need, as we cant call any overlaid unit. 

const 

TDecHex : Array[0..15] of Char = '0123456789ABCDEF'; 

Function ByteToHex( B : BYTE 

String; 

BEGIN 

ByteToHex := TDecHex[(B AND $F0) SHR 4] + TDecHex[B 



AND $0F]; 



END; 

Function WordToHex( W : WORD 

String; 

BEGIN 

WordTohex := ByteToHex( W SHR 8 ) + ByteToHex( W AND 



I $FF ); 



END; 

Function StrTolnt( S : STRING 

LONGINT; 

Var 

Error : INTEGER; 

Number : LONGINT; 
BEGIN 

Val( S, Number, Error ); 

StrToInt := Number; 
END; 



11994 
11995 
11996 
11997 
11998 
11999 
12000 
12001 
12002 
12003 
12004 
12005 
12006 
12007 
12008 
12009 
12010 
12011 
12012 
12013 
12014 
12015 
12016 
12017 
12018 
12019 
12020 
12021 
12022 
12023 
12024 
12025 
12026 
12027 
12028 
12029 
12030 
12031 
12032 
12033 
12034 



12035 
12036 
12037 
12038 
12039 
12040 
12041 



Begin 

OvrFileMode := 0 + 64; { Readonly-deny none } 
BufSize := OvrGetBuf; 

{ find overlay file } 
FileName:='dr.ovr'; 
ovrinit(filename); 
if ovrResultoO then 
Begin 
writeln; 

writeln('Overlay file not found.'); 
halt(1); 
End; 

{ for testing} 

{ Get File Size } 

Save := FileMode; 
FileMode := 0 + 64; 
Assign(f,filename); 
reset(f,1); 

FSize := FileSize(f); 
Close(f); 

FileMode:=Save; 
{ init ems } 

EmsRes :=ovrNoEMSDriver; 

if(MemAvail>1 50000) then 

BufSize := BufSize * 3 
else 

BufSize := BufSize * 2; 

for Save:=1 to paramcount do 
Begin 

If pos('/overlay=\ paramstr(Save) ) <> 0 Then 
Begin 
FileName := 



| copy(Paramstr(Save),pos(7overlay=',Paramstr(Save))+9,5) 



BufSize := StrTolnt(FileName); 
if (BufSize<OvrGetBuf) then 
BufSize := OvrGetBuf; 
End; 
End; 

OvrSetBuf ( BufSize ); 



12042| BufSize := OvrGetBuf; 
12043| 

12044| case EmsRes of 

12045| ovrlOError : writeln(' Overlay file 
| I/O error.'); 

1 2046| ovrNoEMSDriver: writeln(' EMS driver not 
| installed. Using BufSize div 1024,'k of conventional 
| memory.'); 

12047| ovrNoEMSMemory: writeln(' Not enough EMS 
| memory. Using ', BufSize div 1024,'k of conventional 
| memory.'); 

12048| else 

12049| writeln(FSize div 1024:7,'k of EMS memory 
| allocated, ', BufSize div 1 024,'k of conventional 
| memory.'); 

12050| end; 

12051| 

12052| 

12053| End. 

12054| 

12055| 

12056| 

12057| File Listing: VIMAGE.pas 
12058| 

12059| unit Vlmage; 
12060| 

12061| interface 
12062| 

12063| uses Checksum; 
12064| 

12065| (* 

| *) 

12066| 
12067| const 

12068| VOL I MAG E_M AX_U S E R_D ATA = 20; 

12069| MAX_CHUNK_BUFFER_SIZE = WORD(32 * 1024); 

12070| 

12071 1 {The following constants are Volume Image Chunk 
I Types.} 

12072| {They will appears in Prefix. ChunkType.} 
12073| 

12074| VICT UN DEFINED =0; {should never be 

| encountered in a file.} 
1 2075| VICT_START = 1 ; {start of volume 

| backup.} 

12076| VICT_GRANULE =2; {granule data.} 
12077| VICT_FINISH =3; {end of volume backup.} 
12078| VICT_PARTITION_INFO = 4; {partition information.} 
12079| 

12080| VICTRESERVEDBIT =$8000; 



12081 1 VICT_BEGIN_CONTINUATION = VICT_RESERVED_BIT OR 

1 1; 

12082| VICT_END_CONTINUATION = VICT_RESERVED_BIT OR 

I 2; 
12083| 

1 2084| {The following constants are data compression 

| algorithm types.} 
12085| {They appear only in granule chunks, in 

| UserData[2].} 

12086| VI_COMPRESS_UNDEFINED = 0; {invalid 

| compression algorithm} 
12087| VI_COMPRESS_NONE = 1; {the data is 

| not compressed - just plain} 
12088| VI_COMPRESS_ALL_BYTES_SAME = 2; {all the bytes 

| in the granule are the same value (UserData[3]=byte, 

| UserData[4]=count)} 
12089| 

12090| (* 

| *) 

12091| 

12092| type 

12093| BytePtr = A byte; 
12094| 

12095| ChunkPrefix = record 

12096| PrefixChecksum: longint; 

12097| ChunkChecksum: longint; 

12098| ChunkType: longint; 

12099| PrefixSizelnBytes: longint; 

12100| ChunkSizelnBytes: longint; 

12101| UserData: array 

| [0..VOLIMAGE_MAX_USER_DATA-1] of longint; 

12102| CumulativeChecksum: longint; 

12103| ChunkNumber: longint; 

12104| Reserved: array [0..4] of longint; 

12105| end; 
12106| 

12107| ChunkDataBuffer = array 

| [0..MAX_CHUNK_BUFFER_SIZE-1] of byte; 
12108| 

12109| ChunkFile = file; 
12110| 

12111| ChunkFileStatus = ( 

12112| CFE_SUCCESS, 

12113| CFE_READ_ERROR, 

12114| C FE_OUT_0 F_M EMO RY, 

12115| CFE_CHECKSUM_FAILURE, 

12116| CFE_UNKNOWN_COMPRESSION_TYPE, 

12117| CFE_CANNOT_OPEN_CONTINUATION, 

121 18| CFE_CHUNK_COUNTER_MISMATCH, 

12119| CFE_MISSING_CONTINUATION_CHUNK 



12120| ); 
12121| 

12122| ChunkFileProcessor = object 

12123| (* data *) 

12124| InFile: ChunkFile; 

12125| ContinuationNumber: integer; 

12126| IsOpen: boolean; 

12127| BackupPath: string; 

12128| CumulativeChecksum : longint; 

12129| ChunkCounter: longint; 

12130| LastChunkType: longint; 

12131| ChunkNumberlnFile: longint; 

12132| IdentityString: string; 
12133| 

12134| (* methods *) 

12135| function OpenPath ( FilePath: string ): 
| boolean; 

12136| function OpenPath_SearchAIIDrives ( FilePath: 

| string ): boolean; 

12137| procedure Close; 
12138| 

121 39| function GetNextChunk ( 

12140| var Prefix: ChunkPrefix; 

12141| var Datal : 

| ChunkDataBuffer; 

12142| var Data2: 

| ChunkDataBuffer; 

12143| var DataSizel : word; 

12144| var DataSize2: word; 

12145| var Status: ChunkFileStatus 

| ): boolean; 
12146| 

12147| function GetldentityString: string; 

12148| end; 

12149| 

12150| Largelnteger = record 

12151| LowPart: Longint; 

12152| HighPart: Longint; 

12153| end; 
12154| 

12155| VolumePartitionlnformation = record 

12156| StartingOffset: Largelnteger; 

12157| PartitionLength: Largelnteger; 

12158| PartitionNumber: Longint; 

12159| PartitionType: Byte; 

12160| Bootlndicator: Byte; {nonzero if 

| volume is bootable} 

12161| RecognizedPartition: Byte; {nonzero if 

| partition is recognized} 

12162| Reserved: Byte; 



12163| VolumeSerialNumber: Longlnt; 
12164| DiskSerialNumber: Longlnt; 
12165| end; 
12166| 

12167| procedure SetChunkFileConsoleDebug ( NewDebugFlag: 

| boolean ); 
12168| 

12169| function GetStatusString (status: ChunkFileStatus): 

I string; 
12170| 

12171| implementation 
12172| 

12173| var ConsoleDebug: boolean; 

12174| procedure SetChunkFileConsoleDebug ( NewDebugFlag: 

| boolean ); 
12175| begin 

12176| ConsoleDebug := NewDebugFlag; 

12177| end; 

12178| 

12179| (* 

| *) 

12180| 

12181| function GetStatusString (status: ChunkFileStatus): 

I string; 
12182| begin 
12183| case status of 

12184| CFE_SUCCESS: GetStatusString 
| := 'Success'; 

12185| CFE_READ_ERROR: GetStatusString 

| := 'Error reading from input file'; 
12186| CFE_OUT_OF_M EMORY: GetStatusString 

| := 'Out of memory'; 
12187| CFE_CHECKSUM_FAILURE: GetStatusString 

| := 'Checksum failure'; 
12188| CFE_UNKNOWN_COMPRESSION_TYPE: GetStatusString 

| := 'Unknown data compression type'; 
12189| CFE_CANNOT_OPEN_CONTINUATION: GetStatusString 

| := 'Cannot open continuation file'; 
12190| CFE_CHUNK_COUNTER_MISMATCH: GetStatusString 

| := 'Chunk counter mismatch'; 
12191| CFE_MISSING_CONTINUATION_CHUNK: GetStatusString 

| := 'Missing continuation chunk'; 
12192| else GetStatusString 

| := 'Unknown error'; 
12193| end; 
12194| end; 
12195| 

12196| (* 

| * } 

12197| 



12198| function ContinuationString ( n: integer ): string; 
12199| var 
12200| s: string; 
12201 1 i, denom: integer; 
12202| begin 
12203| s := "; 
12204| denom := 100; 
12205| for i := 1 to 3 do begin 
12206| s := s + chr(ord('0') + ((n div denom) mod 
I 10)); 

12207| denom := denom div 10; 
12208| end; 

12209| ContinuationString := s; 

12210| end; 

12211| 

12212| (* 

| *) 

12213| 

12214| function GetChunkFileName ( BackupPath: string; 

| ContinuationNumber: integer ): string; 
12215| var FileName: string; 
12216| begin 

12217| FileName := BackupPath; 
12218| if FileName = " then begin 
12219| FileName := 'V; 

12220| end else if FileName[length(FileName)] <> 'V then 
| begin 

12221 1 FileName := FileName + *V; 
12222| end; 

12223| FileName := FileName + 'image.' + 
| ContinuationString(ContinuationNumber); 
12224| GetChunkFileName := FileName; 
12225| end; 
12226| 

12227| (* 

| *) 

12228| 

12229| function InternalOpen ( var cfp: ChunkFileProcessor ): 

| boolean; 
12230| var 

12231| SaveMode: byte; 
12232| FileName: string; 
12233| result: integer; 
12234| begin 

12235| FileName := GetChunkFileName (cfp. BackupPath, 

| cfp. ContinuationNumber); 
1 2236| if ConsoleDebug then begin 
12237| writeln ( '»> InternalOpen: about to open "\ 

| FileName, "" ); 
12238| end; 



12239| 

12240| SaveMode := System. FileMode; 

12241 1 System. FileMode := 0; {Allows us to open 

| read-only files with reset.} 
12242| System. assign (cfp.lnFile, FileName); 
12243| 

12244| result := System. lOresu It; 

12245| if (result <> 0) and ConsoleDebug then begin 

12246| writeln ('»> InternalOpen: Before open: 

| IOresult=\ result); 
12247| end; 
12248| 

12249| {$1-} 

12250| System. reset (cfp.lnFile, 1); 
12251| {$1+} 

12252| result := System. lOresu It; 

12253| if (result <> 0) and ConsoleDebug then begin 

12254| writeln ('»> InternalOpen: System. lOresu It 

| returned result ); 
12255| end; 

1 2256| System . FileMode := SaveMode; 
12257| cfp.ChunkNumberlnFile := 0; 
12258| InternalOpen := (result = 0); 
12259| end; 
12260| 

12261| (* 

| *) 

12262| 

12263| function ParseSummaryLine ( 

12264| Line: string; 

12265| var Name: string; 

12266| var Value: string ): boolean; 

12267| var 

12268| FoundEqual: boolean; 

12269| Valid: boolean; 

12270| i: integer; 

12271| begin 

12272| FoundEqual := false; 

12273| Name :="; 

12274| Value :="; 
12275| 

12276| for i := 1 to length(Line) do begin 

12277| if Line[i] = '=' then begin 

12278| FoundEqual := true; 

12279| end else begin 

1 2280| if FoundEqual then begin 

12281 1 Value := Value + Line[i]; 

12282| end else begin 

12283| Name := Name + Line[i]; 

12284| end; 



12285| end; 
12286| end; 
12287| 

12288| Valid := FoundEqual and (Name <> "); 
12289| if Valid and ConsoleDebug then begin 
12290| writeln ( '»> ParseSummaryLine: 

| Name="\Name,"\ Value= M \Value, ,m ); 
12291| end; 

12292| ParseSummaryLine := Valid; 

12293| end; 

12294| 

12295| (* 

| *) 

12296| 

12297| procedure Parselnteger ( s: string; var n: integer ); 
12298| var 

12299| ConvertCode: integer; 
12300| begin 

12301 1 Val (s,n, ConvertCode); 

12302| if ConvertCode <> 0 then begin 

12303| n:=0; 

12304| end; 

12305| end; 

12306| 

12307| (* 

| *) 

12308| 

12309| function DoSanityCheck ( FilePath: string; var 

| IdentityString: string ): boolean; 
12310| var 

1231 1 1 SummaryFileName, BackupFileName: string; 
12312| SummaryFile: text; 
12313| BackupFile: file; 
12314| SaveMode: byte; 
12315| result: integer; 

12316| SummaryLine, SummaryName, SummaryValue: string; 
12317| NumBackupFiles, WarningCode, ImageNumber: integer; 
12318| begin 

12319| (* Make sure we can open image. 000, and that all 

| the image files it *) 
12320| (* describes indeed exist. *) 
12321| 

1 2322| DoSanityCheck := false; 
12323| NumBackupFiles := 0; 
12324| WarningCode := 0; 
12325| IdentityString := "; 

12326| SummaryFileName := GetChunkFileName (FilePath, 0); 
12327| assign ( SummaryFile, SummaryFileName ); 
12328| SaveMode := System. FileMode; 
12329| System. FileMode := 0; 



12330| {$1-} 

12331 1 System. reset (SummaryFile); 
12332| {$1+} 

12333| result := System. lOresu It; 
12334| if ConsoleDebug then begin 
12335| writeln ( '»> Summary File= m , 

| SummaryFileName,'" result=\ result); 
12336| end; 
12337| 

12338| if result = 0 then begin 
12339| while not EOF(SummaryFile) do begin 
12340| readln(SummaryFile,Summaryl_ine); 
12341| if 

| ParseSummaryLine(SummaryLine,SummaryName,SummaryValue) 
| then begin 

12342| if SummaryName = 'NumFileslnBackup' 

| then begin 

12343| Parselnteger (SummaryValue, 

| NumBackupFiles); 
12344| end else if SummaryName = 'WamingCode' 

| then begin 

12345| Parselnteger (SummaryValue, 

| WamingCode); 
12346| end else if SummaryName = 'Identity' 

| then begin 
12347| IdentityString := 

12348| 
12349| 
12350| 

12351| File Listing: VITEST.pas 
12352| 

12353| program TestVolumelmage; 
12354| 

12355| uses Vlmage, Checksum, Expand; 

12356| 

12357| 

12358| procedure ProcessChunk ( 
12359| var Prefix: ChunkPrefix; 
12360| var Datal : array of byte; 
12361 1 var Data2: array of byte; 
12362| DataSizel: word; 
12363| DataSize2: word); 
12364| type 

12365| PartitionlnfoPtr = A VolumePartitionlnformation; 
12366| var 

12367| Partitionlnfo: PartitionlnfoPtr; 

12368| begin 

12369| 
| { 

| 



12370| This procedure gets called every time a valid 
| chunk is read. 

1 2371 1 Valid means that the correct amount of data was 
| available in 

12372| the file, and that both the prefix and data 

| checksums were 
12373| correct. 
12374| 

| 

| } 

12375| Partitioning := NIL; 
12376| 

1 2377| case Prefix. ChunkType of 



12378| VICT_START: begin 

12379| (* Put code here to process START chunk *) 

12380| write ( 'Found START chunk. (' ); 

12381 1 WriteHex (Prefix. ChunkType); 

12382| writeln(')'); 

12383| 

12384| write ( 'Volume Size In Bytes = Ox' ); 

12385| WriteHex (Prefix.UserData[1]); 

12386| WriteHex (Prefix. UserData[0]); 

12387| writeln; 
12388| 

12389| write ( 'Number of Used Clusters = Ox* ); 

12390| WriteHex (Prefix.UserData[3]); 

12391 1 WriteHex (Prefix. UserData[2]); 

12392| writeln; 
12393| 

12394| write ( 'Cluster Size in Bytes = Ox' ); 

12395| WriteHex ( Prefix. User Data[4] ); 

12396| writeln; 

12397| writeln; 

12398| end; 

12399| 

12400| VICT_PARTITION_INFO: begin 

12401 1 (* Put code here to process the volume's 

| partition information *) 

12402| writeln ( 'Found PARTITIONJNFO chunk. 

| (Data size is \ 

12403| DataSizel, 

12404| ', struct size is ', 

12405| sizeof(VolumePartitionlnformation), 

12406| ')'); 
12407| 

12408| Partitionlnfo := PartitionlnfoPtr(@Data1); 
12409| 

12410| write ( 'Starting Offset = Ox' ); 

12411| WriteHex ( 



| Partitionlnfo A .StartingOffset.HighPart ); 



12412| WriteHex ( 

| Partitionlnfo A .StartingOffset.LowPart ); 

12413| writeln; 
12414| 

12415| write ( 'Partition Length = Ox' ); 

12416| WriteHex ( 

| Partitionlnfo A .PartitionLength.HighPart ); 

12417| WriteHex ( 

| Partitioning. PartitionLength.LowPart ); 

12418| writeln; 
12419| 

12420| write ( 'Partition Number = Ox' ); 

12421 1 WriteHex ( Partitionlnfo A .PartitionNumber 

I); 

12422| writeln; 
12423| 

12424| write ( 'Partition Type = Ox' ); 

12425| WriteHexByte ( Partitionlnfo A .PartitionType 

I); 

12426| writeln; 
12427| 

12428| write ( 'Boot Indicator = Ox' ); 

12429| WriteHexByte ( Partitioning. Bootlndicator 

I); 

12430| writeln; 
12431| 

12432| write ( 'Recognized Partition = Ox'); 

12433| WriteHexByte ( 

| Partitioning. RecognizedPartition ); 

12434| writeln; 
12435| 

12436| write ( 'Reserved = Ox'); 

12437| WriteHexByte ( Partitioning. Reserved ); 

12438| writeln; 

12439| 

12440| write ( 'VolumeSerialNumber = Ox'); 

12441| WriteHex ( 

| Partitionlnfo A .VolumeSerialNumber ); 

12442| writeln; 
12443| 

12444| write ( 'DiskSerialNumber = Ox'); 

12445| WriteHex ( Partitioning. DiskSerialNumber 

I); 

12446| writeln; 
12447| 

12448| writeln; 

12449| end; 
12450| 

12451 1 VICT_GRANULE: begin 

12452| (* Put code here to process GRANULE chunk 



n 

12453| end; 
12454| 

12455| VICT_FINISH: begin 

12456| (* Put code here to process FINISH chunk *) 

12457| end; 

12458| 

12459| else begin 

12460| if Prefix. ChunkType = 

| VICT_BEGIN_CONTINUATION then begin 
12461 1 writeln ( 'Found BEGIN_CONTINUATION 

| chunk'); 

12462| end else if Prefix. ChunkType = 

| VICT_END_CONTINUATION then begin 

12463| writeln ( 'Found END_CONTINUATION 

| chunk'); 

12464| end else begin 

12465| write ( 'Found special chunk type: '); 

12466| WriteHex (Prefix.ChunkType); 

12467| writeln; 
12468| end; 
12469| end; 



12470| end; 

12471| end; 
12472| 
12473| 

12474| procedure DumpPrefix ( var Prefix: ChunkPrefix ); 

12475| var i: integer; 

12476| begin 

12477| writeln ( 'Prefix 

12478| 

12479| write (' PrefixChecksum = ' ); 

12480| WriteHex ( Prefix. PrefixChecksum ); 

12481| writeln; 
12482| 

12483| write (' ChunkChecksum = ' ); 

12484| WriteHex ( Prefix. ChunkChecksum ); 

12485| writeln; 
12486| 

12487| write (' ChunkType = ' ); 

12488| WriteHex ( Prefix.ChunkType ); 

12489| writeln; 
12490| 

12491 1 write ( ' PrefixSize = ' ); 

12492| WriteHex ( Prefix. PrefixSizelnBytes ); 

12493| writeln; 

12494| 

12495| write (' ChunkSize = ' ); 

12496| WriteHex ( Prefix.ChunkSizelnBytes ); 



12497 
12498 
12499 
12500 
12501 
12502 
12503 
12504 
12505 
12506 
12507 
12508 
12509 
12510 
12511 



12512 
12513 
12514 
12515 
12516 
12517 
12518 
12519 
12520 
12521 
12522 
12523 
12524 
12525 
12526 
12527 
12528 
12529 
12530 
12531 
12532 
12533 
12534 
12535 
12536 
12537 
12538 
12539 
12540 
12541 
12542 



writeln; 

for i := 0 to VOLIMAGE_MAX_USER_DATA do begin 

write ( ' UserData[\ i:2, '] = '); 

WriteHex ( Prefix. UserData[i] ); 

writeln; 
end; 

for i := 0 to 6 do begin 

write (' Reserved^, '] = * ); 

WriteHex ( Prefix. Reserved[i] ); 

writeln; 
end; 

writeln ( 

end; 

type 

ChunkDataPointer = A ChunkDataBuffer; 
Byte Array = array [0..0] of byte; 

var 

Prefix: ChunkPrefix; 

Processor: ChunkFileProcessor; 

FilePath: string; 

Datal : ChunkDataPointer; 

Data2: ChunkDataPointer; 

DataSizel: word; 

DataSize2: word; 

Status: ChunkFileStatus; 

ChunkNumber: longint; 

Happy, Finished: boolean; 

begin {program} 
new (Datal); 
new (Data2); 
Happy := true; 
Finished := false; 
Status := CFE_SUCCESS; 
Vlmage.SetChunkFileConsoleDebug (true); 



if ParamCount = 0 then begin 

writeln ( 'Use: vitest BackupFilePath' ); 
end else begin 

FilePath := ParamStr(1); 
if NOT 

| Processor.OpenPath_SearchAIIDrives(FilePath) then begin 
12543| writeln ( 'Error: Could not open backup set 

| in path '", FilePath, "" ); 



12544| 


end else begin 


12545| 


ChunkNumber := 0; 


12546| 


while Happy and not Finished do begin 


12547| 


Happy := Processor.GetNextChunk ( 


12548| 


Prefix, 


12549| 


Datal A , 


12550| 


Data2 A , 


12551| 


DataSizel, 


12552| 


DataSize2, 


12553| 


Status ); 


12554| 




12555| 


if not Happy then begin 


12556| 


writeln ( '!!! Could not read chunk 


| number 


ChunkNumber ); 



12557| writeln ( '!!! Continuation Number 

| = Processor.ContinuationNumber ); 
12558| writeln ( GetStatusString(Status) 

I); 

12559| end else begin 

12560| Happy := 

| ExpandData(Prefix,Data1 A ,Data2 A ,DataSize1,DataSize2); 
1 2561 1 if Happy then begin 

12562| ProcessChunk ( Prefix, Datal A , 

| Data2 A , DataSizel, DataSize2 ); 
12563| INC (ChunkNumber); 

12564| if Prefix.ChunkType = 

| VICT_FINISH then begin 
12565| writeln ( 'Found FINISH 

| chunk - backup set is complete.' ); 
12566| Finished := true; 

12567| end; 
12568| end; 
12569| end; 
12570| end; 
12571| 

12572| Processor.Close; 

1 2573| if Happy then begin 

12574| writeln ( 'The backup set is completely 

| valid.' ); 
12575| end else begin 

12576| writeln ( '!!! The backup set is 

| corrupt!' ); 
12577| end; 
12578| 

12579| writeln ( 'Number of chunks processed = 

| ', ChunkNumber ); 
12580| writeln ( 'Number of compressed granules = 

| ', Expand. GetNumCompressedGranules ) 
12581| end; 
12582| end; 



12583 
12584 
12585 
12586 
12587 
12588 
12589 
12590 
12591 
12592 
12593 



dispose (Datal); 
dispose (Data2); 

end. {program} 



PSM System DLL Source 



The DLL provides the user mode PSM services to the 
| system. --LPW 
125941 
12595 
12596 
12597 
12598 
12599 
12600 
12601 
12602 
12603 
12604 
12605 
12606 
12607 
12608 
12609 
12610 
12611 
12612 
12613 
12614 
12615 
12616 
12617 
12618 
12619 
12620 
12621 
12622 
12623 
12624 
12625 
12626 
12627 
12628 
12629 
12630 
12631 



File Listing: cacheloc.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 

#include <winioctl.h> 

#include <undoc.h> 

// PSM api 

#include <psm.h> 

// ioctls we need to send down 

#include M ..\driver\ioctl.h" 

#include "volume. h" 

#include "defrag.h" 
#include <mountmgr.h> 
#include <ntddstor.h> 
#include <ntddvol.h> 

#include "setup5.h" 
#include "setup4.h" 
#include "service, h" 



// finds a volume that has enough disk space and 
// hopefully not being psmed. 



12632| ULONG FindBestVolumeForCache ( 
12633| pOpenTransactionln3W In, 
12634| WCHAR *TempPath, 
1 2635| int TempPathSizelnChars ) 
12636| { 

12637| GetTempPathW(TempPathSizelnChars,TempPath); 

12638| return 0; 

12639| } 

12640| 

12641| 

12642| 

12643| /*— end of file cacheloc.c —7 

12644| 

12645| 

12646| 

12647| File Listing: CDP.h 
12648| 

1 2649| #def ine VEFt_COMPANYNAME_STR "Columbia Data 
| Products, Inc." 

12650| #define VER_LEGALTRADEMARKS_STR "PSMV256 is a 

| trademark of " VER_COMPANYNAME_STR 
12651| 

12652| #define VER_LEGALCOPYRIGHT_YEARS "1995-2001" 
12653| #define VER LEGALCOPYRIGHT STR "Copyright \251 " 

| VER_LEGALCOPYRIGHT_YEARS " " VER_COMPANYNAME_STR 
12654| 

12655| #if DBG 

1 2656| #def ine VER_DEBUG VS_FF_DEBUG 
12657| #else 

1 2658| #def ine VER_DEBUG 0 

12659| #endif 

12660| 

12661| #if BETA 

12662| #define VER PRODUCTBETA STR "BETA" 

1 2663| #def ine VER_PRERELEASE VS_FF_PRERELEASE 

12664| #else 

1 2665| #def ine VER PRERELEASE 0 
1 2666| #def ine VER_PRODUCTBETA_STR 
12667| #endif 
12668| 

12669| #define VER_FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 
12670| #define VER_FILEOS VOS_NT_WINDOWS32 
12671 1 #define VER_FILEFLAGS (VER_PRERELEASE | 

| VER_DEBUG) 
12672| 
12673| 
12674| 

12675| File Listing: cluster.c 
12676| 

12677| #include <stdio.h> 



12678 
12679 
12680 
12681 
12682 
12683 
12684 
12685 
12686 
12687 
12688 
12689 
12690 
12691 
12692 
12693 
12694 
12695 
12696 
12697 
12698 
12699 
12700 
12701 
12702 
12703 
12704 
12705 
12706 
12707 
12708 
12709 
12710 
12711 
12712 
12713 
12714 
12715 



12716 
12717 
12718 
12719 
12720 
12721 
12722 
12723 
12724 
12725 
12726 



#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#jnclude <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 

#include <winioctl.h> 

#include <undoc.h> 

// psm api 

#include <psm.h> 

// ioctls we need to send down 

#include "..\driver\ioctl.h" 

#include "volume. h" 

#include "defrag.h" 
#include <mountdev.h> 
#include <ntddstor.h> 
#include <ntddvol.h> 
#include <aclapi.h> 
#include <clusapi.h> 

#include "cluster.h" 
#include <psm.h> 
#include <psmlapi.h> 
#include "dlog.h" 

#ifdef _DEBUG 

#define STATIC 
#else 

#define STATIC static 
#endif 

ULONG GetVolumeGuidForNtDeviceName( WCHAR *NTName, 



| WCHAR *VolumeGuid); 



PSMSTATUS PSMAPI Psmi_GetKernelSnapShotVolumesW ( 
PVOID KernelSnapShotPointer, 
WCHAR *Buffer, 
ULONG BufferSize ); 



ULONG IsClusterlnstalled(void) 
{ 

BOOL Ret= FALSE; 

HMODULE Clusapi=LoadLibrary(TEXT("clusapi.dll")); 
tGetNodeClusterState pGetNodeClusterState=NULL; 



12727| 

12728| if((Clusapi!=INVALID_HANDLE_VALUE) && 

| (Clusapi!=NULL)){ 
1 2729 1 pGetNodeClusterState = 

| (tGetNodeClusterState)GetProcAddress(Clusapi, M GetNodeClu 

| sterState"); 
12730| if(pGetNodeClusterState) { 
12731| ULONG State=0; 

12732| pGetNodeClusterState(NULL,&State); 
12733| DLOG((TEXT("Cluster node state = 

| %08x\n"),State)); 
12734| /* 

12735| ClusterStateNotlnstalled The Cluster 

| service is not installed on the node. 
12736| ClusterStateNotConfigured The Cluster 

| service is installed on the node but has not yet been 

| configured. 

12737| ClusterStateNotRunning The Cluster 

| service is installed and configured on the node but is 

| not currently running. 
12738| ClusterStateRunning The Cluster 

| service is installed, configured, and running on the 

| node. 
12739| 7 

12740| if ((State == ClusterStateNotRunning) || 

| (State==ClusterStateRunning)) { 
1 2741 1 DLOG((TEXT("Cluster node 

| configured\n"))); 
12742| Ret = TRUE; 

12743| }else{ 

1 2744| DLOG((TEXT("Cluster not 

| installed/configured\n"))); 
12745| } 
12746| }else{ 

12747| D LOG ( (TEXT(" E rro r, entry point not found 

| for GetNodeClusterState\n M ))); 
12748| } 

12749| FreeLibrary(Clusapi); 
12750| }else{ 

1 2751 1 DLOG((TEXT("Error %08x, unable to load 

| clusapi\n"),Getl_astError())); 
12752| } 
12753| return Ret; 
12754| } 
12755| 
12756| 

12757| extern ULONG GetUniqueldForVolume ( 
12758| HANDLE VolHandle, 
1 2759| WCHAR *Uniqueld, 
12760| ULONG UniqueldLength 



12761| ); 
12762| 

12763| ULONG ClusterGetApis( pClusApis Apis ) 
12764| { 

12765| ULONG Err=0; 
12766| 

12767| memset(Apis,0,sizeof(tClusApis)); 
12768| 

12769| Apis->ClusApi=LoadLibrary(TEXT( M clusapi.dll")); 
12770| 

12771 1 if((Apis->ClusApi!=INVALID_HANDLE_VALUE) && 

| (Apis->ClusApi!=NULL)) { 
1 2772| Apis->OpenCluster= 

| (tOpenCluster)GetProcAddress(Apis->ClusApi,"OpenCluster M 

I); 

1 2773| Apis->CloseCluster= 

| (tCloseCluster)GetProcAddress(Apis->ClusApi,"CloseCluste 
I r"); 

1 2774| Apis->GetClusterKey= 

| (tGetClusterKey)GetProcAddress(Apis->ClusApi, M GetCluster 
I Key"); 

1 2775| Apis->ClusterRegCreateKey = 

| (tClusterRegCreateKey)GetProcAddress(Apis->ClusApi,"Clus 

| terRegCreateKey"); 
1 2776| Apis->ClusterRegOpenKey = 

| (tClusterRegOpenKey)GetProcAddress(Apis->ClusApi,"Cluste 

| rRegOpenKey"); 
1 2777| Apis->ClusterRegDeleteKey = 

| (tClusterRegDeleteKey)GetProcAddress(Apis->ClusApi, M Clus 

| terRegDeleteKey"); 
1 2778| Apis->ClusterRegCloseKey = 

| (tClusterRegCloseKey)GetProcAddress(Apis->ClusApi,"Clust 

| erRegCloseKey"); 
1 2779| Apis->ClusterRegEnumKey = 

| (tClusterRegEnumKey)GetProcAddress(Apis->ClusApi,"Cluste 

| rRegEnumKey"); 
1 2780| Apis->ClusterRegSetValue = 

| (tClusterRegSetValue)GetProcAddress(Apis->ClusApi,"Clust 

| erRegSetValue"); 
1 2781 1 Apis->ClusterRegDelete Value = 

| (tClusterRegDeleteValue)GetProcAddress(Apis->ClusApi,"CI 

| usterRegDeleteValue"); 
1 2782| Apis->ClusterRegQueryValue = 

| (tClusterRegQueryValue)GetProcAddress(Apis->ClusApi,"Clu 

| sterRegQueryValue"); 
1 2783| Apis->ClusterRegEnumValue = 

| (tClusterRegEnumValue)GetProcAddress(Apis->ClusApi,"Clus 

| terRegEnumValue"); 
1 2784| Apis->ClusterRegQuerylnfoKey = 

| (tClusterRegQuerylnfoKey)GetProcAddress(Apis->ClusApi,"C 



I lusterRegQuerylnfoKey"); 
1 2785| Apis->ClusterRegGetKeySecurity = 

| (tClusterRegGetKeySecurity)GetProcAddress(Apis->ClusApi, 

| "ClusterRegGetKeySecurity"); 
1 2786| Apis->ClusterRegSetKeySecurity = 

| (tClusterRegSetKeySecurity)GetProcAddress(Apis->ClusApi, 

| "ClusterRegSetKeySecurity"); 
12787| Apis->ClusterOpenEnum = 

| (tClusterOpenEnum)GetProcAddress(Apis->ClusApi,"ClusterO 

| penEnum"); 
12788| Apis->ClusterEnum = 

| (tClusterEnum)GetProcAddress(Apis->ClusApi, M ClusterEnum M 

I); 

12789| Apis->ClusterCloseEnum = 

| (tClusterCloseEnum)GetProcAddress(Apis->ClusApi, "Cluster 

| CloseEnum"); 
1 2790| Apis->GetNodeClusterState = 

| (tGetNodeClusterState)GetProcAddress(Apis->ClusApi,"GetN 

| odeClusterState"); 
12791| 

1 2792 1 Apis->GetClusterNodeState = 

| (tGetClusterNodeState)GetProcAddress(Apis->ClusApi,"GetC 

| lusterNodeState"); 
1 2793| Apis->OpenClusterNode = 

| (tOpenClusterNode)GetProcAddress(Apis->ClusApi,"OpenClus 

| terNode"); 
1 2794| Apis->CloseClusterNode = 

| (tCloseClusterNode)GetProcAddress(Apis->ClusApi,"CloseCI 

| usterNode"); 
12795| Apis->ResumeClusterNode = 

| (tResumeClusterNode)GetProcAddress(Apis->ClusApi, "Resume 

| ClusterNode"); 
1 2796| Apis->PauseClusterNode = 

| (tPauseClusterNode)GetProcAddress(Apis->ClusApi,"PauseCI 

| usterNode"); 
12797| 

1 2798| Apis->OpenClusterResource = 

| (tOpenClusterResource)GetProcAddress(Apis->ClusApi,"Open 

| ClusterResource"); 
12799| Apis->CloseClusterResource = 

| (tCloseClusterResource)GetProcAddress(Apis->ClusApi,"Clo 

| seClusterResource"); 
12800| Apis->OfflineClusterResource = 

| (tOfflineClusterResource)GetProcAddress(Apis->ClusApi,"0 

| fflineClusterResource"); 
12801 1 Apis->OnlineClusterResource = 

| (tOnlineClusterResource)GetProcAddress(Apis->ClusApi,"On 

| lineClusterResource"); 
1 2802| Apjs->GetClusterResourceState = 

| (tGetClusterResourceState)GetProcAddress(Apis->ClusApi," 



I GetClusterResourceState"); 
12803| Apis->ClusterResourceControl = 

| (tClusterResourceControl)GetProcAddress(Apis->ClusApi,"C 

| lusterResourceControl"); 
12804| 

12805| #ifdef DEBUG 



12806| // make sure everything loaded 

12807| { 

12808| ULONG i; 

12809| ULONG *Ptr; 

12810| Ptr = (ULONG*)Apis; 

1281 1 1 for(i=0;ksizeof(tClusApis)/4;i++,Ptr++) { 

12812| if(!Ptr){ 

12813| DLOG((TEXT("Error! Api %d is 

| missing!\n"),i)); 
12814| } 
12815| } 
12816| } 
12817| #endif 
12818| }else{ 
12819| Err = Getl_astError(); 

12820| DLOG((TEXT("Error %08x load module\n"),Err)); 



12821| } 

12822| return Err; 

12823| } 

12824| 

12825| ULONG ClusterCopyKey( pClusApis Apis, HKEY LocalKey, 

| HKEY ClusterKey ) 
12826| { 

12827| ULONG Err=0; 
12828| WCHAR Name[100]; 
12829| ULONG NameLen; 
12830| ULONG lndex=0; 
12831| ULONG Type; 
12832| ULONG DataSize; 
12833| PVOID Data; 
12834| 

12835| do{ 

12836| NameLen = sizeof(Name) / sizeof (WCHAR); 
12837| DataSize=0; 
12838| Err = 

| RegEnumValueW(LocalKey, Index, Name,&NameLen, NULL, NULL, NUL 
| L,&DataSize); 
12839| if(!Err){ 

12840| Data = LocalAlloc(LPTR,DataSize); 

12841| if (Data) { 

12842| Err = 

| RegQueryValueExW(LocalKey,Name,NULL,&Type,Data,&DataSize 

I); 

12843| if(!Err){ 



12844| Err = 

| Apis->ClusterRegSetValue(ClusterKey,Name,Type,Data,DataS 
I ize); 

12845| if(!Err){ 

1 2846| DLOG((TEXT("Success updating 

| %d:'%S', size=%d cluster\n"),Type,Name,DataSize)); 
12847| }else{ 

12848| DLOG((TEXT("Error %08x setting 

| data for value %S\n"),Err,Name)); 
12849| } 
12850| }else{ 

1 2851 1 DLOG((TEXT("Error %08x getting data 

| for value %S\n M ),Err,Name)); 
12852| } 
12853| Local Free( Data); 

12854| }else{ 

1 2855| DLOG((TEXT("Error! out of memory for 

| data, need %d bytes\n"),DataSize)); 
12856| Err = ERROR_OUTOFMEMORY; 

12857| } 
12858| }else{ 

12859| if(Err!=ERROR_NO_MORE_ITEMS) { 

12860| DLOG((TEXT("Error %08x enumerating 

| key\n"),Err)); 
12861| } 
12862| } 
12863| lndex++; 
12864| } while(Err==0); 
12865| 

12866| if(Err==ERROR_NO_MORE_ITEMS) { 

12867| Err = 0; 

12868| } 

12869| return Err; 

12870| } 

12871| 

12872| ULONG CopyKeyToClusterKey( WCHAR *VolumeGuid, WCHAR 

| *Uniqueld) 
12873| { 

12874| tClusApis Apis; 
1 2875| HCLUSTER Cluster; 
12876| ULONG Err=0; 
1 2877| HKEY ClusterKey; 
12878| HKEY PSMKey; 
12879| HKEY psmlocalkey; 
12880| HKEY volumelocalkey; 
12881| ULONG Disp=0; 
12882| 

12883| DLOG((TEXT( M VolumeGuid='%S\ 

| uniqueid='%S'\n"),VolumeGuid,Uniqueld)); 
12884| 



12885| Err = ClusterGetApis(&Apis); 

12886| if(!Err){ 

12887| Cluster = Apis.OpenCluster(NULL); 

12888| if(ICIuster) { 

12889| DLOG((TEXT("unable to open cluster\n M ))); 

12890| Err = GetLastError(); 

12891| } 

12892| if(!Err){ 

12893| ClusterKey = 

| Apis.GetClusterKey(Cluster,KEY_ALL_ACCESS); 

12894| if(!ClusterKey) { 

1 2895| DLOG((TEXT("unable to open root 

I key\n"))); 

1 2896| Err = GetLastErrorQ; 

12897| } 

12898| if(!Err){ 

12899| WCHAR Temp[200]; 
12900| 

| wcscpy(Temp,L"PersistentStorageManager\\"); 

12901 1 wcscat(Temp,Uniqueld); 
12902| 

12903| __try{ 

1 2904| Err = Apis.ClusterRegCreateKey( 

12905| ClusterKey, 

12906| Temp, 

12907| REG_OPTION_NON_VOLATILE, 

12908| KEYALLACCESS, 

12909| NULL, 

12910| &PSMKey, 

12911| &Disp 

12912| ); 

12913| } __except (EXCEPTION EXECUTE HANDLER) 
|{ 

12914| Err = GetExceptionCode(); 

12915| DLOG((TEXT("Exception %08x in 

| ClusterRegCreateKey\n M ),Err)); 

12916| } 
12917| 

12918| if(!Err){ 

12919| DLOG((TEXT("Disposition of PSM key 

| is%08x\n M ),Disp)); 

12920| Err = 

| RegOpenKeyExW(HKEY_LOCAL_MACHINE, 
12921| 

| L"SYSTEM\\CurrentControlSet\\Services\\PSMan5", 

12922| 0, 

12923| KEYREAD, 

12924| &psmlocalkey); 

12925| if(!Err){ 

12926| Err = 



I RegOpenKeyExW(psmlocalkey, 
12927| VolumeGuid, 
12928| 0, 
12929| KEYREAD, 
12930| &volumelocalkey); 
12931| if(!Err){ 
12932| Err = 

| ClusterCopyKey(&Apis,volumelocalkey,PSMKey); 
12933| 

| RegCloseKey(volumelocalkey); 
12934| }else{ 

12935| DLOG((TEXT("Cluster: Error 

| %08x opening volume guid key\n"),Err)); 
12936| } 

1 2937| RegCloseKey(psmlocalkey); 
12938| }else{ 

1 2939| DLOG((TEXT("Cluster: Error %08x 

| opening psman5 key\n"),Err)); 
12940| } 

12941 1 Apis.ClusterRegCloseKey(PSMKey); 
12942| }else{ 

12943| DLOG((TEXT("Cluster: Error %08x 

| creating PSM key\n"),Err)); 
12944| } 

12945| Apis.ClusterRegCloseKey(ClusterKey); 
12946| }else{ 

1 2947| DLOG((TEXT("Cluster: Error %08x getting 

| cluster key\n"),Err)); 
12948| } 

12949| Apis.CloseCluster(Cluster); 
12950| }else{ 

12951 1 DLOG((TEXT("Cluster: Error %08x opening 

| cluster\n M ),Err)); 
12952| } 

1 2953| FreeLibrary(Apis.ClusApi); 
12954| }else{ 

1 2955| DLOG((TEXT("Cluster: Error %08x unable to get 

| entry points\n"),Err)); 
12956| } 
12957| return Err; 
12958| } 
12959| 

12960| ULONG ClusterUpdateVolume( WCHAR *NTName ) 
12961| { 

12962| ULONG Err=0; 

12963| UNICODE_STRING Uni={0}; 

12964| OBJECT ATTRIBUTES ObjectAttributes={0}; 

12965| HANDLE hVolume; 

12966| IO_STATUS_BLOCK loStatus={0}; 

12967| WCHAR VolumeGuid[120]; 



12968| WCHAR Uniqueld[20*4]; 

12969| ULONG UniqueldLength=sizeof(Uniqueld); 

12970| 

12971| Err = 

| GetVolumeGuidForNtDeviceName(NTName,VolumeGuid); 
12972| if (Err) { 

12973| DLOG((TEXT("Error %08x volume guid\n"),Err)); 
12974| return Err; 
12975| } 
12976| 

12977| DLOG((TEXT( M ClusterUpdateVolume: Nt = '%S\ 

| guid= , %S , \n"),NTName,VolumeGuid)); 
12978| 

12979| RtllnitUnicodeString( &Uni, NTName); 
12980| 

1 2981 1 InitializeObjectAttributes ( &ObjectAttributes, 
12982| &Uni, 

12983| OBJ_CASE_INSENSITIVE, 
12984| NULL, 
12985| NULL); 
12986| 

12987| Err = NtCreateFile( &hVolume, 
12988| FILE_GENERIC_READ, 

| // desired access 
1 2989 1 &Object Attributes, 

| // object attributes 
12990| &loStatus, 
12991| NULL, // 

| alloc size 

12992| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
12993| FILE SHARE WRITE | 

| FILE_SHARE_READ, //share 

| access 

12994| FILE_OPEN, // 

| create disposition 
12995| 

| FILE_SYNCHRONOUS_IO_NONALERT, //create 
| options 

12996| NULL, // eabuffer 

12997| 0); //ealength 

12998| 

12999| if(!Err){ 
13000| Err = 

| GetUniqueldForVolume(hVolume,Uniqueld,sizeof(Uniqueld)); 
13001| NtClose(hVolume); 
13002| 

13003| if(!Err) { 

13004| // ClusterUpdate Volume: Nt = 

| '\Device\HarddiskVolume1', 



I guid='Volume{0567ac62-a52a-1 1d4-a734-806d61 72696f}' 
13005| VolumeGuid[43] = L'\0'; 

13006| Err = 

| CopyKeyToClusterKey(VolumeGuid+7,Uniqueld); 
13007| }else{ 

1 3008| DLOG((TEXT("Error %08x getting unique 

I id\n"),Err)); 
13009| } 
13010| }else{ 

1 301 1 1 DLOG((TEXT("Error %08x opening 

| volume\n"),Err)); 
13012| } 
13013| return Err; 
13014| } 
13015| 

13016| ULONG UpdateClusterRegistries( tSnapShot *SnapShot ) 
13017| { 

13018| BOOL B= FALSE; 
13019| ULONG Err=0; 
13020| ULONG returned=0; 
13021| 

13022| if(lsClusterlnstalled()) { 



13023| if(Psm_lsPersistentSnapShotPointer(SnapShot)) { 

13024| WCHAR 'Buffer; 

1 3025| ULONG BufferSize=1 28*1 024; 

13026| 

1 3027| Buffer = LocalAlloc(LPTR,BufferSize); 

13028| if (Buffer) { 

13029| Err= Psmi_GetKernelSnapShotVolumesW( 

13030| Snapshot, 

13031| Buffer, 

13032| BufferSize); 

13033| 

13034| if(!Err){ 

13035| WCHAR *p=Buffer; 

13036| 

13037| while(*p){ 

13038| Err = ClusterUpdateVolume(p); 

13039| if(Err) { 

1 3040| DLOG((TEXT("Error %08x 

| copying registry for volume '%S'\n"),p)); 

13041| } 

1 3042| p+=wcslen(p)+1 ; 

13043| } 

13044| } 

13045| LocalFree(Buffer); 

13046| }else{ 

1 3047| DLOG((TEXT("Out of memory for volume 
I Mst\n"))); 

13048| Err= ERROR_OUTOFMEMORY; 



13049| } 

13050| }else{ 

1 3051 1 DLOG((TEXT("Not a valid snapshot 

| %08x\n"),SnapShot)); 

13052| Err= ERROR_INVALID_PARAMETER; 

13053| } 

13054| }else{ 

1 3055| DLOG((TEXT("Cluster not installed\n"))); 

13056| } 

13057| 

13058| return Err; 



13059| } 
13060| 

13061| ULONG ClusterGetNumberNodesActiveO 
13062| { 

13063| ULONG NumNodesActive=0; 
13064| ULONG NumNodes=0; 
13065| _try{ 
13066| ULONG Err; 
13067| tClusApis Apis; 
13068| HCLUSTER Cluster; 
13069| HCLUSENUM Enum; 
13070| 

13071 1 Err = ClusterGetApis(&Apis); 
13072| if(!Err){ 

13073| Cluster = Apis.OpenCluster(NULL); 

13074| if(ICIuster) { 

1 3075| DLOG((TEXT("unable to open 

| cluster\n"))); 
1 3076| Err = GetLastError(); 

13077| } 
13078| if(!Err){ 
13079| 

13080| Enum = 

| Apis.ClusterOpenEnum(Cluster,CLUSTER_ENUM_NODE); 
13081| 

13082| if(Enum){ 

13083| ULONG Index = 0; 

13084| ULONG Type; 

13085| ULONG Size; 

13086| WCHAR Buffer[64]; 

13087| 

13088| while(Err==0) { 

1 3089| Size = sizeof(Buffer) / 

| sizeof (WCHAR); // number of characters not bytes 
13090| 

13091 1 Err = Apis.ClusterEnum( 

13092| Enum, 
13093| Index, 
13094| &Type, 



13095| Buffer, 
13096| &Size 
13097| ); 
13098| 

13099| jf(Err — 0) { 

13100| if(Type==CLUSTER_ENUM_NODE) 
|{ 

13101| ULONG State; 

13102| DLOG((TEXT("Node '%S' 

| found\n M ),Buffer)); 
13103| 

13104| NumNodes++; 

13105| 

13106| 

| Apis.GetNodeClusterState(Buffer,&State); 
13107| DLOG((TEXT(" Cluster 

| node state = %08x\n"),State)); 
13108| I* 

13109| ClusterStateNotl installed The 

| Cluster service is not installed on the node. 

13110| ClusterStateNotConfigured The Cluster 

| service is installed on the node but has not yet been 
| configured. 

13111| ClusterStateNotRunning The 

| Cluster service is installed and configured on the node 

| but is not currently running. 
13112| ClusterStateRunning The 

| Cluster service is installed, configured, and running 

| on the node. 
13113| 7 
13114| 

| if(State==ClusterStateRunning) { 
131 15| NumNodesActive++; 
13116| } 
13117| }else{ 
131 18| DLOG((TEXT(' M %S' is not 

| a node\n"),Buffer)); 
13119| } 
13120| 

13121| lndex++; 

13122| } 

13123| }//while(Err==0) 

13124| 

13125| Apis.ClusterCloseEnum(Enum); 
13126| }else{ 

1 31 27| DLOG((TEXT("Cluster: Error opening 

| enum for nodes\n"))); 
13128| } 
13129| 

13130| Apis.CloseCluster(Cluster); 



13131| }else{ 

13132| DLOG((TEXT("Cluster: Error %08x opening 

| cluster\n"),Err)); 
13133| } 

13134| FreeLibrary(Apis.ClusApi); 
13135| }else{ 

13136| DLOG((TEXT("Cluster: Error %08x unable to 

| get entry points\n"),Err)); 
13137| } 

13138| } except(EXCEPTION_EXECUTE_HANDLER) { 

13139| DLOG((TEXT("Exception %08x 

| ClusterGetNumberNodesActive\n M ),GetExceptionCode())); 
13140| } 

13141 1 DLOG((TEXT("Cluster: Found %d nodes, of which %d 

| are active\n M ),NumNodes,NumNodesActive)); 
13142| return NumNodesActive; 
13143| } 
13144| 
13145| 
13146| /* 

13147| returns 0 if revert is not allowed, otherwise 

| revert is allowed 
13148| 
13149| 

13150| This routine returns true in the following cases 

13151 1 1 . Cluster service is not installed 

13152| 2. Cluster service is not running 

13153| 3. Cluster service is running, but only 1 node 

| is active 
13154| 7 
13155| 

13156| ULONG Clusterls Revert Al lowed () 
13157| { 

13158| BOOL Ret=TRUE; 
13159| __try{ 
13160| HMODULE 

| Clusapi=LoadLibrary(TEXT("clusapi.dll")); 
131 61 1 tGetNodeClusterState pGetNodeClusterState=NULL; 
13162| ULONG NodesRunning=0; 
13163| 

13164| if((Clusapi!=INVALID_HANDLE_VALUE) && 

| (Clusapi!=NULL)) { 
1 31 65| pGetNodeClusterState = 

| (tGetNodeClusterState)GetProcAddress(Clusapi,"GetNodeClu 

| sterState"); 
131 66| if (pGetNodeClusterState) { 

13167| ULONG State=0; 

131 68| pGetNodeClusterState(NULL,&State); 
13169| DLOG((TEXT("Cluster node state = 

| %08x\n M ),State)); 



13170| /* 

13171 1 ClusterStateNotlnstalled The 

| Cluster service is not installed on the node. 

13172| ClusterStateNotConfigured The Cluster 

| service is installed on the node but has not yet been 
| configured. 

13173| ClusterStateNotRunning The 

| Cluster service is installed and configured on the node 

| but is not currently running. 
13174| ClusterStateRunning The 

| Cluster service is installed, configured, and running 

| on the node. 
13175| 7 
13176| 

13177| if(State!=ClusterStateRunning) { 

13178| // revert is allowed 

13179| Ret = TRUE; 

13180| }else{ 

13181 1 // okay more work is required to 

| determine if revert is 
13182| //allowed 
13183| 

13184| NodesRunning = 

| ClusterGetNumberNodesActive(); 
13185| 

13186| if(NodesRunning>1 ) { 

13187| // reve rt not al lowed 

13188| Ret = FALSE; 

13189| }else{ 
13190| // revert is allowed 

13191| Ret = TRUE; 

13192| } 
13193| 

13194| } // ClusterStateRunning 

13195| }else{ 

1 31 96| DLOG((TEXT("Error, entry point not 

| found for GetNodeClusterState\n"))); 
13197| } 

13198| FreeLibrary(Clusapi); 
13199| }else{ 

13200| DLOG((TEXT("Error %08x, unable to load 

| clusapi\n"),Getl_astError())); 
13201| } 

13202| } except(EXCEPTION_EXECUTE_HANDLER) { 

13203| DLOG((TEXT("Exception %08x 

| ClusterlsRevertAllowed\n"),GetExceptionCode())); 
13204| } 
13205| return Ret; 
13206| } 
13207| 



13208| ULONG ClusterlsClusterActive() 
13209| { 

13210| BOOL Ret= FALSE; 
13211| __try{ 
13212| HMODULE 

| Clusapi=LoadLibrary(TEXT("clusapi.dll")); 
13213| tGetNodeClusterState pGetNodeClusterState=NULL; 
13214| ULONG NodesRunning=0; 
13215| 

13216| if((Clusapi!=INVALID_HANDLE_VALUE) && 

| (Clusapi!=NULL)){ 
13217| pGetNodeClusterState = 

| (tGetNodeClusterState)GetProcAddress(Clusapi, M GetNodeClu 

| sterState"); 
13218| if (pGetNodeClusterState) { 

13219| ULONG State=0; 

13220| pGetNodeClusterState(NULL,&State); 
1 3221 1 DLOG((TEXT("Cluster node state = 

| %08x\n"),State)); 
13222| /* 

13223| ClusterStateNotl installed The 

| Cluster service is not installed on the node. 
13224| ClusterStateNotConfigured The Cluster 

| service is installed on the node but has not yet been 

| configured. 

13225| ClusterStateNotRunning The 

| Cluster service is installed and configured on the node 

| but is not currently running. 
13226| ClusterStateRunning The 

| Cluster service is installed, configured, and running 

| on the node. 
13227| 7 
13228| 

13229| if(State==ClusterStateRunning) { 

1 3230| // revert is allowed 

13231| Ret = TRUE; 

13232| }else{ 

13233| Ret = FALSE; 

1 3234| } // ClusterStateRunning 

13235| }else{ 

1 3236| DLOG((TEXT("Error, entry point not 

| found for GetNodeClusterState\n"))); 
13237| } 

1 3238| FreeLibrary(Clusapi); 
13239| }else{ 

13240| DLOG((TEXT("Error %08x, unable to load 

| clusapi\n"),GetLastError())); 
13241| } 

13242| } except( EXC E PTI ON_EXECUTE_H AN D LE R) { 

1 3243| DLOG((TEXT("Exception %08x 



I ClusterlsRevertAllowed\n"),GetExceptionCode())); 
13244| } 
13245| return Ret; 
13246| } 
13247| 

13248| ULONG lsDiskResource( tClusApis Apis, HCLUSTER Cluster, 

| WCHAR *ResourceName) 
13249| { 

13250| H RESOURCE Resource = 

| Apis.OpenClusterResource(Cluster,ResourceName); 
1 3251 1 ULONG IsDisk = FALSE; 
13252| ULONG Err=0; 
13253| ULONG Returned=0; 
13254| 

13255| if (Resource) { 

13256| CLUS_RESOURCE_CLASS_INFO Info; 
13257| 

13258| Err = Apis.ClusterResourceControl( Resource, 
13259| NULL, 

13260| CLUSCTL_RESOURCE_GET_CLASS_INFO, 

13261| NULL,0, 

13262| &lnfo, 

13263| sizeof(lnfo), 

13264| &Returned 

13265| ); 

13266| if(!Err) { 

13267| if (Info, rc == CLUS_RESCLASS_STORAGE) { 

1 3268| DLOG((TEXT('"%S' is a disk 

| resource\n"),ResourceName)); 
13269| lsDisk=TRUE; 
13270| Err = 0; 

13271| }else{ 

13272| DLOG((TEXT("'%S' is a not disk 

| resource\n"),ResourceName)); 
13273| lsDisk=FALSE; 
13274| } 
13275| }else{ 

13276| DLOG((TEXT("Error %08x getting class info 

| for resource '%S'\n"),Err,ResourceName)); 
13277| } 

13278| Apis.CloseClusterResource(Resource); 

13279| }else{ 

13280| Err = GetLastError(); 

1 3281 1 DLOG((TEXT("Error %08x opening resource 

| '%S'\n"),Err,ResourceName)); 
13282| } 

13283| return IsDisk; 

13284| } 

13285| 

13286| 



13287| ULONG GetDiskTarget( tClusApis Apis, HCLUSTER Cluster, 

| WCHAR *ResourceName, WCHAR *Target) 
13288| { 

13289| HRESOURCE Resource = 

| Apis.OpenClusterResource(Cluster,ResourceName); 
13290| ULONG Err=0; 
1 3291 1 ULONG Returned=0; 
13292| 

13293| if (Resource) { 

13294| CHAR Buffer[65536]={0}; 

13295| CLUSPROP_BUFFER_HELPER cbh; 

13296| 

13297| cbh. pb = Buffer; 
13298| 

13299| Err = Apis.ClusterResourceControl( Resource, 
13300| NULL, 

13301 1 CLUSCTL_RESOURCE_STORAGE_GET_DISK_INFO, 

13302| NULL,0, 

13303| Buffer, 

13304| sizeof(Buffer), 

13305| &Returned 

13306| ); 

13307| if(!Err){ 

13308| while(1){ 

13309| DLOG((TEXT("Type=%08x, 

| Length=%08x\n"),cbh.pValue->Syntax.dw,cbh.pValue->cbLeng 

I th)); 
13310| 

1 331 1 1 if(cbh.pValue->Syntax.dw == 

| CLUSPROP_SYNTAX_ENDMARK) { 
13312| Err = ERROR_NOT_FOUND; 

13313| break; 
13314| } 
13315| 

1 331 6| if(cbh.pValue->Syntax.dw == 

| CLUSPROP_SYNTAX_PARTITION_INFO) { 
1 331 7| DLOG((TEXT("Volume='%S', 

| label='%S'\n"), 
13318| 

| cbh.pPartitionlnfoValue->szDeviceName, 
13319| 

| cbh . pPartition Info Value->szVo lu meLabel 
13320| )); 
13321| 

| wcscpy(Target,cbh.pPartitionlnfoValue->szDeviceName); 
13322| if(Target[1 ]==':') { 

13323| Target[2]=0; 
13324| } 
13325| Err = 0; 

13326| break; 



13327| } 

13328| 

13329| 

| cbh.pb+=cbh.pValue->cbLength+sizeof(CLUSPROP_VALUE); 
13330| 

| if(cbh.pb-Buffer+sizeof(DWORD)>Returned) { 



13331 1 Err = ERROR_NOT_FOUND; 

13332| break; 

13333| } 

13334| } 

13335| }else{ 

1 3336| DLOG((TEXT("Error %08x getting class info 

| for resource '%S'\n"),Err,ResourceName)); 

13337| } 

13338| Apis.CloseClusterResource(Resource); 

13339| }else{ 

13340| Err = Getl_astError(); 

1 3341 1 DLOG((TEXT("Error %08x opening resource 



| '%S'\n"),Err,ResourceName)); 
13342| } 
13343| return Err; 
13344| } 
13345| 
13346| 

13347| #define CLUSTER_DISK_ONLINE 0 
13348| #define CLUSTER_DISK_OFFLINE 1 
13349| 

13350| ULONG ClusterChangeDiskStatus( WCHAR *VolumeName, ULONG 

| Status ) 
13351| { 

13352| ULONG Err; 
13353| tClusApis Apis; 
13354| HCLUSTER Cluster; 
13355| HCLUSENUM Enum; 
13356| HRESOURCE Resource; 
13357| 

13358| _try{ 

13359| Err = ClusterGetApis(&Apis); 
13360| if(!Err){ 

13361 1 Cluster = Apis.OpenCluster(NULL); 

13362| if(ICIuster) { 

1 3363| DLOG((TEXT("unable to open 

| cluster\n"))); 
1 3364| Err = GetLastError(); 

13365| } 
13366| if(!Err){ 
13367| 

13368| Enum = 

| Apis.ClusterOpenEnum(Cluster,CLUSTER_ENUM_RESOURCE); 
13369| 



13370| if(Enum){ 

13371| U LONG Index = 0; 

13372| U LONG Type; 

13373| ULONG Size; 

13374| WCHAR Buffer[64]; 

13375| 

13376| while(Err==0) { 

1 3377| Size = sizeof(Buffer) / 

| sizeof (WCHAR); // number of characters not bytes 
13378| 

13379| Err = Apis.ClusterEnum( 

13380| Enum, 

13381| Index, 

13382| &Type, 

13383| Buffer, 

13384| &Size 

13385| ); 

13386| 

13387| if(Err==0){ 
13388| 

| if(Type==CLUSTER_ENUM_RESOURCE) { 
13389| DLOG((TEXT("Resource 

| '%S' found\n"),Buffer)); 
13390| 
13391| 

| if(lsDiskResource(Apis,Cluster,Buffer)) { 
13392| WCHAR Target[256]; 

13393| Err = 

| GetDiskTarget(Apis,Cluster,Buffer,Target); 
13394| if(!Err){ 
13395| 

| if(_wcsicmp(Target,VolumeName)==0) { 
13396| 

| DLOG((TEXT("Found the resource!!!!!!!!!\n"))); 
13397| Resource = 

| Apis.OpenClusterResource(Cluster,Buffer); 
13398| 

| if (Resource) { 
13399| 

| if(Status==CLUSTER_DISK_ONLINE) { 
13400| Err 

| = Apis.OnlineClusterResource(Resource); 
13401| 

I if(Err) { 
13402| 

| DLOG((TEXT("Error %08x bring resource online\n"),Err)); 
13403| } 
13404| }else 
13405| 

| if(Status==CLUSTER_DISK_OFFLINE) { 



13406| Err 

| = Apis.OfflineClusterResource(Resource); 
13407| 

I if(Err) { 
13408| 

| DLOG((TEXT("Error %08x bring resource 

| offline\n"),Err)); 
13409| } 
13410| } 
13411| 

| DLOG((TEXT("Waiting for device to come 

| online/offline\n M ))); 
13412| 

| while(1) { 
13413| 

| CLUSTER_RESOURCE_STATE State = 
| Apis.GetClusterResourceState(Resource,NULL,0,NULL,0); 
13414| 

| if((State==ClusterResourcePending) || 
13415| 

| (State==ClusterResourceOnlinePending) || 
13416| 

| (State==ClusterResourceOfflinePending)) { 
13417| 

| DLOG((TEXT("Waiting for device to come 

| online/offline\n"))); 
13418| 

| Sleep(1000); 
13419| } 

| else { 
13420| 

| DLOG((TEXT("Device online/offline\n"))); 
13421| 

| Err = 0; 
13422| 

| break; 

13423| } 

13424| 

13425| I* 

13426| ClusterResourcelnitializing The resource is performing 
| initialization. 

13427| ClusterResourceOnline The resource is operational and 

| functioning normally. 
13428| ClusterResourceOffline The resource is not operational. 
13429| ClusterResourceFailed The resource has failed. 
13430| ClusterResourcePending The resource is in the process 

| of coming online or going offline. 
13431 1 ClusterResourceOnlinePending The resource is in the 

| process of coming online. 
13432| ClusterResourceOfflinePending The resource is in the 



I process of going offline. 
1 3433| ClusterResourceStateUnknown 
13434| 7 
13435| 
13436| 

13437| } 
13438| 

| Apis .CloseClusterResou rce( Resou rce) ; 
13439| }else{ 
13440| Err = 

| Getl_astError(); 
13441| 

| DLOG((TEXT("Error %08x opening resou rce\n"), Err)); 
13442| } 
13443| 

13444| //exit the 

| while loop 
13445| break; 
13446| } 
13447| }else{ 
13448| 

| DLOG((TEXT("Error getting target of disk resource 

| W), Buffer)); 
13449| } 
13450| } 
13451| }else{ 

13452| DLOG((TEXT('"%S' is not 

| a resource\n"), Buffer)); 
13453| } 
13454| 

13455| lndex++; 

13456| } 

13457| }//while(Err==0) 

13458| 

13459| Apis.ClusterCloseEnum(Enum); 
13460| }else{ 

1 3461 1 DLOG((TEXT("Cluster: Error opening 

| enum for resources\n"))); 
13462| } 
13463| 

13464| Apis.CloseCluster(Cluster); 
13465| }else{ 

1 3466| DLOG((TEXT("Cluster: Error %08x opening 

| cluster\n"),Err)); 
13467| } 

13468| FreeLibrary(Apis.ClusApi); 
13469| }else{ 

1 3470| DLOG((TEXT("Cluster: Error %08x unable to 

| get entry points\n"),Err)); 
13471| } 



13472| } _except(EXCEPTION_EXECUTE_HANDLER) { 
13473| DLOG((TEXT("Exception %08x 

| ClusterGetNumberNodesActive\n"),GetExceptionCode())); 
13474| } 
13475| return Err; 
13476| } 
13477| 
13478| 

13479| ULONG ClusterlnitiateRevert( PVOID 

| KernelSnapShotPointer ) 
13480| { 

13481| ULONG Err; 

13482| WCHAR Buffer[65536]={0}; 

13483| 

1 3484| Err = Psm_GetKernelSnapShotVolumesW ( 

13485| KernelSnapShotPointer, 

13486| Buffer, 

13487| sizeof(Buffer) 

13488| ); 

13489| 

13490| if(!Err){ 

1 3491 1 WCHAR *p=Buffer; 

13492| 

1 3493| // take the volumes offline 
13494| while(*p){ 

1 3495| // cluster only support drive letters 

13496| if(p[1 ]==':') { 

13497| Err = 

| ClusterChangeDiskStatus(p,CLUSTER_DISK_OFFLINE); 
13498| if(Err==0){ 
13499| Err = 

| ClusterChangeDiskStatus(p,CLUSTER_DISK_ONLINE); 
13500| } 
13501| } 

1 3502| p+=wcslen(p)+1 ; 

13503| } 
13504| }else{ 

1 3505| DLOG((TEXT("Error %08x getting volumes for 

| snapshot %08x\n"), KernelSnapShotPointer)); 
13506| } 
13507| 

13508| return Err; 

13509| } 

13510| 

13511| 

13512| 

13513| File Listing: cluster.h 
13514| 

13515| typedef LONG 

13516| (WINAPI *tClusterRegCreateKey)( 
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IN HKEY hKey, 
IN LPCWSTR IpszSubKey, 
IN DWORD dwOptions, 
IN REGSAM samDesired, 

IN LPSECURITY_ATTRIBUTES IpSecurityAttributes, 

OUT PHKEY phkResult, 

OUT OPTIONAL LPDWORD IpdwDisposition 

); 

typedef LONG 

(WINAPI *tClusterRegOpenKey)( 
IN HKEY hKey, 
IN LPCWSTR IpszSubKey, 
IN REGSAM samDesired, 
OUT PHKEY phkResult 

); 

typedef LONG 

(WINAPI *tClusterRegDeleteKey)( 
IN HKEY hKey, 
IN LPCWSTR IpszSubKey 

); 

typedef LONG 

(WINAPI *tClusterRegCloseKey)( 
IN HKEY hKey 

); 

typedef LONG 

(WINAPI *tClusterRegEnumKey)( 
IN HKEY hKey, 
IN DWORD dwlndex, 
OUT LPWSTR IpszName, 
IN OUT LPDWORD IpcchName, 
OUT PFILETIME IpftLastWriteTime 

); 

typedef DWORD 
(WINAPI *tClusterRegSetValue)( 
IN HKEY hKey, 

IN LPCWSTR IpszValueName, 
IN DWORD dwType, 
IN CONST BYTE* IpData, 
IN DWORD cbData 

); 

typedef DWORD 

(WINAPI *tClusterReg Delete Value)( 
IN HKEY hKey, 
IN LPCWSTR IpszValueName 
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); 



typedef LONG 

(WINAPI *tClusterRegQueryValue)( 
IN HKEY hKey, 

IN LPCWSTR IpszValueName, 
OUT LPDWORD IpdwValueType, 
OUT LPBYTE IpData, 
IN OUT LPDWORD IpcbData 

); 

typedef DWORD 

(WINAPI *tClusterRegEnumValue)( 
IN HKEY hKey, 
IN DWORD dwlndex, 
OUT LPWSTR IpszValueName, 
IN OUT LPDWORD IpcchValueName, 
OUT LPDWORD IpdwType, 
OUT LPBYTE IpData, 
IN OUT LPDWORD IpcbData 

); 

typedef LONG 

(WINAPI *tClusterRegQuerylnfoKey)( 
IN HKEY hKey, 
IN LPDWORD IpcSubKeys, 
IN LPDWORD IpcchMaxSubKeyLen, 
IN LPDWORD IpcValues, 
IN LPDWORD IpcchMaxValueNameLen, 
IN LPDWORD IpcbMaxValueLen, 
IN LPDWORD IpcbSecurityDescriptor, 
IN PFILETIME IpftLastWriteTime 

); 

typedef LONG 

(WINAPI *tClusterRegGetKeySecurity )( 
IN HKEY hKey, 

IN SECURITYJNFORMATION Requestedl information, 
OUT PSECURITY_DESCRIPTOR pSecurityDescriptor, 
IN LPDWORD IpcbSecurityDescriptor 

); 

typedef LONG 

(WINAPI *tClusterRegSetKeySecurity)( 
IN HKEY hKey, 

IN SECURITYJNFORMATION Securitylnformation, 
IN PSECURITY_DESCRIPTOR pSecurityDescriptor 

); 
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typedef DWORD 

(WINAPI *tGetNodeClusterState)( 
IN LPCWSTR IpszNodeName, 
OUT DWORD *pdwClusterState 

); 

typedef HCLUSTER 
(WINAPI *tOpenCluster)( 

IN LPCWSTR IpszClusterName 

); 

typedef BOOL 
(WINAPI *tCloseCluster)( 
IN HCLUSTER hCluster 

); 

typedef HKEY 

(WINAPI *tGetClusterKey)( 

IN HCLUSTER hCluster, 

IN REGSAM samDesired 

); 

typedef DWORD (WINAPI *tClusterEnum)( 
HCLUSENUM hEnum, 
DWORD dwlndex, 
LPDWORD IpdwType, 
LPWSTR IpszName, 
LPDWORD IpcchName 

); 

typedef HCLUSENUM (WINAPI *tClusterOpenEnum)( 
HCLUSTER hCluster, 
DWORD dwType 

); 

typedef DWORD (WINAPI *tClusterCloseEnum)( 
HCLUSENUM hEnum 

); 

typedef CLUSTER_NODE_STATE (WINAPI 



| *tGetClusterNodeState)( 



HNODE hNode 

); 

typedef HNODE (WINAPI *tOpenClusterNode)( 
HCLUSTER hCluster, 
LPCWSTR IpszNodeName 

); 

typedef BOOL (WINAPI *tCloseClusterNode)( 
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HNODE hNode 

); 

typedef DWORD (WINAPI *tResumeClusterNode)( 
HNODE hNode 

); 

typedef DWORD (WINAPI *tPauseClusterNode)( 
HNODE hNode 

); 

typedef HRESOURCE (WINAPI *tOpenClusterResource)( 
HCLUSTER hCluster, 
LPCWSTR IpszResourceName 

); 

typedef BOOL (WINAPI *tCloseClusterResource)( 
HRESOURCE h Resource 

); 

typedef DWORD (WINAPI *tOfflineClusterResource)( 
HRESOURCE h Resource 

); 

typedef DWORD (WINAPI *tOnlineClusterResource)( 
HRESOURCE h Resource 

); 

typedef CLUSTER_RESOURCE_STATE (WINAPI 



tGetClusterResourceState)( 



HRESOURCE hResource, 
LPWSTR IpszNodeName, 
LPDWORD IpcchNodeName, 
LPWSTR IpszGroupName, 
LPDWORD IpcchGroupName 

); 

typedef DWORD (WINAPI *tClusterResourceControl)( 
HRESOURCE hResource, 
HNODE hHostNode, 
DWORD dwControlCode, 
LPVOID IplnBuffer, 
DWORD cblnBufferSize, 
LPVOID IpOutBuffer, 
DWORD cbOutBufferSize, 
LPDWORD IpcbBytes Returned 

); 

typedef struct sClusApis { 
HMODULE ClusApi; 
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tOpenCluster OpenCluster; 
tCloseCluster CloseCluster; 
tGetClusterKey GetClusterKey; 
tClusterRegCreateKey ClusterRegCreateKey; 
tClusterRegOpenKey ClusterRegOpenKey; 
tClusterRegDeleteKey ClusterRegDeleteKey; 
tClusterRegCloseKey ClusterRegCloseKey; 
tClusterRegEnumKey ClusterRegEnumKey; 
tClusterRegSetValue ClusterRegSetValue; 
tClusterRegDelete Value ClusterRegDeleteValue; 
tClusterRegQueryValue ClusterRegQueryValue; 
tClusterRegEnumValue ClusterRegEnumValue; 
tClusterRegQuerylnfoKey ClusterRegQuerylnfoKey; 
tClusterRegGetKeySecurity ClusterRegGetKeySecurity; 
tClusterRegSetKeySecurity ClusterRegSetKeySecurity; 
tClusterOpenEnum ClusterOpenEnum; 
tClusterEnum ClusterEnum; 
tClusterCloseEnum ClusterCloseEnum; 
tGetNodeClusterState GetNodeClusterState; 
tGetClusterNodeState GetClusterNodeState; 
tOpenClusterNode OpenClusterNode; 
tCloseClusterNode CloseClusterNode; 
tResumeClusterNode ResumeClusterNode; 
tPauseClusterNode PauseClusterNode; 
tOpenClusterResource OpenClusterResource; 
tCloseClusterResource CloseClusterResource; 
tOfflineClusterResource OfflineClusterResource; 
tOnlineClusterResource OnlineClusterResource; 
tGetClusterResourceState GetClusterResourceState; 
tClusterResourceControl ClusterResourceControl; 

} tClusApis,*pClusApjs; 



ULONG UpdateClusterRegistries( tSnapShot *SnapShot ); 
ULONG IsClusterlnstalled(void); 
ULONG ClusterUpdateVolume( WCHAR *NTName ); 
ULONG ClusterlsRevertAllowedO; 
ULONG ClusterlsClusterActive(); 
ULONG ClusterlnitiateRevert( PVOID 
| KernelSnapShotPointer ); 
13754| 
13755 
13756 
13757 
13758 
13759 
13760 
13761 
13762 
13763 



File Listing: dasd.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <windows.h> 
#include <windowsx.h> 



13764| #include <winioctl.h> 
13765| #include <tchar.h> 
13766| #include <conio.h> 
13767| #include "mytypes.h" 
13768| #include "dasd.h" 
13769| #include "dlog.h" 
13770| 

13771 1 #include <undoc.h> 
13772| 

13773| //void PSM_LogDebuglnfo( const TCHAR *fmt,...); 

13774| 

13775| r 

1 3776| This code was taken from spti.c from the ddk 

| samples. 
13777| 

1 3778| It works on the fact that a buffer that is aligned 
| on a 

13779| cetain boundary will have 0's in its least 
| significant bits 

13780| depending on the alignment requirements, A pointer 
I is 

1 3781 1 manipulated so that it is pointing to the first 
| possible 

1 3782| address that meets the alignment requirements. 
13783| 7 

13784| void *AllocBufferBelow1 6Meg( size_t size, ULONG Align ) 
13785| { 

13786| PUCHARptr; 
13787| 

13788| if (SAIign) { 

13789| ptr= (char*)malloc(size); 

13790| }else{ 

13791 1 ptr = (char*)malloc(size+Align); 
13792| if (ptr) 

13793| ptr = (PUCHAR)(((ULONG)ptr+Align) & -Align); 

13794| } 

13795| return ptr; 

13796| } 

13797| 

13798| void FreeBufferBelow16Meg( void 'Buffer ) 
13799| { 

13800| free(Buffer); 
13801| return; 
13802| } 
13803| 

13804| ULONG DASD_DeviceCount( void ) 
13805| { 

13806| TCHAR *Buffer,*p; 
13807| LONG Count=0; 
13808| 
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DISK_GEOMETRY 'geometry ) 
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Buffer = (TCHAR*)malloc(65536*sizeof(TCHAR)); 
Query Dos Device(N U LL, Buffer, 65536) ; 

p = Buffer; 
while(*p) { 

if(_tcsncicmp(TEXT("PhysicalDrive"),p,13)==0) { 
Count++; 

} 

p = p + lstrlen(p)+1 ; 

} 



free(Buffer); 
return Count; 

} 



ULONG DASD_GetDriveGeometry( HANDLE hDevice, 



{ 

ULONG returned; 

return DeviceloControl( hDevice, 

I OCTL_D I SK_G ET_D R I VE_G EOM ETR Y, 
NULL, 

0, 

geometry, 

sizeof(DISK_GEOMETRY), 

&returned, 

FALSE); 

} 

ULONG DASD_GetDriveGeometry2( HANDLE hDevice, 



DISK_GEOMETRY 'geometry ) 



13842| { 




13843| 


ULONG returned; 


13844| 


DISK_GEOMETRY Geos[10]; 


13845| 


ULONG OK; 


13846| 




13847| 


OK = DeviceloControl( hDevice, 


13848| 


I OCTL_D I SK_G ET_M ED I A_TYPES, 


13849| 


NULL, 


13850| 


0, 


13851| 


&Geos, 


13852| 


sizeof(Geos), 


13853| 


& returned, 


13854| 


FALSE); 


13855| 


if (OK) { 


138561 





I memmove(geometry,&Geos[0],sizeof(DISK_GEOMETRY)); 
13857| } 
13858| 

13859| return OK; 

13860| } 

13861| 

13862| tDASDHandle * DAS D_LockDevice( ULONG DeviceNum ) 
13863| { 

13864| tDASDHandle *Packet=NULL; 

13865| TCHAR Name[40]; 

13866| HANDLE hDevice; 

13867| DISK_GEOMETRY geometry; 

13868| ULONG GeometryOK = FALSE; 

13869| 

13870| 

| _stprintf(Name,TEXT( M \\\\.\\PhysicalDrive%d"), DeviceNum) 

I ; 

1 3871 1 hDevice = CreateFile( Name, 

13872| GENERIC_READ | GENERIC_WRITE, 

13873| FILE_SHARE_READ | FILE_SHARE_WRITE, 

13874| NULL, 

13875| OPEN_EXISTING, 

13876| FILE_ATTRIBUTE_NORMAL, 

13877| NULL 

13878| ); 

13879| 

13880| if (hDevice) { 
13881| 

13882| GeometryOK = DASD_GetDriveGeometry( hDevice, 

| &geometry ); 
13883| 

13884| Packet = 

| (tDASDHandle*)malloc(sizeof(tDASDHandle)); 
13885| if (Packet) { 
1 3886| Packet->Buffer = 

| (BYTE*)AllocBufferBelow16Meg(DEFAULTBUFFERSIZE,0); 
13887| if(Packet->Buffer) { 

13888| Packet->DasdType = DASD; 

13889| Packet->DeviceNum 

| LONGTOBYTE(DeviceNum); 
13890| Packet->h Device = hDevice; 

13891| Packet->Self 

| (tDevice*)malloc(sizeof(tDevice)); 
13892| if (GeometryOK) { 

13893| Packet->Self->BlockSize = 

| geometry. BytesPerSector; 
1 3894| Packet->Self->CylindersHigh = 

| geometry. Cylinders. HighPart; 
13895| Packet->Self->CylindersLow = 

| geometry. Cylinders. LowPart; 



13896| Packet->Self->Heads 

| geometry.TracksPerCylinder; 
1 3897| Packet->Self->SPT 

| geometry. SectorsPerT rack; 
13898| Packet->Self->Removable = 

| geometry. MediaType == RemovableMedia ? 1 : 0; 
13899| Packet->Self->NumSectors = 

| geometry. Cylinders. LowPart * geometry.TracksPerCylinder 

| * geometry.SectorsPerTrack; 
13900| }else{ 

1 3901 1 Packet->Self->BlockSize = 51 2; 

13902| Packet->Self->CylindersHigh = 0; 

13903| Packet->Self->CylindersLow =0; 

13904| Packet->Self->Heads =64; 

1 3905| Packet->Self->SPT = 32; 

13906| Packet->Self->Removable =1; 

13907| Packet->Self->NumSectors = 0; 

13908| } 
13909| }else{ 
13910| free( Packet); 

13911| Packet=NULL; 
13912| } 
13913| } 
13914| } 

13915| return Packet; 

13916| } 

13917| 

13918| tDASDHandle *DASD_LockVolume( WCHAR *NTDeviceName) 
13919| { 

13920| tDASDHandle *Packet=NULL; 

13921 1 HANDLE hDevice = INVALID_HANDLE_VALUE; 

13922| DISK GEOMETRY geometry; 

13923| ULONG GeometryOK = FALSE; 

13924| 

13925| ULONG Err=0; 

13926| ULONG OldMode; 

13927| UNICODE_STRING Uni={0}; 

13928| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

13929| IO_STATUS_BLOCK loStatus={0}; 

13930| ULONG Access; 

13931| WCHAR *Name; 

13932| 

13933| OldMode = SetErrorMode(SEM_FAILCRITICALERRORS); 
13934| 

13935| Name = 

| LocalAlloc(LPTR,wcslen(NTDeviceName)*sizeof(WCHAR)+2*siz 

| eof (WCHAR)); 
13936| if(!Name) { 
13937| return NULL; 
13938| } 



13939| 

1 3940 1 // we need to "root" object 

13941 1 swprintf(Name,L"%s",NTDeviceName); 

13942| 

13943| RtllnitUnicodeString( &Uni, Name); 
13944| 

13945| InitializeObjectAttributes ( &ObjectAttributes, 
13946| &Uni, 

1 3947| OBJ_CASE_INSENSITI VE, 

13948| NULL, 

13949| NULL); 

13950| 

13951| 

13952| Access = FILE_GENERIC_WRITE | FILE_GENERIC_READ; 

13953| 

13954| 

13955| DoOpen: 

13956| Err = NtCreateFile( &hDevice, 
13957| Access , // des i red 

| access 

13958| &ObjectAttributes, // 

| object attributes 
13959| &loStatus, 
13960| NULL, // alloc size 

13961| FILE_ATTRIBUTE_NORMAL, //file 

| attributes 

13962| FILE SHARE WRITE | FILE_SHARE_READ, 

| // share access 
13963| FILEOPEN, // create 

| disposition 

13964| FILE_SYNCHRONOUS_IO_NONALERT, 

| // create options 
13965| NULL, // eabuffer 

13966| 0); // ealength 

13967| if (Err) { 

13968| if(Access & F I L E_WR I TE_D ATA) { 
13969| Access = FILE_GENERIC_READ; 

13970| }else 

1 3971 1 if(Access & FILE_READ_DATA) { 

13972| Access = 0; 

13973| }else{ 

13974| Err = GetLastError(); 

13975| goto Done; 

13976| } 

13977| goto DoOpen; 
13978| } 
13979| Done: 

1 3980 1 Local Free(Name) ; 
13981| 

13982| SetErrorMode(OldMode); 



13983| 

13984| if(hDevice!=INVALID_HANDLE_VALUE) { 
13985| 

13986| GeometryOK = DASD_GetDriveGeometry( hDevice, 

| &geometry ); 
13987| 

13988| Packet = 

| (tDASDHandle*)malloc(sizeof(tDASDHandle)); 
13989| if (Packet) { 
1 3990| Packet->Buffer = 

| (BYTE*)AllocBufferBelow16Meg(DEFAULTBUFFERSIZE,0); 
13991| if(Packet->Buffer) { 

13992| Packet->DasdType = VOLUME; 

13993| Packet->DeviceNum =-1; 

13994| Packet->h Device = hDevice; 

13995| Packet->Self 

| (tDevice*)malloc(sizeof(tDevice)); 
13996| if (GeometryOK) { 

13997| Packet->Self->BlockSize = 

| geometry. BytesPerSector; 
13998| Packet->Self->CylindersHigh = 

| geometry. Cylinders. HighPart; 
13999| Packet->Self->CylindersLow = 

| geometry. Cylinders. LowPart; 
1 4000 1 Packet->Self ->Heads 

| geometry.TracksPerCylinder; 
1 4001 1 Packet->Self->SPT 

| geometry. SectorsPerT rack; 
14002| Packet->Self->Removable = 

| geometry. MediaType == RemovableMedia ? 1 : 0; 
14003| Packet->Self->NumSectors = 

| geometry. Cylinders. LowPart * geometry.TracksPerCylinder 

| * geometry.SectorsPerTrack; 
14004| }else{ 

14005| Packet->Self->BlockSize = 512; 

14006| Packet->Self->CylindersHigh = 0; 

14007| Packet->Self->CylindersLow =0; 

14008| Packet->Self->Heads =64; 

14009| Packet->Self->SPT = 32; 

1 401 0| Packet->Self->Removable = 1 ; 

1401 1 1 Packet->Self->NumSectors = 0; 

14012| } 
14013| }else{ 
14014| free( Packet); 

14015| Packet=NULL; 
14016| } 
14017| } 
14018| } 

14019| return Packet; 
14020| } 



14021| 
14022| 
14023| 
14024| r 

14025| Opens the device in passive mode (No Error boxes 
I Pop up. 

14026| No Reads or writes are allowed to a device that is 

| opened this 
14027| way. 
14028| 7 

14029| tDASDHandle *DASD_Passivel_ockDevice( ULONG DeviceNum ) 
14030| { 

14031 1 tDASDHandle *Packet=NULL; 
14032| TCHAR Name[40]; 

14033| HANDLE hDevice = INVALID_HANDLE_VALUE; 

14034| DISK_GEOMETRY geometry; 

14035| ULONG GeometryOK = FALSE; 

14036| 

14037| 

| _stprintf(Name,TEXT("\\\\.\\PhysicalDrive%d"), DeviceNum) 

I ; 

14038| hDevice = CreateFile( Name, 



14039| 0, 

14040| FILE SHARE READ | FILESHAREWRITE, 

14041| NULL, 

14042| OPEN_EXISTING, 

14043| FILEATTRIBUTENORMAL, 

14044| NULL 



14045| ); 
14046| 

14047| if (hDevice) { 
14048| 

14049| GeometryOK = DASD_GetDriveGeometry( hDevice, 

| &geometry ); 
14050| 

14051| Packet = 

| (tDASDHandle*)malloc(sizeof(tDASDHandle)); 
14052| if (Packet) { 
1 4053 1 Packet->Buff er = 

| (BYTE*)AllocBufferBelow16Meg(DEFAULTBUFFERSIZE,0); 
14054| if(Packet->Buffer) { 

14055| Packet->DasdType = DASD; 

14056| Packet->DeviceNum 

| LONGTOBYTE(DeviceNum); 
14057| Packet->h Device = hDevice; 

14058| Packet->Self 

| (tDevice*)malloc(sizeof(tDevice)); 
14059| if (GeometryOK) { 

14060| Packet->Self->BlockSize = 

| geometry. BytesPerSector; 



1 4061 1 Packet->Self->CylindersHigh = 

| geometry. Cylinders. HighPart; 
14062| Packet->Self->CylindersLow = 

| geometry. Cylinders. LowPart; 
1 4063 1 Packet->Self ->Heads 

| geometry.TracksPerCylinder; 
14064| Packet->Self->SPT 

| geometry. SectorsPerT rack; 
14065| Packet->Self->Removable = 

| geometry. MediaType == RemovableMedia ? 1 : 0; 
14066| Packet->Self->NumSectors = 

| geometry. Cylinders. LowPart * geometry.TracksPerCylinder 

| * geometry.SectorsPerTrack; 
14067| }else{ 
14068| 

14069| Packet->Self->BlockSize = 512; 

14070| Packet->Self->CylindersHigh = 0; 

14071| Packet->Self->CylindersLow =0; 

14072| Packet->Self->Heads = 64; 

14073| Packet->Self->SPT =32; 

14074| Packet->Self->Removable =1; 

14075| Packet->Self->NumSectors = 0; 

14076| } 
14077| }else{ 
14078| free( Packet); 

14079| Packet=NULL; 
14080| } 
14081| } 
14082| } 

14083| return Packet; 

14084| } 

14085| 

14086| ULONG DASD_UnlockDevice( tDASDHandle *LockHandle ) 
14087| { 

14088| if (LockHandle) { 

14089| if(LockHandle->hDevice!=(HANDLE)-1) { 
14090| if(LockHandle->DasdType == VOLUME) { 

14091 1 NtClose(LockHandle->h Device); 

14092| }else{ 

14093| CloseHandle(LockHandle->hDevice); 
14094| } 
14095| } 

1 4096| if (LockHandle->Buffer) { 

14097| FreeBufferBelow16Meg(LockHandle->Buffer); 
14098| } 

14099| if(LockHandle->Self) { 
14100| f ree (LockH and le->Se If) ; 

14101| } 

14102| free(LockHandle); 
14103| } 



14104| return 0; 
14105| } 
14106| 

14107| ULONG DASD_Read( 



1 41 08| tDASDHandle *LockHandle, 

14109| ULONGLONG Sector, 

14110| ULONG Count, 

14111| void*Buffer 

14112| ) 



14113| { 

14114| ULONG NumberOfBytesRead; 

14115| ULONG res; 

14116| ULARGEJNTEGER BytePos; 

14117| //LONGLONG *b=(LONGLONG*)&BytePos; 

14118| 

14119| __try{ 

1 41 20 1 //*b = lnt32x32To64 

| (Sector, LockHandle->Self->BlockSize); 
1 41 21 1 BytePos.QuadPart = Sector * 

| LockHandle->Self->BlockSize; 
14122| 

14123| if(SetFilePointer( 

1 41 24| LockHandle->hDevice, // handle of file 

14125| BytePos. LowPart, //number of 

| bytes to move file pointer 
14126| &BytePos.HighPart, // address of 

| high-order word of distance to move 
14127| FILE_BEGIN // how to move 

14128| )!=0xffffffff) { 
14129| Good_Read: 
14130| if (ReadFile( 

14131 1 LockHandle->h Device, // handle of 

| file to read 

1 41 32 1 Buffer, // address of buffer that 

| receives data 
14133| Count*LockHandle->Self->BlockSize, // 

| number of bytes to read 
1 41 34| &NumberOfBytesRead, // address of 

| number of bytes read 
14135| NULL // address of structure for data 

14136| )==TRUE){ 
14137| res = 0; 

14138| }else{ 
14139| res = GetLastErrorQ; 

14140| } 
14141| }else{ 
14142| res = GetLastError(); 

14143| if (res==NO_ERROR) 

1 41 44 1 goto Good_Read; 

14145| } 



14146| } except(EXCEPTION_EXECUTE_HANDLER) { 

14147| res = GetExceptionCode(); 

1 41 48| DLOG((TEXT("Exception %08x while reading device 
| %p, Sector %d, %d, 

| Buffer=%p"),res,LockHandle,Sector,Count,Buffer)); 
14149| } 
14150| 
14151| 

14152| return res; 

14153| } 

14154| 

14155| ULONG DASD_Write( 



1 41 56| tDASDHandle *LockHandle, 

14157| ULONGLONG Sector, 

14158| ULONG Count, 

14159| void*Buffer 

14160| ) 



14161| { 
14162| #if 0 
14163| return 0; 
14164| #else 

14165| ULONG N u m be rOf Bytes Written; 

14166| ULONG res; 

14167| ULARGEJNTEGER BytePos; 

1 41 68| //LONGLONG *b=(LONGLONG*)&BytePos; 

14169| 

14170| __try{ 

14171| //*b = lnt32x32To64 

| (Sector, LockHandle->Self->BlockSize); 
14172| BytePos.QuadPart = Sector * 

| LockHandle->Self->BlockSize; 
14173| 

14174| if(SetFilePointer( 

1 41 75| LockHandle->hDevice, // handle of file 

14176| BytePos. LowPart, //number of 

| bytes to move file pointer 
14177| &BytePos.HighPart, // address of 

| high-order word of distance to move 
14178| FILE_BEGIN // how to move 

14179| )!=0xffffffff) { 
14180| Good_Write: 
14181| if (WriteFile( 

14182| LockHandle->h Device, // handle of 

| file to read 

1 41 83| Buffer, // address of buffer that 

| receives data 
14184| Count*LockHandle->Self->BlockSize, // 

| number of bytes to read 
14185| &NumberOfBytesWritten, //address of 

| number of bytes read 



14186| NULL // address of structure for data 

14187| )==TRUE){ 

14188| res = 0; 

14189| }else{ 

14190| res = GetLastError(); 

14191| } 

14192| }else{ 

14193| res = GetLastError(); 

1 41 94| if (res==NO_ERROR) 

1 41 95| goto Good_Write; 

14196| } 

14197| } except(EXCEPTION_EXECUTE_HANDLER) { 

14198| res = GetExceptionCodeQ; 

1 41 99| DLOG((TEXT("Exception %08x while writing device 
| %p, Sector %d, %d, 

| Buffer=%p"),res,LockHandle,Sector,Count,Buffer)); 
} 



14200 
14201 
14202 
14203 
14204 
14205 
14206 
14207 
14208 
14209 
14210 
14211 
14212 
14213 
14214 
14215 
14216 
14217 
14218 
14219 
14220 
14221 
14222 
14223 
14224 
14225 
14226 
14227 
14228 
14229 
14230 
14231 
14232 

| (20+4+4+4)*16 



return res; 
#endif 
} 



File Listing: dasd.h 

#define MAXDEVICES 32 
#define DEFAULTBUFFERSIZE 32768 
#define DASD 1 
#define VOLUME 2 

typedef struct sObject { 

ULONG Type; 

ULONG StartBlock; 

ULONG EndBlock; 

string8 Name[20]; 
} tObject; 

typedef struct sDevice { 

string8 Name[60]; // 60 

ULONG MaxlOSize; // 4 

ULONG BlockSize; // 4 

ULONG DriveType; // 4 

ULONG Removable; 

ULONG NumSectors; // 4 

ULONG DrivelD; // 4 

ULONG NumObjects; // 4 

tObject Objects[1 6]; // 51 2 



14233| BYTE Reserved Big [640]; 
14234| 

14235| //_NT_and RPC 
14236| 

1 4237| ULONG CylindersLow; 
1 4238| ULONG CylindersHigh; 
14239| 

14240| ULONG Heads; // 4 
14241| ULONG SPT; // 4 
14242| ULONG Reserved5; // 4 
14243| ULONG Writes; // 4 

14244| ULONG Reads; // 4 

14245| ULONG WriteSecs; // 4 

14246| ULONG ReadSecs; // 4 

14247| ULONG lOCount; // 4 

14248| ULONG lOCTLCount; // 4 

14249| 

14250| } tDevice,*pDevice; //1 164 * 32 = 37372 

14251| 

14252| 

14253| typedef struct sDASDHandle { 

14254| ULONG DasdType; 

14255| BYTE DeviceNum; 

14256| HANDLE hDevice; 

1 4257| unsigned char *Buffer; 

14258| tDevice *Self ; 

14259| } tDASDHandle,*pDASDHandle; 

14260| 

14261 1 extern tDevice c_DeviceList[]; 
14262| extern ULONG DeviceCount; 
14263| 

14264| void *AllocBufferBelow16Meg( size_t size, ULONG Align 

I); 

14265| void FreeBufferBelow16Meg( void *Buffer ); 

14266| ULONG DASD_DeviceCount( void ); 

14267| ULONG DASD_GetDriveGeometry( HANDLE hDevice, 

| DISK GEOMETRY ^geometry ); 
14268| ULONG DASD_GetDriveGeometry2( HANDLE hDevice, 

| DISK_GEOMETRY *geometry ); 
14269| tDASDHandle * DAS D_LockDevice( ULONG DeviceNum ); 
14270| tDASDHandle *DASD_PassiveLockDevice( ULONG DeviceNum ); 
14271| ULONG DASD_UnlockDevice( tDASDHandle *LockHandle ); 
14272| ULONG DASD_Read( 
1 4273| tDASDHandle *LockHandle, 

14274| ULONGLONG Sector, 

14275| ULONG Count, 

14276| void*Buffer 
14277| ); 
14278| ULONG DASD_Write( 
1 4279| tDASDHandle *LockHandle, 



14280| 
14281| 
14282| 
14283| 



ULONGLONG Sector, 
ULONG Count, 
void *Buffer 



); 



14284| tDASDHandle *DASD_LockVolume( WCHAR *VolumeName ); 

14285| 

14286| 

14287| 

14288| File Listing: DEFRAG.c 
14289| 

14290| #include <stdio.h> 
14291 1 #include <stdlib.h> 
14292| #include <stdarg.H> 
14293| #include <string.h> 
14294| #include <time.h> 
14295| #include <process.h> 
14296| #include <io.h> 
14297| #include <errno.h> 
14298| #include <conio.h> 
14299| #include <fcntl.h> 
14300| #include <windows.h> 
14301 1 #include <windowsx.h> 

14302| #include <commctrl.h> // includes the common control 

| header 
14303| #include <tchar.h> 
14304| #include <winioctl.h> 
14305| #include <ntddscsi.h> 
14306| #include <lm.h> 
14307| #include <tchar.h> 
14308| 

14309| #include <undoc.h> 
14310| #include <psm.h> 
1431 1 1 #include "..\driver\ioctl.h" 
14312| 

14313| #ifdef _DEBUG 

14314| extern ULONG DebugMode; 

14315| 

14316| #define DLOG(x) if(DebugMode) _tprintf x 

14317| #else 

14318| #define DLOG(x) 

14319| #endif 

14320| #define VOLU M E D E F RAG 0x80000000 
14321| 

14322| #define STATUS_SUCCESS 

| ((NTSTATUS)0x00000000L) 
14323| #define STATUS_BUFFER_OVERFLOW 

| ((NTSTATUS)0x80000005L) 
14324| #define STATUS_INVALID_PARAMETER 

| ((NTSTATUS)0xC000000DL) 
14325| #define STATUS_BUFFER_TOO_SMALL 



I ((NTSTATUS)0xC0000023L) 
14326| #define STATUS_ALREADY_COMMITTED 

| ((NTSTATUS)0xC0000021L) 
14327| #define STATUS_INVALID_DEVICE_REQUEST 

| ((NTSTATUS)OxCOOOOOIOL) 
14328| 
14329| // 

14330| // Ape Routine (see NTDDK.H) 
14331| // 

14332| typedef VOID (*PIO_APC_ROUTINE) ( 

14333| PVOID ApcContext, 

1 4334| PIO_STATUS_BLOCK loStatusBlock, 

14335| ULONG Reserved 

14336| ); 

14337| // 

14338| // The undocumented NtFsControlFile 
14339| // 

14340| // This function is used to send File System Control 
| (FSCTL) 

14341 1 // commands into file system drivers. Its definition is 
14342| // in ntdll.dll (ntdll.lib), a file shipped with the 

| NTDDK. 
14343|// 

14344| NTSTATUS WINAPI NtFsControlFile( 
14345| HANDLE FileHandle, 

14346| HANDLE Event, // 

| optional 

14347| PIO_APC_ROUTINE ApcRoutine, // 

| optional 

14348| PVOID ApcContext, // 

| optional 

14349| PIO_STATUS_BLOCK loStatusBlock, 

14350| ULONG FsControlCode, 

14351 1 PVOID InputBuffer, // 

| optional 

14352| ULONG InputBufferLength, 

14353| PVOID OutputBuffer, // 

| optional 

14354| ULONG OutputBufferLength 

14355| ); 
14356| 
14357| /* 

14358| #define FSCTL_GET_NTFS_FILE_RECORD 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, 
| FILE ANY ACCESS) // NTFS_FILE_RECORD_INPUT_BUFFER, 
| NTFS_FILE_RECORD_OUTPUT_BUFFER 

14359| 7 

14360| ULONG FS_GetNTFSFileRecord( HANDLE Handle, 
| NTFS_FILE_RECORD_INPUT_BUFFER *NFRI, 

| NTFS_FILE_RECORD_OUTPUT_BUFFER *NFRO, ULONG NFROSize ) 



14361| { 

14362| ULONG Err; 

14363| IO_STATUS_BLOCK loStatusBlock={0}; 
14364| 

14365| _try{ 

14366| Err = NtFsControlFile( 

14367| Handle, 

14368| NULL, // 

| event optional 
14369| NULL, //APC Routine 

| optional 

14370| NULL, //APC 

| Context optional 
14371| SloStatusBlock, 

14372| FSCTL_GET_NTFS_FILE_RECORD, 

14373| NFRI, //optional 

14374| 

| sizeof(NTFS_FILE_RECORD_INPUT_BUFFER), 
14375| NFRO, //optional 

14376| NFROSize 
14377| ); 

14378| if(Err==STATUS_PENDING) { 

14379| WaitForSingleObject( Handle, INFINITE ); 

14380| Err = loStatusBlock.Status; 

14381| } 

1 4382| printffGetNTFSFileRecord = %08x, %08x, 

| %08x\n",Err,loStatusBlock.Status,loStatusBlock.lnformati 
I on); 

14383| } except(EXCEPTION_EXECUTE_HANDLER) { 

14384| Err = GetExceptionCode(); 

14385| printf("GetNTFSFileRecord Exception 

| %08x\n",Err); 
14386| } 
14387| return Err; 
14388| } 
14389| 
14390| /* 

14391| #define FSCTL_GET_NTFS_VOLUME_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, 
| FILE_ANY_ACCESS) // , NTFS_VOLUME_DATA_BUFFER 

14392| 7 

14393| ULONG FS_GetNTFSVolumeData( HANDLE Handle, 

| NTFS_VOLUME_DATA_BUFFER *NVD ) 
14394| { 

14395| ULONG Err; 

14396| IO_STATUS_BLOCK loStatusBlock={0}; 
14397| 

14398| _try{ 

14399| Err = NtFsControlFile( 
14400| Handle, 



14401| NULL, // 

| event optional 
14402| NULL, // APC Routine 

| optional 

14403| NULL, //APC 

| Context optional 
14404| &loStatusBlock, 

14405| FSCTL_GET_NTFS_VOLUME_DATA, 
14406| NULL, //optional 

14407| 0, 

14408| NVD, //optional 

14409| sizeof(NTFS_VOLUME_DATA_BUFFER) 

14410| ); 

1441 1 1 if(Err==STATUS_PENDING) { 

14412| WaitForSingleObject( Handle, INFINITE ); 

14413| Err = loStatusBlock.Status; 

14414| } 

1 441 5| printf("GetNTFSVolumeData = %08x, %08x, 
| %08x\n",Err,loStatusBlock.Status,loStatusBlock.lnformati 
I on); 

14416| } except(EXCEPTION_EXECUTE_HANDLER) { 

14417| Err = GetExceptionCode(); 

1 441 8| printf("GetNTFSVolumeData Exception 

| %08x\n",Err); 
14419| } 
14420| return Err; 
14421| } 
14422| 
14423| /* 

14424| #define FSCTL_GET_VOLUME_BITMAP 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_N EITHER, 
| FILE ANY ACCESS) // STARTING_LCN_INPUT_BUFFER, 
| VOLUME_BITMAP_BUFFER 

14425| 7 

14426| ULONG FS_GetVolumeBitmap( HANDLE Handle, 

| STARTING_VCN_INPUT_BUFFER*SVIB, VOLUME_BITMAP_BUFFER 

| *VB, ULONG VBSize ) 
14427| { 

14428| ULONG Err; 

14429| IO_STATUS_BLOCK loStatusBlock={0}; 
14430| 

14431| __try{ 

14432| Err = NtFsControlFile( 

14433| Handle, 

14434| NULL, // 

| event optional 
14435| NULL, // APC Routine 

| optional 

14436| NULL, //APC 

| Context optional 



14437| &loStatusBlock, 

14438| FSCTL_GET_VOLUME_BITMAP, 

14439| SVIB, //optional 

14440| 

| sizeof(STARTING_VCN_INPUT_BUFFER), 
14441| VB, //optional 

14442| VBSize 
14443| ); 

14444| if(Err==STATUS_PENDING) { 

14445| WaitForSingleObject( Handle, INFINITE ); 

1 4446| Err = loStatusBlock.Status; 

14447| } 

1 4448| //printf( M GetVolumeBitmap= %08x, %08x, 

| %08x\n",Err,loStatusBlock.Status,loStatusBlock.lnformati 
|on); 

14449| } except(EXCEPTION_EXECUTE_HANDLER) { 

14450| Err = GetExceptionCode(); 

14451 1 printf("GetVolumeBitmap Exception %08x\n",Err); 

14452| } 

14453| return Err; 

14454| } 

14455| 

14456|/* 

14457| #define FSCTL G ET RETRI EVAL POI NTERS 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_N EITHER, 
| FILE_ANY_ACCESS) // STARTING_VCN_INPUT_BUFFER, 
| RETRIEVAL_POINTERS_BUFFER 

14458| 7 

14459| 

14460| ULONG FS_GetRetrievalPointers( HANDLE Handle, 
| STARTING_VCN_INPUT_BUFFER *SVIB, 
| RETRIEVAL_POINTERS_BUFFER *RP, ULONG RPSize ) 

14461| { 

14462| ULONG Err; 

14463| IO_STATUS_BLOCK loStatusBlock={0}; 
14464| 

14465| __try{ 

1 4466| Err = NtFsControlFile( 

14467| Handle, 

14468| NULL, // 

| event optional 
14469| NULL, // APC Routine 

| optional 

14470| NULL, //APC 

| Context optional 
14471| &loStatusBlock, 

14472| FSCTL_GET_RETRIEVAL_POINTERS, 

14473| SVIB, //optional 

14474| 

| sizeof(STARTING_VCN_INPUT_BUFFER), 



14475| RP, //optional 

14476| RPSize 
14477| ); 

14478| jf(Err==STATUS_PENDING) { 

14479| WaitForSingleObject( Handle, INFINITE ); 

14480| Err = loStatusBlock.Status; 

14481| } 

1 4482| //printf("GetRetrievalPointer= %08x, %08x, 

| %08x\n",Err,loStatusBlock.Status,loStatusBlock.lnformati 
Ion); 

14483| } except(EXCEPTION_EXECUTE_HANDLER) { 

14484| Err = GetExceptionCode(); 

14485| printf("GetRetrievalPointer Exception 

| %08x\n",Err); 
14486| } 
14487| return Err; 
14488| } 
14489| 
14490| /* 

14491| #define FSCTL_MOVE_FILE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, 

| FILE ANY ACCESS) // MOVE_FILE_DATA, 
14492| 7 
14493| 

14494| ULONG FS_MoveFile( HANDLE Handle, M O V E_F I L E_D AT A *MF ) 
14495| { 

14496| ULONG Err; 

14497| IO_STATUS_BLOCK loStatusBlock={0}; 
14498| 

14499| __try{ 

1 4500| Err = NtFsControlFile( 

14501| Handle, 

14502| NULL, // 

| event optional 
14503| NULL, // APC Routine 

| optional 

14504| NULL, //APC 

| Context optional 
14505| &loStatusBlock, 
14506| FSCTL_MOVE_FILE, 
14507| MF, //optional 

14508| sizeof(MOVEFILEDATA), 
14509| NULL, //optional 

14510| 0 
14511| ); 

14512| jf(Err==STATUS_PENDING) { 

14513| WaitForSingleObject( Handle, INFINITE ); 

1 451 4| Err = loStatusBlock.Status; 

14515| } 

1 451 6| printf("MoveFile = %08x, %08x, 



I %08x\n",Err,loStatusBlock.Status,loStatusBlock.lnformati 
Ion); 

14517| } except(EXCEPTION_EXECUTE_HANDLER) { 

14518| Err = GetExceptionCode(); 

14519| printf("MoveFile Exception %08x\n M ,Err); 

14520| } 

14521| return Err; 

14522| } 

14523| 

14524| ULONG GetVolumeBitmapSize( HANDLE VolumeHandle ) 
14525| { 

14526| ULONG Err; 

14527| STARTING_VCN_INPUT_BUFFER SVIB={0}; 
14528| VOLUME BITMAP BUFFER *VB; 
14529| ULONG VBSize = 

| (sizeof(VOLUME_BITMAP_BUFFER)-1 )+4096; 
14530| 

14531 1 VB = malloc( VBSize ); 
14532| if(!VB){ 

14533| printf("Out of memory for VB\n"); 
14534| return 0; 
14535| } 

14536| Err = FS_GetVolumeBitmap( VolumeHandle, &SVIB, VB, 

| VBSize ); 
1 4537| if (Err!=STATUS_SUCCESS) 
14538| SetLastError(Err); 
14539| 

1 4540| VBSize = (VB->BitmapSize.LowPart / 

| 8)+(sizeof(VOLUME_BITMAP_BUFFER)-1); 
14541| free(VB); 
14542| return VBSize; 
14543| } 
14544| 

14545| ULONG UpdateVolumeBitmap( HANDLE VolumeHandle, 

| VOLUME_BITMAP_BUFFER *VB, ULONG VBSize ) 
14546| { 

14547| ULONG Err; 

14548| STARTING_VCN_INPUT_BUFFER SVIB={0}; 
14549| 

14550| Err = FS_GetVolumeBitmap( VolumeHandle, &SVIB, VB, 

| VBSize ); 
14551 1 return Err; 
14552| } 
14553| 
14554| 
14555| 

14556| File Listing: DEFRAG.h 
14557| 

14558| ULONG FS_GetNTFSFileRecord( HANDLE Handle, 
| NTFS_FILE_RECORD_INPUT_BUFFER *NFRI, 



I NTFS_FILE_RECORD_OUTPUT_BUFFER *NFRO, ULONG NFROSize ); 
14559| ULONG FS_GetNTFSVolumeData( HANDLE Handle, 

| NTFS_VOLUME_DATA_BUFFER *NVD ); 
14560| ULONG FS_GetVolumeBitmap( HANDLE Handle, 

| STARTING_VCN_INPUT_BUFFER*SVIB, VOLUME_BITMAP_BUFFER 

| *VB, ULONG VBSize); 
14561| ULONG FS_GetRetrievalPointers( HANDLE Handle, 

| STARTING_VCN_INPUT_BUFFER *SVIB, 

| RETRIEVAL_POINTERS_BUFFER *RP, ULONG RPSize ); 
14562| ULONG FS_MoveFile( HANDLE Handle, M O V E_F I L E_D AT A *MF ); 
14563| ULONG GetVolumeBitmapSize( HANDLE VolumeHandle ); 
14564| ULONG UpdateVolumeBitmap( HANDLE VolumeHandle, 

| VOLUME_BITMAP_BUFFER *VB, ULONG VBSize ); 
14565| HANDLE OpenVolumeForDefrag( char Volume ); 
14566| 
14567| 
14568| 

14569| File Listing: dlog.h 
14570| 

14571| #ifdef_DEBUG 

14572| extern ULONG DebugMode; 

14573| extern void PSM_Log Debug Info ( const TCHAR *fmt, 

14574| #define DLOG(x) PSM_LogDebuglnfo x 
14575| #else 

14576| #define DLOG(x) 
14577| #endif /*_DEBUG7 
14578| 

14579| /*— end of file dlog.h —7 

14580| 

14581| 

14582| 

14583| File Listing: dump.c 
14584| 

14585| #include <stdio.h> 
14586| #include <stdlib.h> 
14587| #include <string.h> 
14588| #include <windows.h> 
14589| #include <windowsx.h> 
14590| #include <winioctl.h> 
14591 1 #include <tchar.h> 
14592| #include <conio.h> 
14593| 

14594| #include "mytypes.h" 
14595| #include "dasd.h" 
14596| #include "fs.h" 
14597| #include "ntfs.h" 
14598| #include "dump.h" 
14599| #include "safemem.h" 
14600| #include "dlog.h" 



14601| 

14602| //void DLOG(( const TCHAR *fmt,...); 

14603| 

14604| /* 

1 4605| Dumps all the runs of a file (what clusters the 

| file uses) 
14606| 7 

14607| void DumpRun ( PVOID DataRun, ULONG NumberOfBytes ) 
14608| { 

14609| ULARGEJNTEGER Cluster={0}; 

14610| ULARGEJNTEGER Length={0}; 

14611| ULONG Offset=0; 

14612| ULONG Sparse=0; 

14613| 

14614| 

| while(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) 
|{ 

14615| if(!Sparse){ 

14616| DLOG((TEXT("Cluster = %12l64d Length = 

| %12l64d\n"),Cluster,Length)); 
14617| }else{ 

1 461 8| DLOG((TEXT("Compressed Length = 

| %12l64d\n"),Length)); 
14619| } 

14620| if(Offset>=NumberOfBytes) { 

14621 1 DLOG((TEXT("Out of range!\n"))); 

14622| } 

14623| } 

14624| } 

14625| 

14626| void DumpBytes( PVOID Bytes, ULONG Length ) 
14627| { 

14628| ULONG i,j; 
14629| for(i=0;i<Length;i+=16) { 
14630| DLOG((TEXT("%3x: "),i)); 
14631| for(j=i;j<(i+16<Length ? i+16 : Length-i);j++) 
|{ 

14632| DLOG((TEXT("%02x "),((BYTE*)Bytes)fj])); 

14633| } 

14634| for(j=i;j<(i+16<Length ? i+16 : Length-i);j++) 
|{ 

14635| DLOG((TEXT("%hc"),((BYTE*)Bytes)D] > 31 ? 

| ( (BYTE*) Bytes) [j] : '.•)); 
14636| } 

14637| DLOG((TEXT("\n"))); 
14638| } 
14639| } 
14640| 

14641| void DumpBitMap( PVOID BitMap, ULONG Length ) 
14642| { 



14643| BYTE *Bits=(BYTE*)BitMap; 

14644| ULONGiJ; 

14645| 

14646| for(j=0;j<Length;j+=4) { 
14647| for(i=0;i<4;i++) { 

14648| DLOG((TEXT("%c%c%c%c%c%c%c%c "), 

1 4649| Bits[j+i] & 0x80 ? TEXT('1 ' 

I TEXT('O'), 
1 4650| BitsD+i] & 0x40 ? TEXT('1 ' 

I TEXT('O'), 
14651| 

I TEXT('O'), 
14652| 

I TEXT('O'), 
14653| 

I TEXT('O'), 
14654| 

I TEXT('O'), 
14655| 

I TEXTCO'), 
14656| 

| TEXT('O') 
14657| )); 



Bits[j+i] & 0x20 ? TEXT('1 
Bits[j+i]&0x10?TEXT('1 
Bits[j+i] & 0x08 ? TEXT('1 
Bits[j+i] & 0x04 ? TEXT('1 
Bits[j+i] & 0x02 ? TEXT('1 
Bits[j+i] & 0x01 ? TEXT('1 



14658| 
14659| 
14660| 
14661| 
14662| 
14663| 
14664| 
14665| 
14666| 
14667| 
14668| 
14669| 
14670| } 
14671| } 
14672| 

14673| TCHAR TempString[128]; 
14674| 

14675| TCHAR *GetDosAttributes( ULONG Attr ) 
14676| { 

1 4677| _tcscpy(TempString,TEXT(" ")); 

14678| if(Attr & DOS_READONLY) TempString[0] = 
I 'R'; 

14679| if(Attr & DOS_HIDDEN) 



} 

DLOG((TEXT(" "))); 
for(i=0;i<4;i++) { 

DLOG((TEXT("%02x "),Bits[j+i])); 

} 

for(i=0;i<4;i++) { 
if(Bits[j+i]>31) 

DLOG((TEXT("%c"),BitsD+i])); 
else 

DLOG((TEXT("."))); 

} 

DLOG((TEXT("\n"))); 



I 'H'; 

14680| if(Attr & DOS_SYSTEM) 
I 'S'; 

14681 1 if (Attr & DOS_ARCHIVE) 



TempString[1] = 
TempString[2] = 
TempString[3] = 



I 'A'; 

14682| if(Attr & DOS_COMPRESSED) TempString[4] = 
I'C; 

14683| if(Attr & FILENAME DIRECTORY) TempString[5] = 
I'D'; 

14684| return TempString; 

14685| } 

14686| 

14687| TCHAR *GetFileNameType( ULONG Type ) 
14688| { 

14689| switch(Type) { 

14690| case FILENAME_POSIX : return 

| TEXT("Posix"); 
14691| case FILENAME UNICODE : return 

| TEXT("l)nicode M ); 
14692| case FILENAME_DOS : return 

| TEXT("Dos M ); 
14693| case FILENAME_UNICODE_DOS : return 

| TEXT("Unicode Dos"); 
14694| default: 

14695| return TEXT( M Unknown File Type"); 
14696| } 
14697| } 
14698| 

14699| TCHAR *GetAttributeName( ULONG Type ) 
14700| { 

14701| switch(Type) { 

14702| case STANDARD_INFORMATION_ATTR : return 

| TEXT("Standard Information"); 
14703| case ATTRIBUTE_LIST_ATTR : return 

| TEXT(" Attribute List"); 
14704| case FILENAME ATTR : return 

| TEXTf'Filename"); 
14705| case VOLUME VERSION ATTR : return 

| TEXT("Volume Version"); 
14706| case SECURITY_DESCRIPTOR_ATTR : return 

| TEXT("Security Descriptor"); 
14707| case VOLU M E_N AM E_ATTR : return 

| TEXT("Volume Name"); 
14708| case VOLU M E_l N FO_ATTR : return 

| TEXT("Volume Info"); 
14709| case DATA_ATTR : return 

| TEXTf'Data"); 
14710| case INDEX_ROOT_ATTR : return 

| TEXT(" Index Root"); 
1471 1 1 case INDEX_ALLOCATION_ATTR : return 

| TEXT("lndex Allocation"); 
14712| case BITMAP_ATTR : return 

| TEXT("Bitmap"); 
14713| case SYMLINK_ATTR : return 



I TEXT("Symbolic Link"); 
14714| case HPFS_EA_INFO_ATTR : return 

| TEXTfHPFS EA Info"); 
14715| case HPFS_EA_ATTR : return 

| TEXT("HPFS EA"); 
14716| default : 

14717| return TEXT("Unknown Attribute Type"); 

14718| } 

14719| } 

14720| 

14721| /* 

1 4722| Time is the number of 1 00ns increments since Jan 1 , 

| 1601. (Universal coordinated time) 
14723| 7 

14724| TCHAR *GetTime( ULARGEJNTEGER Number ) 



14725| { 

14726| TCHAR *Days[7] = { TEXT("Sunday"), 

14727| TEXT("Monday"), 

14728| TEXT("Tuesday"), 

1 4729 1 TEXT(" Wed nesday ") , 

14730| TEXT("Thursday"), 

14731| TEXT("Friday"), 

14732| TEXT("Saturday")}; 

14733| TCHAR *Months[12] = { TEXT("January"), 

1 4734| TEXT("February"), 

14735| TEXTf'March"), 

14736| TEXT("April"), 

14737| TEXT("May"), 

14738| TEXT("June"), 

14739| TEXT("July"), 

14740| TEXT("August"), 

1 4741 1 TEXT("September"), 

14742| TEXT("October"), 

1 4743| TEXT("November"), 

14744| TEXT("December")}; 

14745| 

14746| FILETIME *FT=(FILETIME*)&Number; 

14747| SYSTEMTIME ST; 

14748| 

14749| FileTimeToSystemTime( FT, &ST ); 
14750| 

1 4751 1 _stprintf(TempString,TEXT("%s %s %02d, %04d 

| %2d:%02d:%02d:%02d"), 

1 4752 1 Days[ST.wDayOfWeek], 

1 4753| Months[ST.wMonth-1 ], 

14754| ST.wDay, 

14755| ST.wYear, 

14756| ST.wHour, 

14757| ST.wMinute, 

14758| ST.wSecond, 



14759| ST.wMilliseconds 
14760| ); 

1 4761 1 return TempString; 

14762| } 

14763| 

14764| void DumpMft( pVolumelnfo Volumelnfo, PMFT Mft ) 
14765| { 

1 4766| PATTRIBUTE Attribute; 
14767| ULONG Where; 
14768| 

14769| if(Mft->Signature == 'ELIF) { 
14770| DLOG((TEXT("Unknown 

| %016l64x\n M ),Mft->Unknown)); 
1 4771 1 DLOG((TEXT("SequenceNumber 

| %04x\n") , Mft->SequenceNu mber)) ; 
14772| DLOG((TEXT("HardLinkCount 

| %04x\n M ),Mft->HardLinkCount)); 
14773| DLOG((TEXT("Flags 

| %04x\n"),Mft->Flags)); 
1 4774| DLOG((TEXT("LengthlnUse 

| %08x\n"),Mft->LengthlnUse)); 
14775| D LOG ((TEXT("AI located 

| %08x\n"),Mft->Allocated)); 
14776| DLOG((TEXT("MftRecord 

| %01 6l64x\n"),Mft->MftRecord)); 
14777| DLOG((TEXT("MaxAttributeNumber : 

| %04x\n"),Mft->MaxAttributeNumber)); 
14778| 
14779| 

14780| Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes]); 
14781| 

14782| Where = 0; 

1 4783| while(Attribute->Type!=Oxffffffff) { 

14784| 

14785| 

| DLOG((TEXT(" 

| \n"))); 

14786| DLOG((TEXT("Type : %08x 

| (%s)\n"),Attribute->Type,GetAttributeName(Attribute->Typ 
I e))); 

14787| DLOG((TEXT("Length 

| %08x\n"),Attribute->Length)); 
14788| DLOG((TEXT("Not Resident : 

| %08x\n"),Attribute->NotResident)); 
14789| DLOG((TEXT("Name Length : 

| %08x\n"),Attribute->NameLength)); 
14790| DLOG((TEXT("Offset 

| %08x\n"),Attribute->Offset)); 
14791 1 DLOG((TEXT("Compressed : 



I %08x\n"),Attribute->Compressed)); 
14792| DLOG((TEXT("Attributel D : 

| %08x\n"),Attribute->Attributeld)); 
14793| if(Attribute->NotResident) { 

14794| DLOG((TEXT( M StartingVCN 

| %1 2l64d\n"),Attribute->NonResidentData.StartjngVCN)); 
14795| DLOG((TEXT("LastVCN 

| %12l64d\n M ),Attribute->NonResidentData.LastVCN)); 
1 4796| DLOG((TEXT("Offset 

| %08x\n"),Attribute->NonResidentData.Offset)); 
14797| DLOG((TEXT("CompressionEngine 

| %04x\n"),Attribute->NonResidentData.CompressionEngine)); 
14798| DLOG((TEXT("Allocated DiskSpace : 

| %12l64d\n"),Attribute->NonResidentData.AllocatedDiskSpac 

|e)); 

14799| DLOG((TEXT("AttributeSize 

| %12l64d\n"),Attribute->NonResidentData.AttributeSize)); 

14800| DLOG((TEXT( M LenOflnitializedData : 

| %12l64d\n"),Attribute->NonResidentData.LengthOflnitializ 
| edData)); 

1 4801 1 if (Attribute->Compressed) 

14802| DLOG((TEXT( M CompressedSize 

| %12l64d\n M ),Attribute->NonResidentData.CompressedSize)); 
14803| }else{ 

1 4804| DLOG((TEXT("Datal_ength 

| %08x\n"),Attribute->ResidentData.DataLength)); 

1 4805| DLOG((TEXT("Offset 

| %08x\n"),Attribute->ResidentData.Offset)); 

14806| DLOG((TEXT("Attributelslndexed : 

| %08x\n"),Attribute->ResidentData.Attributelslndexed)); 

14807| } 

14808| 

14809| if(Attribute->NameLength) { 

14810| DLOG((TEXT("Name Len=%d, 

| Vo^^s'Vn'^Attribute^NameLength^ttribute^NameLength 
| ,Attribute->NameLength,((char*)&(((CHAR*)Attribute)[Attr 
| ibute->Offset])))); 

14811| } 

14812| 

14813| 

1 481 4| switch (Attribute->Type) { 

14815| case STANDARD INFORMATION ATTR: { 

14816| PSTANDARDJNFORMATION SI = 

| NTFS_GetDataPointer(Attribute); 
1 481 7| DLOG((TEXT( M Standard information 

| read\n"))); 

14818| DLOG((TEXT(" FileCreationTime 

| : %s\n"),GetTime(SI->FileCreationTime))); 
14819| DLOG((TEXT(" LastModifiedTime 

| : %s\n"),GetTime(SI->LastModifiedTime))); 



14820| DLOG((TEXT(" LastModifiedTimeMft 

| : %s\n"),GetTime(SI->LastModifiedTimeForMFT))); 

14821| DLOG((TEXT(" LastAccessTime 

| : %s\n"),GetTime(SI->LastAccessTime))); 

14822| DLOG((TEXT(" DOS Attributes 

| : %08x 

| (%s)\n"),SI->DosAttributes,GetDosAttributes(SI->DosAttri 

I butes))); 
14823| break; 
14824| } 

14825| case ATTRIBUTE_LIST_ATTR: { 

14826| PATTRIBUTEJJST AL = 

| NTFS_GetDataPointer(Attribute); 
1 4827| DLOG((TEXT("Attribute list 

| read\n"))); 
14828| break; 
14829| } 

14830| case FILENAME_ATTR: { 

14831| PFILENAME FN = 

| NTFS_GetDataPointer(Attribute); 
14832| DLOG((TEXT("FileName read (type=%d 

| (%s), Len=%d) 

| %-*.*s\n"),FN->FileNameType,GetFileNameType(FN->FileName 

| Type),FN->FileNameLength,FN->FileNameLength,FN->FileName 

| Length, FN->FileName)); 
14833| DLOG((TEXT(" Sequence Number 

| : %04x\n"),FN->SequenceNumber)); 
14834| DLOG((TEXT(" Directory Mft 

| :%016l64x 

| (%12l64d)\n M ),FN->DirectoryMft,FN->DirectoryMft)); 
14835| DLOG((TEXT(" FileCreationTime 

| : %s\n"),GetTime(FN->FileCreationTime))); 
14836| DLOG((TEXT(" LastModifiedTime 

| : %s\n"),GetTime(FN->LastModifiedTime))); 
14837| DLOG((TEXT(" LastModifiedTimeMft 

| : %s\n"),GetTime(FN->LastModifiedTimeForMFT))); 
14838| DLOG((TEXT(" LastAccessTime 

| : %s\n"),GetTime(FN->LastAccessTime))); 
14839| DLOG((TEXT(" FileSize 

| : %12l64d\n"),FN->FileSize)); 
14840| DLOG((TEXT(" AttributeSize 

| : %12l64d\n"),FN->AttributeSize)); 
14841| DLOG((TEXT( M Flags 

| : %08x 

| (%s)\n"),FN->Flags,GetDosAttributes(FN->Flags))); 
14842| break; 
14843| } 

14844| case VOLUME_VERSION_ATTR: { 

1 4845| P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 



14846| DLOG((TEXT("Volume Version 

| read\n"))); 

14847| break; 

14848| } 

14849| case SECURITY_DESCRIPTOR_ATTR: { 

1 4850 1 P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 

14851 1 DLOG((TEXT("Security Descriptor 

| read\n"))); 

14852| break; 

14853| } 

14854| case VOLUME_NAME_ATTR: { 

1 4855| WCHAR *VolName = 

| NTFS_GetDataPointer(Attribute); 

1 4856| DLOG((TEXT( M Volume Name read 



| (Len=%d, 

| '%-*.*s')\n M ),Attribute->ResidentData.DataLength,Attribu 

| te->ResidentData.Datal_ength / 

| 2,Attribute->ResidentData.DataLength / 2,VolName)); 



14857| break; 
14858| } 

14859| case VOLUME_INFO_ATTR: { 

14860| PVOLUME_IN FORMATION VI = 

| NTFS_GetDataPointer(Attribute); 
14861 1 DLOG((TEXT( M Volume Info read 



| (Chkdsk/f=%s)\n M ),VI->Chkdsk?TEXT("Yes") : 
| TEXT("No"))); 
14862| 

| DumpBytes(VI,Attribute->Length-Attribute->Offset); 



14863| break; 

14864| } 

1 4865| case DATA_ATTR: { 

1 4866| P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 

14867| DLOG((TEXT("Data read\n M ))); 

14868| break; 

14869| } 

14870| case INDEX_ROOT_ATTR: { 

14871 1 PINDEX_ROOT IR = 

| NTFS_GetDataPointer(Attribute); 

14872| DLOG((TEXT("lndex Root read\n"))); 

14873| break; 

14874| } 

14875| case INDEX_ALLOCATION_ATTR: { 

14876| PINDEX ALLOCATION IA = 

| NTFS_GetDataPointer(Attribute); 

14877| DLOG((TEXT("lndex Allocation 

| read\n"))); 

14878| break; 

14879| } 



14880| case BITMAP_ATTR: { 

1 4881 1 P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
14882| DLOG((TEXT("Bitmap read\n"))); 

14883| break; 
14884| } 

14885| case SYMLINK ATTR: { 

1 4886| P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
14887| DLOG((TEXT("SymLink read\n"))); 

14888| break; 
14889| } 

14890| case HPFS_EA_INFO_ATTR: { 

14891 1 P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
14892| DLOG((TEXT("EA Info read\n"))); 

14893| break; 
14894| } 

14895| case HPFS_EA_ATTR: { 

1 4896| P B YTE_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
1 4897| DLOG((TEXT("EA Attributes 

| read\n"))); 
14898| break; 
14899| } 
14900| default: { 

1 4901 1 P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
14902| DLOG((TEXT("Unknown attribute 

| encountered\n"))); 
14903| break; 
14904| } 
14905| } 
14906| 

14907| // dump cluster numbers where attribute 

| resides 

14908| if(Attribute->NotResident) { 

14909| P BYT E_A R RAY BA = 

| NTFS_GetDataPointer(Attribute); 
14910| 

| DumpRun(BA,Attribute->Length-Attribute->Offset); 
14911| } 
14912| 

14913| Where += Attribute->Length; 

14914| Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes+Where 

I ]); 

14915| 

14916| } 
14917| 



I DumpBytes(Mft,Volumelnfo->NtfsBootSector->MFTRecordSize* 
| Volumelnfo->NtfsBootSector->BytesPerSector); 
14918| }else{ 

14919| DLOG((TEXT("Mft not found\n"))); 
14920| } 
14921| } 
14922| 

14923| void DumpNtfsBootSector( PNTFS_BOOT_SECTOR 

| NtfsBootSector ) 
14924| { 

1 4925| DLOG((TEXT( M BytesPerSector : 

| %d\n M ) , Ntf s Boot Secto r-> Bytes PerSecto r) ) ; 
1 4926| DLOG((TEXT( M SectorsPerCluster : 

| %d\n"),NtfsBootSector->SectorsPerCluster)); 
14927| DLOG((TEXT( M MedialD 

| %02hx\n M ),NtfsBootSector->Mediald)); 
14928| DLOG((TEXT("SectorsPerTrack : 

| %d\n M ),NtfsBootSector->SectorsPerTrack)); 
14929| DLOG((TEXT("Heads 

| %d\n"),NtfsBootSector->Heads)); 
14930| DLOG((TEXT("Drive 

| %02hx\n M ) , Ntf sBootSecto r-> Drive)) ; 
1 4931 1 DLOG((TEXT("DirtyVolume 

| %d\n"),NtfsBootSector->DirtyVolume)); 
14932| DLOG((TEXT( M NumberOfSectors : 

| %12l64d\n"),NtfsBootSector->NumberOfSectors)); 
14933| DLOG((TEXT("MftCluster 

| %12l64d\n M ),NtfsBootSector->MftCluster)); 
14934| D LOG ((TEXT("Mft2C luster 

| %12l64d\n M ),NtfsBootSector->Mft2Cluster)); 
14935| DLOG((TEXT("M FTRecordSize 

| %d\n"),NtfsBootSector->MFTRecordSize)); 
14936| DLOG((TEXT( M lndexBufferSize : 

| %d\n") , Ntf s BootSecto r-> I ndexBuf f erSize) ) ; 
14937| DLOG((TEXT( M SerialNumber 

| %l64x\n M ),NtfsBootSector->SerialNumber)); 
14938| } 
14939| 

14940| void DumpNtfsStructures() 
14941| { 

1 4942| // Verify everything starts where it should 
14943| DLOG((TEXT("Type 

| %x\n"), Fl ELD_OFFSET(ATTRI BUTE, Type))); 
14944| DLOG((TEXT("Length 

| %x\n"),FIELD_OFFSET(ATTRI BUTE, Length))); 
1 4945| DLOG((TEXT("NotResident 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NotResident))); 
14946| DLOG((TEXT("NameLength 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NameLength))); 
1 4947| DLOG((TEXT("Offset 



I %x\n"),FIELD_OFFSET(ATTRIBUTE,Offset))); 
14948| DLOG((TEXT("Compressed 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,Compressed))); 
14949| DLOG((TEXT("Attributeld 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,Attributeld))); 
14950| 

14951| DLOG((TEXT("Resident Data\n"))); 
14952| DLOG((TEXT(" DataLength 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,ResidentData.DataLength))) 

I ; 

14953| DLOG((TEXT(" Offset 

| %x\n") , Fl ELD_OFFS ET( ATTRI BUTE, ResidentData.Off set))) ; 
14954| DLOG((TEXT(" Attributelslndexed 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,ResidentData.Attributelsln 

| dexed))); 
14955| DLOG((TEXT(" Data 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,ResidentData.Attributelsln 

| dexed)+2)); 
14956| 

14957| DLOG((TEXT("Non Resident Data\n"))); 
14958| DLOG((TEXT(" StartingVCN 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.StartingVC 

I N))); 

14959| DLOG((TEXT(" LastVCN 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.LastVCN))) 

I ; 

14960| DLOG((TEXT(" Offset 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.Offset))); 
14961| DLOG((TEXT(" CompressionEngine 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.Compressio 

| nEngine))); 
14962| DLOG((TEXT(" AllocatedDiskSpace 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.AllocatedD 

| iskSpace))); 
14963| DLOG((TEXT(" AttributeSize 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.AttributeS 

I ize))); 

14964| DLOG((TEXT(" LengthOflnitializedData = 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.LengthOfln 

| itializedData))); 
14965| DLOG((TEXT(" CompressedSize 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.Compressed 

I Size))); 
14966| DLOG((TEXT(" Data 

| %x\n"),FIELD_OFFSET(ATTRIBUTE,NonResidentData.Compressed 

I Size)+8)); 
14967| 

14968| DLOG((TEXT("l N DEX_ENTRY\n"))) ; 
14969| DLOG((TEXT(" EntrySize 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY,EntrySize))); 



14970| DLOG((TEXT(" Flags 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, Flags))); 
14971| DLOG((TEXT(" FileCreationTime 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, FileCreationTime))); 
14972| DLOG((TEXT(" LastModifiedTime 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, LastModifiedTime))); 
14973| DLOG((TEXT(" LastModifiedTimeForMft = 

| %x\n M ),FIELD_OFFSET(INDEX_ENTRY,LastModifiedTimeForMFT)) 

I); 

14974| DLOG((TEXT( M LastAccessTime 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, LastAccessTime))); 
14975| DLOG((TEXT(" AllocatedAttrSize 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY,AllocatedAttributeSize)) 

I); 

14976| DLOG((TEXT(" AttributeSize 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, AttributeSize))); 
14977| DLOG((TEXT(" FileNameLength 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, FileNameLength))); 
14978| DLOG((TEXT(" FileNameType 

| %x\n"),FIELD_OFFSET(INDEX_ENTRY, FileNameType))); 
14979| DLOG((TEXT(" FileName 

| %x\n"), Fl ELD_OFFSET(INDEX_ENTRY, FileName))); 
14980| 

1 4981 1 DLOG((TEXT("sizeof (NTFS_BOOT_SECTOR) = 

| %d\n"),sizeof(NTFS_BOOT_SECTOR))); 
14982| } 
14983| 

14984| void CreateMultipleStreamFile() 
14985| { 

14986| HANDLE F; 

14987| ULONG NumWritten; 

14988| char *Buffer; 

14989| inti; 

14990| 

14991 1 Buffer=SAFE_Alloc(512); 
1 4992 1 // create unnamed stream 
14993| F = CreateFile( 

14994| TEXT( M MultiStreamFile M ), // pointer to name 
| of the file 

14995| GENERIC_WRITE, // access (read-write) mode 
14996| FILE_SHARE_READ | FILE_SHARE_WRITE, // share 
| mode 

14997| NULL, // pointer to security descriptor 
14998| C R EAT E_AL WA YS , // how to create 
14999| FILE_ATTRIBUTE_NORMAL, // file attributes 
15000| 0 // handle to file with attributes to copy 
15001| ); 

15002| if(F!=INVALID_HANDLE_VALUE) { 

15003| for(i=0;i<512;i+=16) { 

15004| strncpy(Buffer+i,"Unnamed stream ",16); 



15005| } 

15006| WriteFile(F,Buffer,512,&NumWritten,NULL); 
15007| 

15008| CloseHandle(F); 

15009| } 

15010| 

1 501 1 1 // create "backup" stream 

15012| F = CreateFile( 

15013| TEXT("MultiStreamFile:backup"), // pointer to 

| name of the file 

15014| GENERIC_WRITE, // access (read-write) mode 

15015| FILE_SHARE_READ | FILE_SHARE_WRITE, // share 

| mode 

15016| NULL, // pointer to security descriptor 

15017| C R EAT E_AL WA YS, // how to create 

15018| FILE_ATTRIBUTE_NORMAL, // file attributes 

1 501 9| 0 // handle to file with attributes to copy 

15020| ); 

15021| if(F!=INVALID_HANDLE_VALUE) { 

1 5022| for(i=0;i<51 2;i+=1 6) { 

15023| strncpy(Buffer+i,"Backup stream ",16); 

15024| } 

15025| WriteFile(F,Buffer,512,&NumWritten,NULL); 
15026| 

15027| CloseHandle(F); 

15028| } 

15029| 

1 5030| // create "resource" stream 

15031| F = CreateFile( 

15032| TEXT("MultiStreamFile:resource"), //pointer 

| to name of the file 

15033| GENERIC_WRITE, // access (read-write) mode 

15034| FILE_SHARE_READ | FILE_SHARE_WRITE, // share 

| mode 

15035| NULL, // pointer to security descriptor 

15036| C R EAT E_AL WA YS, // how to create 

15037| FILE ATTRIBUTE NORMAL, // file attributes 

1 5038| 0 // handle to file with attributes to copy 

15039| ); 

15040| if(F!=INVALID_HANDLE_VALUE) { 

15041| for(i=0;i<512;i+=16) { 

15042| strncpy(Buffer+i,"Resource Stream ",16); 

15043| } 

15044| WriteFile(F,Buffer,512,&NumWritten,NULL); 
15045| 

15046| CloseHandle(F); 

15047| } 

15048| SAFE_Free(Buffer); 

15049| } 

15050| 



15051| void CopyAndCompareFile ( pVolumelnfo Volumelnfo ) 
15052| { 

15053| PNTFS_File File; 
15054| char 

| *Buffer=SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)); 
15055| char 

| *Buffer2=SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)) 



15057| if (Buffer) { 
15058| HANDLE F; 
15059| ULONG Read; 
15060| 

15061| F = CreateFile( 

15062| TEXT( M d:\\winnt\\inf\\java.pnf"), // 

| pointer to name of the file 
15063| GENERIC_READ, // access (read-write) mode 

15064| FILE_SHARE_READ | FILE_SHARE_WRITE, // 

| share mode 

1 5065| NULL, // pointer to security descriptor 

15066| OPEN_EXISTING, // how to create 

15067| FILE ATTRIBUTE NORMAL, // file attributes 

1 5068| 0 // handle to file with attributes to 

I copy 
15069| ); 

1 5070 1 if ( F== I N VAL I D_H AN DLE_VALU E) 

15071| abort(); 

15072| 

15073| File = NTFS_OpenFileByNumber( Volumelnfo, 61 , 

| DATA_ATTR, NULL ); 
15074| if(File) { 
1 5075| ULONGLONG FileSize = 

| NTFS_GetFileSize(File); 
15076| ULONGLONG i=0; 

15077| ULONGLONG LCN; 

15078| P ATTRIBUTE 

| Attribute=NTFS_GetAttributeByType( File->Volumelnfo, 

| File->Mft, DATA_ATTR ); 
15079| DumpMft(Volumelnfo,File->Mft); 
15080| if (Attribute) 

15081| 

| DumpBytes(NTFS_GetDataPointer(Attribute),Attribute->Leng 

| th-Attribute->NonResidentData.Offset); 
15082| 
15083| 

| for(i=0;i<FileSize;i+=NTFS_ClusterSizelnBytes(Volumelnfo 
l»{ 

15084| LCN = NTFS_VCNToLCN( File, 

| i/NTFS_ClusterSizelnBytes(Volumelnfo)); 
15085| 



I memset(Buffer,0,NTFS_ClusterSizelnBytes(Volumelnfo)); 
15086| 

| memset(Buffer2,0,NTFS_ClusterSizelnBytes(Volumelnfo)); 
15087| NTFS_ReadFile( File, i, 

| NTFS_ClusterSizelnBytes(Volumelnfo), Buffer); 
15088| SetFilePointer( 
15089| F, // handle of file 

15090| (ULONG)i, // number of bytes to 

| move file pointer 
15091| NULL, // address of high-order 

| word of distance to move 
15092| FILE_BEGIN // how to move 

15093| ); 

1 5094| ReadFile( F, // handle of file to 

| read 

15095| Buffer2, // address of buffer 

| that receives data 
15096| 

| NTFS_ClusterSizelnBytes(Volumelnfo), // number of 
| bytes to read 



15097| &Read, //address of number of 

| bytes read 

1 5098| NULL// address of structure for 

| data 

15099| ); 

15100| DLOG((TEXT("Offset=%12l64d, 



| VCN=%12l64d, 

| LCN=%12l64d\n"),i,i/NTFS_ClusterSizelnBytes(Volumelnfo), 
I LCN)); 
15101| 

| if(memcmp(Buffer,Buffer2,NTFS_ClusterSizelnBytes(Volumel 
I nfo))!=0) { 
15102| 

| DumpBytes(Buffer,NTFS_ClusterSizelnBytes(Volumelnfo)); 
15103| DLOG((TEXT("Should be\n"))); 

15104| 

| DumpBytes(Buffer2,NTFS_ClusterSizelnBytes(Volumelnfo)); 
1 51 05| DLOG((TEXT("Data is 

| different!\n"))); 
15106| } 
15107| } 

15108| NTFS_CloseFile(File); 
15109| } 

15110| CloseHandle(F); 
15111| 

15112| SAFE_Free(Buffer2); 
15113| SAFE_Free(Buffer); 
15114| } 
15115| } 
15116| 



15117| #if 0 

15118| void DumpMftEntryNumber( ULONG Drive, ULONG Part, 

| ULONGLONG MftEntry ) 
15119| { 

15120| ULONG PartCount=0; 

15121 1 ULONGLONG Sector=0; 

15122| tDASDHandle *LockHandle=NULL; 

15123| tVolumelnfo *Volumelnfo=NULL; 

15124| ULONG Err=0; 

15125| PMFTMft; 

15126| 

15127| LockHandle = DASD_LockDevice( Drive ); 
15128| if(LockHandle) { 

1 5129| Sector = CountPartitionTable( LockHandle, 0, 

| SPartCount, Part ); 
15130| if(Sector!=(ULONGLONG)-1) { 
15131 1 Volumelnfo = NTFS_OpenVolume( LockHandle, 

| Sector ); 
15132| if (Volumelnfo) { 

15133| Mft = 

| (PMFT)SAFE_Alloc(NTFS_MftByteSize(Volumelnfo)); 
15134| if(Mft) { 

15135| Err = NTFS_ReadMftEntryNumber( 

| Volumelnfo, MftEntry, Mft ); 
15136| DumpMft( Volumelnfo, Mft ); 

15137| SAFE_Free(Mft); 
15138| }else{ 

15139| DLOG((TEXT("Out of memory\n"))); 

15140| } 

15141| 

15142| NTFS_CloseVolume( Volumelnfo ); 

15143| }else{ 

1 51 44| DLOG((TEXT("Error %08x opening 

| volume\n"),GetLastError())); 
15145| } 
15146| }else{ 

15147| DLOG((TEXT("lnvalid partition^"))); 

15148| } 

15149| DASD_UnlockDevice(LockHandle); 
15150| }else{ 

15151| DLOG((TEXT("lnvalid drive\n"))); 

15152| } 

15153| } 

15154| #endif 

15155| 

15156| void ListMftEntries( pVolumelnfo Volumelnfo ) 
15157| { 
15158| char 

| *Buffer=SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)); 
15159| char 



I *Buffer2=SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)) 

I ; 

15160| PNTFS_File File; 
15161| ULONG MftEntry; 
15162| 

15163| if(Buffer){ 

15164| for(MftEntry=0;MftEntry<1000;MftEntry++) { 
1 51 65| DLOG((TEXT(" %4d 

| \n"), MftEntry)); 

15166| File = NTFS_OpenFileByNumber( Volumelnfo, 

| MftEntry, DATA_ATTR, NULL ); 
15167| 

15168| if (File) { 

15169| PATTRIBUTE 

| Attribute=NTFS_GetAttributeByType( File-> Volumelnfo, 

| File->Mft, FILENAME_ATTR ); 
15170| if(Attribute) { 

15171| PFILENAME FN = 

| NTFS_GetDataPointer( Attribute); 
15172| ULONG NameLength = 

| FN->FileNameLength; 
15173| 
15174| 

| DLOG((TEXT("FileName='%-*.*s'\n"),NameLength,NameLength, 
| FN->FileName)); 
15175| }else{ 

1 51 76| DLOG((TEXT("No filename attribute 

| found\n"))); 
15177| } 

15178| NTFS_CloseFile(File); 
15179| } 
15180| } 

15181| SAFE_Free(Buffer2); 
15182| SAFE_Free(Buffer); 
15183| } 
15184| } 
15185| 

15186| void DumpNTFSPartition( pVolumelnfo Volumelnfo ) 
15187| { 

15188| PMFTMft; 
15189| PNTFS_File File; 
15190| 
15191| /* 

15192| ULONG Err; 

15193| DumpNtfsStructures(); 

1 51 94| DLOG((TEXT("===================== 

| NtfsBootSector=====================\n"))); 

15195| DumpNtfsBootSector( Volumelnfo->NtfsBootSector ); 
15196| DLOG((TEXT("===================== FILE_MFT 

| =====================\n"))); 



15197| DumpMft( Volumelnfo, Volumelnfo->Mft ); // FILE_MFT 
15198| 7 
15199| Mft = 

| (PMFT)SAFE_Alloc(NTFS_MftByteSize(Volumelnfo)); 
15200| if(Mft) { 
15201| 

15202| DLOG((TEXT("Number of clusters = %l64d, Number 
| of free clusters = 

| %l64d\n"),NTFS_GetVolumeSizelnClusters(Volumelnfo), 
| NTFS_GetNumFreeClusters(Volumelnfo))); 
15203| 

15204| File = NTFS_OpenFileByName(Volumelnfo, 

| L M \\winnt\\system32\\calc.exe", DATA_ATTR, NULL ); 
15205| if(File) { 
15206| NTFS_CloseFile(File); 
15207| }else{ 

15208| DLOG((TEXT("Error %08x opening 

| file\n"),GetLastError())); 
15209| } 
15210| 
15211| /* 

15212| DLOG((TEXT("===================== FILEMFTMIRR 

| ===================== \n"))); 

15213| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_MFTMIRR, Mft ); DumpMft( Volumelnfo, Mft ); 
1 5214| DLOG((TEXT("===================== FILELOGFILE 

| === = == = ====== = == = ====\n"))); 

15215| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_LOGFILE, Mft ); DumpMft( Volumelnfo, Mft ); 
15216| DLOG((TEXT("===================== FILE_VOLUME 

| ===================== \n"))); 

15217| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_VOLUME, Mft ); DumpMft( Volumelnfo, Mft ); 
15218| DLOG((TEXT("===================== FILEATTRDEF 

| = = = = = == = = = ========= ==\n"))); 

15219| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE ATTRDEF, Mft ); DumpMft( Volumelnfo, Mft ); 
1 5220 1 DLOG((TEXT("===================== FILEROOT 

| ===================== \n"))); 

15221 1 Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_ROOT, Mft ); DumpMft( Volumelnfo, Mft ); 
1 5222 1 DLOG((TEXT("===================== FILE BITMAP 

| ===================== \n"))); 

15223| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE BITMAP, Mft ); DumpMft( Volumelnfo, Mft ); 
15224| DLOG((TEXT( M ===================== FILE_BOOT 

| ===================== \n"))); 

15225| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_BOOT, Mft ); DumpMft( Volumelnfo, Mft ); 
1 5226| DLOG((TEXT("===================== FILEBADCLUS 



I ===================== \n"))); 

15227| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 
| FILE_BADCLUS, Mft ); DumpMft( Volumelnfo, Mft ); 



1 5228| DLOG((TEXT("===================== FILE QUOTA 

| ===================== \n"))); 

15229| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILE_QUOTA, Mft ); DumpMft( Volumelnfo, Mft ); 
15230| DLOG((TEXT("===================== FILE_UPCASE 

| ===================== \n"))); 

15231 1 Err = NTFS_ReadMftEntryNumber( Volumelnfo, 

| FILEJJPCASE, Mft ); DumpMft( Volumelnfo, Mft ); 
1 5232 1 DLOG((TEXT( M ===================== 1 7 

| =====================Vn "))); 

15233| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 17, 

| Mft ); DumpMft( Volumelnfo, Mft ); 
1 5234 1 DLOG((TEXT("===================== 1 8 

| = ======== = =========== \n"))); 

15235| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 18, 

| Mft ); DumpMft( Volumelnfo, Mft ); 
1 5236| DLOG((TEXT("===================== 21 



| ===================== \n"))); 

15237| Err = NTFS_ReadMftEntryNumber( Volumelnfo, 21, 

| Mft ); DumpMft( Volumelnfo, Mft ); 
15238| 7 

15239| SAFE_Free(Mft); 
15240| }else{ 

1 5241 1 DLOG((TEXT("Out of memory\n"))); 
15242| } 
15243| } 
15244| 

15245| void DumpFATPartition( pVolumelnfo Volumelnfo ) 

15246| { 

15247| } 

15248| 

15249| 

15250| 

15251| File Listing: dump.h 
15252| 

15253| // diagnostics functions 

15254| void DumpNTFSPartition( pVolumelnfo Volumelnfo ); 
15255| void DumpNtfsBootSector( PNTFS_BOOT_SECTOR 

| NtfsBootSector ); 
15256| void DumpMft( pVolumelnfo Volumelnfo, PMFT Mft ); 
15257| void DumpBitMap( PVOID BitMap, ULONG Length ); 
15258| void DumpRun ( PVOID DataRun, ULONG NumberOfBytes ); 
15259| void DumpBytes( PVOID Bytes, ULONG Length ); 
15260| void DumpMftEntryNumber( ULONG Drive, ULONG Part, 

| ULONGLONG MftEntry ); 
15261| void CreateMultipleStreamFileO; 
15262| 



15263| void DumpFATPartition( pVolumelnfo Volumelnfo ); 
15264| 

15265| // dump help routines 

15266| TCHAR *GetTime( ULARGEJNTEGER Number ); 

15267| TCHAR *Get Attribute Name( ULONG Type ); 

15268| TCHAR *GetFileNameType( ULONG Type ); 

15269| TCHAR *GetDosAttributes( ULONG Attr ); 

15270| 

15271| 

15272| 

15273| File Listing: fs.c 
15274| 

15275| #include <stdio.h> 
15276| #include <stdlib.h> 
15277| #include <string.h> 
15278| #include <windows.h> 
15279| #include <windowsx.h> 
15280| #include <winioctl.h> 
15281 1 #include <tchar.h> 
15282| #include <conio.h> 
15283| 

15284| #include "mytypes.h" 
15285| #include "dasd.h" 
15286| #include "fs.h" 
15287| 

15288| TCHAR *GetPartitionType ( BYTE Type ) 
15289| { 

15290| switch (Type) { 

15291 1 case PA RTI Tl ON_E m pty : return TEXT(" "); 
15292| case PARTITION_DOS12Bit : return TEXT(" DOS 
| 12 bit"); 

15293| case PARTITION_DOS16Bit : return TEXT(" DOS 
| 16 bit"); 

15294| case PARTITION DOSExtended : return TEXT(" DOS 
| Extended"); 

15295| case PARTITION_DOSHuge : return TEXT(" DOS 
I Huge"); 

15296| case PARTITION_NTFS : return TEXT(" 
| NTFS"); 

15297| case PARTITION_DRDOSHuge : return TEXT(" Dr. 
| DOS Huge"); 

15298| case PARTITION DRDOSExtended: return TEXT(" Dr. 

| DOS Extended"); 
15299| case PARTITION_DRDOSCompress: return TEXT(" Dr. 

| DOS Compressed"); 
15300| case PARTITION_ConCurDOS : return TEXT(" 

| Concurrent DOS"); 
15301 1 case PARTITION_Netware286 : return TEXT(" 

| NetWare 286"); 
15302| case PARTITION_Netware386 : return TEXT(" 



I NetWare 386"); 
15303| default: 

15304| return TEXT("Unknown"); 
15305| } 
15306| } 
15307| 

15308| void ListPartitionTable ( tDASDHandle "LockHandle, 

| ULONGLONG Sector, ULONG *PartCount ) 
15309| { 

15310| ULONG i; 
15311| tMBRMBR; 
15312| ULONG Err; 
15313| 

15314| //_tprintf(TEXT("Reading sector %12l64d (Partition 

| Table)\n"),Sector); 
15315| Err = DASD_Read ( LockHandle, Sector, 1 , &MBR ); 
15316| for(i=0;i<4;i++) { 
15317| if(MBR.Part[i].SystemType == 

| PARTITION_DOSExtended ) { 
1 531 8| // recursively call ourselves 

15319| ListPartitionTable( LockHandle, 

| MBR.Part[i].StartSector+Sector, PartCount); 
15320| }else{ 

15321 1 if(MBR.Part[i].SystemType!=PARTITION_Empty) 
I { 

1 5322| _tprintf(TEXT("%02d: %02x %02x %02x 

| %02x %02x %02x %02x %02x %08x %08x %08x %s\n"), 



15323| 


(*PartCount)++, 


15324| 


MBR.Part[i]. Bootable, 


15325| 


MBR.Part[i].BeginHead, 


15326| 


M B R . Part[i] . BeginSector, 


15327| 


MBR.Part[i].BeginCyl, 


15328| 


M B R . Part[i] . SystemTy pe , 


15329| 


MBR.Part[i].EndHead, 


15330| 


M B R . Part[i] . EndSector, 


15331| 


MBR.Part[i].EndCyl, 


15332| 


M B R . Partfi] . StartSecto r, 


15333| 


MBR.Part[i].Num berOf Secto rs, 


15334| 





| MBR.Part[i].StartSector+(ULONG)Sector, 
15335| 



| Get PartitionType(M B R . Partfi] .SystemType) 
15336| ); 
15337| } 
15338| } 
15339| } 
15340| } 
15341| 

15342| void ListPartitions( ULONG DriveNum ) 
15343| { 



15344| tDASDHandle *LockHandle; 

15345| ULONG PartCount=0; 
15346| 

15347| _tprintf(TEXT(" Beginning Ending\n")); 

1 5348| _tprintf(TEXT("##: Bt Hd Sc Cy Ty Hd Sc Cy Start 

| Num VolStart Type\n")); 

15349| LockHandle = DASDJ_ockDevice( DriveNum ); 

15350| if(LockHandle) { 

15351 1 ListPartitionTable( LockHandle, 0, &PartCount 

I); 

15352| 

15353| DASD_UnlockDevice( LockHandle ); 
15354| }else{ 

1 5355| _tprintf (TEXT("Unable to obtain lock to 

| device\n")); 
15356| } 
15357| } 
15358| 

15359| ULONGLONG CountPartitionTable( tDASDHandle *LockHandle, 

| ULONGLONG Sector, ULONG *PartCount, ULONG LookingFor ) 
15360| { 

15361| ULONG i; 

15362| tMBRMBR; 

15363| ULONG Err; 

15364| ULONGLONG SectorStart; 

15365| 

15366| //_tprintf(TEXT("Reading sector %12l64d (Partition 

| Table)\n"),Sector); 
1 5367| Err = DASD_Read ( LockHandle, Sector, 1 , &MBR ); 
15368| for(i=0;i<4;i++) { 
15369| if(MBR.Part[i].SystemType == 

| PARTITION_DOSExtended ) { 
15370| // recursively call ourselves 

1 5371 1 SectorStart = CountPartitionTable( 

| LockHandle, MBR.Part[i].StartSector+Sector, PartCount, 

| LookingFor ); 
1 5372| if (SectorStart!=(ULONGLONG)-1 ) 

15373| return SectorStart; 

15374| }else{ 

1 5375| if (fPartCount) == LookingFor) 

15376| return MBR.Part[i].StartSector+Sector; 

15377| (*PartCount)++; 

15378| } 

15379| } 

15380| // part not found 

1 5381 1 return (ULONGLONG)-I ; 

15382| } 

15383| 

15384| 

15385| ULONG GetPartitionTableLow( tDASDHandle 'LockHandle, 



I ULONGLONG Sector, ULONG Max, ULONG *PartCount, 
| tPartTable * Parts ) 
15386| { 

15387| ULONG i; 
15388| tMBRMBR; 
15389| ULONG Err; 
15390| 

1 5391 1 /Mprintf (TEXT( M Reading sector %1 2l64d (Partition 

| Table)\n"),Sector); 
15392| Err = DASD_Read ( LockHandle, Sector, 1 , &MBR ); 
15393| for(i=0;i<4;i++) { 
15394| if(MBR.Part[i].SystemType == 

| PARTITION_DOSExtended ) { 
15395| // recursively call ourselves 

15396| GetPartitionTableLow( LockHandle, 

| MBR.Part[i].StartSector+Sector, Max, PartCount, Parts 

I); 

15397| }else{ 

15398| if(MBR.Part[i].SystemType != 

| PARTITION_Empty) { 
15399| if(*PartCount<Max) { 

15400| Parts[*PartCount].SystemType = 

| MBR.Part[i].SystemType; 
15401 1 Parts[*PartCount].StartSector = 

| MBR.Part[i].StartSector+Sector; 
15402| Parts[*PartCount].NumberOfSectors = 

| MBR.Part[i].NumberOfSectors; 
15403| (*PartCount)++; 
15404| }else{ 

15405| // past how much is allocated 

15406| return (ULONG)-1; 

15407| } 
15408| } 
15409| } 
15410| } 

1541 1 1 return *PartCount; 
15412| } 
15413| 
15414| /* 

1 541 5| Gets a list of partitions on the volume 

1 541 6| returns the count of partitions found or -1 if Max 

| partitions have been reached 
15417| Parts is filled in 
15418| 7 

15419| ULONG GetPartitionTable( tDASDHandle *LockHandle, ULONG 

| Max, tPartTable *Parts ) 
15420| { 

1 5421 1 ULONG PartitionCount=0; 

15422| return GetPartitionTableLow( LockHandle, 0, Max, 
| &PartitionCount, Parts ); 



15423| } 
15424| 
15425| 
15426| 

15427| File Listing: fs.h 
15428| 

15429| #include "fs_ondisk.h" 
15430| #include "ntfs_ondisk.h" 
15431| 

15432| // for partition scanning 

15433| typedef struct sPartTable { 

15434| BYTE SystemType; 

15435| ULONGLONG StartSector; 

15436| ULONGLONG NumberOf Sectors; 

15437| } tPartTable, *pPartTable; 

15438| 

15439| TCHAR *GetPartitionType ( BYTE Type ); 

15440| void ListPartitionTable ( tDASDHandle *LockHandle, 

| ULONGLONG Sector, ULONG *PartCount ); 
15441| void ListPartitions( ULONG DriveNum ); 

15442| ULONGLONG CountPartitionTable( tDASDHandle *LockHandle, 

| ULONGLONG Sector, ULONG *PartCount, ULONG LookingFor ); 
15443| ULONG GetPartitionTableLow( tDASDHandle *LockHandle, 

| ULONGLONG Sector, ULONG Max, ULONG *PartCount, 

| tPartTable *Parts ); 
15444| ULONG GetPartitionTable( tDASDHandle *LockHandle, ULONG 

| Max, tPartTable *Parts ); 
15445| 
15446| 
15447| 

15448| File Listing: fs_ondisk.h 
15449| 

15450| /* general partition stuff 7 
15451| 

15452| #define PARTITION_Empty 0x00 
15453| #define PARTITION_DOS12Bit 0x01 // 12 bit fat 
| < 10mb 

15454| #define PARTITION_DOS16Bit 0x04 // 16 bit fat 
| < 32mb 

1 5455| #def ine PARTITION_DOSExtended 0x05 // Extended 
| Dos Partition 

15456| #define PARTITION DOSHuge 0x06 // 1 6 bit FAt 

| >= 32mb 

15457| #define PARTITION_NTFS 0x07 
15458| 

15459| #define PARTITION_DRDOSHuge 0xC4 
15460| #define PARTITION_DRDOSExtended 0xC5 
15461 1 #define PARTITION_DRDOSCompress 0xC6 
15462| 

15463| #define PARTITION_ConCurDOS OxDB 



15464 
15465 
15466 
15467 
15468 
15469 
15470 



| OxcO) « 2) + (Part)->BeginCyl) 



15471 
I 2) 
15472 
15473 
15474 
15475 
15476 
15477 
15478 
15479 
15480 
15481 
15482 
15483 
15484 
15485 
15486 
15487 
15488 
15489 
15490 
15491 
15492 
15493 
15494 
15495 
15496 
15497 
15498 
15499 
15500 
15501 
15502 
15503 
15504 
15505 
15506 
15507 
15508 
15509 
15510 
15511 



#define PARTITION_Netware286 0x64 
#define PARTITION_Netware386 0x65 

#define GetBeginSPT(Part) ((Part)->BeginSector & 0x3f) 
#define GetEndSPT(Part) ((Part)->EndSector & 0x3f) 
#define GetBeginCyl(Part) ((((Part)->BeginSector & 



#define GetEndCyl(Part) ((((Part)->EndSector & OxcO) « 
+ (Part)->EndCyl) 



#pragma pack(1) 
typedef struct _Partlnfo { 

BYTE Bootable; 

BYTE BeginHead; 

BYTE BeginSector; 

BYTE BeginCyl; 

BYTE SystemType; 

BYTE EndHead; 

BYTE EndSector; 

BYTE EndCyl; 

ULONG StartSector; 

ULONG NumberOf Sectors; 
} tPartlnfo; 

#pragma pack(1) 
// physical sector 0 
typedef struct _MBR { 

BYTE Code[0x1b8]; 

ULONG SerialNumber; 

BYTE Dirty; 

BYTE Unknown; 

tPartlnfo Part[4]; 

USHORT Signature; 
} tMBR, *pMBR; 



#pragma pack() 

File Listing: mytypes.h 

typedef unsigned int64 ULONGLONG; 

typedef struct _ULI { 
union { 
struct { 

DWORD LowPart; 



15512| DWORD HighPart; 

15513| }; 

15514| ULONGLONG QuadPart; 
15515| }; 
15516| } ULI, *pULI; 
15517| 

15518| #define GetByte(Buffer, Offset) 

| ((BYTE*)(Buffer))[(Offset)] 
15519| #define PutByte(Buffer,Offset,Byte) { \ 
15520| 

| ((BYTE*)(Buffer))[(Offset)] = ((Byte) & 0xff);\ 
15521| } 
15522| #define GetChar(Buffer,Offset) ((signed 

| char*)(Buffer))[(Offset)] 
15523| #define PutChar(Buffer,Offset,Char) { \ 
15524| 

| ((BYTE*)(Buffer))[(Offset)] = ((Char) & 0xff);\ 
15525| } 
15526| 
15527| 

15528| #define GetWord(Buffer,Offset) '((unsigned 

| short*)&((BYTE*)(Buffer))[(Offset)]) 
15529| #define PutWord(Buffer, Offset, Word) { \ 
15530| 

| ((BYTE*)(Buffer))[(Offset)] = ((Word) & 
| 0xff);\ 
15531| 

| ((BYTE*)(Buffer))[(Offset) + 1] = (((Word) » 8) & 
| 0xff);\ 

15532| } 
15533| 

15534| #define GetShort(Buffer,Offset) *(( signed 

| short*)&((BYTE*)(Buffer))[(Offset)]) 
15535| #define PutShort(Buffer,Offset,Short) { \ 
15536| 

| ((BYTE*)(Buffer))[(Offset)] = ((Short) & 
| 0xff);\ 
15537| 

| ((BYTE*)(Buffer))[(Offset) + 1] = (((Short) » 8) & 
| 0xff);\ 

15538| } 
15539| 

15540| #define GetUTriByte(Buffer, Offset) (('((unsigned 
| long*)&((BYTE*)(Buffer))[(Offset)])) & OxOOffffff) 

15541 1 // signed TriByte needs to be handled differently 

15542| // this doesnt work... 

15543| //#define GetTriByte(Buffer, Offset) 
| (GetUTriByte(Buffer,Offset) < 0x800000 ? 
| GetUTriByte( Buffer, Offset) : (signed 
| long)(GetUTriByte(Buffer,Offset) | OxFFOOOOOO)) 



15544| 

15545| // needs to be a function because we have to sign 

| extend the long 
15546| signed long GetTriByte(PVOID Buffer,unsigned long 

| Offset); 
15547| 
15548| 

15549| #define PutTriByte(Buffer,Offset,TriByte) { \ 
15550| 

| ((BYTE*)(Buffer))[(Offset)] = ((TriByte) & 
| 0xff);\ 
15551| 

| ((BYTE*)(Buffer))[(Offset) + 1] = (((TriByte) » 8) & 
| 0xff);\ 
15552| 

| ((BYTE*)(Buffer))[(Offset) + 2] = (((TriByte) » 16) & 
| 0xff);\ 

15553| } 

15554| #define GetLong( Buffer, Offset) *(( signed 

| long*)&((BYTE*)(Buffer))[(Offset)]) 
15555| #define Putl_ong(Buffer,Offset,l_ong) {\ 
15556| 

| ((BYTE*)(Buffer))[(Offset)] = ((Long) & 
| 0xff);\ 
15557| 

| ((BYTE*)(Buffer))[(Offset) + 1] = (((Long) » 8) & 
| 0xff);\ 
15558| 

| ((BYTE*)(Buffer))[(Offset) + 2] = (((Long) » 16) & 
| 0xff);\ 
15559| 

| ((BYTE*)(Buffer))[(Offset) + 3] = (((Long) » 24) & 
| 0xff);\ 

15560| } 

1 5561 1 #def ine GetULong(Buffer, Offset) '((unsigned 

| long*)&((BYTE*)(Buffer))[(Offset)]) 
15562| 
15563| 

15564| typedef char string8; 

15565| #define LONGTOBYTE(x) ((BYTE)((x) & Oxff)) 
15566| 

15567| typedef struct _BYTE_ARRAY { 

15568| CHAR Data[1 024]; 

15569| } BYTE_ARRAY, *PBYTE_ARRAY; 

15570| 

15571 1 typedef struct _WORD_ARRAY { 

1 5572| WORD Data[1 024 / 2]; 

15573| } WORD_ARRAY, * P WO R D_A R RAY ; 

15574| 

15575| typedef struct _ULONG_ARRAY { 



15576 
15577 
15578 
15579 
15580 
15581 
15582 
15583 
15584 
15585 
15586 
15587 
15588 
15589 
15590 
15591 
15592 
15593 
15594 
15595 
15596 
15597 
15598 
15599 
15600 
15601 
15602 
15603 
15604 
15605 
15606 
15607 
15608 
15609 
15610 
15611 
15612 
15613 
15614 
15615 
15616 
15617 
15618 
15619 
| to 



15620 
15621 
15622 
15623 



ULONG Data[1024/4]; 
} ULONG_ARRAY, *PULONG_ARRAY; 

typedef struct _U L A RG E_A R RAY { 

ULARGEJNTEGER Data[1024 / 8]; 
} ULARGE_ARRAY, *PULARGE_ARRAY; 



File Listing: ntfs.c 

#define UNICODE 
#define_UNICODE 
#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <windows.h> 
#include <windowsx.h> 
#include <winioctl.h> 

//#include <crtdbg.h> //_ASSERTE 

#include <assert.h> 

#define_ASSERTE assert 

#include <tchar.h> 

#include <conio.h> 

#include <io.h> 

#include "mytypes.h" 
#include "dasd.h" 
#include "fs.h" 
#include "ntfs.h" 
#include "dump.h" 
#include "safemem.h" 
#include "psm.h" 
#include "volume. h" 
#include "dlog.h" 

#include <undoc.h> 

//void PSM_LogDebuglnfoW( const WCHAR *fmt,...); 
DWORD ExceptionFilter( EXCEPTION_POINTERS *ep ); 

//todo containing record?? 
// generic link point 

// understand the statement ; starting macros. If 
protect assignment they fail if part of further 



| expression. 



// write this better 

// make todo part of warning ! ! 



15624| 
15625| 
15626| /* 
15627| TODO: 

1 5628| Reading the $Attrdef file for attribute I Ds 
15629| Log file structures 

15630| Add/get b+ tree routines for directory parsing 

15631| POSIX parsing 

15632| 

15633| Side note: It seems that the files below are protected 

| with a security descriptor and that 
15634| is why the files do not show up in the directory list. 

| When you try to access the file, you 
15635| get "Access denied" I created a file called $Test with 

| the same attributes as $mft, and it 
15636| showed up in the dir list, the mft of the 2 files were 

| pretty much the same. If you do a 
15637| 'dir $mft /ah' the file does show up., maybe the NTFS 

| file system justs parses them out when 
15638| making the directory list? 
15639| 

15640| When doing an index, we will need the following files 

| to satisfy a mount 
1 5641 1 $Mft At least first 1 6 entries (32k-64k) 

| Mine is 145MB 
15642| $MftMirr 4k 

15643| $LogFile ~3 MB is the default, but can be 

I bigger 
15644| $Volume Ok 
15645| $AttrDef 36000 bytes 
15646| $Root Need I N D EX_ROOT_ATT R, 

| I N D EX ALLOC ATI ON ATTR, and BITMAP ATTR 
15647| $Bitmap 1 bit per cluster on the volume 
15648| $Boot 8k 
15649| $BadClus 0k, 

15650| The VCN To LCN mappings correspond 

| to the bad sectors (thus the LCN of 
15651 1 VCN X is a bad sector) so do not 

| access this file 
15652| $Quota 0k 
15653| SUpcase 128k 
15654| 
15655| 
15656| 
15657| 7 
15658| 

15659| // needs to be a function because we have to sign 

| extend the long 
15660| 

15661| signed long GetTriByte(PVOID Buffer,unsigned long 



I Offset) 
15662| { 

15663| unsigned long SL = (*(( signed 

| long*)&((BYTE*)(Buffer))[(Offset)])) & OxOOffffff; 
1 5664| if (SL>0x7fffff) SL-=0x1 000000; 
15665| return SL; 
15666| } 
15667| 
15668| 
15669|/* 

15670| This routine came from the linux driver and has 

| been modified slightly 
15671 1 TODO: rewrite this in a readable and understandable 

| form. See pages 61-67 of 
15672| Helen's books on a desciption of the algorithm. 
15673| 

15674| Given a compressed buffer of src, decompresses it 

| into dest coping a max of Size 
15675| 7 

15676| void NTFS_DecompressBuffer(unsigned char *dest, 

| unsigned char *src, ULONGLONG Size) 
15677| { 

15678| int head,comp; 

15679| int copied=0; 

1 5680| unsigned char *stop; 

15681| int bits; 

15682| inttag=0; 

15683| int clear_pos; 

15684| while(1) 

15685| { 

15686| head = GetWord(src,0) & OxFFF; 
15687| /* high bit indicates that compression was 
| performed */ 



15688| 


comp = GetByte(src,1) & 0x80; 


15689| 


//comp = (head == OxFFF); 


15690| 


src += 2; 


15691| 


stop = src+head; 


15692| 


bits = 0; 


15693| 


clear_pos=0; 


15694| 


if(head==0) 


15695| 


/* block is not used 7 


15696| 


return;/* FIXME: copied 7 


15697| 


if(!comp) /* uncompressible 7 


15698| 


{ 


15699| 


memcpy(dest,src,0x1 000); 


15700| 


dest+=0x1000; 


15701| 


copied+=0x1000; 


15702| 


src+=0x1000; 


15703| 


if(Size==copied) 


15704| 


return; 



15705| continue; 

15706| } 

1 5707| while(src<=stop) 

15708| { 

1 5709| if (clear_pos>4096) 

15710| { 

1 571 1 1 DLOG((TEXT("Error 1 in 

| decompress\n M ))); 

15712| return; 

15713| } 

15714| if(!bits){ 

15715| tag=GetByte(src,0); 

15716| bits=8; 

15717| src++; 

15718| if(srostop) 

15719| break; 

15720| } 

15721| if (tag & 1){ 

15722| int i,len,delta,code,lmask,dshift; 

15723| code = GetWord(src,0); 

15724| src+=2; 

15725| if(!clear_pos) 

15726| { 

1 5727| DLOG((TEXT("Error 2 in 

| decompress\n M ))); 

15728| return; 

15729| } 
15730| 

| for(i=clear_pos-1 ,lmask=0xFFF,dshift=12;i>=0x10;i»=1) 

15731| { 

15732| lmask»=1; 

15733| dshift-; 

15734| } 

1 5735| delta = code » dshift; 

15736| len = (code & Imask) + 3; 

15737| for(i=0; klen; 

15738| { 
15739| 

| dest[clear_pos]=dest[clear_pos-delta-1 ]; 

15740| clear_pos++; 

15741| copied++; 

15742| if(copied==Size) 

15743| return; 

15744| } 

15745| }else{ 

1 5746| dest[clear_pos++]=GetByte(src,0); 

15747| src++; 

15748| copied++; 

1 5749| if (copied==Size) 

15750| return; 



15751| } 
15752| tag»=1; 
15753| bits--; 

15754| } 

15755| dest+=clear_pos; 



15756| } 
15757| } 
15758| 
15759| 
15760| r 

15761 1 Given a VCN for File, will return its LCN. The 

| file must be non resident 
15762| returns -1 if an error occurs, Use Getl_astError() 

| to get the error 
15763| 7 

15764| ULONGLONG NTFS_VCNToLCN(PNTFS_File File, ULONGLONG VCN 
I) 

15765| { 

15766| ULONG Run=0; 
15767| PATTRIBUTE 

| Attribute=NTFS_GetAttributeByName(File->Volumelnfo,File- 

| >Mft,File->Type,File->AttrName); 
15768| 

15769| if ( Attribute) { 

1 5770 1 if ( Attribute->NotResident) { 

15771| while( 

| (Run<File->VCNToLCNMappingTableSize) && 
15772| 

| (VCN>=File->VCNToLCNMappingTable[Run]. Length)) { 
15773| VCN-= 

| File->VCNToLCNMappingTable[Run++]. Length; 
15774| } 

15775| if(Run==File->VCNToLCNMappingTableSize) { 

15776| SetLastError(ERROR_SECTOR_NOT_FOUND); 
15777| return (ULONGLONG)-I ; 

15778| Jelse 
15779| 

| if(File->VCNToLCNMappingTable[Run].CIuster==(ULONGLONG)- 
I 1) 

1 5780| return (ULONGLONG)-I ; 

15781| else 
15782| return 

| File->VCNToLCNMappingTable[Run].CIuster+VCN; 
15783| }else{ 
15784| //resident 

15785| SetLastError(ERROR_INVALID_PARAMETER); 

1 5786| return (ULONGLONG)-I ; 

15787| } 

15788| }else{ 

1 5789| // no attribute found 



15790| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 

15791 1 return (ULONGLONG)-I ; 

15792| } 

15793| } 

15794| 

15795| /* 

1 5796| a fixup technique : the last word of each sector 

| (called a fixup) of a 
15797| structure's record should end with the word at 

| offset <n> of the first 
15798| sector, and if it is the case, must be replaced 

| with the words following 
15799| <n>. The value of <n> and the number of fixups is 

| taken from the fields 
1 5800 1 at the offsets 4 and 6. 
15801| 7 

15802| int NTFS_FixupRecord ( pVolumelnfo Volumelnfo, PVOID 

| Record ) 
15803| { 

15804| WORD Count,Offset,Fixup,Start; 
15805| 

15806| Start = GetWord(Record, 4); 
15807| Count = GetWord( Record, 6); 
15808| Fixup = GetWord(Record, Start); 
15809| 

1 581 0| // the first fixup is the check key, so skip it. 
1581 1 1 Start += sizeof(WORD); 
15812| Offset = 

| Volumelnfo->NtfsBootSector->BytesPerSector-sizeof(WORD); 
15813| Count--; 
15814| 

15815| while(Count-) { 

1 581 6| // the field doesnt contain the key, must be 
| bad... 

15817| if (GetWord(Record,Offset)!=Fixup) 
15818| return 0; 

15819| PutWord(Record,Offset,GetWord(Record,Start)); 
15820| Offset += 

| Volumelnfo->NtfsBootSector->BytesPerSector; 
15821 1 Start += sizeof(WORD); 
15822| } 
15823| return 1; 
15824| } 
15825| 

15826| int NTFSJJnfixupRecord ( pVolumelnfo Volumelnfo, PVOID 

| Record ) 
15827| { 

15828| WORD Count, Offset, Fixup, Start; 
15829| 

15830| Start = GetWord( Record, 4); 



15831| Count = 1 + 

| (USHORT)Volumelnfo->NtfsBootSector->MFTRecordSize; 
15832| Fixup = 1 + GetWord( Record, Start); 
15833| PutWord(Record,Start,Fixup); 
15834| 

1 5835| Start += sizeof (WORD); 

15836| Offset = Volumelnfo->NtfsBootSector->BytesPerSector 

| -sizeof(WORD); 
15837| 

15838| while(--Count) { 

15839| PutWord (Record,Offset, Fixup); 

15840| Offset += 

| Volumelnfo->NtfsBootSector->BytesPerSector; 
15841 1 Start += sizeof(WORD); 
15842| } 
15843| 

15844| return 1; 
15845| } 
15846| 
15847| /* 

15848| This decompresses a run, and returns it. 

15849| Runs are stored as: OxCL where L is the size of the 

| length and C is the size of the 
15850| cluster. So if we have a byte stream of 22 12 34 

| 56 78, the length is a word (1234) and 
15851 1 the cluster is a word (5678). if a stream of 21 01 

| 12 34, the length is a byte (01) and 
15852| the cluster is a word (1234). A Length of 0 ends 

| the run. A Cluster of 0 indicates a 
15853| sparse run. The Cluster is signed and added to the 

| previous cluster number, negative 
15854| clusters go back from the current position. The 

| first run starts at cluster 0. 
15855| Length is unsigned. 
15856| 

15857| TODO: added Types 5-8 

15858| 7 

15859| 

15860| #define GetLengthLength(Type) ((Type) & OxOf) 
15861 1 #define GetClusterLength(Type) ((Type) » 4) 
15862| int GetRun ( PVOID DataRun, ULONG *Offset, 

| ULARGEJNTEGER ^Cluster, ULARGEJNTEGER *Length, ULONG 

| *Sparse ) 
15863| { 

15864| CHAR Type = GetByte(DataRun,(*Offset)); 

15865| (*Sparse) = 0; 

15866| 

15867| if(IType) 
15868| return 0; 
15869| 



15870| (*Offset)++; 

1 5871 1 switch(GetLengthLength(Type)) { 
15872| case 1 : Length->QuadPart = 

| GetByte(DataRun,(*Offset)); 
15873| break; 
15874| case 2: Length->QuadPart = 

| GetWord(DataRun,(*Offset)); 
15875| break; 
15876| case 3: Length->QuadPart = 

| GetUTriByte(DataRun,(*Offset)); 
15877| break; 
1 5878| case 4: Length->QuadPart = 

| GetULong(DataRun,(*Offset)); 
15879| break; 
15880| default: 

1 5881 1 DLOG((TEXT("Unable to decompress run length 

| of %d\n M ),GetLengthLength(Type))); 
15882| break; 
15883| } 

15884| (*Offset) += GetLengthLength(Type); 
15885| 

15886| switch(GetClusterLength(Type)) { 
15887| case 0: (*Sparse) = 1 ; 
15888| break; 
1 5889| case 1 : Cluster->QuadPart += 

| GetChar(DataRun,(*Offset)); 
15890| break; 
15891 1 case 2: Cluster->QuadPart += 

| GetShort(DataRun,(*Offset)); 
15892| break; 
15893| case 3: Cluster->QuadPart += 

| GetTriByte(DataRun,(*Offset)); 
15894| break; 
1 5895| case 4: Cluster->QuadPart += 

| Getl_ong(DataRun,(*Offset)); 
15896| break; 
15897| default: 

1 5898| DLOG((TEXT("Unable to decompress run length 

| of %d\n"),GetClusterLength(Type))); 
15899| break; 
15900| } 

15901 1 (*Offset) += GetClusterLength(Type); 

15902| return 1; 

15903| } 

15904| 

15905| 

15906|/* 

15907| Opens file with its Mft Entry number. Usually only 

| used for directories and well known 
15908| Ids (FILE_MFT, FILE BITMAP, FILE_ROOT, etc..) Type 



I is the attribute(stream) to open. 
15909| 7 

15910| PNTFS_File NTFS_OpenFileByNumber ( pVolumelnfo 

| Volumelnfo, ULONGLONG MftEntryNum, ULONG Type, WCHAR 
| *AttrName ) 

15911| { 

15912| ULONG Err=0; 

15913| PNTFS_File NtfsFile=SAFE_Alloc(sizeof(NTFS_File)); 
15914| 

15915| if(NtfsFile) { 
15916| 

| NtfsFile->Mft=SAFE_Alloc(NTFS_MftByteSize(Volumelnfo)); 
15917| 

15918| if(NtfsFile->Mft) { 
15919| //buffer for file io 

15920| NtfsFile->Buffer = 

| SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)); 
1 5921 1 if (NtfsFile->Buffer) { 

15922| //read in the file Mft 

15923| Err = NTFS_ReadMftEntryNumber( 

| Volumelnfo, MftEntryNum, NtfsFile->Mft ); 
15924| if(!Err){ 
1 5925| // get the clusters for the file 

15926| PATTRIBUTE Attribute = 

| NTFS_GetAttributeByName( Volumelnfo, NtfsFile->Mft, 

| Type, AttrName ); 
15927| if(Attribute) { 

15928| if(Attribute->NotResident) { 

15929| //old line replaced by sub function to allow extension 

| data runs PVOID DataRun = NTFS_GetDataPointer( 

| Attribute ); 
15930| PVOID DataRun = 

| NTFS_GetDataRun(Attribute, NtfsFile, Volumelnfo, 

| MftEntryNum, Type, AttrName ) ; 
15931| 

1 5932| NtfsFile->CompressedBuffer 

| = NULL; 
15933| 

| NtfsFile->UnCompressedBuffer = NULL; 
15934| if(Attribute->Compressed) { 

15935| 

| NtfsFile->CompressedBuffer = 

| SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)*16); 
15936| 

| NtfsFile->UnCompressedBuffer = 

| SAFE_Alloc(NTFS_ClusterSizelnBytes(Volumelnfo)*16); 
15937| 

| if((!NtfsFile->CompressedBuffer) || 
| (!NtfsFile->UnCompressedBuffer)) { 
15938| 



I if(NtfsFile->CompressedBuffer) 
15939| 

| SAFE_Free(NtfsFile->CompressedBuffer); 
15940| 

| if(NtfsFile->UnCompressedBuffer) 
15941| 

| SAFE_Free(NtfsFile->UnCompressedBuffer); 
15942| DataRun=NULL; 
15943| } 
15944| } 
15945| 

15946| if(DataRun){ 
15947| 

| NtfsFile->VCNToLCNMappingTableSize = GetDataRunLength( 
| DataRun,Attribute->NonResidentData.LastVCN.QuadPart-Attr 
| ibute->NonResidentData.StartingVCN.QuadPart+1 ); 
15948| //DLOG((TEXT("VCNToLCN 
| mapping table 

| size=%d\n"),NtfsFile->VCNToLCNMappingTableSize*sizeof(DA 
| TA_RUN))); 

1 5949| // TODO: malloc needs a 

| unsigned int, im passing in an unsigned int64 

15950| 

| NtfsFile->VCNToLCNMappingTable = 

| SAFE_Alloc(NtfsFile->VCNToLCNMappingTableSize*sizeof(DAT 

I A_RUN)); 
15951| 
15952| 

| if(NtfsFile->VCNToLCNMappingTable) { 
15953| if ((Err = 

| MakeVCNToLCNMapping( DataRun, 

| NtfsFile->VCNToLCNMappingTable, 

| NtfsFile->VCNToLCNMappingTableSize))==0) { 
15954| NtfsFile->Type 

I = Type; 
15955| 

| NtfsFile->MftEntryNum = MftEntryNum; 
15956| 

| NtfsFile->Volumelnfo = Volumelnfo; 
15957| //protect 
| resources. 

15958| SAFE_ReadOnly( 
| NtfsFile ); 

15959| SAFE_ReadOnly( 

| NtfsFile->Mft ); 
15960| SAFE_ReadOnly( 

| NtfsFile->VCNToLCNMappingTable ); 
1 5961 1 SAFE_ReadOnly( 

| NtfsFile->Buffer); 
15962| //clumsy way 



I withthe variables now in scope to see if 
15963| //extension 

| records were used. 
15964| if 

| ((BYTE*)DataRun < (BYTE*)NtfsFile->Mft || 

| (BYTE*)DataRun > 

| (BYTE*)NtfsFile->Mft+(NTFS_MftByteSize(Volumelnfo))){ 
15965| 

| SAFE_Free(DataRun); 
15966| } 
15967| return 

| NtfsFile; 
15968| }else{ 
15969| 

| DLOG((TEXT("Error %08x reading VCN to LCN 

| table\n"),Err)); 
15970| 

| SetLastError(Err); 
15971| } 
15972| }else{ 
15973| DLOG((TEXT("Error, 

| out of memory\n"))); 
15974| 

| SetLastError(ERROR_OUTOFMEMORY); 
15975| } 
15976| }else{ 
15977| DLOG((TEXT("Error no 

| data pointer found\n"))); 
15978| 

| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 
15979| } 
15980| }else{ 
15981| //fileisinmft 
15982| NtfsFile->Type = Type; 

15983| 

| NtfsFile->VCNToLCNMappingTable = NULL; 
15984| NtfsFile->MftEntryNum = 

| MftEntryNum; 
15985| NtfsFile->Volumelnfo = 

| Volumelnfo; 
1 5986| // protect resources. 

15987| SAFE_ReadOnly( NtfsFile ); 

15988| SAFE_ReadOnly( 

| NtfsFile->Mft ); 
15989| SAFE_ReadOnly( 

| NtfsFile->Buffer); 
15990| return NtfsFile; 

15991| } 
15992| }else{ 

1 5993| DLOG((TEXT("No %02x attribute 



I found in file!\n"),Type)); 
15994| 

| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 



15995| } 

15996| }else{ 

1 5997| DLOG((TEXT("Error %08x reading 

| Mft\n"),Err)); 

15998| SetLastError(Err); 

15999| } 

1 6000| SAFE_Free(NtfsFile->Buffer); 

16001| }else{ 

1 6002| DLOG((TEXT("Out of memory\n"))); 

1 6003| SetLastError(ERROR_OUTOFMEMORY); 

16004| } 

16005| 

16006| SAFE_Free(NtfsFile->Mft); 

16007| }else{ 

1 6008| DLOG((TEXT("Error out of memory\n"))); 

1 6009| SetLastError(ERROR_OUTOFMEMORY); 

16010| } 

1 601 1 1 SAFE_Free(NtfsFile); 

16012| }else{ 

16013| DLOG((TEXT("Error out of memory\n"))); 

1 601 4| Setl_astError(ERROR_OUTOFMEMORY); 

16015| } 



16016| return NULL; 
16017| } 
16018| 
16019| r 

1 6020| makes a string all uppercase based on the Unicode 

| translation table. 
16021| 

1 6022| Given Unicode char Lower, this provides the 

| uppercase translation table so 
1 6023| Upper = UpcaseTable[Lower]; 
16024| 7 

16025| WCHAR *NTFS_MakeUpperCase( pVolumelnfo Volumelnfo, 

| WCHAR *Str, ULONG Length ) 
16026| { 

16027| WCHAR *p=Str; 

16028| ULONG C=0; 

16029| while(C++<Length) { 

1 6030| *p++ = Volumelnfo->UpcaseTable[*p]; 

16031| } 

16032| return Str; 

16033| } 

16034| 

16035| r 

1 6036| Meat and potatoes of ntfs directory parsing 
| routine. 



16037| 

1 6038| Returns the MftEntry of the file or -1 , use 

| GetLastError() to get error code 
16039| 7 

16040| ULONGLONG NTFS_RecurseDir( pVolumelnfo Volumelnfo, 

| ULONGLONG MftEntry, WCHAR *Name ) 
16041| { 

16042| PNTFS_File IRFile=NTFS_OpenFileByNumber( 
| Volumelnfo, MftEntry, I N D EX ROOT ATTR, NULL ); 
16043| ULONG Err=0; 
16044| if(IRFile) { 

16045| PNTFS_File lAFile = NTFS_OpenFileByNumber( 
| Volumelnfo, MftEntry, I N D EX_ALLOC ATI ON_ATTR , NULL ); 

16046| ULONGLONG IRSize = NTFS_GetFileSize(IRFile); 

16047| PINDEX_ROOT IR 
| SAFE_Alloc((ULONG)IRSize); 

16048| 

16049| //DumpMft(Volumelnfo,IAFile->Mft); 
16050| if(IR) { 

16051| PINDEX_ENTRY IE = 

| (PINDEX_ENTRY)(IR+1); 
16052| Err = NTFS_ReadFile( IRFile, 0, IRSize, IR 

I); 

16053| SAFE_ReadOnly(IR); 
16054| 

16055| if(!Err) { 

16056| ULONGLONG IASize=0; 

16057| PINDEX_ALLOCATION IA=NULL; 

16058| ULONG NameLength; 

16059| WCHAR *p=Name; 

16060| BOOLEAN DoExit=FALSE; 

16061| ULONGLONG DirMftEntry; 

16062| PFILENAME FN = 

| NTFS_GetDataPointer((PATTRIBUTE)NTFS_GetAttributeByName( 
| IRFile->Volumelnfo, IRFile->Mft, FILENAME_ATTR, NULL 

I)); 

16063| 

16064| NameLength = FN->FileNameLength; 

16065| if (lAFile) { 

16066| lASize = IR->SizeOflndex; 

16067| I A = 

| SAFE_Alloc((ULONG)IASize); 
16068| SAFE_ReadOnly(IA); 
16069| } 
16070| 
16071| #if 0 

1 6072| DLOG((TEXT("Mft Entry=%l64x, 

| FileName= , %-*.*s'\n M ),MftEntry,NameLength,NameLength,FN- 
| >FileName)); 

1 6073| DLOG((TEXT( M SizeOflndex=%d, 



I NumberOfClustersPerlndex=%d\n"),IR->SizeOf Index, 
| IR->NumberOfClustersPerlndex)); 
1 6074| DLOG((TEXT("Unknown 1 =%08x, 2=%082, 

| 3=%08x, 4=%08x, 

| 5=%08x\n"),IR->Unknown1 ,IR->Unknown2,IR->Unknown3,IR->Un 

| known4,IR->Unknown5)); 
16075| #endif 
16076| 

1 6077| // get the length of the path we are 

| interested in 
1 6078| // ie if passed 

| WINNT\SYSTEM32\CONFIG\software.log we only 
1 6079| // want <WINNT> as we will 

| recurse into the others 
1 6080| // assuming the directories exist 

1 6081 1 while((*p!=L'\0') && (*p!=L'\Y)) { 

16082| p++; 
16083| } 

1 6084| Namel_ength=p-Name; 
16085| 

| NTFS_MakeUpperCase(Volumelnfo,Name,NameLength); 
16086| #if 0 

1 6087| DLOG((TEXT( M Searching for 

| VoA*sW),NameLength,NameLength,Name)); 
16088| #endif 
16089| 

16090| while(!DoExit) { 

16091 1 #if 0 

16092| if(IE->DataSize) { 

16093| DLOG(( 
1 6094| TEXT( ,M %-*.*s'\n M ) 
16095| TEXT(" 

| DirectoryMft=%012l64x, SequenceNumber=%04l64x\n M ) 
16096| TEXT(" EntrySize=%04x, 

| DataSize=%04x (%04x), Flags=%08x\n M ) 
16097| TEXT(" 

| MyDirectoryEntry=%012l64x, MySequenceNumber=%04l64x\n") 
16098| TEXT(" 

| AllocatedAttributeSize=%01 6l64x, 

| AttributeSize=%016l64x\n") 
16099| TEXT(" Attributes=%016l64x 

I (%s)\n"), 

16100| I E->FileNameLength, 

16101| I E->FileNamel_ength, 

16102| IE->FileName, 
16103| IE->DirectoryMft, 

| IE->SequenceNumber, IE->EntrySize, 
16104| 

| IE->DataSize,IE->EntrySize-IE->DataSize, IE->Flags, 
1 61 05| I E->MyDirectory Entry, 



I IE->MySequenceNumber, 
16106| 

| IE->AllocatedAttributeSize, IE->AttributeSize, 
| IE->Attributes, 

| GetDosAttributes(IE->Attributes.LowPart))); 
16107| }else{ 
16108| DLOG(( 
16109| TEXT('"<Last Entry>'\n M ) 

16110| TEXT(" 

| DirectoryMft=%012l64x, SequenceNumber=%04l64x\n M ) 
16111| TEXT(" EntrySize=%04x, 

| DataSize=%04x, Flags=%08x\n") 
16112| TEXT(" 

| MyDirectoryEntry=%012l64x, 

| MySequenceNumber=%04l64x\n M ), 
16113| IE->DirectoryMft, 

| IE->SequenceNumber, IE->EntrySize, 
16114| IE->DataSize, 

| IE->Flags, 

16115| IE->MyDirectoryEntry, 

| IE->MySequenceNumber )); 
16116| } 
16117| #endif 

161 18| if(IE->Flags & FLAGS_I N D EX LAST) { 

16119| // handle as special case, so 

| no file name may be here. 
1 61 20| // this is usually a dummy 

| entry 

16121| if(IE->DataSize != 0) { 

16122| DoExit = TRUE; 

1 6123| goto DoFileName; 

16124| } 

1 61 25| goto DoSubNodes; 

16126| }else{ 

16127| DoFileName: 

1 61 28| // keys are based on filenames 

16129| SAFE_ReadWrite(IE); 
16130| 

| NTFS_MakeUpperCase(Volumelnfo,IE->FileName,IE->FileNameL 
I ength); 

16131| SAFE_ReadOnly(IE); 
16132| 

1 61 33| // for faster access, only 

| compare if the lengths are the same 
16134| if(IE->FileNamel_ength == 

| NameLength) { 
16135| 

| if(wcsncmp(Name,IE->FileName,NameLength)==0) { 
16136| //Yeah! The file has 

| been found! 



1 61 37| // now see if we need 

| to recurse into ourselves again. 
16138| if(*p!=L'\0') { 

16139| if((*p=='\\') && 

|(*(p + 1)==L'\0')) goto 
16140| DoAsFile; 
16141| 

| if(IE->Attributes.LowPart& FILENAME_DI RECTORY) { 
16142| //user is 

| treating this as a directory 
16143| DirMftEntry = 

| IE->DirectoryMft; 
1 61 44| // we no longer 

| need this data so free them 
16145| if(IAFile) { 

16146| 

| SAFE Free(IA); 
16147| 

| NTFS_CloseFile(IAFile); 
16148| } 
16149| SAFE_Free(IR); 
16150| 

| NTFS_CloseFile(IRFile); 
16151| return 

| NTFS_RecurseDir( Volumelnfo, DirMftEntry, p+1 ); 
16152| }else{ 
16153| //user is 

| treating this as a directory, but 
16154| //it isnt 

16155| Err = 

| E R RO R_P AT H_N OT_FO U N D ; 
16156| DoExit = TRUE; 

16157| } 
16158| }else{ 
16159| DoAsFile: 

16160| // User is treating 

| this as a file, If a directory, 
16161| // user could be 

| opening it for direct access. This 
16162| // method is used 

| for directory walking 
16163| DirMftEntry = 

| IE->DirectoryMft; 
16164| // free the data 

| and return 
16165| if(IAFile) { 

16166| SAFEFree(IA); 
16167| 

| NTFS_CloseFile(IAFile); 
16168| } 



16169| SAFE_Free(IR); 
16170| 

| NTFS_CloseFile(IRFile); 
1 61 71 1 return DirMftEntry; 

16172| } 
1 61 73 1 // should never get 

| here, but if we do 
16174| DoExit = TRUE; 

16175| }else 
16176| goto DoCompare; 

16177| }else{ 
16178| DoCompare: 
16179| 

| if(wcsncmp(Name,IE->FileName,min(IE->FileNameLength,Name 

| Length))<0) { 
16180| LessThan: 
16181| DoSubNodes: 

16182| // lets take the low 

| road 

16183| if(IE->Flags & 

| FLAGS_INDEX_SUBNODES) { 
16184| // impossible to 

| have subnodes and no allocation index 
16185| if(IAFile) { 

1 61 86| ULONGLONG VCN = 

| NTFS_GetSubNodesVCN(IE); 
16187| 

| SAFE_ReadWrite(IA); 
16188| Err = 

| NTFS_ReadFile( lAFile, 

| VCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA ); 
16189| 

|//_ASSERTE(IA->Allocatedl_ength<IASize); 
16190| 

16191| if((Err==0) && 

| (IA->Signature=='XDNI') && (NTFS_FixupRecord( 

| Volumelnfo, IA ))) { 
16192| 

| SAFE_ReadOnly(IA); 
16193| IE = 

| (PINDEX_ENTRY)&((BYTE*)IA)[0x1 8+IA->HeaderSize]; 
16194| #if0 
16195| 

| DLOG((TEXT("Reading VCN %l64d\n"),VCN)); 
16196| 

| DLOG((TEXT("Unknown = %016l64x, VCNOfBuffer=%l64d, 

| HeaderSize=%04x\n"), 
16197| 

| IA->Unknown, 
16198| 



I IA->VCNOfBuffer, 
16199| 

| IA->HeaderSize)); 
16200| 

| DLOG((TEXT( M Unknown2=%04x, Length=%08x, 

| AllocatedLength=%08x, Unknown3=%08x\n"), 
16201| 

| IA->Unknown2, 
16202| 

| IA->Length, 
16203| 

| IA->Allocatedl_ength, 
16204| 

| IA->Unknown3, 
16205| 

| IA->Fixup)); 
16206| #endif 



16207| }else{ 
16208| DoExit = 

| TRUE; 

16209| Err = 

| ERROR_DISK_CORRUPT; 
16210| } 
16211| }else{ 
16212| DoExit = TRUE; 

16213| Err = 

| ERROR_DISK_CORRUPT; 
16214| } 
16215| }else{ 
16216| // no files found 

16217| Err = 

| ERROR_FILE_NOT_FOUND; 
16218| DoExit = TRUE; 

16219| } 
16220| }else 
16221| 



| if(wcsncmp(Name,IE->FileName,min(IE->FileNameLength,Nairie 
| Length))>0) { 
16222| GreaterThan: 

16223| // lets take the high 

| road. 
16224| 

| ((BYTE*)IE)+=NTFS_lndexEntrySize(IE); 
16225| }else{ 
1 6226| // at this point, we 

| have the following condition 
16227| //1. 

| NameLength!=FN->FileNamel_ength 
16228| 1/2. First X chars of 

| Y match Z 



16229| //example: 

16230| // FN->FileName = 

| 'SYS' Length=3 
16231| // Name 

| 'SYSTEM' Length=6 
16232| 

| if (Namel_ength>l E->FileNamel_ength) 
1 6233 1 goto GreaterThan; 

16234| else 
16235| goto LessThan; 

16236| } 
16237| } 
16238| }// not last node 

16239| }//while(!DoExit) 
16240| if (I A) 

16241| SAFE_Free(IA); 
16242| }else{ 

1 6243| DLOG((TEXT("Error %08x reading from 

| Index root\n"),Err)); 
16244| } 

16245| SAFE_Free(IR); 
16246| }else{ 

1 6247| D LOG ((TEXT( M Error, out of memory\n M ))); 

16248| Err = ERROR_OUTOFMEMORY; 

16249| } 

16250| if(IAFile) 

1 6251 1 NTFS_CloseFile(IAFile); 

16252| NTFS_CloseFile(IRFile); 

16253| }else{ 

1 6254| // user passed in a filename as a path, example 

| : \winnt\system32\calc.exe\file 
1 6255| DLOG((TEXT("Not a directory\n M ))); 
16256| Err = ERROR_PATH_NOT_FOUND; 
16257| } 

1 6258| SetLastError(Err); 
16259| return (ULONGLONG)-I ; 
16260| } 
16261| 

16262| ULONGLONG DirWalkDir( tVolumelnfo *Volumelnfo, 

| PNTFS_File lAFile, ULONGLONG lASize, P I N D EX_A LLOC AT I O N 
| IA, PINDEX_ENTRY IE, int Level, ULONGLONG *Count ) 

16263| { 

16264| ULONG Err; 
16265| 

1 6266| //DLOG((TEXT("%-*.*s 

| VCN=%01 6l64x\n"),Level*3,Level*3,TEXT(" 

| "),MyVCN)); 
16267| while(1){ 

16268| if(IE->Flags & FLAGS_INDEX_SUBNODES) { 
16269| if (lAFile) { 



1 6270| ULONGLONG MyVCN = 

| IA->VCNOfBuffer.QuadPart; 
1 6271 1 ULONGLONG VCN = 

| NTFS_GetSubNodesVCN(IE); 
1 6272| SAFE_ReadWrite(IA); 
1 6273| Err = NTFS_ReadFile( lAFile, 

| VCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA); 
1 6274| _ASSERTE(IA->AllocatedLength<IASize); 
16275| 

16276| jf((Err — 0) && (IA->Signature=='XDNI') 

| && (NTFS_FixupRecord( Volumelnfo, IA ))) { 
16277| PINDEX_ENTRY NewIE; 

1 6278| _ASSERTE(IA->VCNOfBuffer.QuadPart 

| == VCN); 
16279| SAFE_ReadOnly(IA); 
16280| NewIE = 

| (PINDEX_ENTRY)&((BYTE*)IA)[0x1 8+IA->HeaderSize]; 
1 6281 1 DirWalkDir( Volumelnfo, lAFile, 

| lASize, IA, NewIE, Level+1, Count ); 
16282| //if not the root 

16283| if(MyVCN!=(ULONGLONG)-1) { 

1 6284| // read our data again 

1 6285| SAFE_ReadWrite(IA); 
1 6286| Err = NTFS_ReadFile( lAFile, 

| MyVCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA 

I); 

16287| 

| _ASSERTE(IA->AllocatedLength<IASize); 
1 6288 1 // already passed test above so 

| we dont need to check again... 
1 6289| NTFS_FixupRecord( Volumelnfo, 

I "A); 

16290| SAFE_ReadOnly(IA); 
16291| } 
16292| }else{ 

1 6293| SetLastError(ERROR_DISK_CORRUPT); 
1 6294| return (ULONGLONG)-I ; 

16295| } 
16296| }else{ 

16297| SetLastError(ERROR_DISK_CORRUPT); 

1 6298| return (ULONGLONG)-I ; 

16299| } 

16300| } 

16301| 

16302| if(!(IE->Flags & F LAG S_l N D EX L AST) ) { 
16303| if(IE->FileNameType != FILENAME_DOS) 

16304| #if 1 

16305| DLOG((TEXT( M %04l64x: %012l64x 

| %-*.*s\n"), 
16306| fCount), 



16307| IE->DirectoryMft, 

1 6308| I E->FileNamel_ength, 

1 6309| I E->FileNameLength, 

16310| IE->FileName 

16311| )); 

16312| 

16313| #else 

16314| DLOG(( 

16315| TEXT("%-*.*s ") 

1 631 6| TEXT("DirectoryMft=%01 2l64x, 

| SequenceNumber=%04l64x, ") 
1 631 7| TEXT("EntrySize=%04x, DataSize=%04x 

| (%04x), Flags=%08x, ") 
16318| TEXT("MyDirectoryEntry=%012l64x, 

| MySequenceNumber=%04l64x, ") 
16319| 

| TEXT("AllocatedAttributeSize=%01 6l64x, 

| AttributeSize=%016l64x, ") 
1 6320| TEXT("Attributes=%01 6l64x (%s), ") 

16321| TEXT( M %-*.*s\n M ), 
1 6322 1 Level*3,Level*3,TEXT(" 

I"), 

16323| IE->DirectoryMft, 

| IE->SequenceNumber, IE->EntrySize, 
16324| 

| IE->DataSize,IE->EntrySize-IE->DataSize, IE->Flags, 
16325| IE->MyDirectoryEntry, 

| IE->MySequenceNumber, 
1 6326| I E->AllocatedAttributeSize, 

| IE->AttributeSize, IE->Attributes, 

| GetDosAttributes(IE->Attributes.LowPart), 
1 6327| I E->FileNameLength, 

1 6328| I E->FileNamel_ength, 

16329| IE->FileName 
16330| )); 
16331| #endif 
16332| (*Count)++; 
16333| 

16334| }else 
1 6335| break; 
16336| 

16337| ((BYTE*)IE)+=NTFS_lndexEntrySize(IE); 
16338| } 

16339| SetLastError(O); 

16340| return (ULONGLONG)-I ; 

16341| } 

16342| 

16343| ULONGLONG DisplayFileslnDir( tVolumelnfo *Volumelnfo, 

| ULONGLONG MftEntry ) 
16344| { 



16345| PNTFS_File IRFile=NTFS_OpenFileByNumber( 
| Volumelnfo, MftEntry, INDEX_ROOT_ATTR, NULL ); 
16346| ULONG Err=0; 
16347| if(IRFile) { 

16348| PNTFS_File lAFile = NTFS_OpenFileByNumber( 
| Volumelnfo, MftEntry, INDEX_ALLOCATION_ATTR, NULL ); 

16349| ULONGLONG IRSize = NTFS_GetFileSize(IRFile); 

16350| PINDEX_ROOT IR 
| SAFE_Alloc((ULONG)IRSize); 

16351| 

1 6352| //DumpMft(Volumelnfo,IAFile->Mft); 
16353| if(IR){ 

16354| PINDEX_ENTRY IE = 

| (PINDEX_ENTRY)(IR+1); 
16355| Err = NTFS_ReadFile( IRFile, 0, IRSize, IR 

I); 

16356| SAFE_ReadOnly(IR); 
16357| 

16358| if(!Err){ 

16359| ULONGLONG lASize; 

16360| PINDEX_ALLOCATION IA=NULL; 

16361| ULONGLONG Count=0; 
16362| 

16363| if(IAFile) { 

16364| lASize = IR->SizeOf Index; 

16365| IA = 

| SAFE_Alloc((ULONG)IASize); 

16366| if(IA){ 

16367| IA->VCNOfBuffer.QuadPart = 

| (ULONGLONG)-I; 

16368| SAFE_ReadOnly(IA); 

16369| }else{ 

1 6370| Err = ERROR_OUTOFMEMORY; 

16371| } 

16372| } 
16373| 

16374| if (((IAFile!=NULL) && (IA!=NULL)) || 

16375| ((IAFile==NULL))) { 

16376| DirWalkDir(Volumelnfo, lAFile, 

| lASize, IA, IE, 0,&Count ); 

1 6377| DLOG((TEXT("Total files = 

| %l64d\n"),Count)); 

16378| } 
16379| 

16380| if (I A) 

16381| SAFE_Free(IA); 

16382| }else{ 

1 6383| DLOG((TEXT("Error %08x reading from 

| Index root\n"),Err)); 

16384| } 



16385| 
16386| 
16387| 
16388| 
16389| 
16390| 
16391| 



SAFEFree(IR); 



} else { 

DLOG((TEXT("Error, out of memory\n"))); 
Err = ERROR_OUTOFMEMORY; 



if(IAFile) 

NTFS_CloseFile(IAFile); 



16392| NTFS_CloseFile(IRFile); 
16393| }else{ 

1 6394| // user passed in a filename as a path, example 

| : \winnt\system32\calc.exe\file 
1 6395| DLOG((TEXT("Not a directory\n"))); 
1 6396| Err = ERROR_PATH_NOT_FOUND; 
16397| } 

16398| SetLastError(Err); 

1 6399| return (ULONGLONG)-I ; 

16400| } 

16401| 

16402| BOOL DirWalkToEntryNum(tVolumelnfo *Volumelnfo, 

| PNTFS_File lAFile, ULONGLONG lASize, PINDEX_ALLOCATION 

| IA, PINDEX_ENTRY IE, int Level, ULONGLONG *Count, 

| ULONGLONG EntryNum, LPWIN32_FIND_DATA IpFindFileData ) 

16403| { 

16404| ULONG Err; 
16405| 

16406| //DLOG((TEXT("%-*.*s 

| VCN=%01 6l64x\n"),Level*3,Level*3,TEXT(" 

| "),MyVCN)); 
16407| while(1){ 

1 6408| if(IE->Flags & FLAGS_INDEX_SUBNODES) { 

16409| if(IAFile) { 

1 641 0| ULONGLONG MyVCN = 

| IA->VCNOfBuffer.QuadPart; 
16411| ULONGLONG VCN = 

| NTFS_GetSubNodesVCN(IE); 
16412| SAFE_ReadWrite(IA); 
16413| Err = NTFS_ReadFile( lAFile, 

| VCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA ); 
16414| _ASSERTE(IA->AllocatedLength<IASize); 



16415| 

1 641 6| if((Err==0) && (IA->Signature=='XDNI') 



| && (NTFS_FixupRecord( Volumelnfo, IA ))) { 
16417| PINDEX_ENTRY NewIE; 

1 641 8| _ASSERTE(I A->VCNOf Buffer.QuadPart 



| == VCN); 
16419| SAFE_ReadOnly(IA); 
16420| NewIE = 



| (PINDEX_ENTRY)&((BYTE*)IA)[0x1 8+IA->HeaderSize]; 
1 6421 1 if (DirWalkToEntryNum( Volumelnfo, 



| lAFile, lASize, IA, NewIE, Level+1 , Count, EntryNum, 



I IpFindFileData )){ 
16422| return (TRUE); 

16423| }//if not the root 

1 6424| if(MyVCN!=(ULONGLONG)-1 ) { 

1 6425| // read our data again 

1 6426| SAFE_ReadWrite(IA); 
1 6427| Err = NTFS_ReadFile( lAFile, 

| MyVCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA 

I); 

16428| 

| _ASSERTE(IA->AllocatedLength<IASize); 
1 6429 1 // already passed test above so 

| we dont need to check again... 
1 6430| NTFS_FixupRecord( Volumelnfo, 

I "A); 

16431 1 SAFE_ReadOnly(IA); 
16432| } 
16433| }else{ 

1 6434| SetLastError(ERROR_DISK_CORRUPT); 
16435| return (FALSE); 

16436| } 
16437| }else{ 

16438| SetLastError(ERROR_DISK_CORRUPT); 

16439| return (FALSE); 

16440| } 

16441| } 

16442| 

16443| if(!(IE->Flags & F LAG S_l N D EX_L AST) ) { 
16444| if(IE->FileNameType != FILENAME DOS) { 

16445| #if 0 

16446| DLOG((TEXT( M %04l64x: %012l64x 

| %-*.*s\n"), 
16447| (*Count), 
1 6448| I E->DirectoryMft, 

1 6449| I E->FileNameLength, 

1 6450| I E->FileNameLength, 

16451| IE->FileName 
16452| )); 
16453| //#else 
16454| DLOG(( 
16455| TEXT( M %-*.*s ") 

16456| TEXT("DirectoryMft=%012l64x, 

| SequenceNumber=%04l64x, ") 
16457| TEXT("EntrySize=%04x, DataSize=%04x 

| (%04x), Flags=%08x, ") 
16458| TEXT("MyDirectoryEntry=%012l64x, 

| MySequenceNumber=%04l64x, ") 
16459| 

| TEXT("AllocatedAttributeSize=%01 6l64x, 
| AttributeSize=%016l64x, ") 



16460| 
16461| 
16462| 



TEXT("Attributes=%016l64x (%s), ") 

TEXT("%-*.*s\n"), 

Level*3,Level*3,TEXT(" 



I"), 
16463| 



IE->DirectoryMft, 



| IE->SequenceNumber, IE->EntrySize, 
16464| 

| IE->DataSize,IE->EntrySize-IE->DataSize, IE->Flags, 



| (lpFindFileData->cFileName,IE->FileName,IE->FileNameLeng 
Ith); 
16475| 

| lpFindFileData->cFileName[IE->FileNameLength] = 0; 
16476| 

16477| return TRUE; 

16478| } 

16479| (*Count)++; 

16480| 

16481| }else 
16482| break; 
16483| 

16484| ((BYTE*)IE)+=NTFS_lndexEntrySize(IE); 
16485| } 

16486| return FALSE; 

16487| } 

16488| 

16489| BOOL FindEntryNumlnDir( tVolumelnfo *Volumelnfo, 
| ULONGLONG MftEntry, ULONGLONG EntryNum, 
| LPWIN32_FIND_DATA IpFindFileData ) 

16490| { 

16491| BOOL Found; 

16492| PNTFS_File IRFile=NTFS_OpenFileByNumber( 
| Volumelnfo, MftEntry, INDEX_ROOT_ATTR, NULL ); 
16493| ULONG Err=0; 
16494| if(IRFile) { 

16495| PNTFS_File lAFile = NTFS_OpenFileByNumber( 

| Volumelnfo, MftEntry, INDEX_ALLOCATION_ATTR, NULL ); 
16496| ULONGLONG IRSize = NTFS_GetFileSize(IRFile); 



16465| IE->MyDirectoryEntry, 
| IE->MySequenceNumber, 



1 6466| IE->AllocatedAttributeSize, 
| IE->AttributeSize, IE->Attributes, 
| GetDosAttributes(IE->Attributes.LowPart), 



16467| IE->FileNameLength, 

16468| IE->FileNameLength, 

16469| IE->FileName 

16470| )); 
16471| #endif 

16472| } 

1 6473| if (*Count==EntryNum) { 

1 6474| wcsncpy 



16497| PINDEX_ROOT IR = 

| SAFE_Alloc((ULONG)IRSize); 
16498| 

1 6499| //DumpMft(Volumelnfo,IAFile->Mft); 
16500| if(IR){ 

16501| PINDEX_ENTRY IE = 

| (PINDEX_ENTRY)(IR+1); 
16502| Err = NTFS_ReadFile( IRFile, 0, IRSize, IR 

I); 

16503| SAFE_ReadOnly(IR); 
16504| 

16505| if(!Err){ 

16506| ULONGLONG lASize; 

16507| PINDEXALLOCATION IA=NULL; 

16508| ULONGLONG Count=0; 

16509| 

16510| if(IAFile) { 

1 651 1 1 lASize = IR->SizeOf Index; 

16512| IA 

| SAFE_Alloc((ULONG)IASize); 
16513| if(IA){ 

1 651 4| IA->VCNOfBuffer.QuadPart = 

| (ULONGLONG)-I; 
16515| SAFE_ReadOnly(IA); 
16516| }else{ 

1 651 7| Err = ERROR_OUTOFMEMORY; 

16518| } 
16519| } 
16520| 

16521| if (((IAFile!=NULL) && (IA!=NULL)) || 

16522| ((IAFile==NULL))) { 

16523| Found = 

| (DirWalkToEntryNum(Volumelnfo, lAFile, lASize, IA, IE, 

| 0,&Count, EntryNum, IpFindFileData )); 
1 6524| DLOG((TEXT("Total files = 

| %l64d\n"),Count)); 
16525| #if 0 

16526| DLOG((TEXT("%04l64x: %012l64x 

| %-*.*s\n"), 



16527| 


(Count), 


16528| 


IE->DirectoryMft, 


16529| 


IE->FileNameLength, 


16530| 


IE->FileNameLength, 


16531| 


IE->FileName 


16532| 


)); 


16533| #endif 




16534| 


} 


16535| 




16536| 


if(IA) 


16537| 


SAFEFree(IA); 



16538| }else{ 

1 6539| DLOG((TEXT("Error %08x reading from 

| Index root\n"),Err)); 
16540| } 
16541| SAFE_Free(IR); 
16542| }else{ 

1 6543| DLOG((TEXT("Error, out of memory\n"))); 

1 6544| Err = ERROR_OUTOFMEMORY; 

16545| } 

16546| if(IAFile) 

16547| NTFS_CloseFile(IAFile); 

16548| NTFS_CloseFile(IRFile); 

16549| }else{ 

1 6550| // user passed in a filename as a path, example 

| : \winnt\system32\calc.exe\file 
1 6551 1 DLOG((TEXT("Not a directory\n"))); 
1 6552| Err = ERROR_PATH_NOT_FOUND; 
16553| } 

16554| SetLastError(Err); 
16555| return Found; 
16556| } 
16557| 

16558| BOOL StepToNextlndex( PNTFS_FIND_INFO Fl, tVolumelnfo 

| *Volumelnfo, LPWIN32FIN D_D AT A IpFindFileData ) 
16559| { 

16560| ULONG Err; 
16561| 

1 6562| if (1 ){ //(ISorryShowsAIIOverFolks) { 
16563| 

16564| //DLOG((TEXT("%-*.*s 

| VCN=%01 6l64x\n"),Level*3,Level*3,TEXT(" 

| "),MyVCN)); 
16565| 

1 6566| // //We start by following wherever the tree leads 

| passing any DOS names on the way 
1 6567| // while((FI->DeepestNode->IE->Flags & 

| FLAGS_INDEX_SUBNODES) || ((FI->DeepestNode->IE->Flags & 

| FLAGS_INDEX_LAST)) || 

| (FI->DeepestNode->IE->FileNameType == FILENAME_DOS)) { 
16568| PNODE NodeElect; 

16569| while(FI->DeepestNode->IE->Flags & 

| FLAGS_INDEX_SUBNODES) { 
16570| 

16571| if(FI->IAFile) { 

16572| ULONGLONG MyVCN = 

| FI->DeepestNode->IA->VCNOfBuffer.QuadPart; 
1 6573| ULONGLONG VCN = 

| NTFS_GetSubNodesVCN(FI->DeepestNode->IE); 
16574| 

16575| NodeElect= 



I SAFE_Alloc((ULONG)(sizeof(tNODE))); 
16576| if(NodeElect) { 

16577| PINDEX_ALLOCATION NewlA = 

| SAFE_Alloc((ULONG)FI->IR->SizeOflndex); 
16578| if (NewlA) { 

1 6579 1 // what's this all about 

1 6580| //not needed anymore?? IA->VCNOfBuffer.QuadPart = 

| (ULONGLONG)-I; 
1 6581 1 Err = NTFS_ReadFile( 

| FI->IAFile, VCN*NTFS_ClusterSizelnBytes(Volumelnfo), 

| FI->IR->SizeOf Index, NewlA); 
16582| 

| _ASSERTE(NewlA->AllocatedLength<FI->IR->SizeOflndex); 
16583| if((Err==0) && 

| (NewlA->Signature=='XDNI') && (NTFS_FixupRecord( 

| Volumelnfo, NewlA ))) { 
16584| //NNAM?? PINDEX ENTRY NewIE; 

16585| 

| _ASSERTE(NewlA->VCNOfBuffer.QuadPart == VCN); 
16586| SAFE_ReadOnly(NewlA); 
1 6587| //Now we've built a new 

| node, link it in 
16588| 

| NodeElect->ShallowerNode = FI->DeepestNode; 
1 6589| NodeElect->IA = NewlA; 

16590| NodeElect->IE = 

| (PINDEX_ENTRY)&((BYTE*)NewlA)[0x18+NewlA->HeaderSize]; 
1 6591 1 F I -> Deepest Node = 

| NodeElect; 
16592| 

16593| /* if (DirWalkToEntryNum( 

| Volumelnfo, lAFile, lASize, IA, NewIE, 

| Level+1,Count,EntryNum, IpFindFileData )){ 
16594| return (TRUE); 

16595| }//if not the root 

16596| 

| if(MyVCN!=(ULONGLONG)-1) { 
16597| // read our data 

| again 

1 6598| SAFE_ReadWrite(IA); 
16599| Err = 

| NTFS_ReadFile( lAFile, 

| MyVCN*NTFS_ClusterSizelnBytes(Volumelnfo), lASize, IA 

I); 

16600| 

| _ASSERTE(IA->AllocatedLength<IASize); 
1 6601 1 // already passed 

| test above so we dont need to check again... 
1 6602| NTFS_FixupRecord( 

| Volumelnfo, IA ); 



16603| SAFE_ReadOnly(IA); 
16604| } 
16605| 7 

16606| }else{ 
16607| 

| SetLastError(ERROR_DISK_CORRUPT); 
16608| return (FALSE); 

16609| } 

1 661 0 1 // Gotta make sure all 

| these errors get all the way back 
16611| }else{ 

16612| Err = ERROR_OUTOFMEMORY; 

16613| } 
16614| }else{ 

1 661 5| Err = ERROR_OUTOFMEMORY; 

16616| } 
16617| }else{ 

16618| SetLastError(ERROR_DISK_CORRUPT); 

16619| return (FALSE); 

16620| } 

16621| } 

16622| 

16623| while ((FI->DeepestNode->IE->Flags & 

| FLAGS_INDEX_LAST)) { 
1 6624| //Delink and release deepest node here 

1 6625| if ((BYTE*)FI->DeepestNode == 

| (BYTE*)&FI->DeepestNode) { 
16626| SetLastError(ERROR_NO_MORE_FILES); 
16627| return (FALSE); 

16628| } 

1 6629| SAFE_Free(FI->DeepestNode->IA); 
16630| NodeElect = 

| FI->DeepestNode->ShallowerNode; 
1 6631 1 SAFE_Free(FI->DeepestNode); 
16632| FI->DeepestNode = NodeElect; 

16633| } 

1 6634| // } //We'll only get to here when we'Ve followed 

| got through the tree to a valid file 
16635| 
16636| 

16637| }else{ 

16638| return FALSE; 

16639| } 

16640| return TRUE; 

16641| } 

16642| 

16643| 

16644| r 

16645| 

16646| 



16647| #if 0 




16648| 


DLOG((TEXT("%04l64x: 


| %-*.*s\n M ), 




16649| 


(*Count), 


16650| 


IE->DirectoryMft, 


16651| 


1 E->FileNamel_ength, 


16652| 


IE->FileNameLength, 


16653| 


IE->FileName 


16654| 


)) 


16655| //#else 




16656| 


DLOG(( 


16657| 


TEXT("%-*.*s ") 


16658| 


TEXT("DirectoryMft=°/ 



| SequenceNumber=%04l64x, ") 
16659| TEXT("EntrySize=%04x, DataSize=%04x 

| (%04x), Flags=%08x, ") 
16660| TEXT("MyDirectoryEntry=%012l64x, 

| MySequenceNumber=%04l64x, ") 
16661| 

| TEXT("AllocatedAttributeSize=%01 6l64x, 

| AttributeSize=%016l64x, ") 
1 6662| TEXT("Attributes=%01 6l64x (%s), ") 

16663| TEXT( M %-*.*s\n M ), 
1 6664| Level*3,l_evel*3,TEXT(" 

I"), 

16665| IE->DirectoryMft, 

| IE->SequenceNumber, IE->EntrySize, 
16666| 

| IE->DataSize,IE->EntrySize-IE->DataSize, IE->Flags, 
16667| IE->MyDirectoryEntry, 

| IE->MySequenceNumber, 
1 6668| I E->AllocatedAttributeSize, 

| IE->AttributeSize, IE->Attributes, 

| GetDosAttributes(IE->Attributes.LowPart), 
1 6669| I E->FileNameLength, 

16670| IE->FileNameLength, 
16671| IE->FileName 
16672| )) 
16673| #endif 
16674| ; 
16675| 
16676| 7 
16677| 

16678| BOOL OpenlndexRoot( PNTFS_FIND_INFO Fl, tVolumelnfo 
| *Volumelnfo, ULONGLONG MftEntry, LPWI N32 FI N D_D ATA 
| IpFindFileData ) 

16679| { 

16680| // BOOL Found; 
16681| ULONG Err=0; 

16682| FI->IRFile=NTFS_OpenFileByNumber( Volumelnfo, 



I MftEntry, I N D EX_ROOT_ATTR, NULL); 
16683| if(FI->IRFile) { 

16684| FI->IAFile = NTFS_OpenFileByNumber( 

| Volumelnfo, MftEntry, I N D EX ALLOC ATI ONATTR , NULL ); 
16685| FI->IRSize = NTFS_GetFileSize(FI->IRFile); 
16686| FI->IR = SAFE_Alloc((ULONG)FI->IRSize); 
16687| 

1 6688| //DumpMft(Volumelnfo,IAFile->Mft); 
16689| if(FI->IR){ 

16690| FI->IE = (PINDEX_ENTRY)(FI->IR+1); 

16691 1 Err = NTFS_ReadFile( FI->IRFile, 0, 

| FI->IRSize, FI->IR ); 
16692| SAFE_ReadOnly(FI->IR); 
16693| 

16694| if(!Err){ 
16695| 

| FI->DeepestNode=(PNODE)&FI->DeepestNode; 
16696| return TRUE; 

16697| 
16698| r 

16699| ULONGLONG Count=0; 

16700| 

16701| if(FI->IAFile) { 

16702| FI->IASize = FI->IR->SizeOflndex; 

16703| FI->IA 

| SAFE_Alloc((ULONG)FI->IASize); 
16704| if(FI->IA){ 

1 6705| FI->IA->VCNOfBuffer.QuadPart = 

| (ULONGLONG)-I; 
16706| SAFE_ReadOnly(IA); 
16707| }else{ 

1 6708| Err = ERROR_OUTOFMEMORY; 

16709| } 
16710| } 
16711| 

16712| if (((IAFile!=NULL) && (IA!=NULL)) || 

16713| ((IAFile==NULL))) { 

16714| Found = 

| (DirWalkToEntryNum(Volumelnfo, lAFile, lASize, IA, IE, 

| 0,&Count, EntryNum, IpFindFileData )); 
1 671 5| DLOG((TEXT("Total files = 

| %l64d\n"),Count)); 
16716| #if 0 

1 671 7| DLOG((TEXT("%04l64x: %012l64x 

| %-*.*s\n"), 
16718| (Count), 
16719| IE->DirectoryMft, 
16720| IE->FileNameLength, 
1 6721 1 IE->FileNameLength, 
16722| IE->FileName 



16723| )); 

16724| #endif 

16725| } 

16726| if(IA) 

16727| SAFE_Free(IA); 

16728| 7 

16729| }else{ 

1 6730| DLOG((TEXT("Error %08x reading from 

| Index root\n"),Err)); 
16731| } 

1 6732| SAFE_Free(FI->IR); 
16733| }else{ 

1 6734| DLOG((TEXT("Error, out of memory\n M ))); 

16735| Err = ERROR_OUTOFMEMORY; 

16736| } 

16737| if(FI->IAFile) 

16738| NTFS_CloseFile(FI->IAFile); 

16739| NTFS_CloseFile(FI->IRFile); 

16740| }else{ 

1 6741 1 // user passed in a filename as a path, example 

| : \winnt\system32\calc.exe\file 
16742| DLOG((TEXT("Not a directory\n M ))); 
16743| Err = ERROR_PATH_NOT_FOUND; 
16744| } 

1 6745| SetLastError(Err); 
16746| return FALSE; 
16747| } 
16748| 
16749| /* 

1 6750| Opens file with its name. Type is the 

| attribute(stream) to open. 
1 6751 1 Must be a full path, not a relative path. 
16752| 7 

16753| PNTFS_File NTFS_OpenFileByName ( pVolumelnfo 

| Volumelnfo, WCHAR *Name, ULONG Type, WCHAR *AttrName ) 
16754| { 

1 6755| ULONGLONG MftEntry; 

1 6756| // we only can handle full paths 

16757| if(*Name==L'\Y) { 



16758| Name++; 
16759| 

16760| if(*Name=='\0') { 

1 6761 1 // special case for the root (Name passed 

| in was 'V) 

1 6762| // to open the Name way, open V 

1 6763| return NTFS_OpenFileByNumber( Volumelnfo, 

| FILE ROOT, Type, AttrName ); 
16764| }else{ 

1 6765| // look for the entry from the root 



| directory 



1 6766| MftEntry = NTFS_RecurseDir( Volumelnfo, 

| FILE_ROOT, Name ); 
1 6767| if(MftEntry!=(ULONGLONG)-1 ) { 

16768| return NTFS_OpenFileByNumber( 

| Volumelnfo, MftEntry, Type, AttrName ); 
16769| }else{ 

1 6770| DLOG((TEXT("Error %08x opening 

| file\n"),Getl_astError())); 
16771| } 
16772| 
16773| 
16774| 
16775| } 
16776| 
16777| r 
16778| 
16779| 7 

16780| ULONG NTFS_CloseFile( PNTFS_File File ) 
16781| { 

if (File) { 

f(File->Mft) 

SAFE_Free(File->Mft); 
f(File->VCNToLCNMappingTable) 

SAFE_Free(File->VCNToLCNMappingTable); 
f(File->Buffer) 

SAFE_Free(File->Buffer); 
f(File->CompressedBuffer) 

SAFE_Free(File->CompressedBuffer); 
f(File->UnCompressedBuffer) 
SAFE_Free(File->UnCompressedBuffer); 



} 

} 

return NULL; 



Closes the file and frees memory associated with it 



SAFE_Free(File); 



16782| 
16783| 
16784| 
16785| 
16786| 
16787| 
16788| 
16789| 
16790| 
16791| 
16792| 
16793| 
16794| 
16795| } 
16796| return 0; 
16797| } 
16798| 

16799| ULONG NTFS_ReadCompressedCluster( PNTFS_File File, 
16800| ULONGLONG VCN, 

16801| ULONGLONG 

| *VCNInMemory, 
16802| PCHAR 

| CompressedBuffer, 
16803| PCHAR 

| UnCompressedBuffer ) 
16804| { 

16805| ULONGLONG LCN; 
16806| ULONG Count=0; 
16807| ULONG Err=0; 

16808| ULONG CS=NTFS_ClusterSizelnBytes(File->Volumelnfo); 
16809| //#define CS NTFS_ClusterSizelnBytes(File-> Volumelnfo) 



16810| 

1 681 1 1 (*VCNInMemory) = (VCN / 1 6) * 1 6; // rounded 

| down to nearest 1 6 clusters 
16812| 

16813| for(Count=0;Count<16;Count++) { 

16814| LCN = NTFS_VCNToLCN( File, (*VCNInMemory)+Count 

I); 

1 681 5| if(LCN !=(ULONGLONG)-1 ) { 

1 681 6| Err = NTFS_ReadLogicalCluster( 

| File->Volumelnfo, 
16817| LCN, 
16818| 1, 
16819| 

| &CompressedBuffer[Count*CS]); 
16820| }else{ 

1 6821 1 // sparse file area (which would only occur 

| if the file was 
16822| //compressed 

1 6823| memset(&CompressedBuffer[Count*CS],0,CS); 

16824| Err = 0; 

16825| } 

16826| if(Err) break; 

16827| } 

16828| if(!Err) 

16829| 

| NTFS_DecompressBuffer(UnCompressedBuffer,CompressedBuffe 
I r,16*CS); 
16830| 

16831| return Err; 
16832| } 
16833| 
16834| /* 

1 6835| Gets the size of the attribute(stream) specified in 
| the open 

1 6836| Note: This is NOT the same as the file size of the 

| file returned in a dir. To get 
1 6837| that information the File needs to be opened with 

| the ATTR_DATA stream or retrieved 
16838| from the FILENAME_ATTR or STANDARD_INFORMATION_ATTR 
16839| 7 

16840| ULONGLONG NTFS_GetFileSize ( PNTFS_File File ) 
16841| { 

1 6842| PATTRIBUTE Attribute = NTFS_GetAttributeByName( 
| File->Volumelnfo, File->Mft, File->Type, File->AttrName 

I); 

16843| if (Attribute) { 

1 6844| //DLOG((TEXT("File Size = 

| %l64d\n"),NTFS_GetDataSize(Attribute))); 
16845| return NTFS_GetDataSize(Attribute); 
16846| }else{ 



1 6847| DLOG((TEXT("Error getting attribute\n"))); 

1 6848| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 

16849| } 

1 6850| return (ULONGLONG)-I ; 
16851| } 
16852| 
16853| /* 

1 6854| This Writes the data of the Attribute(Stream) 

| specified in the open 
16855| 7 

16856| ULONG NTFS_WriteFile ( PNTFS_File File, 
16857| ULONGLONG ByteOffset, 

16858| ULONGLONG ByteCount, 

16859| P VOID Data) 

16860| { 

16861| PATTRIBUTE 

| Attribute=NTFS_GetAttributeByName(File->Volumelnfo,File- 

| >Mft,File->Type,File->AttrName); 
16862| ULONG Err; 
16863| 

16864| if(Attribute) { 
16865| 

1 6866| if(Attribute->Compressed) { 
1 6867| DLOG((TEXT("Compression not supported 

| now!!\n"))); 

16868| return ERROR_NOT_SUPPORTED; 

16869| } 

16870| 

1 6871 1 if(Attribute->NotResident) { 
16872| // data is on disk 

16873| ULONGLONG StartVCN = ByteOffset/ 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16874| ULONGLONG StartOffset = ByteOffset % 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16875| ULONGLONG LastVCN 

| (ByteOffset+ByteCount) / 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16876| ULONGLONG LastOffset = 

| (ByteOffset+ByteCount) % 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
1 6877| ULONGLONG VCN; // offset into file 

16878| ULONGLONG LCN; //offset into 

| volume 

16879| ULONGLONG Count = LastVCN + 

| (LastOffset ? 1 : 0); 
16880| ULONGLONG VCNInMemory = (ULONGLONG)-I ; 



16881| 
16882| 
16883| 
16884| 



SAFE_ReadWrite( File->Buffer ); 
for(VCN=StartVCN;VCN<Count;VCN++) { 
// how we are going to handle this, is 



I we will always read a cluster into memory 
1 6885| // modify the inmemory contents, and 

| write it out again. This is slow, but it will 
1 6886| // work for our needs and simplifies 

| the code needed to do the writes. 
16887| 

16888| LCN = NTFS_VCNToLCN( File, VCN ); 

16889| 

16890| if(LCN!=(ULONGLONG)-1) { 

1 6891 1 // read the cluster into memory 

1 6892| Err = NTFS_Readl_ogicalCluster( 

| File->Volumelnfo, 
16893| 

I LCN, 

16894| 1, 
16895| 

| File->Buffer); 
16896| }else{ 

1 6897| // sparse file area (which would 

| only occur if the file was 
16898| //compressed 
1 6899| // we dont support writing to 

| sparse areas as that would require 
1 6900 1 // code to extend the file 

| allocation maps 
16901| Err = ERROR_NOT_SUPPORTED; 

16902| } 
16903| 

16904| if(!Err) { 

1 6905| // now copy passed in data into 

| double buffer 
1 6906| if(VCN==StartVCN) { 

1 6907| if (VCN==LastVCN) { 

1 6908| // only 1 or less cluster 

| being copied 
1 6909| // TODO: length is an int 

| not an int64 

16910| 

| memcpy(&((BYTE*)File->Buffer)[StartOffset],Data,(unsigne 
| d int)(LastOffset-StartOffset)); 



1 691 1 1 (BYTE*)Data+=LastOffset; 

16912| }else{ 

16913| //VCN is first 

16914| 



| memcpy(&((BYTE*)File->Buffer)[StartOffset],Data,(unsigne 
Id 

| int)((NTFS_ClusterSizelnBytes(File->Volumelnfo))-StartOf 

I feel)); 
16915| 

| (BYTE*)Data+=NTFS_ClusterSizelnBytes(File->Volumelnfo); 



16916| } 

16917| }else 

1 691 8| if(VCN==LastVCN) { 

16919| //onlastVCN 

16920| 

| memcpy(File->Buffer,Data,(unsigned int)LastOffset); 
1 6921 1 (BYTE*)Data+=LastOffset; 
16922| }else{ 
1 6923| // VCN's in the middle 

16924| 

| memcpy ( File->Buff er, Data, (u nsigned 
| int)NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16925| 

| (BYTE*)Data+=NTFS_ClusterSizelnBytes(File->Volumelnfo); 
16926| } 
16927| 

1 6928| // now write cluster to disk 

1 6929| Err = NTFS_Writel_ogicalCluster( 

| File->Volumelnfo, 
16930| 

I LCN, 

16931| 1, 
16932| 

| File->Buffer); 
16933| if(Err) { 

1 6934| DLOG((TEXT("Error %08x writing 

| LCN %l64d VCN %l64d\n"),Err,LCN,VCN)); 
16935| } 
16936| 

16937| }else{ 

1 6938| DLOG((TEXT("Error %08x reading LCN 

| %l64d VCN %l64d\n"),Err,LCN,VCN)); 
16939| break; 
16940| } 
16941| } 

1 6942| SAFE_ReadOnly( File->Buffer ); 

16943| }else{ 

1 6944| // okay, we are now working on resident mft 

| attributes 

1 6945| // we will only replace the in memory 

| copies, until a NTFS_CommitFile is called 
1 6946| if (NTFS_GetDataSize(Attribute)==ByteCount) 

|{ 

1 6947| // okay, do a replacement 

1 6948| memcpy(Attribute,Data,(unsigned 

| long)ByteCount); 
16949| Err = 0; 

16950| }else{ 

1 6951 1 DLOG((TEXT("Byte count doesnt match 

| last attribute size\n"))); 



1 6952| Err = ERROR_INVALID_PARAMETER; 

16953| } 
16954| } 
16955| }else{ 

1 6956| DLOG((TEXT("Attribute %08x could not be 

| found\n"),File->Type)); 
16957| Err = ERROR_NO_ATTRIBUTE_FOUND; 
16958| } 
16959| return Err; 
16960| } 
16961| 
16962| 
16963| r 

1 6964| This commits the data of the Attribute(Stream) 

| specified in the open to disk 
16965| 7 

16966| ULONG NTFS_CommitFile ( PNTFS_File File ) 
16967| { 

16968| return NTFS_WriteMftEntryNumber( File->Volumelnfo, 

| File->MftEntryNum, File->Mft); 
16969| } 
16970| 
16971| /* 

1 6972| This reads the data of the Attribute(Stream) 

| specified in the open 
16973| 7 

16974| ULONG NTFS_ReadFile ( PNTFS_File File, 
16975| ULONGLONG ByteOffset, 

16976| ULONGLONG ByteCount, 

16977| PVOIDData) 
16978| { 

16979| PATTRIBUTE 

| Attribute=NTFS_GetAttributeByName(File->Volumelnfo,File- 

| >Mft,File->Type,File->AttrName); 
16980| ULONG Err; 
16981| 

16982| if (Attribute) { 
16983| 

1 6984| if(Attribute->Compressed) { 
16985| 

| if(Attribute->NonResidentData.CompressionEngine!=4) { 
16986| DLOG((TEXT("Unsupported compression 

| engine! !\n"))); 
16987| return ERROR_NOT_SUPPORTED; 

16988| } 
16989| } 
16990| 

1 699 1 1 if ( Attribute->NotResident) { 
16992| // data is on disk 

16993| ULONGLONG StartVCN = ByteOffset/ 



I (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
1 6994| ULONGLONG StartOffset = ByteOffset % 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16995| ULONGLONG LastVCN 

| (ByteOffset+ByteCount) / 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16996| ULONGLONG LastOffset = 

| (ByteOffset+ByteCount) % 

| (NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
16997| ULONGLONG VCN; // offset into file 

1 6998| ULONGLONG LCN; // offset into 

| volume 

1 6999| ULONGLONG Count = LastVCN + 

| (LastOffset ? 1 : 0); 
17000| ULONGLONG VCNInMemory = (ULONGLONG)-I ; 

17001| 

1 7002| SAFE_ReadWrite( File->Buffer ); 

17003| for(VCN=StartVCN;VCN<Count;VCN++) { 

1 7004| // read the cluster into memory 

17005| if(Attribute->Compressed) { 

17006| if((VCN < VCNInMemory) || (VCN >= 

| VCNInMemory+16)) { 
1 7007| // time to read compressed data 

| in 

17008| Err = 

| NTFS_ReadCompressedCluster( File, 
17009| 

| VCN, 
17010| 

| &VCNInMemory, 
17011| 

| File->CompressedBuffer, 
17012| 

| File->UnCompressedBuffer 
17013| 

I); 

17014| }else{ 

17015| // already in memory 

17016| } 

17017| 

| memmove(File->Buffer,&File->UnCompressedBuffer[(VCN-VCNI 
| nMemory)*NTFS_ClusterSizelnBytes(File->Volumelnfo)],NTFS 
| _ClusterSizelnBytes(File->Volumelnfo)); 



17018| }else{ 

17019| LCN = NTFS_VCNToLCN( File, VCN ); 
17020| 

17021| if(LCN!=(ULONGLONG)-1) { 

1 7022| Err = NTFS_ReadLogicalCluster( 



| File->Volumelnfo, 
17023| 



I LCN, 
17024| 

I 1. 
17025| 

| File->Buffer); 
17026| }else{ 
1 7027| // sparse file area (which 

| would only occur if the file was 
1 7028 1 // compressed 

17029| 

| memset(File->Buffer,0,NTFS_ClusterSizelnByfes(File->Volu 

| melnfo)); 
17030| Err = 0; 

17031| } 
17032| } 
17033| 

17034| if(!Err){ 
1 7035| // now copy into user buffer 

17036| if(VCN==StartVCN) { 

17037| if(VCN==LastVCN) { 

1 7038| // only 1 or less cluster 

| being copied 
1 7039| // TODO: length is an int 

| not an int64 

17040| 

| memcpy(Data,&((BYTE*)File->Buffer)[StartOffset],(unsigne 
| d int)(LastOffset-StartOffset)); 



1 7041 1 (BYTE*)Data+=LastOffset; 

17042| }else{ 

17043| //VCN is first 

17044| 



| memcpy(Data,&((BYTE*)File->Buffer)[StartOffset],(unsigne 
Id 

| int)((NTFS_ClusterSizelnBytes(File->Volumelnfo))-StartOf 
I feet)); 
17045| 

| (BYTE*)Data+=NTFS_ClusterSizelnBytes(File->Volumelnfo); 
17046| } 
17047| Jelse 
17048| if(VCN==LastVCN) { 

17049| //on last VCN 

17050| 

| memcpy( Data, File->Buffer, (unsigned int)LastOffset); 
1 7051 1 (BYTE*)Data+=LastOffset; 
17052| }else{ 
1 7053| // VCN's in the middle 

17054| 

| memcpy ( Data, File->Buffer, (u nsigned 
| int)NTFS_ClusterSizelnBytes(File->Volumelnfo)); 
17055| 



I (BYTE*)Data+=NTFS_ClusterSizelnBytes(File->Volumelnfo); 
17056| } 
17057| }else{ 

1 7058| DLOG((TEXT("Error %08x reading LCN 

| %l64d VCN %l64d\n"),Err,LCN,VCN)); 
17059| break; 
17060| } 
17061| } 

1 7062| SAFE_ReadOnly( File->Buffer ); 

17063| }else{ 

1 7064| // data is in mft 

17065| BYTE 

| *AttrData=NTFS_GetDataPointer(Attribute); 
17066| if(AttrData) { 

1 7067| // TODO: length is an int, not an 

| int64 

17068| 

| memcpy(Data,&AttrData[ByteOffset],min((unsigned 
| int)ByteCount,Attribute->ResidentData.Datal_ength)); 

1 7069| Err = NO_ERROR; 

17070| }else{ 

1 7071 1 DLOG((TEXT("Data for attribute not 

| found!!!\n"))); 

1 7072| Err = ERROR_NO_ATTRIBUTE_FOUND; 

17073| } 
17074| } 
17075| }else{ 

1 7076| DLOG((TEXT("Attribute %08x could not be 

| found\n"),File->Type)); 
1 7077| Err = ERROR_NO_ATTRIBUTE_FOUND; 
17078| } 
17079| return Err; 
17080| } 
17081| 
17082| r 

1 7083| returns the filename, file times, and sizes of the 
| file. 

1 7084| To minimize access to the disk, this routine gets 

| the attribute data from the current 
1 7085| mft that was opened, instead of opening the file 

| for the FILENAME_ATTR. This can be 
1 7086| done because FILENAME_ATTR attributes are always 

| resident and in the mft. But incase 
1 7087| i am wrong, that case is checked also.. ;) 
17088| 7 

17089| ULONG NTFS_GetFilelnfo( PNTFS_File File, PFILENAME FN ) 
17090| { 

1 7091 1 PNTFS_File FNFile; 
17092| ULONG Err=0; 

17093| PATTRIBUTE Attribute=NTFS_GetAttributeByName( 



I File->Volumelnfo, File->Mft, FILENAME_ATTR, NULL); 
17094| if (Attribute) { 

17095| PVOID Data=NTFS_GetDataPointer(Attribute); 
1 7096| // if the attribute is on disk, read it 
17097| if((!Data) || (Attribute->NotResident)) 
17098| goto DoFileWay; 

17099| 

1 71 00| // the attribute is in memory! 

17101| memcpy(FN,Data, sizeof (FILENAME)); 

17102| }else{ 

1 71 03| // attribute not found or 

17104| DoFileWay: 

17105| // attribute on disk 

17106| FNFile = NTFS_OpenFileByNumber ( 

| File->Volumelnfo, File->MftEntryNum, FILENAME_ATTR, 

| NULL); 
17107| 

17108| if(FNFile) { 

1 71 09| Err = NTFS_ReadFile(FNFile, 0, 

| sizeof (FILENAME), FN ); 
17110| if(Err) { 

17111| DLOG((TEXT("Error %08x reading 

| file\n"),Err)); 
17112| } 

17113| NTFS_CloseFile(FNFile); 
17114| }else{ 

17115| DLOG((TEXT("No filename attribute 

| found\n"))); 

17116| Err = ERROR_NO_ATTRIBUTE_FOUND; 

17117| } 

17118| } 

17119| return Err; 

17120| } 

17121| 

17122| /* 

1 71 23| if a file is compressed returns its compressed 

| size, otherwise -1 
17124| the compression ratio = NTFS_GetCompressedFileSize 

| / NTFS_GetFileSize; 
17125| 7 

17126| ULONGLONG NTFS_GetCompressedFileSize( PNTFS_File File ) 
17127| { 

1 71 28| PATTRIBUTE Attribute = NTFS_GetAttributeByName( 
| File->Volumelnfo, File->Mft, File->Type, File->AttrName 

I); 

17129| if (Attribute) { 

17130| // only non resident data can be compressed 
17131| if((Attribute->Compressed) && 

| (Attribute->NotResident)) { 
17132| DLOG((TEXT("Compressed File Size = 



I %l64d\n"),Attribute->NonResidentData.CompressedSize.Quad 

I Part)); 
17133| return 

| Attribute->NonResidentData.CompressedSize.QuadPart; 
17134| }else{ 
1 71 35| // not compressed 

17136| SetLastError(ERROR_NOT_COMPRESSED); 
17137| } 
17138| }else{ 

17139| DLOG((TEXT("Error getting attribute^"))); 

17140| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 

17141| } 

17142| return (ULONGLONG)-I ; 
17143| } 
17144| 
17145| /* 

1 71 46| deal with data run being external 
17147| 7 

17148| PVOID NTFS_GetDataRun(PATTRIBUTE Attribute, PNTFS_File 
| NtfsFile, pVolumelnfo Volumelnfo, ULONGLONG 
| MftEntryNum, ULONG Type, WCHAR *AttrName ) 

17149| { 

17150| ULONG Err; 

17151| PATTRIBUTE BaseAttribute=Attribute; 

17152| PVOID DataRun = NTFS_GetDataPointer( Attribute ); 

1 71 53 1 // Addresss the Attributelist attribute which is 

| the control mechanism for nonresident 
1 71 54| // attributes in which even the run lists are so 

| large they are also non resident. 
1 71 55| PATTRIBUTE pAttributeList = 

| NTFS_GetAttributeByName( Volumelnfo, NtfsFile->Mft, 

| ATTRIBUTE LIST ATTR, NULL ); 
17156| if (pAttributeList) { 

17157| // NOTE! All the following complication is to 

| enable collection... 
17158| // finish this thought and put 

| it in the right place. 

17159| 

,//... 



1 71 60 1 // TODOM WHAT if this AttributeList attribute 

| itself is non-resident. 
1 71 61 1 // Our info resource says that's possible!! And 

| could reasonably likely 
1 71 62 1 // happen for a very fragged file. 
1 71 63| // Of course it had better not need to have an 

| entry for itself !! 
1 71 64 1 //Start at 1 st Attribute record 
17165| PVOID DataRunComplex; 
17166| PVOID DataRunComplexLimit; 



1 71 67| ULONG This DataRun Part ; 

17168| PATTRIBUTE_LIST pAttributeExtension = 

| NTFS_GetDataPointer(pAttributeList) ; 
1 71 69 1 ULONG CountRun Extensions = 0 ; 
1 71 70 1 while (((BYTE*)pAttributeExtension < 

| (BYTE*)pAttributeList + pAttributeList->Length) && 

| (pAttributeExtension->Type <= Type)){ 
17171| //TODO What about names!! (Which brings 

| up the question- 
1 71 72| // is it the name of an individual 

| attribute or an attribute type?? 
1 71 73| if (pAttributeExtension->Type == Type) { 

17174| CountRunExtensions++ ; 

17175| } 

1 71 76| (BYTE*)pAttributeExtension += 

| sizeof(ATTRIBUTEJJST) ; 
17177| } 

1 71 78| if (CountRunExtensions) { 

17179| //TODO Tune this size!! Using simple max. 

| of total blocks for now 
17180| DataRunComplexLimit = DataRunComplex = 

| SAFE_Alloc(CountRunExtensions*(NTFS_MftByteSize(Volumeln 

I fo))); 

1 71 81 1 if (DataRunComplex) { 

17182| PMFT ExtensionMft = 

| SAFE_Alloc(NTFS_MftByteSize(Volumelnfo)); 
17183| if (ExtensionMft) { 

1 71 84 1 //Restart at 1 st Attribute record 

1 71 85| pAttributeExtension = 

| NTFS_GetDataPointer(pAttributel_ist); 
1 71 86| while (((BYTE*)pAttributeExtension 

| < (BYTE*)pAttributel_ist + pAttributeList->Length) && 

| (pAttributeExtension->Type <= Type)){ 
17187| // TODO What about names!! 

| (Which brings up the question- 
1 71 88| // is it the name of an 

| individual attribute or an attribute type?? 
17189| if (pAttributeExtension->Type 

I == Type) { 

17190| ULONGLONG TargetCluster ; 

17191| if 

| (pAttributeExtension->MFTEntry == 0) { 
17192| TargetCluster= 

| FindClusterForEntryNum( DataRun, 

| pAttributeExtension->MFTEntry) ; 
17193| }else{ 
17194| TargetCluster= 

| FindClusterForEntryNum( DataRunComplex, 

| pAttributeExtension->MFTEntry*Volumelnfo->NtfsBootSector 

| ->MFTRecordSize) ; 



17195| } 
17196| Err = 

| NTFS_ReadLogicalCluster(Volumelnfo,TargetCluster,Volumel 

| nfo->NtfsBootSector->MFTRecordSize, ExtensionMft) ; 
17197|/7/ if (!Err) "was an 

| opening curly baracket here!!!" 7 
1 71 98| //TODO Even more thorough 

| checks that it belongs 
17199| if((Err==0) && 

| (ExtensionMft->Signature=='ELIF') && (NTFS_FixupRecord( 

| Volumelnfo, ExtensionMft ))) { 
17200| Attribute = 

| NTFS_GetAttributeByName( Volumelnfo, ExtensionMft, 

| Type, AttrName ); 
17201| if (Attribute) { 

17202| //We've already 

| established base record says non resident so all 
17203| //extension 

| records presum. say same - or else where are we?? 
17204| 

| _ASSERTE(Attribute->NotResident) ; 
17205| //find its datarun 

17206| DataRun = 

| NTFS_GetDataPointer( Attribute ); 
17207| //find its 

| compressed data run length 
1 7208| ThisDataRunPart= 

| GetPackedDataRunl_ength( 

| DataRun,Attribute->NonResidentData.LastVCN.QuadPart-Attr 

| ibute->NonResidentData.StartingVCN.QuadPart+1 ); 
17209| //do I need an 

| error chk??? he doesn't 
17210| if 

| (GetByte(DataRunComplex,(0))) 
17211| 

| AdjustGapToRelative( DataRunComplex, DataRun, 
| DataRunComplexLimit ); 
17212| 

| memcpy(DataRunComplexLimit,DataRun,ThisDataRunPart); 
17213| (ULONG) 

| DataRunComplexLimit += ThisDataRunPart ; 
1 721 4| //update original 

| base mft's LastVCN to reflect extended complex. This is 

| OK cos 

17215| //we're only 

| changing memory value in aread-only environment!! 
17216| 

| BaseAttribute->NonResidentData.LastVCN.QuadPart = 
| Attribute->No n ResidentData. LastVCN . Qu ad Part; 
17217| }else{ 



17218| DLOG((TEXT("No %02x 

| attribute found in file!\n"),Type)); 
17219| 

| SetLastError(ERROR_NO_ATTRIBUTE_FOUND); 
17220| } 
17221| }else{ 

1 7222| DLOG((TEXT("Error %08x 

| reading Mft\n"),Err)); 
17223| SetLastError(Err); 
17224| } 

1 7225| // need to release and give 

| bad status 
17226| } 

1 7227| (BYTE*)pAttributeExtension += 

| sizeof(ATTRIBUTEJJST) ; 
17228| } 

1 7229| SAFE_Free(ExtensionMft); 
17230| return (DataRunComplex) ; 

17231| 
17232| 

17233| }else{ 

1 7234| DLOG((TEXT("Error out of 

| memory\n M ))); 

17235| SetLastError(ERROR_OUTOFMEMORY); 
17236| } 
17237| }else{ 

1 7238| DLOG((TEXT("Error out of memory\n M ))); 

1 7239| SetLastError(ERROR_OUTOFMEMORY); 
17240| } 
17241| return 0; 

17242| 

17243| } 
17244| } 

17245| return (DataRun) ; 

1 7246| // need to point datarun -> dataruncomplex 
17247| } 
17248| 
17249| /* 

17250| Fills in a array of the files logical clusters. 

1 7251 1 DataRun is the Data pointer of the non resident 

| attribute. 
17252| 7 

17253| ULONG M akeVC N To LCN Mapping ( PVOID DataRun, PDATA_RUN 

| MappingTable, ULONG NumRuns ) 
17254| { 

17255| ULARGEJNTEGER Cluster={0}; 
17256| ULARGEJNTEGER Length={0}; 
17257| ULONGLONG Run=0; 
17258| ULONG Offset=0; 
17259| ULONG Sparse=0; 



17260| 

1 7261 1 while(Run<NumRuns) { 
17262| 

| if(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) { 
17263| //DLOG((TEXT("Offset = %12d, 

| Cluster=%12l64d, Length=%12l64d, 

| Sparse=%d\n"),Offset,Cluster, Length, Sparse)); 
17264| if(!Sparse) 
17265| MappingTable[Run].CIuster = 

| Cluster.QuadPart; 
17266| else 

17267| MappingTable[Run].CIuster = 

| (ULONGLONG)-I; 
17268| 

1 7269| MappingTable[Run++]. Length = 

| Length. QuadPart; 
17270| }else{ 

17271 1 return ERROR_INVALID_RUN; 

17272| } 
17273| } 

17274| return NO_ERROR; 

17275| } 

17276| 

17277| // EntryNum is the MFT * ClustersPerMFT 
17278| // Datarun is BEGINNING of runs we have read so far 
17279| // so if we need to find entry 16 (ClustersPerMFT=2) 
| then 

17280| // we need to find cluster offset 16*2 = 32. 

17281| ULONGLONG FindClusterForEntryNum( PVOID DataRun, 

| ULONGLONG EntryNum) 
17282| { 

1 7283| ULARGEJNTEGER Cluster={0}; 

17284| ULARGEJNTEGER Length={0}; 

17285| ULONGLONG Run=0; 

17286| ULONG Offset=0; 

1 7287| ULONG Sparse=0; 

1 7288| ULONGLONG EntriesFound=0; 

17289| 

17290| while(1){ 
17291| 

| if(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) { 
17292| //DLOG((TEXT("Offset = %12d, 

| Cluster=%12l64d, Length=%12l64d, 

| Sparse=%d\n"),Offset,Cluster, Length, Sparse)); 
17293| if((EntryNum>=EntriesFound) && 

| (EntryNum<EntriesFound+Length.QuadPart)){ 
17294| return 

| (Cluster.QuadPart+EntryNum-EntriesFound) ; 
17295| } 

1 7296| EntriesFound += Length.QuadPart; 



17297| 
17298| 
17299| 



} else { 

SetLast E r ro r( E R RO R_l N V AL I D_R UN); 
return (ULONGLONG)-I ; 



17300| } 
17301| } 
17302| } 
17303| 

17304| /* When joining extension data runs into a data run 

| complex we need to 
1 7305| adjust the start LCN in the succeding runs from 

| absolute to be 
1 7306| relative to the starting LCN of the last run element 

| of the preceding data run. 
17307| 7 

17308| ULONGLONG AdjustGapToRelative( PVOID DataRunComplex, 

| PVOID DataRun, PVOID DataRunComplexLimit) 
17309| { 

17310| ULONG Offset=0; 
17311| ULONG Sparse=0; 

17312| CHAR Type = GetByte(DataRun,(Offset)); 

17313| CHAR HoldChar; 

17314| SHORT HoldShort; 

17315| // TRIBYTE HoldTriByte; 

17316| LONG HoldLong; 

17317| 

17318| // ULONGLONG LastLCNSoFar = (FindClusterForEntryNum( 

| DataRunComplex, ContinueVCN.QuadPart-1 )); 
17319| ULARGEJNTEGER LastLCNSoFar = 

| GetPackedDataRunFinalStartLCN( DataRunComplex, 

| DataRunComplexLimit ); 
1 7320| if (LastLCNSoFar.QuadPart) { 
17321| (Sparse) = 0; 
17322| 

17323| if(!Type) 
17324| return 0; 

17325| 

1 7326| (Offset) += GetLengthLength(Type)+1 ; 
17327| 

1 7328| switch(GetClusterLength(Type)) { 

1 7329| case 0: (Sparse) = 1 ; 

1 7330| //Am assuming a datarun can't start 

| with a sparse - but I'm worried. 
1 7331 1 //Obviously (maybe?) the first in 

| the complex can't but am not so 
1 7332| //sure of the start of subsequent 

| extension dataruns!! 
1 7333| //So I shouldnae be able to get 

| here and want to know if I do. 
1 7334| _ASSERTE (FALSE); 

17335| break; 



17336| #if 0 

1 7337| case 1 : PutChar(DataRun,(Offset), 

| GetChar( DataRu n, (Off set))-LastLCNSo Far. Quad Part) ; 
17338| break; 

1 7339| case 2: PutShort(DataRun,(Offset), 

| GetShort(DataRun,(Offset))-LastLCNSoFar); 
17340| break; 

1 7341 1 case 3 : PutTriByte(DataRun,(Offset), 

| GetTriByte(DataRun,(Offset))-LastLCNSoFar); 
17342| break; 

17343| case 4: Putl_ong(DataRun,(Offset), 

| GetLong(DataRun,(Offset))-LastLCNSoFar); 
17344| break; 
17345| #else 

17346| case 1 : HoldChar = 

| (UCHAR)(GetChar(DataRun,(Offset))-LastLCNSoFar.QuadPart) 

I ; 

1 7347| PutChar(DataRun,(Offset), HoldChar); 

17348| break; 
17349| case 2: HoldShort = 

| (USHORT)(GetShort(DataRun,(Offset))-LastLCNSoFar.QuadPar 

It); 

17350| 

| PutShort( DataRu n, (Offset) , Ho IdShort) ; 
17351| break; 
17352| case 3: HoldLong = 

| (ULONG)(GetTriByte(DataRun,(Offset))-LastLCNSoFar.QuadPa 

|rt); 
17353| 

| PutTriByte( DataRu n, (Off set) , HoldLong) ; 
17354| break; 
1 7355| case 4: HoldLong = 

| (ULONG)(GetLong(DataRun,(Offset))-LastLCNSoFar.QuadPart) 

I ; 

1 7356| PutLong(DataRun,(Offset),HoldLong); 
17357| break; 
17358| #endif 
17359| default: 

1 7360| DLOG((TEXT("Unable to decompress run 

| length of %d\n"),GetClusterLength(Type))); 
17361| break; 
17362| } 
17363| return 1; 
17364| }else{ 
17365| return 0; 
17366| } 
17367| } 
17368| 
17369| r 

1 7370| returns how many entries will be required to hold 



I the VCN to LCN conversion table 
17371| 7 

17372| ULONG GetDataRunl_ength( PVOID DataRun, ULONGLONG 

| NumClusters ) 
17373| { 

1 7374| ULARGEJNTEGER Cluster={0}; 

1 7375| ULARGEJNTEGER Length={0}; 

17376| ULONGLONG CurrentVCNEntry=0; 

17377| ULONG Offset=0; 

17378| ULONG Sparse=0; 

17379| ULONG Count=0; 

17380| 

1 7381 1 while(CurrentVCNEntry<NumClusters) { 
17382| 

| if(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) { 
17383| Count++; 

1 7384| CurrentVCNEntry+=Length.QuadPart; 
17385| }else{ 

1 7386| SetLastError(ERROR_INVALID_RUN); 
17387| return 0; 

17388| } 
17389| } 

17390| return Count; 
17391| } 
17392| 
17393| I* 

1 7394| returns the length of the compressed data run 
17395| 7 

17396| ULONG GetPackedDataRunLength( PVOID DataRun, ULONGLONG 

| NumClusters ) 
17397| { 

1 7398| ULARGEJNTEGER Cluster={0}; 

17399| ULARGEJNTEGER Length={0}; 

17400| ULONGLONG CurrentVCNEntry=0; 

17401| ULONG Offset=0; 

1 7402| ULONG Sparse=0; 

17403| ULONG Count=0; 

17404| 

17405| while(CurrentVCNEntry<NumClusters) { 
17406| 

| if(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) { 
17407| Count++; 

1 7408| CurrentVCNEntry+=Length.QuadPart; 
1 7409| // DLOG((TEXT(" %20d %20d 

| %20d \n"),Count,CurrentVCNEntry,Length.QuadPart)); 
17410| }else{ 

1741 1 1 SetLastError(ERRORJNVALIDRUN); 
17412| return 0; 

17413| } 
17414| } 



17415| return Offset; 
17416| } 
17417| 
17418| r 

17419| returns the final StartLCN of the compressed data 

| run 
17420| 7 

17421| ULARGEJNTEGER GetPackedDataRunFinalStartLCN( PVOID 

| DataRun, PVOID DataRunLimit) 
17422| { 

1 7423| ULARGEJNTEGER Cluster={0}; 

1 7424| ULARGE_INTEGER Length={0}; 

1 7425| ULONGLONG CurrentVCNEntry=0; 

17426| ULONG Offset=0; 

1 7427| ULONG Sparse=0; 

17428| ULONG Count=0; 

17429| 

17430| while((BYTE*)DataRun+Offset<(BYTE*)DataRunLimit) { 
17431| 

| if(GetRun(DataRun,&Offset,&Cluster,&Length,&Sparse)) { 
17432| Count++; 

1 7433| CurrentVCNEntry+=Length.QuadPart; 
1 7434| // DLOG((TEXT(" %20d %20d 

| %20d \n"),Count,CurrentVCNEntry,Length.QuadPart)); 
17435| }else{ 

1 7436| SetLastError(ERROR_INVALID_RUN); 
1 7437| Cluster.QuadPart=0; 
17438| return Cluster; 

17439| } 
17440| } 

17441| return Cluster; 
17442| } 
17443| 
17444| /* 

1 7445| Counts all the set bits(1 ) in a data block 
17446| 7 

17447| ULONGLONG CountSetBits( PVOID Data, ULONGLONG ByteCount 



1) 

17448| { 






17449| 


BYTE *Bytes = Data; 




17450| 


ULONGLONG i=0; 




17451| 


ULONGLONG Count=0; 




17452| 






17453| 


while(kByteCount) { 




17454| 


Count += (Bytes[i] & 0x80 ? 1 


0) 


17455| 


Count += (Bytes[i] & 0x40 ? 1 


0) 


17456| 


Count += (Bytesp] & 0x20 ? 1 


0) 


17457| 


Count += (Bytes[i] & 0x10 ? 1 


0) 


17458| 


Count += (Bytes[i] & 0x08 ? 1 


0) 


17459| 


Count += (Bytes[i] & 0x04 ? 1 


0) 



1 7460| Count += (Bytes[i] & 0x02 ? 1 : 0); 
1 7461 1 Count += (Bytes[i] & 0x01 ? 1 : 0); 
17462| i++; 
17463| } 

17464| return Count; 
17465| } 
17466| 
17467| I* 

1 7468| Counts all the clear(O) bits in a data block 
17469| 7 

17470| ULONGLONG CountClearBits( PVOID Data, ULONGLONG 
| ByteCount ) 



17471| { 






17472| 


BYTE *Bytes = Data; 




17473| 


ULONGLONG i=0; 




17474| 


ULONGLONG Count=0; 




17475| 






17476| 


while(kByteCount) { 




17477| 


Count += (Bytes[i] & 0x80 ? 0 


1 


17478| 


Count += (Bytes[i] & 0x40 ? 0 


1 


17479| 


Count += (Bytes[i] & 0x20 ? 0 


1 


17480| 


Count += (Bytes[i] & 0x10 ? 0 


1 


17481| 


Count += (Bytes[i] & 0x08 ? 0 


1 


17482| 


Count += (Bytes[i] & 0x04 ? 0 


1 


17483| 


Count += (Bytes[i] & 0x02 ? 0 


1 


17484| 


Count += (Bytes[i] & 0x01 ? 0 


1 


17485| 






17486| 


} 




17487| 


return Count; 




17488| } 






17489| 






17490| r 







1 7491 1 Calculates how much free space is available. It 

| does this by opening the bitmap file 
1 7492| (FILE_BITMAP) and reading the DATA_ATTR data, which 

| is a bitmap of which clusters are 
17493| in use. 1 means in use, 0 means free. 
17494| 7 

17495| ULONGLONG NTFS_GetNumFreeClusters( pVolumelnfo 

| Volumelnfo ) 
17496| { 

17497| PNTFS_File File; 

17498| ULONG Err = 0; 

17499| ULONGLONG NumClusters = 0; 

17500| ULONG ReadSize = 32768; 

17501| 

17502| File = NTFS_OpenFileByNumber( Volumelnfo, 

| FILE_BITMAP, DATA_ATTR, NULL ); 
17503| if (File) { 

17504| ULONGLONG FileSize = 



I NTFS_GetFileSize(File); 
17505| BYTE *Data 

| SAFE_Alloc(ReadSize); 
17506| ULONGLONG BytePos = 0; 
17507| 

17508| if(Data){ 

17509| while(BytePos<FileSize) { 

1 751 0| if(BytePos+ReadSize>FileSize) 

17511| ReadSize = 

| (ULONG)(FileSize-BytePos); 
17512| 

17513| Err = NTFS_ReadFile(File, BytePos, 

| ReadSize, Data); 
17514| if(!Err){ 

1 751 5| NumClusters += CountClearB its (Data, 

| ReadSize); 
17516| BytePos+=ReadSize; 
17517| }else{ 

1 751 8| NumClusters = (ULONGLONG)-I ; 

17519| DLOG((TEXT("Error %08x reading 

| attribute data\n"),Err)); 
17520| SetLastError(Err); 
17521| break; 
17522| } 
17523| } 

17524| SAFE_Free(Data); 
17525| }else{ 

1 7526| DLOG((TEXT("Error, out of memory\n"))); 

1 7527| SetLastError(ERROR_OUTOFMEMORY); 
17528| } 

17529| NTFS_CloseFile(File); 
17530| }else{ 

1 7531 1 DLOG((TEXT("Unable to open file, 

| error=%08x\n"),GetLastError())); 
17532| } 

17533| return NumClusters; 
17534| } 
17535| 
17536| r 

1 7537| Reads the cluster specified 
17538| 7 

17539| ULONG NTFS_ReadLogicalCluster( pVolumelnfo Volumelnfo, 

| ULONGLONG Cluster, ULONG NumClusters, PVOID Buffer ) 
17540| { 

17541| ULONG Err; 

1 7542| //DLOG((TEXT("Reading sector %12l64d 

| (Cluster=%12l64d)\n"),NTFS_ClusterToPhysical(Volumelnfo, 
| Cluster),Cluster)); 

17543| Err = DASD_Read( Volumelnfo->LockHandle, 

17544| 



I NTFS_ClusterToPhysical(Volumelnfo,Cluster), 
17545| 

| Volumelnfo->NtfsBootSector->SectorsPerCluster*NumCluster 

Is, 

17546| Buffer 

17547| ); 

1 7548| return Err; 

17549| } 

17550| 

17551| r 

1 7552| Writes the cluster specified 
17553| 7 

17554| ULONG NTFS_WriteLogicalCluster( pVolumelnfo Volumelnfo, 

| ULONGLONG Cluster, ULONG NumClusters, PVOID Buffer ) 
17555| { 

17556| ULONG Err; 

1 7557| //DLOG((TEXT("Writing sector %1 2l64d 

| (Cluster=%1 2l64d)\n"),NTFS_ClusterToPhysical(Volumelnfo, 
| Cluster),Cluster)); 

17558| Err = DASD_Write( Volumelnfo->LockHandle, 

17559| 

| NTFS_ClusterToPhysical(Volumelnfo,Cluster), 
17560| 

| Volumelnfo->NtfsBootSector->SectorsPerCluster*NumCluster 

Is, 

17561| Buffer 
17562| ); 
17563| return Err; 
17564| } 
17565| 
17566| /* 

1 7567| Gets the attribute by its type number. Usually 

| only called with well known ids such as 
1 7568| ATTR DATA, ATTR FILENAME, etc... 
17569| 7 

17570| PVOID NTFS_GetAttributeByType( pVolumelnfo Volumelnfo, 

| PMFT Mft, ULONG Type ) 
17571| { 

17572| if(Mft->Signature == 'ELIF') { 
17573| 

1 7574| P ATTRIBUTE Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes]); 
1 7575| ULONG Where = 0; 
17576| 

17577| while(Attribute->Type!=Oxffffffff) { 
1 7578| if (Attribute->Type==Type) { 

17579| return Attribute; 

17580| } 

1 7581 1 Where += Attribute->Length; 

17582| 



17583| Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes+Where 

ID; 

17584| } 
17585| }else{ 

1 7586| DLOG((TEXT("Not an Mft!\n"))); 
17587| } 

17588| return NULL; 
17589| } 
17590| 
17591| /* 

1 7592 1 Gets the attribute by its name 
17593| 7 

17594| PVOID NTFS_GetAttributeByName( pVolumelnfo Volumelnfo, 

| PMFT Mft, ULONG Type, WCHAR *Name ) 
17595| { 

17596| if (Name) { 

17597| if(Mft->Signature == 'ELIF) { 
17598| 

1 7599| PATTRIBUTE Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes]); 
1 7600| ULONG Where = 0; 

17601| 

1 7602| while(Attribute->Type!=Oxffffffff) { 

1 7603| WCHAR *CurrentAttrName = 

| NTFS_GetAttributeNamePointer(Attribute); 
1 7604| if(CurrentAttrName) { 

17605| if((Attribute->Type==Type) && 

| (wcsncmp(CurrentAttrName,Name,Attribute->NameLength)==0) 

I) 

17606| return Attribute; 

17607| } 

1 7608| Where += Attribute->Length; 

17609| Attribute = 

| (PATTRIBUTE)&(((char*)Mft)[Mft->OffsetToAttributes+Where 

I ]); 

17610| } 
17611| }else{ 

17612| DLOG((TEXT("Not an Mft!\n"))); 

17613| } 
17614| }else{ 

17615| return NTFS_GetAttributeByType( Volumelnfo, 

I Mft, Type ); 
17616| } 

17617| return NULL; 

17618| } 

17619| 

17620| 

17621| /* 

1 7622 1 Read the Mft entry of the specified file 



17623| 7 

17624| ULONG NTFS_ReadMft Entry NumberRaw( pVolumelnfo 

| Volumelnfo, ULONGLONG EntryNum, PVOID Buffer) 
17625| { 

17626| _ASSERTE(EntryNum!=0); 

17627| return NTFS_ReadFile( Volumelnfo->MftFile, 

17628| 

| (EntryNum*Volumelnfo->NtfsBootSector->MFTRecordSize) * 
| NTFS_ClusterSizelnBytes(Volumelnfo), 
17629| 

| NTFS_MftByteSize(Volumelnfo), 
17630| Buffer); 
17631| } 
17632| 
17633| /* 

1 7634| Read the Mft entry of the specified file 
17635| 7 

17636| ULONG NTFS_ReadMftEntryNumber( pVolumelnfo Volumelnfo, 

| ULONGLONG EntryNum, PVOID Buffer) 
17637| { 

17638| if(EntryNum==0) { 
17639| // Mft of mft is always in memory.. 
1 7640| // this has to be the case, because 
| NTFS_ReadFile calls us, and this prevents 
17641| //a circle 
17642| 

| memcpy(Buffer,Volumelnfo->Mft,NTFS_MftByteSize(Volumelnf 
|o)); 

17643| return 0; 
17644| }else{ 
17645| 

17646| ULONG Err = 

| NTFS_ReadMftEntryNumberRaw(Volumelnfo, EntryNum, Buffer); 
17647| 

17648| if(!Err){ 

17649| //fixup mft entry 

1 7650| if(*(ULONG*)Buffer==(ULONG)'ELIF') { 

17651 1 if(!NTFS_FixupRecord( Volumelnfo, 

| Buffer )) { 

1 7652| DLOG((TEXT("Error fixing up Mft 

| entry!!!\n M ))); 
17653| } 
17654| }else{ 

1 7655| DLOG((TEXT("Didnt read a mft!\n"))); 

17656| } 

17657| } 

17658| return Err; 

17659| } 

17660| } 

17661| 



17662| 
17663| r 

1 7664| Writes the Mft entry of the specified file 
17665| 7 

17666| ULONG NTFS_WriteMftEntryNumber( pVolumelnfo Volumelnfo, 

| ULONGLONG EntryNum, PVOID Buffer) 
17667| { 

17668| if(EntryNum==0) { 
1 7669| // Mft of mft is always in memory.. 
1 7670| // this has to be the case, because 
| NTFS_ReadFile calls us, and this prevents 
17671| //a circle 

1 7672| DLOG((TEXT("Saving mft 0 is not 

| supported!!\n"))); 
17673| return ERROR_NOT_SUPPORTED; 
17674| }else{ 

17675| ULONG Err=ERROR_INVALID_PARAMETER; 
17676| 

17677| if(*(ULONG*)Buffer==(ULONG)'ELIF) { 
17678| SAFE_ReadWrite(Buffer); 
1 7679| // undo the fix up so we can commit to disk 

17680| if(NTFS_UnfixupRecord( Volumelnfo, Buffer 

l)){ 

1 7681 1 Err = NTFS_WriteFile( 

| Volumelnfo->MftFile, 
17682| 

| (EntryNum*Volumelnfo->NtfsBootSector->MFTRecordSize) * 
| NTFS_ClusterSizelnBytes(Volumelnfo), 
17683| 

| NTFS_MftByteSize(Volumelnfo), 
17684| Buffer); 
1 7685| // Fix the record up so it is readable 

17686| 

| if(!NTFS_FixupRecord(Volumelnfo,Buffer)) { 
1 7687| DLOG((TEXT("data buffer failed 

| check\n"))); 

1 7688| Err = ERROR_DISK_CORRUPT; 

17689| } 
17690| }else{ 

1 7691 1 DLOG((TEXT("Error fixing up Mft 

| entry!!!\n"))); 
17692| } 

17693| SAFE_ReadOnly(Buffer); 
17694| }else{ 

1 7695| DLOG((TEXT("Didnt read a mft!\n"))); 

17696| } 

17697| 

1 7698| return Err; 
17699| } 
17700| } 



17701| 
17702| 

17703| // TODO: Get the numbers associated with the attributes 

| instead of being hard coded 
17704| void NTFS_GetAttributeNames( pVolumelnfo Volumelnfo ) 
17705| { 
17706| } 
17707| 
17708| /* 

17709| This inits a volume so we can access it. This must 

| be called before any other 
17710| routines are called. NTFS_CloseVolume should be 

| called when done. 
1 771 1 1 Sector should be the start of the volume 
17712| 7 

17713| pVolumelnfo NTFS_OpenVolume( tDASDHandle *LockHandle, 

| ULONGLONG Sector ) 
17714| { 

17715| ULONG Err; 

1 771 6| pVolumelnfo Volumelnfo=NULL; 

17717| 

17718| Volumelnfo = 

| (pVolumelnfo)SAFE_Alloc(sizeof(tVolumelnfo)); 
17719| if (Volumelnfo) { 

17720| memset(Volumelnfo,0,sizeof(tVolumelnfo)); 
17721| 

1 7722| Volumelnfo->VolumeStartSector = Sector; 
17723| Volumelnfo->LockHandle = LockHandle; 
1 7724| Volumelnfo->NtfsBootSector = 

| (PNTFS_BOOT_SECTOR)SAFE_Alloc(sizeof(NTFS_BOOT_SECTOR)); 
17725| if(Volumelnfo->NtfsBootSector) { 
1 7726| // cant call NTFS_ReadFile yet as the mft 

| hasn't been read 
1 7727| //DLOG((TEXT("Reading sector %1 2l64d (NTFS 

| Boot Sector)\n M ), Sector)); 
1 7728| Err = DASD_Read( LockHandle, Sector, 1 , 

| Volumelnfo->NtfsBootSector ); 
17729| if(!Err){ 

1 7730| // Fixup the MftRecordSize for 4k 

| clusters 
17731| 

| if(Volumelnfo->NtfsBootSector->MFTRecordSize==0xf6) { 
1 7732| // f6 is assumed to be .25 or 1 k, 

| this info comes from the linux ntfs 
17733| // driver, i havent seen it. Assume 

| Cluster Size. 

17734| DLOG((TEXT("Modifying MFTRecordSize 

| from 

| %02x\n"),Volumelnfo->NtfsBootSector->MFTRecordSize)); 
17735| 



I DumpNtfsBootSector(Volumelnfo->NtfsBootSector); 
17736| 

| Volumelnfo->NtfsBootSector->MFTRecordSize = max(1024 / 
| Volumelnfo->NtfsBootSector->BytesPerSector,Volumelnfo->N 
| tfsBootSector->SectorsPerCluster) ; 

17737| }else 

17738| 

| if(Volumelnfo->NtfsBootSector->MFTRecordSize>0x80) { 
1 7739| // assume something wrong 

17740| DLOG((TEXT("Modifying MFTRecordSize 

| from %02x - Something is 

| wrong!\n"),Volumelnfo->NtfsBootSector->MFTRecordSize)); 
17741| 

| DumpNtfsBootSector(Volumelnfo->NtfsBootSector); 
17742| 

| Volumelnfo->NtfsBootSector->MFTRecordSize = max(1024 / 
| Volumelnfo->NtfsBootSector->BytesPerSector,Volumelnfo->N 
| tf s Boot Secto r- >Secto rs Pe rC I uste r) ; 

17743| } 

17744| 

1 7745| Volumelnfo->Mft = 

| (PMFT)SAFE_Alloc(NTFS_MftByteSize(Volumelnfo)); 
17746| if(Volumelnfo->Mft) { 

1 7747| // cant call NTFS_ReadFile yet as 

| the mft hasn't been read 
1 7748| // NTFS_Readl_ogicalCluster does not 

| require the Mft 
1 7749| Err = NTFS_Readl_ogicalCluster( 

| Volumelnfo, 
17750| 

| Volumelnfo->NtfsBootSector->MftCluster.QuadPart, 
17751| 

| Volumelnfo->NtfsBootSector->MFTRecordSize, 
17752| 

| Volumelnfo->Mft ); 
17753| if(!Err) { 

1 7754| if(Volumelnfo->Mft->Signature 

|=='ELIF){ 
1 7755| if (NTFS_FixupRecord( 

| Volumelnfo, Volumelnfo->Mft )) { 
1 7756| Volumelnfo->MftFile = 

| NTFS_OpenFileByNumber( Volumelnfo, FILE M FT, DATA ATTR, 

| NULL); 

17757| if(Volumelnfo->MftFile) 
|{ 

1 7758| // get the Unicode 

| uppercase table, needed for directory 
17759| //searches 
17760| PNTFS_File 

| File=NTFS_OpenFileByNumber(Volumelnfo, FILEJJPCASE, 



I DATA_ATTR, NULL ); 
17761| if(File) { 

17762| ULONGLONG 

| DataSize = NTFS_GetFileSize(File); 
17763| 

| if(DataSize!=(ULONGLONG)-1) { 
17764| 

| Volumelnfo->UpcaseTable = SAFE_Alloc((ULONG)DataSize); 
17765| 

| if(Volumelnfo->UpcaseTable) { 
17766| Err = 

| NTFS_ReadFile(File,0,DataSize,Volumelnfo->UpcaseTable); 
17767| 

I if(!Err) { 
17768| 

| NTFS_CloseFile(File); 
17769| 

| NTFS_GetAttributeNames( Volumelnfo ); 
17770| // 

| protect resources. 
17771| 

| SAFE_ReadOnly( Volumelnfo ); 
17772| 

| SAFE_ReadOnly( Volumelnfo->UpcaseTable ); 
17773| 

| SAFE_ReadOnly( Volumelnfo->Mft ); 
17774| 

| SAFE_ReadOnly( Volumelnfo->NtfsBootSector ); 
17775| // 

| verify read only 
17776| 

| //Volumelnfo->NtfsBootSector->MFTRecordSize = 2; 
17777| 

| return Volumelnfo; 
17778| }else 

|{ 
17779| 

| DLOG((TEXT("Error reading upcase file\n"))); 
17780| } 
17781| }else{ 
17782| 

| DLOG((TEXT("Out of memory for upcase table\n"))); 
17783| } 
17784| }else{ 
17785| 

| DLOG((TEXT("Unable to get file size of upcase 

| table\n"))); 
17786| } 
17787| 

| NTFS_CloseFile(File); 



17788| }else{ 
17789| 

| DLOG((TEXT("Unable to open upcase file\n"))); 
17790| } 
17791| 

| NTFS_CloseFile(Volumelnfo->MftFile); 
17792| }else{ 
17793| DLOG((TEXT("Unable 

| to open mft\n"))); 
17794| } 
17795| }else{ 
1 7796| DLOG((TEXT("Mft fixup 

| failed\n"))); 
17797| } 
17798| }else{ 

1 7799| DLOG((TEXT("Sector %08x is 

| not the 

| Mft!\n"),NTFS_ClusterToPhysical(Volumelnfo,Volumelnfo->N 

| tfsBootSector->MftCluster.QuadPart))); 
17800| } 
17801| }else{ 

1 7802| DLOG((TEXT("Error %08x reading 

| cluster 

| %08x\n"),Err,Volumelnfo->NtfsBootSector->MftCluster.Quad 
I Part)); 
17803| } 

1 7804| SAFE_Free(Volumelnfo->Mft); 
17805| }else{ 

1 7806| DLOG((TEXT("Out of memory 

| (Need=%d)\n"),NTFS_MftByteSize(Volumelnfo))); 
17807| } 
17808| }else{ 

1 7809| DLOG((TEXT("Error %08x reading sector 

| %08x\n"),Err,Sector)); 
17810| } 

1 781 1 1 SAFE_Free(Volumelnfo->NtfsBootSector); 
17812| }else{ 

17813| DLOG((TEXT("Out of memory 

| (Need=%d)\n"),sizeof(NTFS_BOOT_SECTOR))); 
17814| } 

17815| SAFE_Free(Volumelnfo); 
17816| }else{ 

1 781 7| DLOG((TEXT("Out of memory 

| (Need=%d)\n"),sizeof(tVolumelnfo))); 
17818| } 
17819| 

17820| return NULL; 
17821| } 
17822| 
17823| I* 



17824| Frees memory associated with NTFS_OpenVolume 
17825| 7 

17826| void NTFS_CloseVolume( pVolumelnfo Volumelnfo ) 
17827| { 

17828| if (Volumelnfo) { 

1 7829| if(Volumelnfo->UpcaseTable) 

17830| SAFE_Free(Volumelnfo->UpcaseTable); 

1 7831 1 if(Volumelnfo->MftFile) 

1 7832| NTFS_CloseFile(Volumelnfo->MftFile); 

1 7833 1 if ( Volu mel nf o->Mft) 

1 7834| SAFE_Free(Volumelnfo->Mft); 

1 7835| if(Volumelnfo->NtfsBootSector) 

1 7836| SAFE_Free(Volumelnfo->NtfsBootSector); 

17837| SAFE_Free(Volumelnfo); 

17838| } 

17839| } 

17840| 

17841| 

17842| static void ReadPartitionTable ( tDASDHandle 

| *LockHandle, ULONGLONG Sector ) 
17843| { 

17844| ULONGi; 

17845| tMBR MBR; 

17846| ULONG Err; 

1 7847| pVolumelnfo Volumelnfo; 

17848| 

17849| DLOG((TEXT("Reading sector %12l64d (Partition 

| Table)\n"),Sector)); 
17850| Err = DASD_Read ( LockHandle, Sector, 1 , &MBR ); 
17851| for(i=0;i<4;i++) { 

1 7852| if(MBR.Part[i].SystemType == PARTITION_NTFS ) { 
17853| Volumelnfo = NTFS_OpenVolume( LockHandle, 

| MBR.Part[i].StartSector+Sector ); 
17854| if(Volumelnfo) { 

1 7855| DumpNTFSPartition( Volumelnfo ); 

17856| 

1 7857| NTFS_CloseVolume( Volumelnfo ); 

17858| } 
17859| }else 

1 7860| if(MBR.Part[i].SystemType == 

| PARTITION_DOSExtended ) { 
1 7861 1 // recursively call ourselves 

17862| ReadPartitionTable( LockHandle, 

| MBR.Part[i].StartSector); 
17863| } 
17864| } 
17865| } 
17866| 

17867| static void ReadDrive( ULONG DriveNum ) 
17868| { 



1 7869| tDASDHandle *LockHandle; 
17870| 

17871 1 LockHandle = DASD_LockDevice( DriveNum ); 
17872| if(LockHandle) { 

17873| ReadPartitionTable( LockHandle, 0 ); 
17874| 

1 7875| DASD_UnlockDevice( LockHandle ); 
17876| }else{ 

17877| DLOG((TEXT("Unable to obtain lock to 

| device\n"))); 
17878| } 
17879| } 
17880| 
17881| 

17882| PNTFS_FIDO_INFO NTFS_FidoFirstFile( pVolumelnfo 
| Volumelnfo, WCHAR* IpFileName, LPWIN32_FIND_DATA 
| IpFindFileData ) 

17883| { 

17884| tNTFS_FIDO_INFO *FI; 
17885| 

17886| Fl = SAFE_Alloc(sizeof(tNTFS_FIDO_INFO)); 
17887| if(FI) { 

1 7888| FI->DirectoryFile = NTFS_OpenFileByName( 
| Volumelnfo, IpFileName, FILENAMEATTR, NULL ); 

1 7889| if(FI->DirectoryFile) { 

1 7890| // Before returning, return back the first 

| file and store the index of it. 

1 7891 1 if (NTFS_FidoNextFile( Fl, IpFindFileData 

l»{ 

17892| return Fl; 

17893| }else{ 

1 7894| // error set from Find Next 

17895| } 

17896| }else{ 

1 7897| // error set from call to open 

17898| } 

17899| SAFEFree(FI); 
17900| }else{ 

17901 1 SetLastError(ERROR_OUTOFMEMORY); 
17902| } 

17903| return NULL; 

17904| } 

17905| 

17906| BOOL NTFS_FidoNextFile( PNTFS_FIDO_INFO Fl, 

| LP Wl N32 F I N D_D ATA IpFindFileData ) 
17907| { 

17908| if (FindEntryNumlnDir( 
| FI->DirectoryFile->Volumelnfo, 
| FI->DirectoryFile->MftEntryNum, FI->lndexesFound, 
| IpFindFileData )){ 



1 7909| FI->lndexesFound++; 
17910| return TRUE; 
17911| }else{ 

17912| //already set or eof??? 

| SetLastError(ERROR_NOT_SUPPORTED); 
17913| return FALSE; 
17914| } 
17915| } 
17916| 

17917| BOOL NTFS_FidoClose( PNTFS_FIDO_INFO hFindFile ) 
17918| { 



17919| BOOL B= FALSE; 

17920| if(hFindFile) { 

1 7921 1 if(hFindFile->DirectoryFile) { 

17922| NTFS_CloseFile(hFindFile->DirectoryFile); 

17923| B = TRUE; 

17924| }else{ 

1 7925| SetLastError(ERROR_FILE_INVALID); 

17926| } 

1 7927| SAFE_Free(hFindFile); 

17928| }else{ 

17929| SetLastError( ERRO R_FI LEI N VALI D) ; 

17930| } 

17931| return B; 



17932| } 

17933| 

17934| 

17935| PNTFS_FIND_INFO NTFS_FindFirstFile( pVolumelnfo 
| Volumelnfo, WCHAR* IpFileName, LPWIN32_FIND_DATA 
| IpFindFileData ) 

17936| { 

17937| tNTFS_FI N D_l N FO *FI; 
17938| 

17939| Fl = SAFE_Alloc(sizeof(tNTFS_FIND_INFO)); 
17940| if(FI) { 

1 7941 1 FI->DirectoryFile = NTFS_OpenFileByName( 
| Volumelnfo, IpFileName, FILENAME ATTR, NULL ); 

1 7942| if(FI->DirectoryFile) { 

17943| if (Open Index Root ( Fl, Volumelnfo, 

| FI->DirectoryFile->MftEntryNum, IpFindFileData )) { 

1 7944| // Before returning, find the first 

| file. 

17945| if (NTFS_FindNextFile( Fl, 

| IpFindFileData )) { 
17946| return Fl; 

17947| }else{ 

1 7948| DLOG((TEXT("Unable to find first file 

| after opening index root\n M ))); 
17949| } 
17950| }else{ 



1 7951 1 DLOG((TEXT("Unable to open index 

| root\n M ))); 
17952| } 
17953| }else{ 

1 7954| DLOG((TEXT("Unable to open requested 

| directoryVn"))); 
17955| } 

17956| SAFE_Free(FI); 
17957| }else{ 

17958| SetLastError(ERROR_OUTOFMEMORY); 

17959| DLOG((TEXT("Out of memory for NTFS_F I N D_l N FO 

| structure^"))); 
17960| } 

17961| return NULL; 

17962| } 

17963| 

17964| BOOL NTFS_FindNextFile( PNTFS_FIND_INFO Fl, 

| LP Wl N32_F I N D_D ATA IpFindFileData ) 
17965| { 

1 7966| BOOL SteppedStatus; 

17967| while ((SteppedStatus = StepToNextlndex( Fl, 
| FI->DirectoryFile->Volumelnfo, IpFindFileData )) && 
| (FI->DeepestNode->IE->FileNameType == FILENAME_DOS)) { 

1 7968| // Bypass DOS names - we'll get the files 
| anyway by their NT name 

17969| 

| ((BYTE*)FI->DeepestNode->IE)+=NTFS_lndexEntrySize(FI->De 
| epestNode->IE); 
17970| } 

1 7971 1 if (SteppedStatus) { 

17972| // Give him the lowdown ... 

1 7973| lpFindFileData->dwFileAttributes = (DWORD) 

| FI->DeepestNode->IE->Attributes.QuadPart; 
17974| #if 0 

17975| IpFindFileData- >ftCreationTime = (unsigned 
| int64)FI->DeepestNode->IE->FileCreationTime; 

1 7976| IpFindFileData- >ftLastAccessTime = 

| (FILETIME)FI->DeepestNode->IE->LastAccessTime; 

17977| lpFindFileData->ftLastWriteTime = 

| (Fl LETI M E) F l->DeepestNode->l E->LastModif iedTime; 

17978| #else 

1 7979| lpFindFileData->ftCreationTime = 

| FI->DeepestNode->IE->FileCreationTime; 
17980| IpFindFileData- >ftLastAccessTime = 

| FI->DeepestNode->IE->LastAccessTime; 
17981| lpFindFileData->ftLastWriteTime = 

| FI->DeepestNode->l E->LastModifiedTime; 
17982| #endif 

1 7983| lpFindFileData->nFileSizeHigh = 
| FI->DeepestNode->IE->AttributeSize.HighPart; 



1 7984| lpFindFileData->nFileSizeLow = 

| FI->DeepestNode->IE->AttributeSize.LowPart; 
17985| wcsncpy 

| (lpFindFileData->cFileName,FI->DeepestNode->IE->FileName 

| ,FI->DeepestNode->IE->FileNameLength ); 
17986| 

| lpFindFileData->cFileName[FI->DeepestNode->IE->FileNameL 
| ength] = 0; 

1 7987| // lpFindFileData->cAlternateFileName = NULL; 

1 7988| lpFindFileData->cAlternateFileName[0] = 0; 

17989| // TCHAR cFileName[ MAX_PATH ]; Why this comment - 

| to remind me to sort out WCHAR vs. TCHAR ?? 
17990| // ... and move on. 
17991| 

| ((BYTE*)FI->DeepestNode->IE)+=NTFS_lndexEntrySize(FI->De 
| epestNode->IE); 
17992| } 

17993| return (SteppedStatus); 

17994| } 

17995| 

17996| BOOL NTFS_FindClose( PNTFS_FIND_INFO hFindFile ) 
17997| { 

17998| BOOL B= FALSE; 
17999| if (hFindFile) { 

18000| while (((BYTE*)hFindFile->DeepestNode != 

| (BYTE*)&hFindFile->DeepestNode)) { 
18001 1 PNODE NodeElect = hFindFile->DeepestNode; 

1 8002 1 SAF E_Free(h Find File->DeepestNode->l A) ; 

1 8003 1 SAF E_Free(h Find File->DeepestNode) ; 

18004| hFindFile->DeepestNode = NodeElect; 

18005| } 

18006| SAFE_Free(hFindFile->IR); 
18007| if(hFindFile->IAFile) { 
18008| NTFS_CloseFile(hFindFile->IAFile); 
18009| } 

18010| if(hFindFile->IRFile) { 

18011| NTFS_CloseFile(hFindFile->IRFile); 

18012| if(hFindFile->DirectoryFile) { 

18013| 

| NTFS_CloseFile(hFindFile->DirectoryFile); 
18014| B = TRUE; 

18015| }else{ 

18016| DLOG((TEXT("No directory to close 

| find\n"))); 

18017| SetLastError(ERROR_FILE_INVALID); 
18018| } 
18019| }else{ 

18020| SetLastError(ERROR_FILE_INVALID); 
18021| } 

18022| SAFE_Free(hFindFile); 



18023| }else{ 

18024| DLOG((TEXT("No PNTFS_FIND_INFO to close 
| find\n"))); 

18025| SetLastError(ERROR_FILE_INVALID); 

18026| } 

18027| return B; 

18028| } 

18029| 

18030| BOOL NTFS_GetFileSecurity( WCHAR* IpFileName, // 

| address of string for file name 
18031 1 SECURITYJNFORMATION 

| Requestedlnformation, // requested information 
18032| PSECURITY_DESCRIPTOR 

| pSecurity Descriptor, // address of security descriptor 
18033| DWORD nLength, // size of 

| security descriptor buffer 
18034| LPDWORD IpnLengthNeeded // 

| address of required size of buffer 
18035| ) 
18036| { 

18037| SetLastError(ERROR_NOT_SUPPORTED); 
18038| return FALSE; 
18039| } 
18040| 

18041| DWORD NTFS_GetFullPathName( WCHAR* IpFileName, // 

| address of name of file to find path for 
18042| DWORD nBufferLength, // 

| size, in characters, of path buffer 
18043| WCHAR* IpBuffer, // address 

| of path buffer 
18044| WCHAR** IpFilePart // address 

| of filename in path 
18045| ) 
18046| { 

18047| SetLastError(ERROR_NOT_SUPPORTED); 

18048| return 0; 

18049| } 

18050| 

18051| 

18052| /* 

18053| BackupRead 
18054| BackupSeek 
18055| BackupWrite 
18056| CloseFile 
18057| Copy File 
18058| CreateDirectory 
18059| CreateDirectoryEx 
18060| CreateFile 
18061| DeleteFile 
18062| FindClose 



18063| FindFirstFile 

18064| FindNextFile 

18065| FlushFileBuffers 

18066| GetCompressedFileSize 

18067| GetCurrentDirectory 

18068| GetFileAttributes 

18069| GetFilelnformationByHandle 

18070| GetFileSecurity 

18071| GetFileSize 

18072| GetFileTime 

18073| GetFullPathName 

18074| MoveFile 

18075| MoveFileEx 

18076| ReadFile 

18077| ReadFileEx 

18078| RemoveDirectory 

18079| RenameFile 

18080| SetCurrentDirectory 

18081| SetEndOfFile 

18082| SetFileAttributes 

18083| SetFilePointer 

18084| SetFileTime 

18085| WriteFile 

18086| WriteFileEx 

18087| 7 

18088| 

18089| static void DisplayHelp( void ) 
18090| { 

18091 1 DLOG((TEXT("-drive:#\n"))); 

1 8092| DLOG((TEXT( M \twhere # is drive number starting with 
I 0\n"))); 

18093| DLOG((TEXT("-part:#\n"))); 

1 8094| DLOG((TEXT("\twhere # is partition number from 

| -listparts\n"))); 
18095| DLOG((TEXT("-listparts\n"))); 
18096| DLOG((TEXT("\tLists partitions on drive\n"))); 
18097| DLOG((TEXT("-asmft:#\n"))); 
18098| DLOG((TEXT("\tDisplay Cluster # as an mft\n"))); 
18099| DLOG((TEXT("-asntfsboot:#\n"))); 
18100| DLOG((TEXT("\tDisplays Sector # as a ntfs boot 

| sector\n M ))); 
18101 1 DLOG((TEXT("-walk:#\n"))); 
181 02| DLOG((TEXT("\tDoes a directory of mft entry 

I #\n"))); 

18103| DLOG((TEXT( M -dir:<dir>\n"))); 

18104| DLOG((TEXT("\tDoes a directory of dir <dir>\n"))); 

18105| DLOG((TEXT("-nokey\n"))); 

1 81 06| DLOG((TEXT("\tDoesnt pause for a key press at end 

| of run\n"))); 
18107| DLOG((TEXT( M -memcheck\n"))); 



1 81 08| DLOG((TEXT("\tDisplays memory usage at end of 

| run\n"))); 
18109| DLOG((TEXT("-free\n"))); 
18110| DLOG((TEXT("\tDisplays clusters free and 

| available\n"))); 
181 1 1 1 DLOG((TEXT("-copy:#:[stream]:<file>\n"))); 
18112| DLOG((TEXT("\tCopys attribute # and optionally 

| named attribute [stream] for file <file> to file 

| 'dataW'))); 
18113| DLOG((TEXT("-findfile:<File>\n"))); 
18114| DLOG((TEXT("\treturns the mft entry of file 

| <file>\n"))); 
18115| DLOG((TEXT("-mftentry:#\n"))); 
1 81 1 6| DLOG((TEXT("\tDumps mft entry #\n"))); 
181 17| DLOG((TEXT("-createstream\n"))); 
1 81 1 8| DLOG((TEXT("\tCreates a multistream file\n"))); 
18119| 
18120| } 
18121| 

18122| typedef struct _FILE_END_OF_FILE_INFORMATION { 
18123| LARGEJNTEGER EndOfFile; 
18124| } FILE_END_OF_FILE_INFORMATION, 

| *PFILE_END_OF_FILE_INFORMATION; 
18125| 
18126| 

18127| ULONG NtDeleteFile( WCHAR *FileName ) 
18128| { 

18129| HANDLE Handle; 

18130| ULONG Err; 

18131| UNICODE_STRING Uni; 

18132| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

18133| IO_STATUS_BLOCK loStatus={0}; 

18134| 

18135| RtllnitUnicodeString( &Uni, FileName); 
18136| 

18137| InitializeObjectAttributes ( SObjectAttributes, 
18138| &Uni, 

18139| OBJ_CASE_INSENSITIVE, 

18140| NULL, 

18141| NULL); 

18142| Err = NtCreateFile( &Handle, 

18143| DELETE | SYNCHRONIZE , 

| // desired access 
18144| SObjectAttributes, 

| // object attributes 
18145| SloStatus, 
18146| NULL, 

| // alloc size 

18147| FILE_ATTRIBUTE_NORMAL, 
| // file attributes 



1 81 48| 0, // share access 

18149| FILE_OPEN, 

| // create disposition 
18150| FILE_SYNCHRONOUS_IO_NONALERT, 

| // create options 
18151| NULL, 

| // eabuffer 
18152| 0); 

| // ealength 
18153| 

18154| if(!Err){ 

18155| FILE_DISPOSITION_INFORMATION FSInfo; 

18156| FSInfo. DeleteFile = 1; 

18157| 

1 81 58| Err = NtSetlnformationFile( 
18159| Handle, // IN HANDLE 

| FileHandle, 
18160| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
18161| &FSInfo, //INPVOID 

| Filelnformation, 
18162| sizeof(FILE_DISPOSITIONJNFORMATION), 

| // IN ULONG Length, 
18163| FileDispositionlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
18164| ); 
18165| 

18166| NtClose(Handle); 
18167| }else{ 

1 81 68| DLOG((TEXT( M Error %08x deleting file 

| '%sYi M ),Err,FileName)); 
18169| } 
18170| return Err; 
18171| } 
18172| 

18173| ULONG AllocSpace( WCHAR *VolumeName, WCHAR *FileName, 

| LARGEJNTEGER AllocSize ) 
18174| { 

18175| HANDLE Handle; 

18176| ULONG Err; 

18177| WCHAR FullName[256]; 

18178| UNICODE_STRING Uni; 

18179| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

18180| IO_STATUS_BLOCK loStatus={0}; 

18181| 

18182| swprintf(FullName, L"%s%s",VolumeName,FileName); 
18183| 

18184| NtDeleteFile(FullName); 
18185| 

18186| RtllnitUnicodeString( &Uni, FullName); 



18187| 

1 81 88 1 InitializeObjectAttributes ( &ObjectAttributes, 
18189| &Uni, 

18190| OBJ_CASE_INSENSITIVE, 

18191| NULL, 

18192| NULL); 

18193| Err = NtCreateFile( &Handle, 

18194| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, // desired access 

1 81 95| &ObjectAttributes, 

| // object attributes 
18196| &loStatus, 
18197| NULL, 

| // alloc size 

18198| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
18199| 0, // share access 

18200| FILE_CREATE, 

| // create disposition 
18201 1 FILE_SYNCHRONOUS_IO_NONALERT, 

| // create options 
18202| NULL, 

| // eabuffer 
18203| 0); 

| // ealength 
18204| 

18205| if(!Err){ 

18206| FILE_END_OF_FILE_IN FORMATION FSInfo; 

18207| FSInfo. EndOf File = AllocSize; 

18208| 

18209| Err = NtSetlnformationFile( 
18210| Handle, // IN HANDLE 

| FileHandle, 
18211| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
18212| &FSInfo, // IN PVOID 

| Filelnformation, 
18213| sizeof(FILE_END_OF_FILE_INFORMATION), 

| // IN ULONG Length, 
18214| FileEndOf Filelnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
18215| ); 
18216| 

18217| NtClose(Handle); 
18218| }else{ 

18219| DLOG((TEXT("Error %08x allocing %l64d bytes for 

| file for '%s'\n"),Err,AllocSize,FullName)); 
18220| } 
18221| return Err; 
18222| } 



18223| 

18224| ULONG lnitializeSpace( tVolumelnfo *Volumelnfo, WCHAR 

| *FileName, LARGEJNTEGER AllocSize ) 
18225| { 

18226| ULONG Err=0; 
18227| WCHAR Name[255]; 
18228| PNTFS_File File; 
18229| 

18230| // name will be modified to contain uppercase of 

| passed in string 
18231 1 wcscpy(Name,FileName); 

18232| File = NTFS_OpenFileByName(Volumelnfo, Name, 

| FILENAME_ATTR, NULL); 
18233| if (File) { 
1 8234| // get data attribute 
18235| PATTRIBUTE Attr = 

| (PATTRIBUTE)NTFS_GetAttributeByName( File->Volumelnfo, 

| File->Mft, DATA_ATTR, NULL ); 
18236| if (Attr) { 
1 8237| if (Attr->NotResident) { 

1 8238| DLOG((TEXT("File = %s, mft 

| entry=%l64d\n"),FileName,File->MftEntryNum)); 
18239| DLOG((TEXT(" Allocated = 

| %12l64d\n"),Attr->NonResidentData.AllocatedDiskSpace)); 
18240| DLOG((TEXT(" File Size = 

| %12l64d\n"),Attr->NonResidentData.AttributeSize)); 
18241| DLOG((TEXT(" Initialized = 

| %12l64d\n M ),Attr->NonResidentData.LengthOflnitializedDat 

la)); 

18242| SAFE_ReadWrite(Attr); 
18243| 

| Attr->NonResidentData.LengthOflnitializedData = 

| Attr->NonResidentData.AllocatedDiskSpace; 
18244| SAFE_ReadOnly(Attr); 
18245| Err = NTFS_CommitFile(File); 

18246| 

18247| if(!Err) { 

18248| DLOG((TEXT("File committed\n"))); 

18249| }else{ 

18250| DLOG((TEXT("Error %08x commiting 

| file\n"),Err)); 
18251| } 
18252| }else{ 

18253| DLOG((TEXT("Data is resident, nothing 

| to do\n M ))); 
18254| Err = 0; 

18255| } 
18256| }else{ 

18257| DLOG((TEXT("No data attribute found\n"))); 

18258| Err = ERROR_NO_ATTRIBUTE_FOUND; 



18259| } 
18260| 

1 8261 1 NTFS_CloseFile(File); 
18262| }else{ 

18263| DLOG((TEXT("Unable to find file 

| '%s'\n"),FileName)); 
18264| Err = ERROR_FILE_NOT_FOUND; 
18265| } 
18266| return Err; 
18267| } 
18268| 
18269| 

18270| ULONG NTFS_AllocAndlnitFiles( WCHAR *NTDeviceName, 

| ULONG NumFiles, tNTFS_AllocFiles Filesf] ) 
18271| { 

18272| ULONG Err=0; 

18273| tDASDHandle *VolumeHandle; 

18274| ULONG i; 

18275| 

18276| _try{ 

18277| DLOG((TEXT("Opening volume\n"))); 

1 8278| VolumeHandle=DASD_LockVolume(NTDeviceName); 

18279| if(VolumeHandle) { 

18280| ULONG Dismount; 

18281| 

1 8282| DLOG((TEXT("Allocing space on volume\n"))); 

18283| i=0; 
18284| do{ 
18285| Err = 

| AllocSpace(NTDeviceName,Files[i].FileNameOnly,Files[i].F 

| ileSize); 
18286| i++; 

1 8287| } while((Err==0) && (kNumFiles)); 

18288| 

18289| if(!Err){ 

18290| DLOG((TEXT("Dismounting volume 

| %08x\n"),VolumeHandle->hDevice)); 
18291| 

| Dismount=DismountVolume(VolumeHandle->hDevice); 
18292| if (Dismount) { 

18293| tDASDHandle 

| *VolumeHandle2=DASD_LockVolume(NTDeviceName); 
18294| 

18295| if(VolumeHandle2) { 

18296| tVolumelnfo *Volumelnfo; 

18297| DLOG((TEXT("Loading volume 

| information^"))); 
18298| 

18299| Volumelnfo=NTFS_OpenVolume( 
| VolumeHandle2, 0); 



18300| if(Volumelnfo) { 

18301| DLOG((TEXT("lnitializing 

| space on volume\n"))); 
18302| i = 0; 

18303| do{ 
18304| Err = 

| lnitializeSpace(Volumelnfo,Files[i].FileNameOnly,Files[i 

| ].FileSize); 
18305| i++; 
18306| } while ((Err==0) && 

| (kNumFiles)); 
18307| 

18308| if(Err) { 

18309| DLOG((TEXT("Error %08x 

| initing space for cache\n"),Err)); 
18310| } 
18311| 

| NTFS_CloseVolume(Volumelnfo); 
18312| }else{ 

18313| DLOG((TEXT("Unable to open 

| volume\n"))); 
18314| Err = 

| ERROR_UNRECOGNIZED_VOLUME; 
18315| } 
18316| }else{ 

1 831 7\ DLOG((TEXT("Unable to open 

| volume from os\n"))); 
18318| Err = 

| ERROR_UNRECOGNIZED_VOLUME; 
18319| } 
18320| 

18321 1 DASD_UnlockDevice(VolumeHandle2); 
18322| }else{ 

18323| DLOG((TEXT("Error dismounting 

| volume\n"))); 

18324| Err= ERROR_UNABLE_TO_UNLOAD_MEDIA; 

18325| } 
18326| }else{ 

1 8327| DLOG((TEXT("Error %08x allocing 

| space\n"),Err)); 
18328| } 

1 8329| DASD_UnlockDevice(VolumeHandle); 
18330| }else{ 

1 8331 1 DLOG((TEXT("Error getting volume 

| handle\n"))); 

18332| Err = ERROR_UNRECOGNIZED_VOLUME; 

18333| } 

18334| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
18335| Err = GetExceptionCodeQ; 



18336| DLOG((TEXT("NTFS_AllocAndlnitFiles: Exception 

| %08x allocing and initing files\n"),Err)); 
18337| } 
18338| 

18339| // if any errors, go ahead and delete all the files 
18340| // so PSM doesnt accidently use the files when they 

| havent been 
18341 1 // initialized or it will deadlock with itself 
18342| if (Err) { 
18343| __try{ 

18344| WCHAR FullName[256]; 

18345| 

18346| i=0; 
18347| do{ 
18348| swprintf(FullName, 

| L"%s%s",NTDeviceName,Files[i].FileNameOnly); 
1 8349| DLOG((TEXT("Deleting file 

| '%s'\n M ),FullName)); 
18350| NtDeleteFile(FullName); 
18351| i++; 
18352| } while(kNumFiles); 
18353| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
18354| Err = GetExceptionCodeQ; 

18355| DLOG((TEXT("NTFS_AllocAndlnitFiles: 

| Exception %08x deleting files\n"),Err)); 
18356| } 
18357| 
18358| } 
18359| 

18360| return Err; 

18361| } 

18362| 

18363| 

18364| 

18365| File Listing: ntfs.h 

18366| 

18367| /* 

18368| Copyright 1997-98 Columbia Data Products, Inc. 

| All Rights Reserved! 
18369| 

18370| This file is a compilation of different resources: 
18371| 

18372| Helen Custer's "Inside the Windows NT File System" 

18373| Microsoft Press 

18374| ISBN: 1-55615-660-x 

18375| Martin von Lewis and Regis Duchesne from the ntfs 

| linux driver 
18376| Docs at 

| http://Celine.via.ecp.fr/~hpreg/ntfs/new/ 



18377| Driver at 

| http://www.informatik.hu-berlin.de/~loewis/ntfs/ 
18378| I have included comments from their docs at 

| some places. 

18379| Personal Note: The source code is very bad, 

| it makes no use of structures, so 
18380| except for reference, his code 

| is pretty much useless. IOW: I look 
18381 1 to see how he decompresses a 

| run, then implement my own. 
18382| Rob Green (me!) Columbia Data Products, Inc. 

| 407-869-6700 

18383| Reversed engineered Ntfs Boot Sector, and other 

| fields that Martin left out. Also 
18384| added information that i happen to know about 

| due to me reverse engineering other 
18385| file systems 

18386| Mark Russinovich and Bryce Cogswell's NTFSDos 

| Driver and NTFSInfo. 
18387| While no source code, these files were helpful 

| to verify results with 
18388| MS NT Resource Kit DskProbe.exe 
18389| Used to get sectors so i could reverse engineer 

| them. As a side note, while not 
18390| a bad disk editor, it could use some updating. 
1 8391 1 MS ntfs.sys driver 

18392| Some structures came from my endeavors of 

| reverse engineering the ntfs.sys driver 
18393| that comes included with Windows NT. 
18394| 
18395| 7 
18396| 
18397| 

18398| // 



18399| 

18400| // converts a cluster number to the physical sector 
| number 

18401| #define NTFS_ClusterToPhysical(Volumelnfo,ClusterNum) 
| (((Volumelnfo)->NtfsBootSector->SectorsPerCluster*(Clust 
| erNum))+((Volumelnfo)->VolumeStartSector)) 

18402| #define NTFS_ClusterToLogical(Volumelnfo,ClusterNum) 
| (((Volumelnfo)->NtfsBootSector->SectorsPerCluster*(Clust 
| erNum))) 

18403| #define 

| NTFS_PhysicalToLogical(Volumelnfo, Physical, Logical) 
| ((Physical)-((Volumelnfo)->VolumeStartSector)) 

18404| #define 

| NTFS_LogicalToPhysical(Volumelnfo, Logical, Physical) 
| ((Logical)+((Volumelnfo)->VolumeStartSector)) 



18405| 

18406| // gets a pointer into the data area of the attribute 
18407| //#define Get DataPointer( Attribute) 
| ((Attribute)->Offset ? 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->Offset+((Attri 
| bute)->Namel_ength*2)])) : ((Attribute)->NotResident ? 
| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->NonResidentDat 
| a.Offset+((Attribute)->NameLength*2)])) : 
| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->ResidentData.O 
| ffset+((Attribute)->NameLength*2)])))) 
18408| #define NTFS_GetDataPointer(Attribute) 
| ((Attribute)->NotResident ? 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->NonResidentDat 
| a.Offset])) : 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->ResidentData.O 
I ffset]))) 

18409| // retrieves the name of an attribute if it has one 
18410| #define NTFS_GetAttributeNamePointer(Attribute) 

| ((Attribute)->Namel_ength ? ((Attribute)->Offset ? 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->Offset])) : 

| ((Attribute)->NotResident ? 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->NonResidentDat 
| a.Offset])) : 

| ((PVOID)&(((CHAR*)Attribute)[(Attribute)->ResidentData.O 

| ffset])))) : NULL) 
1841 1 1 // size of the attribute 
18412| #define NTFS_GetDataSize(Attribute) 

| ((Attribute)->NotResident ? 

| ((Attribute)->NonResidentData.AttributeSize.QuadPart) : 
| ((Attribute)->ResidentData. DataLength)) 
18413| 

18414| // returns the size of the mft in bytes 
18415| #define NTFS_MftByteSize(Volumelnfo) 

| ((Volumelnfo)->NtfsBootSector->MFTRecordSize*(Volumelnfo 

| )->NtfsBootSector->BytesPerSector) 
18416| // returns the size of the cluster in bytes 
18417| #define NTFS_ClusterSizelnBytes(Volumelnfo) 

| ((Volumelnfo)->NtfsBootSector->SectorsPerCluster*(Volume 

| lnfo)->NtfsBootSector->BytesPerSector) 
18418| // size of an index entry for directory parsing 
18419| #define NTFSJndexEntrySize(IE) 

| ((IE)->EntrySize) 
18420| // Gets VCN of subnodes for greater than cases during 

| directory parsing 
18421| //#define GetSubNodesVCN(IE) 

| ((ULONGLONG)*(&(((BYTE*)(IE))[(IE)->EntrySize-8]))) 
18422| #define NTFS_GetSubNodesVCN(IE) 

| *((ULONGLONG*)(((BYTE*)IE)+(IE)->EntrySize-8)) 
18423| 
18424| 



18425| 
18426| 
18427| 

18428| r MFT File Entry 
18429| Interest 
18430| 

18431 1 This is a component of the MFT. Each file of the volume 

| is completely described by 
18432| some of these FILE records. The first FILE record that 

| describes a given file is 
18433| called the base FILE record (or an inode in Linux 

| terminology). All other are called 
18434| extension FILE records. 
18435| 

18436| Layout 
18437| 

18438| A FILE record is 1 KB large or the cluster size if 

| larger. It falls into 2 parts : 
18439| 

18440| Flags 

18441| Bit Signification 

18442| 01 Non-resident attributes 

18443| 02 The FILE record describes a 

| directory 
18444| 
18445| 

18446| base FILE record number 

18447| If the FILE record is a base FILE 

| record, the number is 0000000000000000. 
18448| If the FILE record is an extension FILE 

| record, the number is its 
18449| corresponding base FILE record number. 

18450| 

1 8451 1 The sequence of attributes part 
18452| 

18453| This is a sequence of file attributes that has a 

| variable length. In each FILE record, 
18454| the sequence is ordered by increasing order of the 

| attribute type. The sequence is 
18455| terminated with FFFFFFFF. 
18456| 

18457| Properties 
18458| 

18459| Extension FILE records are used when all information 

| about a file doesn't fit into the 
18460| base FILE record (e.g. if the sequence of file 

| attributes grows). Only the base FILE 
18461 1 record is used for referencing the file it describes. 

| Since the type of the Attribute List 
18462| file attribute is small enough, we are sure that this 



I file attribute will be in the base 
18463| FILE record. And this file attribute provides the 

| references to all the extension FILE 
18464| records describing the file. 
18465| 

18466| Questions 
18467| 

18468| What does the flag 'Non-resident attributes' in the 

| header part mean? Is it set only when 
18469| all file attributes in the sequence of attributes part 

| are non-resident? 
18470| 7 
18471| 

18472| #define MFT_FLAG_NOT_RESIDENT 0x0001 
18473| #define MFT_FLAG_DI RECTORY 0x0002 
18474| 

18475| #pragma pack(1) 
18476| 

18477| // first mft(which holds all mfts) is stored at 

| NtfsBootSector->MftCluster 
18478| typedef struct _MFT { 
18479| ULONG Signature; //FILE 
18480| WORD FixupOffset; 
18481 1 WORD NumberOfFixups; 
18482| ULARGEJNTEGER Unknown; 
18483| WORD SequenceNumber; 
18484| WORD HardLinkCount; 
1 8485| WORD Off setTo Attributes; 
18486| WORD Flags; 
18487| ULONG LengthlnUse; 
18488| ULONG Allocated; 
18489| ULARGEJNTEGER MftRecord; 
18490| WORD MaxAttributeNumber; 
18491 1 WORD Fixups[(0x400-0x2a) / 2]; // only 1k for 

| default... 
18492| //fixups follow... 
18493| } MFT, *PMFT; 
18494| 

18495| // Standard attributes 

18496| #define STAN DARD_I N FORM ATION_ATTR 0x10 
1 8497| #def ine ATTRIBUTE_LIST_ATTR 0x20 
18498| #define FILENAME ATTR 0x30 
18499| #define VOLUME_VERSION_ATTR 0x40 
18500| #define SECURITY_DESCRIPTOR_ATTR 0x50 
18501 1 #define VOLU M EN AM EATTR 0x60 
18502| #define VOLUME_INFO_ATTR 0x70 
1 8503| #def ine DATA ATTR 0x80 
18504| #define I N D EX_ROOT_ATTR 0x90 
18505| #define I N D EX_ALLOC ATI ON_ATTR OxaO 
1 8506| #def ine BITMAP ATTR OxbO 



18507 
18508 
18509 
18510 
18511 
18512 
18513 
18514 
18515 
18516 
18517 
18518 
18519 
18520 

I 1C 
18521 

I 18 
18522 

| 20 
18523 

| 22 
18524 

| 24 
18525 

| 28 
18526 

| 30 
18527 

| 38 
18528 

| 40 
18529 

| 48 
18530 
18531 
18532 
18533 
18534 
18535 
18536 
18537 
18538 
18539 
18540 
18541 
18542 
18543 
18544 
18545 
18546 



#define SYMLINK_ATTR OxcO 
#define HPFS_EA_INFO_ATTR OxdO 
#defineHPFS EA ATTR OxeO 



typedef struct _RESIDENT_ATTR { 

ULONG DataLength; // 10 

WORD Offset; // 14 

WORD Attributelslndexed; // 16 

// BYTE Data[1]; // 18 

} RESIDENT_ATTR; 

typedef struct _NONRESIDENT_ATTR { 

ULARGEJNTEGER StartingVCN; // 

ULARGEJNTEGER LastVCN; // 

WORD Offset; // 

WORD CompressionEngine; // 

ULONG Unknown; // 

ULARGEJNTEGER AllocatedDiskSpace; // 

ULARGEJNTEGER AttributeSize; // 

ULARGEJNTEGER LengthOflnitializedData; // 

ULARGEJNTEGER CompressedSize; // 

// BYTE Data[1]; // 

} NONRESIDENTATTR; 

typedef struct _ATTRIBUTE { 

ULONG Type; // 0 

ULONG Length; // 4 

BYTE NotResident; // 8 

BYTE NameLength; // 9 

BYTE Offset; // a 

BYTE Unknownl; // b 

BYTE Compressed; // c 

BYTE Unknown2; // d 

WORD Attributed; // e 
union { 

RESIDENT_ATTR ResidentData; // 10 
NONRESIDENT_ATTR NonResidentData; 

}; 

} ATTRIBUTE, *PATTRIBUTE; // Resident size = 18, 



I NonResident size = 48 
185471 
18548 
18549 
18550 
18551 
18552 
18553 
18554 
18555 
18556 
18557 
18558 
18559 
18560 
18561 
18562 
18563 
18564 
18565 
18566 
18567 
18568 
18569 
18570 
18571 
18572 
18573 
18574 
18575 
18576 
18577 
18578 
18579 
18580 
18581 
18582 
18583 
18584 
18585 
18586 
18587 
18588 
18589 
18590 
18591 
18592 

I 18 
18593 
18594 



#define DOS_READONLY 0x0001 
#define DOSJHIDDEN 0x0002 
#define DOS_SYSTEM 0x0004 
#define DOS_ARCHIVE 0x0020 
#define DOS_COMPRESSED 0x0800 

typedef struct _STANDARD_INFORMATION { 
ULARGEJNTEGER FileCreationTime; // 18 
ULARGEJNTEGER LastModifiedTime; // 20 
ULARGEJNTEGER LastModifiedTimeForMFT; // 28 
ULARGEJNTEGER LastAccessTime; // 30 
ULONG Dos Attributes; // 38 
BYTE Unused[0xc]; // 3c 

} STANDARD INFORMATION, *PSTANDARD INFORMATION; 

typedef struct _ATTRIBUTEJ_IST { 
ULONG Type; // 0 

WORD RecordLength; // 4 

BYTE NameLength; // 6 

BYTE Unknown 1; // 7 

ULARGEJNTEGER StartingVCN; // 8 

ULONGLONG MFTEntry : 48; //10 
ULONGLONG SequenceNumber : 16; //16 
WORD AttributelD; //18 

WORD Unknown2; //1a 

WORD Unknown3; //1c 

WORD Unknown4; //1e 

// WCHAR Name[1]; //20 

} ATTRIBUTE JJST, *PATTRIBUTE_LIST; 

#define FILENAME_POSIX 0x0 
#define FILENAMEJJNICODE 0x1 
#define FILENAMEJDOS 0x2 
#define FILENAMEJJNICODE JX)S 0x3 

#define FILENAME_READONLY 0x00000001 
#define FILENAMEJHIDDEN 0x00000002 
#define FILENAMEJ3YSTEM 0x00000004 
#define FILENAME_ARCHIVE 0x00000020 
#define FILENAME_COMPRESSED 0x00000800 
#define FILENAMEJDIRECTORY 0x10000000 

typedef struct _FILENAME { 

ULONGLONG DirectoryMft : 48; // 

ULONGLONG SequenceNumber : 16; 
ULARGEJNTEGER FileCreationTime; // 



ULARGEJNTEGER LastModifiedTime; // 



ULARGEJNTEGER LastModifiedTimeForMFT; 



ULARGE INTEGER LastAccessTime; // 



ULARGE_INTEGER FileSize; 



ULARGEJNTEGER AttributeSize; 



// 



// 



ULONG 



ULONG 



BYTE 



BYTE 



WCHAR 



Flags; 



Unknown; 



// 



// 



FileNameLength; 



FileNameType; 



FileName[1]; 



// 



// 



// 



| 20 
18595| 
| 28 
18596| 
| 30 
18597| 
| 38 
18598| 
| 40 
18599| 
| 48 
18600| 
| 50 
18601| 
| 54 
18602| 
| 58 
18603| 
| 59 
18604| 
| 5a 

18605| } FILENAME, *PFILENAME; 
18606| 

18607| // The first 1 1 inodes correspond to special files 

18608| #define FILE_MFT 0 

18609| #define FILE_MFTMIRR 1 

18610| #define FILEJ.OGFILE 2 

1 861 1 1 #def ine FILE_VOLUME 3 

18612| #define FILE_ATTRDEF 4 

18613| #def ine FILE_ROOT 5 

18614| #define FILE_BITMAP 6 

1 861 5| #def ine FILE_BOOT 7 

18616| #def ine FILE_BADCLUS 8 

1 861 7| #def ine FILE QUOTA 9 

18618| #define FILEJJPCASE 10 

18619| 

18620| /* 

1 8621 1 Files 1 1 . .1 5 are reserved also. 1 5 is marked as 

| 'BAAD' instead of 'FILE' for some 
18622| reason... 
18623| 7 
18624| 

18625| typedef struct _VOLUME_INFORMATION { 
18626| BYTE Unknown[8]; 
18627| BYTE Unknown2; 



// 



18628| BYTE Unknown3; 

| (maybe a version?) 
18629| BYTEChkdsk; 

| chkdsk /f during boot 
1 8630 1 BYTE U nknown4[5] ; 



// 1 on my drive 
// 2 on my drive 

// 1 = volume will be 



18631| } VOLUMEJNFORMATION, *PVOLUME_INFORMATION; 
18632| 

1 8633| #def ine ATTR_FLAG_INDEXABLE 0x0000000000000001 
18634| #define ATTR_FLAG_REGENERATE 0x0000000000000040 // 

| regenerate before the regeneration phase 
18635| #define ATTR_FLAG_NON_RESIDENT 0x0000000000000080 // 

| not sure on this one 
18636| 

18637| typedef struct _ATTRIBUTE_DEFINITION { 

18638| WCHAR Name[40]; 

18639| ULARGEJNTEGER Type; 

18640| ULARGEJNTEGER Flags; 

18641| ULARGEJNTEGER MinimumSize; 

18642| ULARGEJNTEGER MaximumSize; 

18643| } ATTRIBUTE JDEFINITION, *PATTRIBUTE_DEFINITION; 

18644| 

18645| typedef struct JJPCASE { 

18646| WCHAR UpperCaseCharacters[65536]; 

18647| } UPCASE, *PUPCASE; 

18648| 

18649| typedef struct _VOLUME_NAME { 

18650| WCHAR VolumeName[1]; // actually counted Unicode 

| string, count is in Attribute->ResidentData.DataLength 
18651| } VOLUME JJAME, *PVOLUME_NAME; 
18652| 

18653| #define FLAGSJNDEXJ3UBNODES 0x00000001 
18654| #define FLAGS JNDEX_LAST 0x00000002 
18655| 

18656| typedef struct JNDEXJENTRY { 
18657| ULONGLONG DirectoryMft : 48; // 
10 

18658| ULONGLONG SequenceNumber : 16; 
18659| WORD EntrySize; // 

18 

18660| // Still not sure on this one... 
18661| WORD DataSize; // 

la 

18662| ULONG Flags; // 
|c 

18663| ULONGLONG MyDirectoryEntry : 48; // 
I 10 

18664| ULONGLONG MySequenceNumber : 16; 
18665| #if 0 

18666| ULARGEJNTEGER FileCreationTime; // 
I 18 

18667| ULARGEJNTEGER LastModifiedTime; // 
| 20 

18668| ULARGEJNTEGER LastModifiedTimeForMFT; // 
| 28 

18669| ULARGEJNTEGER LastAccessTime; // 



I 30 
18670| #else 

18671| FILETIME FileCreationTime; // 
I 18 

18672| FILETIME LastModifiedTime; // 
| 20 

18673| ULARGEJNTEGER LastModifiedTimeForMFT; // 
| 28 

18674| FILETIME LastAccessTime; // 

| 30 
18675| #endif 

18676| ULARGEJNTEGER Allocated AttributeSize; // 
| 38 

18677| ULARGEJNTEGER AttributeSize; // 
| 40 

18678| ULARGEJNTEGER Attributes; // 

| 48 , FILENAMEJDI RECTORY, Etc... 
18679| // since this is an index, this may be KeyLength, 

| Key Type, and KeyData 
18680| BYTE FileNameLength; // 

| 50 

18681| BYTE FileNameType; // 

|51 

18682| WCHAR FileName[1]; // 
| 52 

18683| // EntrySize-8 = VCN of index buffer with 
| subnodes 

18684| } INDEXJENTRY, *PINDEX_ENTRY; 
18685| 

18686| typedef struct JNDEX_ALLOCATION { 
18687| ULONG Signature; // 
10 

18688| WORD OffsetToFixup; // 

14 

18689| WORD NumberOfFixups; // 

16 

18690| ULARGEJNTEGER Unknown; // 
18 

18691| ULARGEJNTEGER VCNOfBuffer; // 

| 1 0 Back pointer to self 
18692| WORD HeaderSize; // 

I 18 

18693| WORD Unknown2; // 

I 1a 

18694| ULONG Length; // 

I 1c 

18695| ULONG AllocatedLength; // 
| 20 

18696| ULONG Unknown3; // 

| 24 



} INDEX_ALLOCATION, *PINDEX_ALLOCATION; 
typedef struct _INDEX_ROOT { 



ULONG 


Signature; 


ULONG 


Unknownl ; 


ULONG 


SizeOflndex; 


ULONG 


NumberOfClustersPerlndex; 


ULONG 


Unknown2; 


ULONG 


Unknown3; 


ULONG 


Unknown4; 


ULONG 


Unknown5; 



18697| WORD Fixup; // 

| 28 
18698 
18699 
18700 
18701 
18702 
18703 
18704 
18705 
18706 
18707 
18708 
18709 
18710 
18711 
18712 
18713 
18714 
18715 
18716 
18717 
18718 
18719 
18720 
18721 
18722 
18723 
18724 
18725 
18726 
18727 
18728 
18729 
18730 
18731 
18732 
18733 
18734 
18735 
18736 
18737 
18738 
18739 
18740 
18741 
18742 
18743 
18744 
18745 



} INDEX_ROOT, *PINDEX_ROOT; 

#pragma pack() 

// my structure! 

typedef struct _DATA_RUN { 
ULONGLONG Cluster; 
ULONGLONG Length; 
} DATA_RUN, *PDATA_RUN; 

typedef struct sFragmentDescriptor { 
DATA_RUN dr; 
LIST_ENTRY Link; 
} tFragmentDescriptor, *pFragmentDescriptor; 

typedef struct _FAT1 6 { 

WORD Cluster; 
} FAT16, *PFAT16; 

typedef struct _FAT32 { 

ULONG Cluster; 
} FAT32, *PFAT32; 

typedef struct _FAT1 2 { 

WORD Cluster; //only 12 bits per entry!!! 
} FAT12, *PFAT12; 

typedef struct _Volumelnfo { 

pDASDHandle LockHandle; 
ULONGLONG VolumeStartSector; 

// ntfs stuff 

PNTFS_BOOT_SECTOR NtfsBootSector; 
PMFT Mft; 
struct _NTFS_File *MftFile; 
WCHAR *UpcaseTable; 



18746| 
18747| #if 0 
18748| //fat stuff 

18749| PFAT_BOOT_SECTOR FatBootSector; 
18750| PFAT16 Fat; 
18751| PVOID RootDir; 
18752| #endif 

18753| } tVolumelnfo, *pVolumelnfo; 
18754| 

18755| typedef struct _NTFS_File { 



18756| 


pVolumelnfo 


Volumelnfo; 


18757| 


ULONG 


Type; 


18758| 


WCHAR 


*AttrName; 


18759| 


ULONG 


VCNToLCNMappingTableSize; 


18760| 


PDATA_RUN 


VCNToLCNMappingTable; 


18761| 


ULONGLONG 


MftEntryNum; 


18762| 


PMFT 


Mft; 


18763| 


PVOID 


Buffer; 


18764| 


PBYTE 


CompressedBuffer; 


18765| 


PBYTE 


UnCompressedBuffer; 



18766| } NTFS_File, *PNTFS_File; 

18767| 

18768| 

18769| // NTFS support functions 

18770| int GetRun ( PVOID DataRun, ULONG *Offset, 

| ULARGE_INTEGER *Cluster, ULARGEJNTEGER *Length, ULONG 

| *Sparse ); 

18771| PVOID NTFS_GetDataRun(PATTRIBUTE Attribute, PNTFS_File 

| NtfsFile, pVolumelnfo Volumelnfo, ULONGLONG 

| MftEntryNum, ULONG Type, WCHAR *AttrName ); 
18772| ULONGLONG AdjustGapToRelative( PVOID DataRunComplex, 

| PVOID DataRun, PVOID DataRunComplexLimit); 
18773| ULONGLONG FindClusterForEntryNum( PVOID DataRun, 

| ULONGLONG EntryNum); 
18774| ULONG GetDataRunLength( PVOID DataRun, ULONGLONG 

| NumClusters ); 

18775| ULARGEJNTEGER GetPackedDataRunFinalStartLCN( PVOID 

| DataRun, PVOID DataRunComplexLimit); 
18776| ULONG GetPackedDataRunLength( PVOID DataRun, ULONGLONG 

| NumClusters ); 

18777| ULONG M akeVC N To LCN Mapping ( PVOID DataRun, PDATA_RUN 

| MappingTable, ULONG NumRuns ); 
18778| ULONGLONG CountClearBits( PVOID Data, ULONGLONG 

| ByteCount ); 

18779| ULONGLONG CountSetBits( PVOID Data, ULONGLONG ByteCount 

I); 

18780| 

18781 1 // ntfs low level functions 

18782| int NTFS_FixupRecord ( pVolumelnfo Volumelnfo, 
| PVOID Record ); 



18783| ULONGLONG NTFS_VCNToLCN(PNTFS_File File, ULONGLONG VCN 

I); 

18784| ULONG NTFS_ReadLogicalCluster( pVolumelnfo 

| Volumelnfo, ULONGLONG Cluster, ULONG NumClusters, PVOID 
| Buffer); 

18785| ULONG NTFS_WriteLogicalCluster( pVolumelnfo 

| Volumelnfo, ULONGLONG Cluster, ULONG NumClusters, PVOID 
| Buffer); 

18786| PVOID NTFS_GetAttributeByType( pVolumelnfo 

| Volumelnfo, PMFT Mft, ULONG Type ); 
18787| PVOID NTFS_GetAttributeByName( pVolumelnfo 

| Volumelnfo, PMFT Mft, ULONG Type, WCHAR *Name ); 
18788| ULONG NTFS_ReadMftEntryNumber( pVolumelnfo 

| Volumelnfo, ULONGLONG EntryNum, PVOID Buffer); 
18789| ULONG NTFS_WriteMftEntryNumber( pVolumelnfo 

| Volumelnfo, ULONGLONG EntryNum, PVOID Buffer); 
18790| 
18791| 

18792| ULONGLONG DisplayFileslnDir( tVolumelnfo *Volumelnfo, 

| ULONGLONG Mft Entry ); 
18793| 

18794| //ray, check this has to be above first use. When 

| proved find its final resting place 
18795| typedef struct _NODE { 
18796| PVOID ShallowerNode; 
18797| PINDEX_ALLOCATION IA; 
18798| PINDEXENTRY IE; 
18799| } tNODE,*PNODE; 
18800| typedef struct _NTFS_FIND_INFO { 



18801| 


PNTFS_File 


DirectoryFile; 


18802| 


PNTFS_File 


IRFile; 


18803| 


PNTFS_File 


lAFile; 


18804| 


LONGLONG 


IRSize; 


18805| 


PNODE 


DeepestNode; 


18806| 


PINDEX_ROOT 


IR; 


18807| 


PINDEX_ENTRY 


IE; 



18808| } tNTFS_FIND_INFO,*PNTFS_FIND_INFO; 
18809| 

18810| typedef struct _NTFS_FIDO_INFO { 

1 881 1 1 PNTFS_File DirectoryFile; 

18812| ULONGLONG IndexesFound; 

18813| } tNTFS_FIDO_INFO,*PNTFS_FIDO_INFO; 

18814| 

18815| 

18816| // ntfs high level functions 

18817| pVolumelnfo NTFS_OpenVolume( tDASDHandle *LockHandle, 

| ULONGLONG Sector); 
18818| ULONGLONG NTFS_GetNumFreeClusters( pVolumelnfo 

| Volumelnfo ); 

18819| PNTFS_File NTFS_OpenFileByName ( pVolumelnfo 



I Volumelnfo, WCHAR *Name, ULONG Type, WCHAR *AttrName ); 
18820| PNTFS_File NTFS_OpenFileByNumber ( pVolumelnfo 

| Volumelnfo, ULONGLONG MftEntryNum, ULONG Type, WCHAR 
| *AttrName ); 

18821 1 ULONGLONG NTFS_GetFileSize ( PNTFS_File File ); 

18822| ULONGLONG NTFS_GetCompressedFileSize( PNTFS_File File 

I); 

18823| ULONG NTFS_GetFilelnfo( PNTFS_File File, 

| PFILENAME FN ); 
18824| ULONG NTFS_ReadFile ( PNTFS_File File, 
18825| ULONGLONG ByteOffset, 

18826| ULONGLONG ByteCount, 

18827| PVOID Data); 

18828| ULONG NTFS_WriteFile ( PNTFS_File File, 
18829| ULONGLONG ByteOffset, 

18830| ULONGLONG ByteCount, 

18831| PVOID Data); 

18832| ULONG NTFS_CommitFile ( PNTFS_File File ); 
18833| ULONG NTFS_CloseFile( PNTFS_File File ); 
18834| void NTFS_CloseVolume( pVolumelnfo Volumelnfo ); 
18835| BOOL NTFS_FindNextFile( PNTFS_FIND_INFO hFindFile, 

| LP Wl N32 F I N D_D ATA IpFindFileData ); 
18836| BOOL NTFS_FidoNextFile( PNTFS_FIDO_INFO hFindFile, 

| LP Wl N32F I N D_D ATA IpFindFileData ); 
18837| 

18838| // psuedo functions 

18839| #define NTFS_GetVolumeSizelnClusters(Volumelnfo) 
| ((Volumelnfo)->NtfsBootSector->NumberOfSectors.QuadPart 
| / (Volumelnfo)->NtfsBootSector->SectorsPerCluster) 

18840| #define NTFS_GetVolumeSizelnSectors(Volumelnfo) 
| ((Volumelnfo)->NtfsBootSector->NumberOfSectors) 

18841| #define NTFS_GetFileNumber(File) 
| ((File)->MftEntryNum) 

18842| 

18843| // My error codes 
18844| 

18845| #define ERROR_NO_ATTRIBUTE_FOUND 0xe8000001 
18846| #define ERROR_INVALID_RUN 0xe8000002 
18847| #define ERROR_NOT_COM PRESSED 0xe8000003 
18848| 
18849| 

18850| typedef struct sNTFS_AllocFiles { 

18851 1 WCHAR *FileNameOnly; 

18852| LARGEJNTEGER FileSize; 

18853| } tNTFS_AllocFiles, *pNTFS_AllocFiles; 

18854| 

18855| ULONG NTFS_AllocAndlnitFiles( WCHAR *NTDeviceName, 

| ULONG NumFiles, tNTFS_AllocFiles Files[] ); 
18856| 
18857| 



18858| 

18859| File Listing: ntfs_ondisk.h 
18860| 

18861| #pragma pack(1) 

18862| typedef struct _NTFS_BOOT_SECTOR { 

18863| BYTE Jmp[3]; 

18864| BYTE Oemld[8]; 

18865| USHORT Bytes PerSector; 

18866| BYTE Sectors PerC luster; 

18867| USHORT ReservedSectors; // not used in NT 
1(0) 

18868| BYTE NumberOfFats; // not used in NT 
1(0) 

18869| USHORT Root Directory; // not used in NT 
1(0) 

18870| USHORT SmallSectors; // not used in NT 
1(0) 

18871| BYTE Mediald; 

18872| USHORT Sectors Per Fat; // not used in NT 
1(0) 

18873| USHORT Sectors PerTrack; 

18874| USHORT Heads; 

18875| ULONG Hidden Sectors; // not used in NT 
1(0) 

18876| ULONG LargeSectors; // not used in NT 
1(0) 

18877| BYTE Drive; 

18878| BYTE DirtyVolume; 
18879| 

18880| USHORT Reserved; 

18881 1 ULARGEJNTEGER NumberOfSectors; 

18882| ULARGEJNTEGER MftCluster; 

18883| ULARGEJNTEGER Mft2Cluster; 

18884| 

18885| ULONG MFTRecordSize; 

18886| ULONG IndexBufferSize; 
18887| /* conflicting stories.... 

18888| BYTE MFTRecordSize; 

18889| ULONG IndexBufferSize; 

18890| USHORT Unknownl; 

18891| BYTE Unknown2; 
18892| 
18893| 7 

18894| ULARGEJNTEGER SerialNumber; 

18895| ULONG SectorChecksum; 

18896| ULONG Unknownl; 

18897| ULONG Unknown2; 

18898| BYTE Unknown3; 

18899| BYTE Code[0x1a1]; 

18900| USHORT Signature; // aa55 



18901| } NTFS_BOOT_SECTOR; 

18902| typedef NTFS_BOOT_SECTOR *PNTFS_BOOT_SECTOR; 

18903| #pragma pack() 

18904| 

18905| 

18906| 

18907| File Listing: ondisk.h 
18908| 

18909| /* general partition stuff 7 
18910| 

1 891 1 1 #def ine PARTITION_Empty 0x00 
18912| #define PARTITION_DOS12Bit 0x01 // 12 bit fat 
| < 10mb 

18913| #define PARTITION_DOS16Bit 0x04// 16 bit fat 
| < 32mb 

1 8914| #define PARTITION_DOSExtended 0x05 // Extended 
| Dos Partition 

18915| #def ine PARTITION_DOSHuge 0x06 // 1 6 bit FAt 
| >= 32mb 

18916| #define PARTITION_NTFS 0x07 
18917| 

18918| #define PARTITION_DRDOSHuge 0xC4 
18919| #define PARTITION_DRDOSExtended 0xC5 
18920| #define PARTITION_DRDOSCompress 0xC6 
18921| 

18922| #define PARTITION_ConCurDOS OxDB 
18923| 

18924| #define PARTITION_Netware286 0x64 
18925| #define PARTITION_Netware386 0x65 
18926| 

18927| #define GetBeginSPT(Part) ((Part)->BeginSector & 0x3f) 
18928| #define GetEndSPT(Part) ((Part)->EndSector & 0x3f) 
18929| #define GetBeginCyl(Part) ((((Part)->BeginSector & 

| OxcO) « 2) + (Part)->BeginCyl) 
18930| #define GetEndCyl(Part) ((((Part)->EndSector & OxcO) « 

| 2) + (Part)->EndCyl) 
18931| 
18932| 

18933| #pragma pack(1) 
18934| typedef struct _Partlnfo { 
18935| BYTE Bootable; 
18936| BYTE BeginHead; 
18937| BYTE BeginSector; 
18938| BYTE BeginCyl; 
18939| BYTE SystemType; 
18940| BYTE EndHead; 
18941| BYTE EndSector; 
18942| BYTE EndCyl; 
18943| ULONG StartSector; 
18944| ULONG NumberOf Sectors; 



18945| JtPartlnfo; 
18946| 

18947| #pragma pack(1) 
18948| // physical sector 0 
18949| typedef struct _MBR { 
18950| BYTE Code[0x1 b8]; 
1 8951 1 ULONG SerialNumber; 
18952| BYTE Dirty; 
18953| BYTE Unknown; 
18954| tPartlnfo Part[4]; 
18955| USHORT Signature; 
18956| JtMBR, *pMBR; 
18957| 

18958| #pragma pack(1) 

18959| typedef struct _NTFS_BOOT_SECTOR { 
18960| BYTE Jmp[3]; 
18961| BYTE Oemld[8]; 
18962| USHORT Bytes PerSector; 
18963| BYTE Sectors PerC luster; 
18964| USHORT ReservedSectors; // not used in NT 
1(0) 

18965| BYTE NumberOfFats; // not used in NT 
1(0) 

18966| USHORT Root Directory; // not used in NT 
1(0) 

18967| USHORT SmallSectors; // not used in NT 
1(0) 

18968| BYTE Mediald; 

18969| USHORT SectorsPerFat; // not used in NT 
1(0) 

18970| USHORT Sectors PerTrack; 
18971| USHORT Heads; 

18972| ULONG Hidden Sectors; // not used in NT 
1(0) 

18973| ULONG LargeSectors; // not used in NT 
1(0) 

18974| BYTE Drive; 
18975| BYTE DirtyVolume; 
18976| 

18977| USHORT Reserved; 

18978| ULARGEJNTEGER N u m be rOf Sectors; 

18979| ULARGEJNTEGER MftCluster; 

18980| ULARGEJNTEGER Mft2Cluster; 

18981| 

18982| ULONG MFTRecordSize; 
18983| ULONG IndexBufferSize; 
18984| /* conflicting stories.... 
18985| BYTE MFTRecordSize; 
18986| ULONG IndexBufferSize; 
18987| USHORT Unknownl; 



18988 
18989 
18990 
18991 
18992 
18993 
18994 
18995 
18996 
18997 
18998 
18999 
19000 
19001 
19002 
19003 
19004 
19005 
19006 
19007 
19008 
19009 
19010 
19011 
19012 
19013 
19014 
19015 
19016 
19017 
19018 
19019 
19020 



BYTE Unknown2; 

7 

ULARGEJNTEGER SerialNumber; 
ULONG SectorChecksum; 
ULONG Unknownl ; 
ULONG Unknown2; 
BYTE Unknown3; 
BYTE Code[0x1a1]; 
USHORT Signature; //aa55 
} NTFS_BOOT_SECTOR; 

typedef NTFS_BOOT_SECTOR *PNTFS_BOOT_SECTOR; 
#pragma pack(1) 

typedef struct _FAT_BOOT_SECTOR { 
BYTE Jmp[3]; 
BYTE Oemld[8]; 
USHORT BytesPerSector; 
BYTE SectorsPerCluster; 
USHORT ReservedSectors; 
BYTE NumberOfFats; 
USHORT RootDirectory; 
USHORT SmallSectors; 
BYTE Mediald; 
USHORT SectorsPerFat; 
USHORT SectorsPerTrack; 
USHORT Heads; 
ULONG HiddenSectors; 
ULONG LargeSectors; 
BYTE Drive; 
BYTE DirtyVolume; 

BYTE BootSignature; // 29 means the next 



| are valid 
19021| ULONG VolumelD; 
19022| CHAR VolumeLabel[0xb]; 
19023| CHAR FileSysType[8]; 
19024| BYTE Code[0x1c0]; 
19025| USHORT Signature; //aa55 
19026| } FAT_BOOT_SECTOR; 

19027| typedef FAT_BOOT_S ECTOR *PFAT_BOOT_SECTOR; 
19028| typedef FAT_BOOT_SECTOR GENERIC_BOOT_SECTOR; 
19029| typedef G EN E R I C_BOOT_S ECTO R *PGENERIC_BOOT_SECTOR; 
19030 

1 9031 1 #pragma pack(1 ) 
19032| typedef struct _FAT_DIR_ENTRY { 
19033| CHAR Name[8]; 
19034| CHAR Ext[3]; 
19035| BYTE Attributes; 
190361 BYTE Reserved[0xa]; 



19037| USHORT Time; 
19038| USHORT Date; 
19039| USHORT StartCluster; 
19040| ULONG FileSize; 
19041| } FAT_DIR_ENTRY; 

19042| typedef FAT_DIR_ENTRY *PFAT_DIR_ENTRY; 
19043| 

19044| #pragma pack() 

19045| 

19046| 

19047| 

19048| File Listing: PHYSAPl.h 
19049| 

19050| PSMSTATUS PSMAPI Psm_Enable_PhysicalW( IN 

| pOpenTransactionlnW In, 
19051| IN ULONG 

| NumDrives, 
19052| IN ULONG 

| *DriveMap ); 

19053| PSMSTATUS PSMAPI Psm_Enable_PhysicalExW( IN 

| pOpenTransactionlnW In, 
19054| IN ULONG 

| NumDrives, 
19055| IN ULONG 

| *DriveMap, 
19056| INOUT 

| LPOVERLAPPED Overlapped, 
19057| IN 

| LPOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine 
19058| ); 

19059| PSMSTATUS PSMAPI Psm_Enable_PhysicalA( IN 

| pOpenTransactionlnA In, 
19060| IN ULONG 

| NumDrives, 
19061| IN ULONG 

| *DriveMap ); 

19062| PSMSTATUS PSMAPI Psm_Enable_PhysicalExA( IN 

| pOpenTransactionlnA In, 
19063| IN ULONG 

| NumDrives, 
19064| IN ULONG 

| *DriveMap, 
19065| INOUT 

| LPOVERLAPPED Overlapped, 
19066| IN 

| LPOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine 
19067| ); 
19068| #ifdef UNICODE 

19069| #define Psm_Enable_Physical Psm_Enable_PhysicalW 
19070| #define Psm_Enable_PhysicalEx Psm_Enable_PhysicalExW 



19071 
19072 
19073 
19074 
19075 
19076 
19077 



PSMSTATUS PSMAPI Psm_Disable_Physical( ); 
PSMSTATUS PSMAPI Psm_FreePhysicalDrives( IN ULONG 
| NumDrives, 
190781 



#else 

#define Psm_Enable_Physical Psm_Enable_PhysicalA 
#define Psm_Enable_PhysicalEx Psm_Enable_PhysicalExA 
#endif 



IN ULONG 



| * Drives ); 
190791 
19080 
19081 
19082 
19083 
19084 
19085 
19086 
19087 
19088 
19089 
19090 
19091 
19092 
19093 
19094 
19095 
19096 
19097 
19098 
19099 
19100 
19101 
19102 
19103 
19104 
19105 
19106 
19107 
19108 
19109 
19110 
19111 
19112 
19113 
19114 
19115 
19116 
19117 
19118 



File Listing: psmlapi.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 
#include <assert.h> 
#define ASSERT assert 

#include <winioctl.h> 
#include <undoc.h> 
// psm api 
#include <psm.h> 
// ioctls we need to send down 
#include M ..\driver\ioctl.h" 

#include "volume. h" 

#include "defrag.h" 
#include <mountdev.h> 
#include <ntddstor.h> 
#include <ntddvol.h> 
#include <aclapi.h> 
#include <clusapi.h> 

#include "setup5.h" 
#include "setup4.h" 
#include "service. h" 
#include "cluster.h" 



19119| // The following function resides in cacheloc.c 

19120| extern ULONG FindBestVolumeForCache ( 

19121| pOpenTransactionln3W In, 

19122| WCHAR *TempPath, 

19123| int TempPathSizelnChars ); 

19124| 

19125| #define DN_MakePointer(Start,Offset) 

| ((PVOID)(((char*)(Start))+(Offset))) 
19126| #define DN_MakeOffset(Start, Offset) 

| ((ULONG)(((char*)(Offset))-((char*)(Start)))) 
19127| 

19128| #define PSM_VOLUME_NAME_PATTERN 

| L M \\\\?\\PsmVolume{%08x,%02x}" 
19129| #define PSM_VOLUME_SHARE_PATTERN L"Psm%s_%d" 
19130| 

19131 1 #define try_return(S) { S; goto try_exit; } 
19132| 

19133| typedef struct sAPCContext { 
19134| tOpenTransactionln3W In; 
19135| pOpenTransactionOutW Out; 
19136| pOpenTransactionlnlnternal OTI; 
19137| pOpenTransactionOut Internal OTO; 
19138| ULONG SizeofOTO; 
19139| ULONG SizeofOTI; 
19140| ULONG SizeOfVolumeMap; 
19141| PVOID VolumeMap; 
19142| ULONG *VolumeMapFlags; 
19143| IO_STATUS_BLOCK loStatus; 
19144| pSnapShot *SnapShot; 
1 9 1 45 1 t PSM_Secu rity I nf o Secu ri ty I nf o ; 

19146| LPOVERLAPPED Overlapped; 

19147| LPOVERLAPPED COMPLETION ROUTINE OverlappedRoutine; 

19148| } tAPCContext, *pAPCContext; 

19149| 

19150| // do not include psmlapi.h unless you undefine the 

| defines in it! 
19151| 
19152| 

19153| #ifdef WIN32 

19154| #define DLLEXPORT declspec( dllexport ) 

19155| #define DLLIMPORT declspec( dllimport ) 

19156| #endif 

19157| #define UNREFERENCED(x) (x)=(x) 

19158| 

19159| 

19160| #ifdef_DEBUG 
19161| #define STATIC 

19162| void PSM_LogDebuglnfo( const TCHAR *fmt,...); 
19163| #define DLOG(x) PSM_LogDebuglnfo x 
19164| #else 



19165 
19166 
19167 
19168 
19169 
19170 
19171 
19172 
19173 
19174 



typedef NTSTATUS (NTAPI *tNtQueryVolumelnformation)( 
IN HANDLE FileHandle, 
OUT PIO_STATUS_BLOCK loStatusBlock, 
OUT PVOID Fslnformation, 
IN ULONG Length, 
IN FS_INFORMATION_CLASS 
| FslnformationClass); 
19175| 

1 91 76| // specific to Win2k only 
191771 typedef BOOL (WINAPI 



| *tGetVolumeNameForVolumeMountPoint)( 



19178 
19179 
19180 
19181 
19182 
19183 
19184 
19185 
19186 
19187 
19188 
19189 
19190 
19191 
19192 
19193 
19194 
19195 
19196 
19197 
19198 
19199 
19200 
19201 
19202 
19203 
19204 
19205 
19206 
19207 
19208 
19209 
19210 
19211 
19212 



#define STATIC static 
#define DLOG(x) 
#endif 



LPWSTR IpszVolumeMountPoint, 
LPWSTR IpszVolumeName, 
DWORD cchBufferLength); 
typedef BOOL (WINAPI *tGetVolumePathName)( 
LPWSTR IpszFileName, 
LPWSTR IpszVolumePathName, 
DWORD cchBufferLength); 

typedef HANDLE (WINAPI *tFindFirstVolume)( 
LPWSTR IpszVolumeName, 
DWORD cchBufferLength 

); 

typedef BOOL (WINAPI *tFindNextVolume)( 
HANDLE hFindVolume, 
LPWSTR IpszVolumeName, 
DWORD cchBufferLength 

); 

typedef BOOL (WINAPI *tFindVolumeClose)( 
HANDLE hFindVolume 

); 



typedef PWCHAR *pVolMap; 

typedef struct _MapDrive { 

WCHAR NTDeviceName[256]; 

WCHAR DriveLetterName[10]; 

WCHAR ShareName[256]; 

WCHAR VolumeName[256]; 

WCHAR OriginalUserName[256]; 

WCHAR OriginalNTName[256]; 

WCHAR Company[80]; 



19213| 


WCHAR 


Product[80]; 


19214| 


WCHAR 


Version[80]; 


19215| 


WCHAR 


Code[20]; 


19216| 


WCHAR 


Key[20]; 


19217| 


ULONG 


SnapShotOffset; 



// Snapshot 
| associated with this virtual drive 
19218| } tMapDrive; 
19219| 

19220| typedef struct _ThreadStorage { 
19221 1 ULONG RegisterCalled; 
19222| ULONG Persistent; 
19223| ULONG NumOpens; 
19224| HANDLE PSMan Event; 
19225| HANDLE PSManHandle; 
19226| WCHAR TempFileName[255]; 
19227| BOOLEAN UsedTempFile; 
19228| HANDLE AbortEvent; 
19229| WCHAR Company[80]; 
19230| WCHAR Product[80]; 
19231 1 WCHAR Version[80]; 
1 9232| WCHAR Code[20]; 
19233| WCHAR Key[20]; 
19234| #ifdef_DEBUG 
19235| HANDLE DebugLogFile; 
19236| #endif 

1 9237| ULONG Num Snapshots; 

19238| ULONG Sn apShots Offset [MAX_NUMBER_OF_S NAP SHOTS]; 

19239| } tThreadStorage, *pThreadStorage; 

19240| 

19241 1 typedef struct sProductEntry { 
19242| struct sProductEntry *Next; 
19243| WCHAR Company[40]; 
19244| WCHAR Product[80]; 
19245| WCHAR Version[40]; 
19246| ULONG Threads; 
19247| ULONG Processes; 
19248| } tProductEntry, *pProductEntry; 
19249| 

19250| typedef struct sSharedMemory { 

19251| ULONG Size; 

19252| ULONG NumberOf Mapped Volumes; 

19253| tMapDrive MappedVolumes[MAX_VOLUMES_SUPPORTED]; 
19254| ULONG NumberOf Snapshots; 
19255| CHAR 

| SnapShotslnUse[(7+MAX_NUMBER_OF_SNAPSHOTS)/8]; 
19256| ULONG 

| SnapShotsOffset[MAX_NUMBER_OF_SN APSHOTS]; 
19257| tSnapShot 

| ActualSnapShotSpace[MAX_NUMBER_OF_SNAPSHOTS]; 
19258| } tSharedMemory; 



19259| 

19260| #define MakePointer(Offset) 

| ((pSnapShot)(((char*)(SharedMemory->ActualSnapShotSpace) 

| H(Offset))) 
19261| #define MakeOffset( Pointer) 

| (ULONG)(((char*)(Pointer))-((char*)SharedMemory->ActualS 

| napShotSpace)) 
19262| 

19263| // 



19264| // Global variables common to all process 
19265| STATIC HANDLE MapFileHandle=NULL; 
19266| STATIC tSharedMemory *SharedMemory=NULL; 
19267| 

19268| // 



19269| // global only to this process. 
19270| #ifdef _DEBUG 
19271| DWORD DebugMode =0; 
19272| #endif 

19273| STATIC DWORD Tlslndex = Oxffffffff; 

19274| STATIC HANDLE SharedMemoryMutex=INVALID_HANDLE_VALUE; 

19275| STATIC HANDLE OpenCloseMutex=INVALID_HANDLE_VALUE; 

19276| STATIC ULONG RandomNumberSeed = 1L; 

19277| STATIC ULONG CacheFileLocationKeyExists=FALSE; 

19278| STATIC WCHAR CacheFileLocation[256]={0}; 

19279| STATIC WCHAR PreOpenFile[256]={0}; 

19280| STATIC WCHAR PostOpenFile[256]={0}; 

19281| STATIC WCHAR PostCloseFile[256]={0}; 

19282| STATIC WCHAR ChildUser[256]={0}; 

19283| STATIC WCHAR ChildPassword[256]={0}; 

19284| STATIC WCHAR SnapShotLocation[256]={0}; 

19285| STATIC WCHAR SnapShotPattern[256]={0}; 

19286| STATIC ULONG NtBuildNumber=1381 ; 

19287| STATIC tGetVolumePathName pGetVolumePathName=NULL; 
19288| STATIC tGetVolumeNameForVolumeMountPoint 

| pGetVolumeNameForVolumeMountPoint=NULL; 
19289| STATIC tNtQueryVolumelnformation 

| pNtQueryVolumelnformation=NULL; 
19290| STATIC tFindFirstVolume pFindFirstVolume=NULL; 
19291| STATIC tFindNextVolume pFindNextVolume=NULL; 
19292| STATIC tFindVolumeClose pFindVolumeClose=NULL; 
19293| ULONG GetWin32NameForNtDeviceName( WCHAR *NTName, WCHAR 

| *Win32Name ); 

19294| STATIC BOOL Login_EnablePrivilege ( LPTSTR Privilege ); 
19295| extern BOOLEAN HasEvalExpired( pPSM_Versionlnfo2 

| Version ); 
19296| 

19297| // 

| 



19298| // prototypes 
19299| 

19300| int CreateJunction( PWCHAR LinkDirectory, PWCHAR 

| LinkTarget, PLARGEJNTEGER Time ); 
19301| int CreateJunction2( PWCHAR LinkDirectory, PWCHAR 

| LinkTarget, PLARGEJNTEGER Time ); 
19302| int DeleteJunction( PWCHAR Junction ); 
19303| STATIC pTh read Storage GetThreadStorage(); 
19304| STATIC pSnapShot AllocSnapShot(); 
19305| STATIC ULONG lsValidSnapShot( pSnapShot Snapshot ); 
19306| STATIC void FreeSnapShot( pSnapShot Snapshot ); 
19307| STATIC ULONG CheckForZeroTerminatorA( char *Str, ULONG 

I Len ); 

19308| STATIC ULONG CheckForZeroTerminatorW( WCHAR *Str, ULONG 
I Len ); 

19309| STATIC ULONG PSMI_GetSnapShotlnfoFromVolume( WCHAR 

| *VolumeName, tSnapShotlnfoW *SnapShotlnfo ); 
19310| STATIC ULONG PSMI_lsAnPSMVolume( WCHAR *VolumeName ); 
19311| STATIC ULONG PSMI_CanBePSMed( WCHAR *VolumeName, ULONG 

| *VolumeType ); 

19312| ULONG GetDriveLetterForNtDeviceName( WCHAR *NTName, 

| WCHAR *Win32Name ); 
19313| ULONG GetVolumeGuidForNtDeviceName( WCHAR *NTName, 

| WCHAR *VolumeGuid); 
19314| STATIC int SetTimeForFile( PWCHAR File, PLARGEJNTEGER 

| Time ); 
19315| 

19316| STATIC ULONG PSMI_OpenManager( HANDLE *hDevice ); 

19317| STATIC ULONG PSMI_OpenEx( 

19318| HANDLE hDevice, 

19319| IN pOpenTransactionln3W In, 

19320| IN ULONG NumVolumes, 

19321| IN PVOID InVolumeMap, 

19322| IN ULONG *VolumeMapFlags, 

19323| IN ULONG OutVolumeMapByteSize, 

19324| INOUT PVOID OutVolumeMap, 

1 9325| OUT pOpenTransactionOutW Out, 

19326| INOUT LPOVERLAPPED Overlapped, 

19327| IN LPOVERLAPPED_COMPLETION_ROUTINE 

| Completion Routine, 
19328| IN ULONG InternalFlags, 
19329| OUT pSnapShot *SnapShot 
19330| ); 
19331| 
19332| 

19333| PSMSTATUS PSMAPI Psmi_GetKernelSnapShotVolumesW ( 
1 9334| PVOI D KernelSnapShotPointer, 
19335| WCHAR *Buffer, 
19336| ULONG BufferSize ); 

19337| STATIC ULONG PSMI_GetVolumeStats( HANDLE hDevice, 



I HANDLE hEvent, WCHAR *VolumeName, tPSM_GetStatsRecord 
| *Stats ); 

19338| STATIC ULONG GetNTDeviceName( WCHAR *AName, WCHAR 

| *NTName, ULONG BufferLength, ULONG Fast ); 
19339| STATIC ULONG FreeOneVolumeForSnapShot ( pSnapShot 

| Snapshot, WCHAR *NTName ); 
19340| STATIC ULONG FreeVolumesForSnapShot ( pSnapShot 

| Snapshot); 
19341 1 STATIC ULONG Random( void ); 

19342| STATIC ULONG CheckKey( ULONG SerialNumber, ULONG 
| CheckCode ); 

19343| STATIC ULONG PSMI_Close_lnternal( HANDLE hDevice, 

| HANDLE hEvent, PVOID KernelSnapShot ); 
19344| STATIC ULONG PSMI_Close( HANDLE hDevice, HANDLE hEvent, 

| tSnapShot *SnapShot ); 
19345| STATIC ULONG PSMI_CloseManager( HANDLE hDevice ); 
19346| STATIC ULONG PS MI_Open Exclusive ( HANDLE hDevice, 

| HANDLE hEvent, pSnapShot Snapshot ); 
19347| STATIC ULONG PS MI_C lose Exclusive ( HANDLE hDevice, 

| HANDLE hEvent, pSnapShot Snapshot ); 
19348| STATIC ULONG PS MI_Get Progress ( HANDLE hDevice, HANDLE 

| hEvent, pPSM_GetProgressOut Progress, pSnapShot 

| Snapshot); 

19349| STATIC ULONG PSMI_Get Vers ion ( HANDLE hDevice, HANDLE 
| hEvent, ULONG VerSize, pPSM_Versionlnfo Version ); 

19350| STATIC ULONG PSMI_FreeFiles( HANDLE hDevice, HANDLE 
| hEvent, pSnapShot Snapshot, ULONG NumberOfFiles, WCHAR 
I *Files[] ); 

19351| STATIC ULONG PS MI_Free Ranges ( HANDLE hDevice, HANDLE 

| hEvent, tPSM_FreeRanges *Ranges); 
19352| STATIC ULONG PSMI_FreeVolume ( HANDLE hDevice, HANDLE 

| hEvent, tPSM_FreeVolume *Volume); 
19353| STATIC ULONG RemoveAIIVDisksForThread(); 
19354| //STATIC ULONG AddDrivesToSystem( tAPCContext 

| *ApcContext ); 

19355| STATIC ULONG PSMI_GetError ( HANDLE hDevice, HANDLE 

| hEvent, pPSM_GetErrorOut Error, pSnapShot Snapshot); 
19356| STATIC int ExecuteFile ( WCHAR *FileName, WCHAR 

| *CommandLine, WCHAR *ChildUser, WCHAR *ChildPassword ); 
19357| DWORD Exception Filter( EXCEPTION_POINTERS *ep ); 
19358| PSMSTATUS PSMAPI PSMI_l_ogEvent( ULONG Eventld, ULONG 

| Status, ULONG NumStrings, WCHAR *Strings[] ); 
19359| ULONG GetOurPath( WCHAR *OurPath ); 
19360| ULONG GetUniqueldForVolume (HANDLE VolHandle, WCHAR 

| *Uniqueld,ULONG UniqueldLength); 
19361| ULONG MakeVolumeList ( 
19362| ULONG NumVolumes, 
19363| pVolMap VolumeMap, 
19364| ULONG BufferLength, 
19365| pOpenTransactionlnlnternal Internal, 



19366| ULONG InternalBufferChars ); 
19367| 



19368| #define WINDOWS_NT_UNKNOWN 
19369| #define WINDOWS_NT_WORKSTATION 



0x00 



0x01 



19370| #define WINDOWS_NT_SERVER 
19371 1 #define WINDOWS_NT_DOMAIN 



0x02 
0x04 



19372| #define WINDOWS_NT_ENTERPRISE 0x08 
19373| #define WINDOWS_NT_TERMINAL_SERVER 0x10 
19374| 

19375| STATIC int GetNTSystemType( ); 
19376| 

19377| STATIC WCHAR _COPYRIGHT_STRINGS_STRING[] = U'Copyright 

| 1999-2001 Columbia Data Products, Inc. All Rights 

| ReservedAn" 
19378| L'The 

| following 3.2k cannot be used without permissionAn"; 
19379| STATIC WCHAR *_C_STRINGS[] = { 
19380| 

19381 1 // Redacted for confidentiality. Redaction does 

19382| // not teach any claimed material. --LPW 

19383| 

19384| }; 

19385| 

19386| // 



19387| // Public APIs 
19388| 

19389| // 



19391| DLLEXPORT BOOLEAN PSMAPI 

| PsmJsPersistentSnapShotPointer ( IN pSnapShot snapshot 
I) 

19392| { 

19393| BOOLEAN isPersistent = FALSE; 
19394| if ( (ULONG)snapshot & 0x80000000 ) { 
19395| isPersistent = TRUE; 
19396| } 

19397| return isPersistent; 

19398| } 

19399| 

19400| void RemoveLineFeeds(WCHAR *String) 
19401| { 

19402| ULONG i; 

19403| for(i=0;kwcslen(String);i) { 

19404| if((String[i]==L'\n') || (String[i]==LV)) { 

19405| 

| memmove(&String[i],&String[i+1],wcslen(&String[i+1])); 
1 9406| String[wcslen(String)-1 ]=0; 

19407| }else{ 



19390| 



19408| 

19409| } 
19410| } 
19411| } 
19412| 
19413| 

19414| ULONG GetStringFromld( WCHAR *PathToUs, ULONG Id, WCHAR 

| *String, ULONG Count ) 
19415| { 

19416| #define RESOURCE_WAY 0 
19417| #if RESOURCE_WAY 
19418| ULONG Err; 
19419| 

19420| HMODULE lnstance=GetModuleHandleW(PathToUs); 
19421| if (Instance) { 

19422| if(LoadStringW(lnstance,ld,String,Count)==0) { 

19423| Err = GetLastError(); 

19424| } 

19425| }else{ 

19426| Err = GetLastError(); 

1 9427| DLOG((TEXT("Error %08x getting module 

| handle\n"),Err)); 
19428| lnstance=LoadLibraryW(PathToUs); 
19429| if (Instance) { 
19430| Err=0; 
19431| 

| if(LoadStringW(lnstance,ld,String,Count)==0) { 
19432| Err = GetLastError(); 

19433| } 

1 9434| FreeLibrary ( I nstance) ; 

19435| }else{ 

19436| Err = GetLastError(); 

19437| DLOG((TEXT("Error %08x getting library 

| module handle\n"),Err)); 
19438| } 
19439| } 
19440| return Err; 
19441| #else 
19442| ULONG Err; 

19443| HMODULE lnstance=GetModuleHandleW(PathToUs); 

19444| if( I nstance) { 

19445| if(!FormatMessageW( 

19446| FORMAT_MESSAGE_FROM_HMODULE | 

| FORMAT_MESSAGE_IGNORE_INSERTS, //flags 
19447| Instance, // message source 

19448| Id, // message id 

19449| 0, // lang id, MAKELANGID(LANG_NEUTRAL, 

| SUBLANG_DEFAULT) 
19450| String, // buffer 

1 9451 1 Count, // size of buffer 



19452| NULL // array of message inserts 

19453| )){ 

19454| Err = GetLastError(); 

19455| }else{ 

19456| Err=0; 

19457| RemoveLineFeeds(String); 

19458| } 

19459| }else{ 

19460| Err = GetLastError(); 

1 9461 1 DLOG((TEXT("Error %08x getting module 

| handle\n"),Err)); 
19462| lnstance=LoadLibraryW(PathToUs); 
19463| if (Instance) { 
19464| if(!FormatMessageW( 

19465| FORMAT_MESSAGE_FROM_HMODULE | 

| FORMAT_MESSAGE_IGNORE_INSERTS, //flags 
19466| Instance, // message source 

19467| Id, // message id 

19468| 0, // lang id, MAKELANGID(LANG_NEUTRAL, 

| SUBLANG_DEFAULT) 
19469| String, //buffer 

19470| Count, // size of buffer 

1 9471 1 NULL // array of message inserts 

19472| )){ 
19473| Err = GetLastErrorQ; 

19474| }else{ 
19475| Err=0; 
1 9476| RemoveLineFeeds(String); 
19477| } 

19478| FreeLibrary(lnstance); 

19479| }else{ 

19480| Err = GetLastError(); 

19481 1 DLOG((TEXT("Error %08x getting library 

| module handle\n"),Err)); 
19482| } 
19483| } 
19484| return Err; 
19485| #endif 
19486| } 
19487| 

19488| DLLEXPORT PSMSTATUS PSMAPI Psm_GetStatusW ( OUT 
| tPSM_GetStatusOutW *Status, IN ULONG Count, IN ULONG 
I Type) 

19489| { 

19490| ULONG DataSize; 

19491| HKEY Key; 

19492| ULONG Err; 

19493| TCHAR RegStr[255]; 

19494| WCHAR wTmpStr[255]={0}; 

19495| WCHAR wTmpStr2[255]={0}; 



19496| WCHAR Path[1 024]={0}; 
19497| 

1 9498| // Clear Status Structure 

19499| wcscpy(Status->StatusMessage,L MM ); 

19500| Status->StatusCode=PSM_ERROR_UNSUCCESSFUL; 

19501| 

19502| // First Get Location of psmlapi Path 
19503| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\persistent"), NtBuildNumber > 1381 ? 5 : 
I 4); 

1 9504| // open the registry 
1 9505| Err = RegOpenKeyEx( 

19506| HKEY LOCAL MACHINE, // handle of open key 
19507| RegStr, // address of name of subkey to open 
19508| 0, //reserved 

1 9509| KEY READ, // security access mask 
1 951 0| &Key// address of handle of open key 
19511| ); 
19512| 

19513| if(Err==0) { 
19514| DataSize = 256; 
19515| 

19516| Err = 

| RegQueryValueExW(Key,L M SnapShotlnitiator M , 
19517| NULL,NULL,(unsigned char 

| *)wTmpStr,&DataSize ); 
19518| 

| ExpandEnvironmentStringsW(wTmpStr,wTmpStr2,255); 
19519| // Remove Initiator Executable 
19520| wTmpStr2[wcslen(wTmpStr2)-6]= , \0 , ; 
19521 1 // Append psmlapi.dll 
1 9522 1 wcscat (wTmpStr2 , L"psm lapi .dl I") ; 
19523| 

1 9524| // close the registry 
19525| RegCloseKey(Key); 
19526| } 
19527| 

19528| switch(Type){ 

19529| case PSM_GLOBAL_STATUS: 

19530| case P S M_ R E V E RT_ST ATU S : 

19531| 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\persistent"), NtBuildNumber > 1381 ? 5 : 
I 4); 
19532| 

19533| break; 

19534| case PSM_ENGINE_STATUS: 
19535| 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 



I es\\PSMan%d\\Backup"), NtBuildNumber > 1381 ? 5 : 4); 
19536| break; 

19537| case PSM_PATH_LOCATION1_STATUS: 
19538| case PSM_RESULT_LOCATION1_STATUS: 
19539| 

|_stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup1"), NtBuildNumber > 1381 ? 
| 5 : 4); 
19540| break; 

1 9541 1 case PSM_PATH_LOCATION2_STATUS: 
19542| case PSM_RESULT_LOCATION2_STATUS: 
19543| 

|_stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup2"), NtBuildNumber > 1381 ? 
| 5 : 4); 
19544| break; 

19545| case PSM_PATH_LOCATION3_STATUS: 
19546| case PSM_RESULT_LOCATION3_STATUS: 
19547| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup3"), NtBuildNumber > 1381 ? 
| 5 : 4); 
19548| break; 

19549| case PSM PATH DISKETTE STATUS: 
19550| case PSM_RESULT_DISKETTE_STATUS: 
19551| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Diskette"), NtBuildNumber > 1381 ? 
| 5 : 4); 

19552| break; 

19553| } 

1 9554| // open the registry 
19555| Err = RegOpenKeyEx( 

19556| H KE Y LOC AL M AC H I N E , // handle of open key 
1 9557| RegStr, // address of name of subkey to open 
19558| 0, //reserved 

19559| KEY READ, // security access mask 
1 9560| &Key// address of handle of open key 
19561| ); 
19562| 

19563| if(Err==0){ 
19564| U LONG Id; 
19565| 

19566| DataSize = 4; 

19567| switch(Type) { 

19568| case PSM_GLOBAL_STATUS: 

19569| Err = 

| RegQueryValueExW(Key,L"GlobalStatus",NULL,NULL,(char*)&l 

| d,&DataSize ); 
19570| break; 



1 9571 1 case PSM_REVERT_STATUS: 

19572| Err = 

| RegQueryValueExW(Key,L"RevertStatus",NULL,NULL,(char*)&l 

| d,&DataSize ); 
19573| break; 

19574| case PSM_ENGINE_STATUS: 

19575| Err = 

| RegQueryValueExW(Key,L"EngineStatus",NULL,NULL,(char*)&l 

| d,&DataSize ); 
19576| break; 

19577| case PSM_PATH_LOCATION1_STATUS: 

19578| case PSM_PATH_LOCATION2_STATUS: 

19579| case PSM_PATH_LOCATION3_STATUS: 

19580| case PSM PATH DISKETTE STATUS: 

19581| Err = 

| RegQueryValueExW(Key,L"PathStatus",NULL,NULL,(char*)&ld, 

| SDataSize ); 
19582| break; 

19583| case PSM_RESULT_LOCATION1_STATUS: 

19584| case PSM_RESULT_LOCATION2_STATUS: 

19585| case PSM_RESULT_LOCATION3_STATUS: 

19586| Err = 

| RegQueryValueExW(Key,L"LastBackupResult" ! NULL,NULL,(char 

| *)&ld,&DataSize ); 
19587| break; 

19588| case PSM_RESULT_DISKETTE_STATUS: 

19589| Err = 

| RegQueryValueExW(Key,L"LastUpdateResult",NULL,NULL,(char 

| *)&ld,&DataSize ); 
19590| break; 
19591| } 
19592| if(!Err){ 

19593| ULONG Err = GetOurPath(Path); 

19594| 

19595| wcscpy(Path,wTmpStr2); 
19596| 

19597| D LOG ( (TEXT(" Fou nd us at '%S'\n"),Path)); 

19598| if(!Err){ 

19599| Status->StatusCode=ld; 

1 9600| Err = GetStringFromld( Path, Id, 

| Status->StatusMessage, Count ); 
19601| } 
19602| } 

1 9603| // close the registry 
19604| RegCloseKey(Key); 
19605| } 
19606| 

19607| return Err; 

19608| } 

19609| 



19610| DLLEXPORT PSMSTATUS PSMAPI Psm_GetStatusA ( OUT 
| tPSM_GetStatusOutA 'Status, IN ULONG Count, IN ULONG 
I Type) 

19611| { 

19612| tPSM_GetStatusOutW StatusW; 
19613| ULONG Err; 

1 961 4| Err = Psm_GetStatusW(&StatusW, Count, Type); 

19615| if(!Err){ 

19616| 

| CharToOemW(StatusW.StatusMessage,Status->StatusMessage); 
1 961 7| Status->StatusCode=StatusW.StatusCode; 
19618| } 
19619| return Err; 
19620| } 
19621| 

19622| DLLEXPORT PSMSTATUS PSMAPI Psm_SetStatus ( IN ULONG 

| StatusCode, IN ULONG Type) 
19623| { 

19624| HKEY Key; 
19625| ULONG Err; 
19626| TCHAR RegStr[255]; 
19627| 

19628| switch(Type){ 

19629| case PSM GLOBAL STATUS: 

19630| case PSM_REVERT_STATUS: 

19631| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\persistent"), NtBuildNumber > 1381 ? 5 : 
I 4); 
19632| 

19633| break; 

19634| case PSM_ENGINE_STATUS: 
19635| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup"), NtBuildNumber > 1381 ? 5 : 4); 
19636| break; 

19637| case PSM_PATH_LOCATION1_STATUS: 
19638| case PSM_RESULT_LOCATION1_STATUS: 
19639| 

|_stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup1"), NtBuildNumber > 1381 ? 
| 5 : 4); 
19640| break; 

1 9641 1 case PSM_PATH_LOCATION2_STATUS: 
19642| case PSM_RESULT_LOCATION2_STATUS: 
19643| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup2"), NtBuildNumber > 1381 ? 
| 5 : 4); 
19644| break; 



19645| case PSM_PATH_LOCATION3_STATUS: 
19646| case PSM_RESULT_LOCATION3_STATUS: 
19647| 

| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Backup3"), NtBuildNumber > 1381 ? 
| 5 : 4); 



19648| break; 

19649| case PSM_PATH_DISKETTE_STATUS: 

19650| case PSM_RESULT_DISKETTE_STATUS: 
19651| 



| _stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\Backup\\Diskette"), NtBuildNumber > 1381 ? 
| 5 : 4); 



19652| break; 

19653| } 

1 9654| // open the registry 

19655| Err = RegOpenKeyEx( 

19656| H KE Y_LOC AL_M AC H I N E , // handle of open key 

1 9657| RegStr, // address of name of subkey to open 

19658| 0, //reserved 

1 9659| KEY_READ|KEY_WRITE, // security access mask 

1 9660| &Key// address of handle of open key 



19661| ); 
19662| 

19663| if(Err==0){ 
19664| 

19665| switch(Type) { 

19666| case PSM_GLOBAL_STATUS: 

19667| Err = 

| RegSetValueEx(Key,TEXT("GlobalStatus"),0,REG_DWORD,(BYTE 

| *)&StatusCode,sizeof (DWORD)); 
19668| break; 

19669| case PSM_REVERT_STATUS: 

19670| Err = 

| RegSetValueEx(Key,TEXT("RevertStatus"),0,REG_DWORD,(BYTE 

| *)&StatusCode,sizeof(DWORD)); 
19671| break; 

19672| case PSM_ENGINE_STATUS: 

19673| Err = 

| RegSetValueEx(Key,TEXT("EngineStatus"),0,REG_DWORD,(BYTE 

| *)&StatusCode,sizeof(DWORD)); 
19674| break; 

19675| case PSM_PATH_LOCATION1_STATUS: 

19676| case PSM_PATH_LOCATION2_STATUS: 

19677| case PSM_PATH_LOCATION3_STATUS: 

19678| case PSM_PATH_DISKETTE_STATUS: 

19679| Err = 

| RegSetValueEx(Key,TEXT("PathStatus"),0,REG_DWORD,(BYTE*) 

| &StatusCode,sizeof(DWORD)); 
19680| break; 



19681 1 case PSM_RESULT_LOCATION1_STATUS: 

19682| case PSM_RESULT_LOCATION2_STATUS: 

19683| case PSM_RESULT_LOCATION3_STATUS: 

19684| Err = 

| RegSetValueEx(Key,TEXT("LastBackupResult"),0,REG_DWORD,( 

| BYTE*)&StatusCode,sizeof(DWORD)); 
19685| break; 

19686| case PSM_RESULT_DISKETTE_STATUS: 

19687| Err = 

| RegSetValueEx(Key,TEXT( M LastUpdateResult M ),0,REG_DWORD,( 

| BYTE*)&StatusCode,sizeof(DWORD)); 
19688| break; 
19689| } 

1 9690| // close the registry 
19691 1 RegCloseKey(Key); 
19692| } 
19693| 

19694| return Err; 

19695| } 

19696| 

19697| 

19698| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeUIDW ( IN WCHAR 

| *wVolGUID, OUT WCHAR *wVolUID) 
19699| { 

19700| ULONG Err=0; 

19701 1 UNICODE_STRING Uni; 

19702| HANDLE hVolume; 

19703| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

19704| IO_STATUS_BLOCK loStatus={0}; 

19705| 

19706| RtllnitUnicodeString( &Uni, wVolGUID); 
19707| 

19708| InitializeObjectAttributes ( &ObjectAttributes, 



19709| &Uni, 

19710| OBJ_CASE_INSENSITIVE, 
19711| NULL, 
19712| NULL); 
19713| Err = NtCreateFile( &hVolume, 
19714| FILE_GENERIC_READ, 

| // desired access 
1 971 5| &ObjectAttributes, 

| // object attributes 
19716| &loStatus, 
19717| NULL, 

| // alloc size 

1 971 8| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
19719| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share access 
19720| FILE_OPEN, 



I // create disposition 
19721 1 FILE_SYNCHRONOUS_IO_NONALERT, 

| // create options 
19722| NULL, 

| // eabuffer 
19723| 0); 

| // ealength 
19724| 

19725| if(!Err){ 
19726| Err = 

| GetUniqueldForVolume(hVolume,wVolUID,256); 
19727| 

19728| if(!Err){ 

1 9729| DLOG((TEXT("Volume '%S' unique id = 

| VoSYT^wVolGUID^VolUID)); 
19730| } 
19731| else{ 

1 9732| DLOG((TEXT("Error %08x getting unique 

I id\n"),Err)); 
19733| } 

19734| NtClose(hVolume); 

19735| } 

19736| 

19737| return Err; 

19738| } 

19739| 

19740| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeUIDA ( IN char 

| *VolumeGUID, OUT char *VolumeUniquelD) 
19741| { 

19742| ULONG Err=0; 
19743| 

19744| return Err; 

19745| } 

19746| 

19747| // 

I 

19748| DLLEXPORT PSMSTATUS PSMAPI Psm_RegisterW( 
19749| WCHAR 

| *Company, 
19750| WCHAR 

| *Product, 

19751| WCHAR 

| "Version OPTIONAL, 
19752| WCHAR 

| *Code, 

19753| WCHAR *Key 

| OPTIONAL 
19754| ) 
19755| { 

19756| ULONG Err=PSM_ERRORJ_ICENSE_INVALID; 



19757| pThreadStorage ThreadStorage = GetThreadStorage(); 
19758| 

19759| _try{ 

19760| ULONG Size = sizeof(_C_STRINGS) / 

| sizeof(_C_STRINGS[0]); 
19761| ULONG i; 

1 9762| DLOG((TEXT("Psm_Register called code = '%ws', 

| key = '%ws'\n"),Code,Key)); 
19763| 

19764| wcsncpy(ThreadStorage->Company,Company,79); 
1 9765| wcsncpy(ThreadStorage->Product,Product,79); 
19766| wcsncpy(ThreadStorage->Code,Code,19); 
19767| if(Version) 

1 9768| wcsncpy(ThreadStorage->Version,Version,79); 
19769| if(Key) 

1 9770| wcsncpy(ThreadStorage->Key,Key,1 9); 

19771| 

19772| 

19773| for(i=0;i<Size;i++) { 
19774| if(wcscmp(_C_STRINGS[i],Code)==0) { 

19775| switch (_C_STRINGS[i][0]) { 

19776| caseL'O': 

19777| ThreadStorage->RegisterCalled = 

| TRUE; 
19778| Err = 0; 

19779| break; 
19780| caseL'1': 
19781| if (Key) { 

19782| ULONG SerialNumber; 

19783| ULONG CheckCode; 

19784| 

1 9785| // key = PPSSSSSS-CCCCCCCC 

| where 

1 9786| // PP = Oem/Product 

1 9787| // SS = Serial number for 

| PP 

1 9788| // CC = Check Code 

19789| if( (Code[6]==Key[0]) && 

19790| (Code[7]==Key[1])) { 

1 9791 1 // code matches oem and 

| product 
19792| i = 

| swscanf(Key,L"%x-%x",&SerialNumber,&CheckCode); 
19793| if((i==2)&& 

| (SerialNumber!=0) && (CheckCode!=0)) { 
19794| 

| if(CheckKey(SerialNumber,CheckCode)) { 
19795| 

| ThreadStorage->RegisterCalled = TRUE; 
19796| Err = 0; 



19797| 
19798| 
19799| 
19800| 
19801| 
19802| 
19803| 
19804| 
19805| 
19806| 
19807| 



break; 
default: 
break; 



break; 



break; 



19808| } 
19809| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
19810| Err = GetExceptionCode(); 
1 981 1 1 DLOG((TEXT("Exception %08x 

| Registering\n"),Err)); 
19812| } 
19813| 

19814| return Err; 

19815| } 

19816| 

19817| DLLEXPORT PSMSTATUS PSMAPI Psm_lnstallPsm( BOOLEAN 

| 'RebootNeeded ) 
19818| { 

19819| if(NtBuildNumber > 1 381 ) { 

1 9820| // install Win2000 way 

1 9821 1 return SetUpForWin2k( RebootNeeded ); 

19822| }else{ 

19823| // install NT 3.51 /4.x way 

19824| return SetUpForWinNT( RebootNeeded ); 

19825| } 

19826| } 

19827| 

19828| DLLEXPORT PSMSTATUS PSMAPI Psm_UnlnstallPsm( BOOLEAN 

| *RebootNeeded ) 
19829| { 

1 9830| if(NtBuildNumber > 1 381 ) { 

1 9831 1 // uninstall Win2000 way 

19832| return UnSetUpForWin2k( RebootNeeded ); 

19833| }else{ 

19834| // uninstall NT 3.51 /4.x way 

19835| return UnSetUpForWinNT( RebootNeeded ); 

19836| } 

19837| } 

19838| 

19839| DLLEXPORT PSMSTATUS PSMAPI Psm_Config ( tPSM_Config 

| *Config, CHAR Set ) 
19840| { 

19841| ULONG DataSize; 



19842| HKEY Key; 

19843| ULONG Err; 

19844| TCHAR RegStr[255]; 

19845| 

19846| 

|_stprintf(RegStr,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d"), NtBuildNumber > 1381 ? 5 : 4); 
19847| 

19848| if((!Config) || 

| (Config->Size!=sizeof(tPSM_Config))) { 
19849| return ERROR_INVALID_PARAMETER; 
19850| } 
19851| 

1 9852 1 // open the registry 
19853| Err = RegOpenKeyEx( 

19854| HKEY_LOCAL_MACHINE, // handle of open key 
1 9855| RegStr, // address of name of subkey to open 
19856| 0, //reserved 

1 9857| Set ? KEY_WRITE : KEY_READ, // security access 
| mask 

1 9858| &Key// address of handle of open key 

19859| ); 

19860| 

19861| if(Err==0){ 
19862| if (Set) { 

19863| Err = RegSetValueEx(Key,TEXT("NumThreads") 

| ,0,REG_DWORD,(BYTE*)&Config->StartingThreadCount,sizeof( 
| DWORD)); 

19864| Err = RegSetValueEx(Key,TEXT("MaxThreads") 

| ,0,REG_DWORD,(BYTE*)&Config->MaximumThreadCount,sizeof(D 
| WORD)); 

19865| Err = 

| RegSetValueEx(Key,TEXT("HungSystemTimeOut") 

| ,0,REG_DWORD,(BYTE*)&Config->DeadlockTimeout,sizeof(DWOR 

I D)); 

19866| Err = 

| RegSetValueEx(Key,TEXT("NewThreadStartDelay") 

| ,0,REG_DWORD,(BYTE*)&Config->NewThreadDelay,sizeof(DWORD 

I)); 

19867| }else{ 

19868| DataSize = 4; 

19869| Err= RegQueryValueExW(Key,L"NumThreads" 

| ,NULL,NULL,(char*)&Config->StartingThreadCount,&DataSize 

I ); 

19870| Err= RegQueryValueExW(Key,L"MaxThreads" 

| ,NULL,NULL,(char*)&Config->MaximumThreadCount,&DataSize) 

I ; 

19871| Err = 

| RegQueryValueExW(Key,L"HungSystemTimeOut" 

| ,NULL,NULL,(char*)&Config->DeadlockTimeout,&DataSize); 



19872| Err = 

| RegQueryValueExW(Key,L"NewThreadStartDelay" 

| ,NULL,NULL,(char*)&Config->NewThreadDelay,&DataSize); 

19873| } 

1 9874| // close the registry 

19875| RegCloseKey(Key); 

19876| } 

19877| return Err; 

19878| } 

19879| 

19880| 

19881| DLLEXPORT PSMSTATUS PSMAPI Psm_RegisterA( 
19882| CHAR 

| *Company, 
19883| CHAR 

| * Product, 

19884| CHAR 

| ^Version OPTIONAL, 
19885| CHAR *Code, 

19886| CHAR *Key 

| OPTIONAL 
19887| ) 
19888| { 

19889| WCHAR *CompanyW=NULL; 
19890| WCHAR *ProductW=NULL; 
19891 1 WCHAR *VersionW=NULL; 
19892| WCHAR *CodeW=NULL; 
19893| WCHAR *KeyW=NULL; 
19894| ULONG Err; 
19895| 

19896| if (Company) { 
19897| CompanyW = 

| LocalAlloc(LPTR,strlen(Company)*2+2); 
19898| OemToCharW(Company,CompanyW); 
19899| } 

19900| if (Product) { 

19901 1 ProductW= LocalAlloc(LPTR,strlen(Product)*2+2); 
19902| OemToCharW( Product, ProductW); 
19903| } 

19904| if (Version) { 
19905| VersionW = 

| LocalAlloc(LPTR,strlen(Version)*2+2); 
19906| OemToCharW(Version,VersionW); 
19907| } 
19908| if (Code) { 

19909| CodeW = LocalAlloc(LPTR,strlen(Code)*2+2); 
19910| OemToCharW(Code,CodeW); 
19911| } 
19912| if (Key) { 

19913| KeyW = LocalAlloc(LPTR,strlen(Key)*2+2); 



19914| OemToCharW(Key,KeyW) ; 

19915| } 

19916| 

19917| Err = 

| Psm_RegisterW(CompanyW,ProductW,VersionW,CodeW,KeyW); 
19918| 

19919| if(CompanyW) { 

19920| LocalFree(CompanyW); 

19921| } 

19922| if(ProductW) { 

1 9923 1 Local F ree( Prod uctW) ; 

19924| } 

19925| if(VersionW) { 

19926| Local Free(Vers ion W); 

19927| } 

19928| if(CodeW) { 

1 9929 1 Local F ree(Code W) ; 

19930| } 

19931| if(KeyW){ 

19932| LocalFree(KeyW); 

19933| } 

19934| return Err; 

19935| } 

19936| 

19937| DLLEXPORT PSMSTATUS PSMAPI Psm_lslnstalled( 

19938| IN ULONG VerSize, 

19939| OUT pPSM_Versionlnfo2 Version ) 

19940| { 

19941 1 ULONG Err=ERROR_INVALID_HANDLE; 
19942| ULONG Type; 

1 9943 1 pThreadStorage ThreadStorage = GetThreadStorage(); 
19944| 

19945| __try{ 

19946| DLOG((TEXT("Psm_lslnstalled called\n"))); 
19947| 

19948| if( ((VerSize == sizeof(tPSM_Versionlnfo1)) || 

| (VerSize == sizeof(tPSM_Versionlnfo2)))) { 
19949| Version->Size =VerSize; 

19950| Version->Version = 0; 

19951| 

19952| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
19953| Err = 

| PSMI_GetVersion(ThreadStorage->PSManHandle,ThreadStorage 

| ->PSManEvent,VerSize,Version); 
1 9954| if (Version->Size >= 

| sizeof(tPSM_Versionlnfo2)) { 
1 9955| // get eval information 

19956| HasEvalExpired(Version); 



19957| } 

19958| }else{ 

19959| TCHAR VersionToDo[20]; 

19960| 

1 9961 1 _stprintf(VersionToDo,TEXT("PSMan%d"), 

| NtBuildNumber > 1381 ? 5 : 4); 
19962| 

19963| if (Svc_CheckServiceExists( VersionToDo 

I )==0) { 

19964| // could not open driver but it is 

| installed, must need a reboot 
19965| Err = PSM_ERROR_REBOOT_NEEDED; 

19966| }else{ 
19967| // psm is not installed. 

1 9968| Err = PSM_ERROR_NOT_INSTALLED; 

19969| } 
19970| } 
19971| 

19972| // fill in version info about this box even 

| if there is an error. 
1 9973 1 Type = GetNTSystemType() ; 

19974| 

1 9975| // we know we are on NT so say WS until we 

| can figure out what flavor. 
19976| Version->OSType = PSM_OS_WIN_NT_WS; 

19977| 

19978| if (Type & WINDOWS_NT_SERVER) 

19979| Version->OSType = PSM_OS_WIN_NT_SERVER; 

19980| if (Type & WINDOWS_NT_DOMAIN) 

19981 1 Version->OSType = PSM_OS_WIN_NT_DOMAIN; 

19982| if (Type & WINDOWS_NT_ENTERPRISE) 

19983| Version->OSType = PSM_OS_WIN_NT_ENT; 

19984| if (Type & WINDOWS_NT_TERMINAL_SERVER) 

19985| Version->OSType = PSM_OS_WIN_NT_TS; 

19986| 

19987| Version->OSVersion = GetVersion(); 

19988| }else{ 

19989| //wrong size... 

19990| Err = ERROR_INVALID_PARAMETER; 

19991| } 
19992| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
19993| Err = GetExceptionCode(); 
1 9994| DLOG((TEXT("Exception %08x getting 

| version\n"),Err)); 
19995| } 
19996| 

19997| return Err; 

19998| } 

19999| 



20000| DLLEXPORT PSMSTATUS PSMAPI Psm_ListPSMSnapShots( ULONG 

| Iterator ) 
20001| { 

20002| // return PSMI_ListPSMSnapShots(iterator); 
20003| return 0; 
20004| } 
20005| 

20006| DLLEXPORT PSMSTATUS PSMAPI Psm_GetPersistentS nap Shots ( 
20007| PVOID Buffer, 
20008| ULONG BufferSize ) 
20009| { 

20010| ULONG B=FALSE; 
20011| LONG Err=0; 
20012| OVERLAPPED o; 
20013| ULONG returned=0; 

20014| pThreadStorage ThreadStorage = GetThreadStorageQ; 
20015| 

20016| __try{ 
20017| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
20018| memset(&o,0,sizeof(o)); 

20019| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20020| 

20021 1 B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
20022| IOCTL_GET_PERSISTENT_SNAPSHOTS, 
20023| NULL, 
20024| 0, 
20025| Buffer, 
20026| BufferSize, 
20027| &returned, 
20028| &o); 
20029| 

20030| if(B) { 

20031| Err = 0; 

20032| } else { 

20033| Err = GetLastError(); 

20034| DLOG((TEXT("Error %08x Calling 

| Psm_GetPersistentSnapShots\n M ),Err)); 
20035| } 

20036| CloseHandle(o.hEvent); 
20037| } else { 

20038| Err = ERRORJNVALIDJHANDLE; 

20039| } 

20040| } except(EXCEPTION_EXECUTE_HANDLER) { 

20041 1 Err = GetExceptionCode(); 
20042| DLOG((TEXT("Exception %08x 
| Psm_GetPersistentSnapShots\n"),Err)); 
20043| } 



20044| 

20045| return Err; 

20046| } 

20047| 

20048| DLLEXPORT PSMSTATUS PSMAPI Psm_GetUserName( 
20049| PVOID KernelSnapShotPointer, 
20050| PVOID Buffer, 
20051 1 ULONG BufferSize ) 
20052| { 

20053| ULONG B=FALSE; 
20054| LONG Err=0; 
20055| OVERLAPPED o; 
20056| ULONG returned=0; 

20057| pThreadStorage ThreadStorage = GetThreadStorageQ; 
20058| 

20059 1 __try { 
20060| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
20061 1 memset(&o,0,sizeof(o)); 

20062| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20063| 

20064| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
20065| IOCTL_GET_USER_NAME, 
20066| &KernelSnapShotPointer, 
20067| sizeof(PVOID), 
20068| Buffer, 
20069| BufferSize, 
20070| &returned, 
20071| &o); 
20072| 

20073| if(B) { 

20074| Err = 0; 

20075| } else { 

20076| Err = GetLastErrorQ; 

20077| DLOG((TEXT("Error %08x Calling 

| Psm_GetUserName\n M ),Err)); 
20078| } 

20079| CloseHandle(o.hEvent); 
20080| } else { 

20081 1 Err = ERROR_INVALID_HANDLE; 

20082| } 

20083| } except(EXCEPTION_EXECUTE_HANDLER) { 

20084| Err = GetExceptionCode(); 
20085| DLOG((TEXT("Exception %08x 

| Psm_GetUserName\n"),Err)); 
20086| } 
20087| 

20088| return Err; 



20089| } 
20090| 

20091| DLLEXPORT PSMSTATUS PSMAPI Psm_SetUserName( 

20092| PVOID KernelSnapShotPointer, 

20093| PVOID Buffer, 

20094| ULONG BufferSize ) 
20095| { 

20096| ULONG B=FALSE; 

20097| LONG Err=0; 

20098| OVERLAPPED o; 

20099| ULONG returned=0; 

201 00| pThreadStorage ThreadStorage = GetThreadStorage(); 

201 01 1 tPSM_SetUserNameln In; 

20102| 

20103| __try{ 

20104| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 

201 05| memset(&o,0,sizeof(o)); 

20106| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20107| 

201 08| In. KernelSnapShotPointer = 

| KernelSnapShotPointer; 

201 09 1 if(wcslen(Buffer)<256) { 

201 1 0| wcscpy(ln.Name,Buffer); 
20111| 

201 12| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 

20113| IOCTL_SET_USER_NAME, 

20114| &ln, 

20115| sizeof(ln), 

20116| NULL, 

20117| 0, 

20118| &returned, 

20119| &o); 
20120| 

20121| if(B) { 

20122| Err = 0; 

20123| }else{ 

20124| Err = GetLastError(); 

20125| DLOG((TEXT("Error %08x Calling 

| Psm_SetUserName\n"),Err)); 

20126| } 

20127| }else{ 

20128| Err = ERROR_INVALID_PARAMETER; 

20129| } 

20130| CloseHandle(o.hEvent); 

20131| }else{ 

20132| Err = ERROR_INVALID_HANDLE; 

20133| } 



20134| } except(EXCEPTION_EXECUTE_HANDLER) { 

201 35| Err = GetExceptionCode(); 
20136| DLOG((TEXT("Exception %08x 

| Psm_SetUserName\n"),Err)); 
20137| } 
20138| 

20139| return Err; 

20140| } 

20141| 

20142| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_RevertSnapShotToPristineState( 
20143| PVOID KernelSnapShotPointer ) 
20144| { 

20145| ULONG B=FALSE; 
20146| LONG Err=0; 
20147| OVERLAPPED o; 
20148| ULONG returned=0; 

201 49 1 pThreadStorage ThreadStorage = GetThreadStorage(); 

20150| tPSM_SnapShotPointer In; 

20151| 

20152| _try{ 
20153| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
201 54| memset(&o,0,sizeof(o)); 

20155| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20156| 

20157| In. KernelSnapShotPointer = 

| KernelSnapShotPointer; 
20158| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
20159| IOCTL_REVERT_TO_PRISTINE, 
20160| &ln, 
20161| sizeof(ln), 
20162| NULL, 
20163| 0, 
20164| &returned, 
20165| &o); 
20166| 

20167| if(B){ 
20168| Err = 0; 

20169| }else{ 
201 70 1 Err = GetLastError(); 

201 71 1 DLOG((TEXT("Error %08x Calling 

| Psm_RevertSnapShotToPristineState\n"),Err)); 
20172| } 

201 73 1 CloseHandle(o.hEvent); 
20174| }else{ 

201 75| Err = ERROR_INVALID_HANDLE; 

20176| } 



20177| } except(EXCEPTION_EXECUTE_HANDLER) { 

201 78| Err = GetExceptionCode(); 

201 79 1 DLOG((TEXT("Exception %08x 

| Psm_RevertSnapShotToPristineState\n M ),Err)); 

20180| } 
20181| 

20182| return Err; 

20183| } 

20184| 

20185| DLLEXPORT PSMSTATUS PSMAPI Psm_RevertTo Snap Shot ( 

20186| PVOID KernelSnapShotPointer, 

20187| ULONG RevertFlags ) 
20188| { 

20189| ULONG B=FALSE; 

20190| LONG Err=0; 

20191| OVERLAPPED o; 

20192| ULONG returned=0; 

201 93 1 pThreadStorage ThreadStorage = GetThreadStorage(); 

20194| tPSM_RevertToSnapShotln In = {0}; 

20195| 

20196| __try{ 

20197| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 

20198| ULONG Cluster = ClusterlsClusterActiveQ; 
20199| 

20200| if(Cluster) { 

20201| //or in At boot 

20202| RevertFlags |= PSM_REVERT_FLAG_ATBOOT; 

20203| } 

20204| 

20205| memset(&o,0,sizeof(o)); 

20206| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20207| 

20208| In. KernelSnapShotPointer = 

| KernelSnapShotPointer; 

20209| In. RevertFlags = RevertFlags; 

20210| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 

2021 1 1 IOCTL_REVERT_TO_SNAPSHOT, 

20212| &ln, 

20213| sizeof(ln), 

20214| NULL, 

20215| 0, 

20216| &returned, 

20217| &o); 
20218| 

20219| if(B) { 

20220| Err = 0; 

20221| }else{ 



20222| Err = Getl_astError(); 

20223| DLOG((TEXT( M Error %08x Calling 

| Psm_RevertToSnapShot\n"),Err)); 
20224| } 

20225| CloseHandle(o.hEvent); 
20226| 

20227| // initiate the revert by taking the volume 

| offline and online 
20228| if((Err==PSM_ERROR_REBOOT_NEEDED) && 

| (Cluster)) { 
20229| Err = 

| ClusterlnitiateRevert(KernelSnapShotPointer); 
20230| } 
20231| }else{ 

20232| Err = ERRORJNVALIDJHANDLE; 

20233| } 

20234| } except(EXCEPTION EXECUTE HANDLER) { 

20235| Err = GetExceptionCode(); 
20236| DLOG((TEXT("Exception %08x 

| Psm_RevertToSnapShot\n M ),Err)); 
20237| } 
20238| 

20239| return Err; 
20240| } 
20241 | 
20242 1 

20243| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_GetKernelSnapShotVolumesW ( 
20244| PVOID KernelSnapShotPointer, 
20245| WCHAR *Buffer, 
20246| ULONG BufferSize ) 
20247| { 

20248| ULONG B=FALSE; 
20249| LONG Err=0; 
20250| OVERLAPPED o; 
20251 1 ULONG returned=0; 

20252| pThreadStorage ThreadStorage = GetThreadStorage(); 

20253| tPSM_GetKernelSnapShotlnfoln In; 

20254| WCHAR *TempBuffer=LocalAlloc(LPTR,1 28*1 024); 

20255| ULONG Bytes Left= BufferSize; 

20256| 

20257| if(!TempBuffer) { 

20258| return ERROR_OUTOFM EMORY; 

20259 1 } 

20260| 

20261 1 __try { 

20262| memset(Buffer,0, BufferSize); 
20263 1 

20264| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 



20265| memset(&o,0,sizeof(o)); 

20266| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20267| 

20268| In.KernelSnapShotPointer = 

| KernelSnapShotPointer; 
20269| 

20270| B = DeviceloControl( 
| ThreadStorage->PSManHandle, 

20271 1 IOCTL_GET_KERNEL_SNAPSHOT_VOLUMES, 

20272| &ln, 

20273| sizeof(ln), 

20274| TempBuffer, 

20275| 128*1024, 

20276| &returned, 

20277| &o); 
20278| 

20279| if(B) { 

20280| WCHAR *p = TempBuffer; 

20281 1 Err = 0; 

20282| while(*p) { 

20283| WCHAR Temp[256]; 

20284| ULONG LenCharsIn = wcslen(p) + 1 ; 

20285| Err = 

| GetDriveLetterForNtDeviceName(p,Temp); 

20286| if(Err) { 

20287| Err = 

| GetWin32NameForNtDeviceName(p,Temp); 

20288| } 

20289| if(!Err) { 

20290| ULONG LenCharsOut = 

| wcslen(Temp) + 1 ; 

20291 1 ULONG LenBytesOut = LenCharsOut 

| * sizeof (WCHAR); 

20292| if ( BytesLeft < LenBytesOut ) 

|{ 

20293| Err = ERROR_MORE_DATA; 

20294| break; 

20295| } 

20296| wcscpy ( Buffer, Temp ); 

20297| Buffer += LenCharsOut; 

20298| p += LenCharsIn; 

20299| BytesLeft -= LenBytesOut; 

20300| } else { 

20301| break; 

20302| } 

20303| } 

20304| if ( !Err ) { 

20305| if ( BytesLeft > 0 ) { 

20306| *Buffer = L'\0'; // 2 null 



I terminators in a row indicate end-of-list 



20307| } else { 

20308| Err = ERROR_MORE_DATA; 

20309| } 

20310| } 

20311| }else{ 

20312| Err = GetLastErrorQ; 

20313| DLOG((TEXT("Error %08x Calling 

| Psm_GetKernelSnapShotVolumes\n"),Err)); 

20314| } 

20315| CloseHandle(o.hEvent); 

20316| }else{ 

20317| Err = ERRORJNVALIDJHANDLE; 

20318| } 

20319| LocalFree(TempBuffer); 

20320| } except(EXCEPTION_EXECUTE_HANDLER) { 

20321 1 Err = GetExceptionCode(); 

20322| DLOG((TEXT("Exception %08x 



| Psm_GetKernelSnapShotVolumes\n"),Err)); 
20323 1 } 
20324| 

20325| return Err; 

20326| 

20327| } 

20328| 

20329| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_GetKernelSnapShotVolumesA ( 
20330| PVOID KernelSnapShotPointer, 
20331 1 CHAR *Buffer, 
20332| ULONG BufferSize ) 
20333 1 { 

20334| ULONG Err = 0; 
20335| WCHAR *BufferW = 

| LocalAI loc(LPTR, BufferSize*sizeof (WCHAR)) ; 
20336| if(BufferW) { 



20337| ULONG BufferBytesLeft = BufferSize; 

20338| WCHAR *pln = BufferW; 

20339| CHAR *pOut = Buffer; 
20340| 

20341 1 Err = Psm_GetKernelSnapShotVolumesW ( 

20342| KernelSnapShotPointer, 

20343 1 BufferW, 

20344| BufferSize*sizeof(WCHAR) ); 

20345| 

20346| if(!Err) { 

20347| while ( *pln ) { 

20348| ULONG LenChars = wcslen(pln) + 1 ; 

20349| if ( LenChars < BufferBytesLeft ) { 

20350| CharToOemW ( pin, pOut ); 

20351| pin += LenChars; 



20352 
20353 
20354 
20355 
20356 
20357 
20358 
20359 
20360 
20361 
20362 
20363 



| terminate to mark end of list 



20364 
20365 
20366 
20367 
20368 
20369 
20370 
20371 
20372 
20373 
20374 
20375 



20376 
20377 
20378 
20379 
20380 
20381 
20382 
20383 
20384 
20385 
20386 
20387 
20388 
20389 
20390 
20391 
20392 
20393 
20394 
20395 
20396 
20397 
20398 
20399 



pOut += LenChars; 
BufferBytesLeft -= LenChars; 
} else { 

Err = ERROR_BUFFER_OVERFLOW; 
break; 

} 

} 



} 



if ( Err == 0 ) { 

if ( BufferBytesLeft > 0 ) { 
*pOut = '\0'; // double null 



} else { 

Err = ERROR_BUFFER_OVERFLOW; 

} 

} 

LocalFree(BufferW); 
} else { 

Err = ERROR_OUTOFMEMORY; 

} 

return Err; 



} 



ULONG MakeSnapShotDirectoryName( WCHAR *DataOut, WCHAR 



UserPattern, PVOID KernelSnapShotPointer ) 



{ 

WCHAR *Buffer = DataOut; 
ULONG Current = 0; 
WCHAR *p = 0; 
WCHAR Buf[20]; 
FILETIME NewFileTime; 
SYSTEMTIME SystemTime; 
OVERLAPPED o; 
ULONG returned = 0; 

pThreadStorage ThreadStorage = GetThreadStorage(); 
tPSM_GetKernelSnapShotlnfoOut Out={0}; 
tPSM_GetKernelSnapShotlnfoln ln={0}; 
WCHAR *Pattern; 

if(wcscmp(UserPattern,L"")==0) { 

Pattern = SnapShotPattern; 
} else { 

Pattern = UserPattern; 

} 

memset(&o,0,sizeof(o)); 

o.hEvent = CreateEvent( NULL, FALSE, FALSE, NULL ); 
In. KernelSnapShotPointer = KernelSnapShotPointer; 



20400 
20401 
20402 
20403 
20404 
20405 
20406 
20407 
20408 
20409 
20410 
20411 
20412 
20413 
20414 
20415 
I Fi 



| wFileTime); 



20416 
20417 
20418 
20419 
20420 
20421 
20422 
20423 
20424 
20425 
20426 
20427 
20428 
20429 
20430 
20431 
20432 
20433 
20434 
20435 
20436 
20437 
20438 
20439 
20440 
20441 
20442 
20443 
20444 
20445 
20446 
20447 



if (!DeviceloControl( ThreadStorage->PSManHandle, 
IOCTL_GET_KERNEL_SNAPSHOT_INFO, 
&ln, 

sizeof(ln), 
&Out, 

sizeof(Out), 
& returned, 
&o)){ 

C loseH and le(o . h Eve nt) ; 
return Getl_astError(); 

} 

CloseHandle(o.hEvent); 



eTimeToLocalFileTime((FILETIME*)&Out.SnapShotTime,&Ne 



FileTirneToSystemTime(&NewFileTime,&SystemTime); 

wcscpy(Buffer,SnapShotLocation); 

wcscat(Buffer,L"\Y'); 

Current=wcslen(Buffer); 

for(p=Pattern;*p;p++) { 
switch (*p) { 

// remove invalid characters 
case L':' : 
*p = L'-'; 

Buffer[Current++] = *p; 
break; 
case LV : 
*P = L'}'; 

Buffer[Current++] = *p; 
break; 
case L'<' : 
*P = L'{'; 

Buffer[Current++] = *p; 
break; 
case L7 : 
*p = L'-'; 

Buffer[Current++] = *p; 
break; 
case L'W : 
*P = L'-'; 

Buffer[Current++] = *p; 
break; 
case l_T : 
*p = LT; 

Buffer[Current++] = *p; 



20448| break; 
20449| case L™ : 

20450| *p = L'+'; 

20451 1 Buffer[Current++] = *p; 

20452 1 break; 
20453| case L'?' : 

20454| *p = L'.'; 

20455| Buffer[Current++] = *p; 

20456| break; 
20457| case L'V" : 

20458| *p = L'V; 

20459| Buffer[Current++] = *p; 

20460 1 break; 
20461 1 // check for special chars 

20462 1 case L'%' : 

20463| // M = Month, D = Day, Y=Year 

20464| // n = 3 letter month name, N = Full 

| month name 

20465| // m = minute, h=12 hour, H=24 hour, 

| s=second, 

20466| // w = 3 letter day of the week, W = 

| full day of week 
20467| // a = ampm 

20468| // p = private data 

20469 1 // i = instance 

20470| switch(*(p+1)) { 

20471| caseL'%': 
20472| wcscpy(Buf,L"%%"); 
20473| break; 
20474| case L'M': 

20475| 

| swprintf(Buf,L"%02d",SystemTime.wMonth); 
20476| break; 
20477| case L'D': 

20478| 

| swprintf(Buf,L"%02d",SystemTime.wDay); 
20479| break; 
20480| case L'V: 

20481 1 

| swprintf(Buf,L"%4d",SystemTime.wYear); 
20482 1 break; 
20483| case L'm': 

20484| 

| swprintf(Buf,L"%02d",SystemTime.wMinute); 
20485| break; 
20486| case L'h': 

20487| if(SystemTime.wHour>12) { 

20488| 

| swprintf(Buf,L"%02d",SystemTime.wHour-12); 
20489 1 } else { 



20490| if(SystemTime.wHour==0) { 

20491| swprintf(Buf,L"12"); 
20492 1 } else { 

20493 1 

| swprintf(Buf,L"%02d",SystemTime.wHour); 
20494| } 
20495| } 
20496| break; 
20497| case L'H': 

20498| 

| swprintf(Buf,L"%02d",SystemTime.wHour); 
20499 1 break; 
20500 1 case L's': 

20501 1 

| swprintf(Buf,L"%02d",SystemTime.wSecond); 
20502 1 break; 
20503 1 case L'w': { 

20504| WCHAR *Days[] = 

| {L"Sun",L"Mon",L"Tue",L"Wed",L"Thu",L"Fri",L"Sat"}; 
20505| 

| swprintf(Buf,L"%s",Days[SystemTime.wDayOfWeek]); 
20506| break; 
20507| } 
20508| case L'W: { 

20509| WCHAR *Days[] = 

| {L"Sunday",L"Monday",L"Tuesday",L"Wednesday",L"Thursday" 

| ,L"Friday",L"Saturday"}; 
20510| 

| swprintf(Buf,L"%s",Days[SystemTime.wDayOfWeek]); 



2051 1 1 break; 

20512| } 

20513| caseL'n':{ 

2051 4| WCHAR *Months[] = 



| {L"Jan",L"Feb",L"Mar",L"Apr",L"May",L"Jun",L"Jul",L"Aug" 
| , L"Sep", L"Oct", U'Nov", L"Dec"} ; 
20515| 

| swprintf(Buf,L"%s",Months[SystemTime.wMonth-1]); 



20516| break; 

20517| } 

20518| caseL'N':{ 

2051 9| WCHAR *Months[] = 



| {L"January",L"February",L"March",L"April",L"May",L"June" 
| , L" July", L" August", L"September", L"October", L"November", L 
| "December"}; 
20520 1 

| swprintf(Buf,L"%s",Months[SystemTime.wMonth-1]); 



20521 1 break; 

20522 1 } 

20523 1 case L'a': 

20524| if(SystemTime.wHour>12) { 



20525| swprintf(Buf,L"PM"); 

20526| } else { 

20527| swprintf(Buf,L"AM"); 

20528| } 

20529| break; 

20530| case Up': 

20531 | 

| swprintf(Buf,L"%08x",Out.CallerPrivateUse); 
20532 1 break; 
20533 1 case UP': 

20534| 

| swprintf(Buf,L"%08x",Out.Priority); 
20535| break; 
20536| case L'k': 

20537| 

| swprintf(Buf,L"%08x",Out.NumToKeep); 
20538| break; 
20539| case LY: 

20540 1 

| swprintf(Buf,L"%d",Out.lnstance); 
20541 1 break; 
20542| default: 
20543| wcscpy(Buf,L'"'); 
20544| break; 
20545| } 

20546| // skip over character after percent 

I sign 

20547| p++; 

20548| wcscpy (&Buff er[Cu rrent] , Buf ) ; 

20549| Current+=wcslen(Buf); 

20550| break; 

20551 1 default: 

20552| Buffer[Current++] = *p; 

20553| break; 

20554| } 

20555| } 

20556| 

20557| Buffer[Current]=0; 
20558| 

20559| // if you can read this, you are too close 

20560 1 return 0; 

20561 | } 

20562 1 

20563| 

20564| DLLEXPORT PSMSTATUS PSMAPI Psm_GetKernelSnapShotlnfoW( 

| PVOID KernelSnapShotPointer, 

| tPSM_GetKernelSnapShotlnfoW *lnfo ) 
20565| { 

20566| ULONG B=FALSE; 
20567| LONG Err=0; 



20568| OVERLAPPED o; 
20569| ULONG returned=0; 

20570| pThreadStorage ThreadStorage = GetThreadStorage(); 
20571 1 tPSM_GetKernelSnapShotlnfoOut Out; 
20572| tPSM_GetKernelSnapShotlnfoln In; 
20573 1 

20574| _try { 
20575| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
20576| memset(&o,0,sizeof(o)); 

20577| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
20578| 

20579| In.KernelSnapShotPointer = 

| KernelSnapShotPointer; 
20580 1 

20581 1 B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
20582| IOCTL_GET_KERNEL_SNAPSHOT_INFO, 
20583| &ln, 
20584| sizeof(ln), 
20585| &Out, 
20586| sizeof(Out), 
20587| &returned, 
20588| &o); 
20589 1 

20590| if(B) { 

20591| Err = 0; 

20592| lnfo->CallerPrivateUse = 

| Out.CallerPrivateUse; 
20593| lnfo->NumToKeep = Out.NumToKeep; 

20594| lnfo->Priority = Out. Priority; 

20595| lnfo->SnapShotFlags = 

| Out.SnapShotFlags; 
20596| lnfo->lnstance = Out. Instance; 

20597| lnfo->Persistent = Out. Persistent; 

20598| lnfo->SnapShotTime = Out.SnapShotTime; 

20599| lnfo->Status = Out.Status; 

20600| wcscpy(lnfo->Directory,L"\\"); 
20601| 

| wcscpy(lnfo->Directory,Out.UserSnapShotName); 
20602| 

| //MakeSnapShotDirectoryName(&lnfo->Directory[1 ], 
| KernelSnapShotPointer); 



20603| 

20604| } else { 

20605| Err = GetLastError(); 

20606| DLOG((TEXT( M Error %08x Calling 

| Psm_GetKernelSnapShotlnfo\n"),Err)); 
20607| } 



20608| 
20609| 
20610| 



CloseHandle(o.hEvent); 
} else { 

Err = ERRORJNVALIDJHANDLE; 



20611| } 

20612| } except(EXCEPTION_EXECUTE_HANDLER) { 

20613| Err = GetExceptionCode(); 
2061 4| DLOG((TEXT("Exception %08x 
| Psm_GetKernelSnapShotlnfo\n M ),Err)); 
20615| } 
20616| 

20617| return Err; 

20618| } 

20619| 

20620| DLLEXPORT PSMSTATUS PSMAPI Psm_GetKernelSnapShotlnfoA( 

| PVOID KernelSnapShotPointer, 

| tPSM_GetKernelSnapShotlnfoA *lnfo ) 
20621 1 { 

20622| ULONG Err; 

20623| tPSM_GetKernelSnapShotlnfoW InfoW; 
20624| 

20625| Err = 

| Psm_GetKernelSnapShotlnfoW(KernelSnapShotPointer,&lnfoW) 



20627| if(!Err) { 

20628| CharToOemW(lnfoW.Directory,lnfo->Directory); 
20629| 

20630| lnfo->CallerPrjvateUse = 

| InfoW.CallerPrivateUse; 

20631 1 lnfo->NumToKeep = InfoW.NumToKeep; 

20632| lnfo->Priority = InfoW. Priority; 

20633| lnfo->SnapShotFlags = InfoW.SnapShotFlags; 

20634| lnfo->lnstance = InfoW.lnstance; 

20635| lnfo->Persistent = InfoW. Persistent; 

20636| lnfo->SnapShotTime = InfoW.SnapShotTime; 

20637| lnfo->Status = InfoW.Status; 

20638| } 
20639 1 

20640 1 return Err; 

20641 1 } 
20642 1 

20643| DLLEXPORT PSMSTATUS PSMAPI Psm_SetKernelSnapShotlnfoW( 
| PVOID KernelSnapShotPointer, tPSM_SetKernelSnapShotlnfo 
| *lnfo ) 

20644| { 

20645| ULONG B=FALSE; 

20646| LONG Err; 

20647| OVERLAPPED o; 

20648| ULONG returned; 

20649| pThreadStorage ThreadStorage = GetThreadStorageQ; 



20650| tPSM_SetKernelSnapShotlnfoln In; 
20651 | 

20652 1 _try { 
20653 1 if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
20654| memset(&o,0,sizeof(o)); 

20655| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL ); 
20656| 

20657| In.KernelSnapShotPointer = 

| KernelSnapShotPointer; 
20658| 

| memcpy(&ln.lnfo,lnfo,sizeof(tPSM_SetKernelSnapShotlnfo)) 



20660| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
20661 1 IOCTL_SET_KERNEL_SNAPSHOT_INFO, 
20662| &ln, 
20663| sizeof(ln), 
20664| NULL, 
20665| 0, 
20666| &returned, 
20667| &o); 
20668| 

20669| if(B) { 

20670| Err = 0; 

20671 1 } else { 

20672| Err = GetLastError(); 

20673| DLOG((TEXT("Error %08x Calling 

| Psm_SetKernelSnapShotlnfo\n"),Err)); 
20674| } 

20675| CloseHandle(o.hEvent); 
20676| } else { 

20677| Err = ERRORJNVALIDJHANDLE; 

20678| } 

20679| } except(EXCEPTION EXECUTE HANDLER) { 

20680| Err = GetExceptionCode(); 
20681 1 DLOG((TEXT("Exception %08x 
| Psm_SetKernelSnapShotl nfo\n") , Err)) ; 
20682 1 } 
20683 1 

20684| return Err; 

20685| } 

20686| 

20687| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeCachelnfoW( 

| WCHAR *VolumeName, pPSM_GetVolumeCachelnfoOut Out ); 
20688| 

20689| ULONGLONG GetSizeOfCacheFileFromReg( WCHAR 
| *NtDeviceName, WCHAR *Guid, WCHAR "Unique) 



20690| { 




20691 | 


ULONG DataSize; 


20692 1 


HKEY Key; 


20693 1 


ULONG Err; 


20694| 


WCHAR RegStr[256]; 


20695| 


ULONG lnitialSize=-1 ; 


20696| 


PPARTITIONJNFORMATION Partlnfo; 


20697| 




20698| 


// lets check the registry for this file 


20699 1 




20700| 





| swprintf(RegStr,L"SYSTEM\\CurrentControlSet\\Services\\P 

| SMan%d\Y\ NtBuildNumber > 1381 ? 5 : 4); 
20701 1 // guid = "\??\volume{...} M 
20702| wcscat(RegStr,Guid+1 1 ); 
20703 1 // get rid of last curly braket 
20704| RegStr[wcslen(RegStr)-1]=0; 
20705| 
20706| 

20707| // open the registry 
20708| Err = RegOpenKeyExW( 

20709| HKEY_LOCAL_MACHINE, // handle of open key 
2071 0| RegStr, // address of name of subkey to open 
20711| 0, //reserved 

20712| KEY_READ, // security access mask 
20713| &Key// address of handle of open key 
20714| ); 
20715| 

20716| if(Err==0) { 
20717| DataSize = 4; 
20718| 

20719| Err = 

| RegQueryValueExW(Key,L M lnitialSize M ,NULL,NULL,(char*)&ln 

| itialSize,&DataSize ); 
20720| if(Err) { 

20721 1 DLOG((TEXT("GetSizeOfCacheFileFromReg: no 

| volume specific value\n"))); 
20722 1 goto Default; 

20723| } 
20724| 

20725| // close the registry 
20726| RegCloseKey(Key); 
20727| } else { 

20728| DLOG((TEXT("GetSizeOfCacheFileFromReg: no 

| volume specific key\n"))); 
20729| Default: 

20730| // key doesnt exist try default 
20731| 

| swprintf(RegStr,L"SYSTEM\\CurrentControlSet\\Services\\P 
| SMan%d\\Persistent", NtBuildNumber > 1381 ? 5 : 4); 



20732| Err = RegOpenKeyExW( 

20733| HKEY_LOCAL_MACHINE, // handle of open key 

20734| RegStr, // address of name of subkey to 
| open 

20735| 0, //reserved 

20736| KEY_READ, // security access mask 

20737| &Key// address of handle of open key 

20738| ); 
20739| 

20740| if(Err — 0) { 

20741| DataSize = 4; 
20742| 

20743| Err = 

| RegQueryValueExW(Key,L"d_lnitialSize",NULL,NULL,(char*)& 

| lnitialSize,&DataSize ); 

20744| if(Err) { 

20745| DLOG((TEXT("GetSizeOfCacheFileFromReg: 

| no default value\n"))); 

20746| //set up default... 

20747| Initialize = -20; 

20748| } 
20749| 

20750| // close the registry 

20751 1 RegCloseKey(Key); 

20752 1 } else { 

20753| DLOG((TEXT("GetSizeOfCacheFileFromReg: no 

| default key\n"))); 

20754| Initialize = -20; 

20755| } 

20756| } 

20757| ASSERT(lnitialSize!=0); 
20758| 

20759| if((signed)lnitialSize<0) { 

20760| if((signed)lnitialSize>-1 00) { 

20761 1 // okay cache allocation is based on 

| percentage of disk 
20762| 

20763| Partlnfo = LocalAlloc(LPTR,8192); 

20764| if(Partlnfo) { 

20765| UNICODE_STRING Uni; 

20766| OBJECT_ATTRIBUTES Object Attributes; 

20767| HANDLE hVolume; 

20768| IO_STATUS_BLOCK loStatus; 

20769| ULONG dwBytes Returned; 

20770| 

20771 | 

20772| RtllnitUnicodeString( &Uni, 

| NtDeviceName); 
20773 1 

20774| InitializeObjectAttributes ( 



I &ObjectAttributes, 
20775| &Uni, 
20776| 

| OBJ_CASE_INSENSITIVE, 
20777| NULL, 
20778| NULL); 
20779| 

20780| Err = NtCreateFile( &hVolume, 

20781 | 

| FILE_GENERIC_READ, // desired access 

20782 | 

| &ObjectAttributes, // object attributes 
20783| &loStatus, 
20784| NULL, 

| // alloc size 
20785| 

| FILE ATTRIBUTE NORMAL, // file attributes 
20786| FILE_SHARE_WRITE 
| | FILE SHARE READ, //share 
| access 

20787| FILE_OPEN, 

| // create disposition 
20788| 

| FILE_SYNCHRONOUS_IO_NONALERT, //create 
| options 

20789| NULL, // 

| eabuffer 

20790| 0); // 

| ealength 
20791| 

20792| if(!Err) { 

20793| if(DeviceloControl(hVolume, 

20794| IOCTL_DISK_GET_PARTITION_INFO, 

20795| NULL, 0, 

20796| Partlnfo, 8192, 

20797| &dwBytesReturned, 

20798| NULL)) { 

20799| LARGEJNTEGER L; 

20800| ULONG ISC; 

20801 | 

20802 1 // get it in MB 

20803| 

| L.QuadPart=Partlnfo->PartitionLength.QuadPart / 

| (1024*1024); 
20804| ASSERT(L.HighPart == 0); 

20805| ISC = (L.LowPart * 

| abs(lnitialSize)) / 100; 
20806| // return number of bytes 

20807| InitialSize = ISC; 

20808| 



I DLOG((TEXT( M GetSizeOfCacheFileFromReg: Calculated 

| lnitialSize=%d MB (vol=%l64d 

| MB)\n M ),lnitialSize,L.QuadPart)); 
20809| } else { 

2081 0| // cant get size of volume 

2081 1 1 DLOG((TEXT("Error %08x getting 

| partition info\n M ),Err)); 
20812| Initialize = 20; 

20813| } 
20814| NtClose(hVolume); 
20815| }else{ 

2081 6| // cant open volume to get size of 

lit- 

2081 7\ DLOG((TEXT("Error %08x opening 

| volume\n"),Err)); 
20818| lnitialSize = 20; 

20819| } 
20820| 

20821 1 LocalFree(Partlnfo); 
20822| } else { 

20823| DLOG((TEXT( M GetSizeOfCacheFileFromReg: 

| out of memory\n M ))); 
20824| // cant alloc memory. . 

20825| InitialSize = 20; 

20826| } 
20827| } else { 

20828| DLOG((TEXT("GetSizeOfCacheFileFromReg: 

| Number is negative but above 100%%!!!!!\n M ))); 
20829| // leave InitialSize as what was read from 

| registry 
20830| } 
20831| }else{ 

20832| DLOG((TEXT("GetSizeOfCacheFileFromReg: 

| Specified lnitialSize=%d MB\n"), InitialSize)); 
20833| // leave InitialSize as what was read from 

| registry 
20834| } 
20835| 

20836| return (ULONGLONG)lnitialSize*1 024*1 024; 
20837| } 
20838| 
20839 1 #if 0 

20840| // this is from an aborted attempt to create the cache 
| file fast. 

20841 1 // This code can be removed later on 

20842| ULONG Create PS MWorkDi rectory ( WCHAR *Root ); 

20843| ULONG TryCreateFilesUserMode(pOpenTransactionlnlnternal 

| Internal) 
20844| { 

20845| ULONG i; 



20846| ULONG Err=0; 
20847| 

20848| for(i=0;klnternal->NumberOfDevices;i++) { 
20849| WCHAR Guid[256]=L"\\??\\"; 
20850| WCHAR Unique[256]; 
20851 | 
20852 1 { 

20853| WCHAR Dir[512]; 

20854| 

20855| 

| if(GetDriveLetterForNtDeviceName(DN_MakePointer(lnternal 

| ,lnternal->DeviceName[i]), Unique)!=0) { 
20856| GetWin32NameForNtDeviceName( 

| DN_MakePointer(lnternal,lnternal->DeviceName[i]), 

| Unique); 
20857| } 
20858| 

20859| swprintf(Dir,L M %s\\Persistent Storage 

| Manager State", Unique); 
20860| // make root dir for snapshots on this 

| volume if it 
20861 1 // doesnt exist 

20862| CreatePSMWorkDirectory(Dir); 
20863 1 } 
20864| 
20865| 

| if(GetVolumeGuidForNtDeviceName(DN_MakePointer(lnternal, 

| lnternal->DeviceName[i]),Guid+4)==0) { 
20866| if(Psm_GetVolumeUIDW(Guid,Unique)==0) { 

20867| WCHAR File1[256]; 

20868| WCHAR File2[256]; 

20869 1 WCHAR File3[256]; 

20870| tNTFS_AllocFiles Files[3]; 

20871 1 LONGLONG CacheSize; 

20872 1 

20873| Files[0].FileNameOnly = Filel ; 

20874| Files[1].FileNameOnly = File2; 

20875| Files[2].FileNameOnly = File3; 

20876| 

20877| CacheSize = GetSizeOfCacheFileFromReg( 

| DN_MakePointer(lnternal,lnternal->DeviceName[i]),Guid,Un 
I 'que); 

20878| // this is hardcoded to be 2 megs 

| exactly 

20879| Files[0].FileSize.QuadPart = 

| 2*1024*1024; 
20880| Files[1].FileSize.QuadPart = CacheSize 

|/128; 

20881 1 Files[2].FileSize.QuadPart = CacheSize; 

20882| 



20883| DLOG((TEXT("NT='%ws', guid='%ws\ 

| unique= , %ws'\n"),DN_MakePointer(lnternal,lnternal->Devic 
| eName[i]),Guid, Unique)); 

20884| DLOG((TEXT(" Cache size = %l64d 

| MB\n"),CacheSize / 1024 / 1024)); 

20885| 

20886| swprintf(File1 ,L M \\Persistent Storage 

| Manager State\\%s.header.psm", Unique); 
20887| swprintf(File2,L"\\Persistent Storage 

| Manager State\\%s. index. psm M ,Unique); 
20888| swprintf(File3,L"\\Persistent Storage 

| Manager State\\%s.diff.psm",Unique); 
20889 1 

20890| Err = 

| NTFS_AllocAndlnitFiles(DN_MakePointer(lnternal,lnternal- 

| >DeviceName[i]),3,Files); 
20891 1 } else { 

20892| DLOG((TEXT("unable to retrieve unique 

I id\n"))); 

20893| E r r= E R RO R_WM l_G U I D_N OT_FO U N D ; 

20894| } 
20895| } else { 

20896| DLOG((TEXT("unable to retrieve volume 

I guid\n"))); 

20897| Err=ERROR_WMI_GUID_NOT_FOUND; 

20898| } 

20899 1 } 

20900| return Err; 

20901| } 

20902| #endif 

20903| 

20904| 

20905| DLLEXPORT PSMSTATUS PSMAPI Psm_Create Files W( ULONG 

| NumVolumes, WCHAR **lnVolumeMap, HANDLE AbortEvent ) 
20906| { 

20907| ULONG Err; 

20908| // 4 bytes per pointer, 1 00 bytes (by default) of 
| "string space" 

20909| ULONG InternalBufferChars = 100 * NumVolumes; 
20910| pOpenTransactionlnlnternal Internal; 
20911| ULONG 

| Size=sizeof(tOpenTransactionlnlnternal)+(NumVolumes*4)+( 

| lnternalBufferChars*sizeof(WCHAR)); 
20912| pThreadStorage ThreadStorage = GetThreadStorageQ; 
20913| 

20914| Internal = LocalAlloc(LPTR,Size); 
20915| 

20916| if (Internal) { 

2091 7| Err = MakeVolumeList ( 

20918| NumVolumes, 



20919| InVolumeMap, 

20920| Size, 

20921 1 Internal, 

20922| InternalBufferChars ); 

20923 | 

20924| if(Err==0) { 

20925| lnternal->Size = sizeoff Internal); 

20926| lnternal->AbortEvent = AbortEvent; 

20927| 
20928| #if 0 

20929| // see comment for this function for reason 

| it is commented out 
20930| 

20931 1 // try and create the files in user mode. 

20932| // it doesnt matter if this routine 

| succeeds or not as 
20933| // the kernel mode will fix everything up 

| (or leave it alone, 
20934| // if it actually succeeds) We do this so 

| we can create the 
20935| // cache files really fast 

20936| TryCreateFilesUserMode(lnternal); 
20937| #endif 
20938| 

20939 1 __try { 

20940 1 if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
20941 1 ULONG B=FALSE; 

20942| OVERLAPPED o; 

20943| ULONG returned; 

20944| memset(&o,0,sizeof(o)); 
20945| o.hEvent = CreateEvent( NULL, 

| FALSE, FALSE, NULL); 
20946| 

20947| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 



20948| 


IOCTLCREATEFILES, 


20949 1 


Internal, 


20950| 


Size, 


20951 | 


NULL, 


20952 1 


0, 


20953 1 


& returned, 


20954| 


&o); 


20955| 




20956| 


if(B) { 


20957| 


Err = 0; 


20958| 


} else { 


20959 1 


Err = GetLastError(); 


20960 1 


DLOG((TEXT("Error %08x 



| Psm_GetVolumelnfoW\n"),Err)); 



20961 | } 

20962| CloseHandle(o.hEvent); 

20963 1 } else { 

20964| Err = ERRORJNVALIDJHANDLE; 

20965| } 

20966| } except(EXCEPTION_EXECUTE_HANDLER) { 

20967| Err = GetExceptionCode(); 

20968| DLOG((TEXT("Exception %08x 



| Psm_GetVolumelnfoW\n"),Err)); 
20969 1 } 
20970 1 

20971 1 } else { 

20972| DLOG((TEXT("Error %08x making volume 



| list\n"),Err)); 
20973 1 } 
20974| 

20975| LocalFree(lnternal); 
20976| } else { 

20977| Err = ERROR_OUTOFMEMORY; 

20978| } 

20979 1 return Err; 

20980 1 } 

20981 1 

20982| DLLEXPORT PSMSTATUS PSMAPI Psm_CreateFilesA( ULONG 

| NumVolumes, CHAR **lnVolumeMap, HANDLE AbortEvent ) 
20983 1 { 

20984| PWCHAR *Vmw=NULL; 
20985| ULONG Err=0; 
20986| ULONG i; 
20987| CHAR **lnV; 
20988| 

20989 1 _try { 

20990| (PVOID)lnV= InVolumeMap; 
20991 | 

20992 1 Vmw = 

| LocalAlloc(LPTR,NumVolumes*sizeof(PVOID)); 
20993 1 if(!Vmw) { 

20994| try_return(Err=ERROR_OUTOFMEMORY); 

20995| } 

20996| 

20997| for(i=0;i<NumVolumes;i++) { 
20998| Vmw[i] = 

| LocalAlloc(LPTR,strlen(lnV[i])*sizeof(WCHAR)+sizeof(WCHA 



I R)); 



20999 1 
21000| 
21001| 
21002| 
21003| 
21004| 



if(!Vmw[i]) { 
ULONG j; 
for (j=0;j<i;j++) { 
Local Free(Vmw[i]); 



Local Free( Vmw); 



21 005| try_return(Err=ERROR_OUTOFMEMORY); 
21006| } 

21 007| OemToCharW(lnV[i],Vmw[i]); 
21008| } 
21009| Err = 

| Psm_CreateFilesW(NumVolumes,Vmw,AbortEvent); 
21 01 0| for(i=0;i<NumVolumes;i++) { 
21011| LocalFree(Vmw[i]); 
21012| Vmw[i] = NULL; 

21013| } 

21014| LocalFree(Vmw); 
21015| try_exit: 

21 01 6| // need to have a statement after a label 
21017| ; 
21018| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21019| Err = GetExceptionCode(); 

21 020| DLOG((TEXT("Exception %08x converting ansi to 

| wide during open\n"),Err)); 
21021| } 
21022| return Err; 
21023| } 
21024| 

21025| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeCachelnfoW( 

| WCHAR *VolumeName, pPSM_GetVolumeCachelnfoOut Out ) 
21026| { 

21 027| ULONG B=FALSE; 
21028| LONG Err; 
21029| OVERLAPPED o; 
21030| ULONG returned; 

21 031 1 pThreadStorage ThreadStorage = GetThreadStorage(); 

21032| tPSM_GetVolumeCachelnfoln In; 

21033| 

21034| _try{ 
21035| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
21 036| memset(&o,0,sizeof(o)); 

21037| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
21038| 
21039| 

| Err=GetNTDeviceName(VolumeName,ln.VolumeName,256, FALSE); 
21040| 

21041| if(!Err){ 

21 042| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
21043| IOCTL_GET_VOLUME_CACHE_INFO, 
21044| &ln, 
21045| sizeof(ln), 
21046| Out, 



21047| sizeof(*Out), 

21048| &returned, 

21049| &o); 
21050| 

21051| if(B) { 

21052| Err = 0; 

21053| }else{ 

21054| Err = Getl_astError(); 

21 055| DLOG((TEXT("Error %08x Calling 

| Psm_GetVolumelnfoW\n M ),Err)); 

21056| } 

21057| } 

21 058| CloseHandle(o.hEvent); 

21059| }else{ 

21060| Err = ERRORJNVALIDJHANDLE; 

21061| } 

21 062| } except(EXCEPTION_EXECUTE_HANDLER) { 

21 063| Err = GetExceptionCode(); 

21 064| DLOG((TEXT("Exception %08x 



| Psm_GetVolumelnfoW\n M ),Err)); 
21065| } 
21066| 

21067| return Err; 

21068| 

21069| } 

21070| 

21071| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeCachelnfoA( 

| CHAR *VolumeName, pPSM_GetVolumeCachelnfoOut Out ) 
21072| { 

21 073| WCHAR VolumeNameW[256]; 

21074| OemToCharW(VolumeName,VolumeNameW); 

21 075| return Psm_GetVolumeCachelnfoW(VolumeNameW,Out); 

21076| } 

21077| 

21078| 

21079| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_GetSnapShotlnfoFromVolumeW( WCHAR *VolumeName, 

| tSnapShotlnfoW *SnapShotlnfo ) 
21080| { 
21081| return 

| PSMI_GetSnapShotlnfoFromVolume(VolumeName,SnapShotlnfo); 
21082| } 
21083| 

21084| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_GetSnapShotlnfoFromVolumeA( CHAR *VolumeName, 

| tSnapShotlnfoA *SnapShotlnfo ) 
21085| { 

21 086| WCHAR *VolumeNameW; 
21 087| tSnapShotlnfoW SSIW; 
21088| ULONG Err=0; 



21089| 

21090| if(VolumeName) { 
21091| VolumeNameW = 

| LocalAlloc(LPTR,strlen(VolumeName)*sizeof(WCHAR)+sizeof( 

| WCHAR)); 
21 092| if(VolumeNameW) { 

21 093| OemToCharW(VolumeName,VolumeNameW); 
21 094| SSIW.Size = sizeof(tSnapShotlnfoW); 

21095| 

21096| Err = 

| Psm_GetSnapShotlnfoFromVolumeW(VolumeNameW,&SSIW); 
21097| if(!Err){ 
21098| 

| memmove(&(SnapShotlnfo->SnapShot),&(SSIW.SnapShot),sizeo 
| f(tSnapShot)); 
21099| 

| CharToOemW(SSIW.Company,SnapShotlnfo->Company); 
21100| 

| CharToOemW(SSIW.Product,SnapShotlnfo->Product); 
21101| 

| CharToOemW(SSIW.Version,SnapShotlnfo->Version); 
21102| 

| CharToOemW(SSIW.Code,SnapShotlnfo->Code); 
21103| CharToOemW(SSIW.Key,SnapShotlnfo->Key); 
21104| 

| CharToOemW(SSIW.Volume,SnapShotlnfo->Volume); 
21105| } 

21 1 06| LocalFree(VolumeNameW); 
21107| }else{ 

21 1 08| Err = ERROR_OUTOFMEMORY; 

21109| } 
21110| }else{ 

21111| Err = ERROR_INVALID_PARAMETER; 

21112| } 

21113| return Err; 

21114| } 

21115| 

21116| DLLEXPORT PSMSTATUS PSMAPI Psm_lsAnPSMVolumeW( WCHAR 

| *VolumeName ) 
21117| { 

21118| return PSMIJsAnPSMVolume(VolumeName); 

21119| } 

21120| 

21121| DLLEXPORT PSMSTATUS PSMAPI Psm_lsAnPSMVolumeA( CHAR 

| *VolumeName ) 
21122| { 

21123| ULONG Err; 
21124| WCHAR 

| *VolNameW=LocalAlloc(LPTR,(strlen(VolumeName)+1) * 

| sizeof(WCHAR)); 



21125| if(VolNameW) { 

21 1 26| OemToCharW(VolumeName, VolNameW); 
21127| Err = PsmJsAnPSMVolumeW(VolNameW); 
21128| LocalFree(VolNameW); 
21129| }else{ 

21 130| Err = ERROR_OUTOFM EMORY; 

21131| } 

21132| return Err; 

21133| } 

21134| 

21135| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeStatsW( WCHAR 

| *VolumeName, tPSM_GetStatsRecord *Stats ) 
21136| { 

21 1 37| pThreadStorage ThreadStorage = GetThreadStorageQ; 

21138| 

21139| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21140| return 

| PSMI_GetVolumeStats(ThreadStorage->PSManHandle,ThreadSto 

| rage->PSManEvent,VolumeName, Stats); 
21141| }else{ 

21142| return ERRORJNVALIDJHANDLE; 
21143| } 
21144| } 
21145| 

21146| DLLEXPORT PSMSTATUS PSMAPI Psm_GetVolumeStatsA( CHAR 

| *VolumeName, tPSM_GetStatsRecord *Stats ) 
21147| { 

21148| ULONG Err; 
21149| WCHAR 

| *VolNameW=LocalAlloc(LPTR,(strlen(VolumeName)+1) * 

| sizeof(WCHAR)); 
21150| if (VolNameW) { 

21151| OemToCharW(VolumeName, VolNameW); 
21 152| Err = Psm_GetVolumeStatsW(VolNameW,Stats); 
21 153| LocalFree(VolNameW); 
21154| }else{ 

21 155| Err = ERROR_OUTOFM EMORY; 

21156| } 

21157| return Err; 

21158| } 

21159| 

21160| DLLEXPORT PSMSTATUS PSMAPI Psm_CanBePSMedW( WCHAR 

| *VolumeName ) 
21161| { 

21 1 62 1 ULONG VolumeType; 

21 1 63 1 return PSMI_CanBePSMed(VolumeName,&VolumeType); 

21164| } 

21165| 



21166| DLLEXPORT PSMSTATUS PSMAPI Psm_CanBePSMedA( CHAR 

| *VolumeName ) 
21167| { 

21168| ULONG Err; 
21169| WCHAR 

| *VolNameW=LocalAlloc(LPTR,(strlen(VolumeName)+1) * 

| sizeof(WCHAR)); 
21170| if(VolNameW) { 

21 1 71 1 OemToCharW(VolumeName,VolNameW); 
21172| Err = Psm_CanBePSMedW(VolNameW); 
21 1 73 1 LocalFree(VolNameW); 
21174| }else{ 

21 1 75| Err = ERROR_OUTOFM EMORY; 

21176| } 

21177| return Err; 

21178| } 

21179| 

21180| DLLEXPORT PSMSTATUS PSMAPI Psm_lsSupportedTypeW( WCHAR 

| *VolumeName ) 
21181| { 

21 182| ULONG VolumeType=PSM_IS_UNKNOWN; 
21183| PSMI_CanBePSMed(VolumeName,&VolumeType); 
21 1 84| return VolumeType; 
21185| } 
21186| 

21187| DLLEXPORT PSMSTATUS PSMAPI Psm_lsSupportedTypeA( CHAR 

| *VolumeName ) 
21188| { 

21189| ULONG Type; 
21190| WCHAR 

| *VolNameW=LocalAlloc(LPTR,(strlen(VolumeName)+1) * 

| sizeof(WCHAR)); 
21191| if(VolNameW) { 

21192| OemToCharW(VolumeName, VolNameW); 
21 193| Type = PsmJsSupportedTypeW(VolNameW); 
21194| LocalFree(VolNameW); 
21195| }else{ 

21 196| Type = PSM_IS_UNKNOWN; 
21197| } 

21198| return Type; 

21199| } 

21200| 

21201| DLLEXPORT PSMSTATUS PSMAPI Psm_FreeFilesW( IN pSnapShot 

| Snapshot, IN ULONG NumberOfFiles, WCHAR *Files[]) 
21202| { 

21203| ULONG Err=0; 

21 204| pThreadStorage ThreadStorage = GetThreadStorageQ; 
21205| 

21206| __try{ 

21 207| //DLOG((TEXT("Psm_FreeFiles Called 



I %d\n"),NumberOfFiles)); 
21208| 

21 209| if ( (NumberOf Files>0) && 
21210| 

| (ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 
21211| 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) 
21212| Err = 

| PSMI_FreeFiles(ThreadStorage->PSManHandle,ThreadStorage- 

| >PSManEvent,SnapShot,NumberOf Files, Files); 
21213| 

21214| } except(EXCEPTION_EXECUTE_HANDLER) { 

21215| Err = GetExceptionCode(); 

21216| DLOG((TEXT("Exception %08x Freeing 

| Files\n"),Err)); 
21217| } 
21218| 

21219| return Err; 

21220| } 

21221| 

21222| DLLEXPORT PSMSTATUS PSMAPI Psm_FreeRangesW( IN 

| tPSM_Free Ranges * Ranges ) 
21223| { 

21224| ULONG Err=0; 

21225| pThreadStorage ThreadStorage = GetThreadStorage(); 
21226| 

21227| __try{ 

21228| // DLOG((TEXT("Psm_FreeRanges Called\n"))); 
21229| 

21230| if ( (Ranges->NumberOfRanges>0) && 
21231| 

| (ThreadStorage->PSMan Event !=INVALID_HANDLE_VALUE) && 
21232| 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) 
21233| Err = 

| PSMI_FreeRanges(ThreadStorage->PSManHandle,ThreadStorage 

| ->PSManEvent, Ranges); 
21234| 

21235| } except(EXCEPTION_EXECUTE_HANDLER) { 

21236| DLOG((TEXT("Exception %08x Freeing 

| ranges\n"),Err)); 
21 237| Err = GetExceptionCode(); 
21238| } 
21239| 

21240| return Err; 

21241| } 

21242| 

21243| DLLEXPORT PSMSTATUS PSMAPI Psm_FreeVolumeW( IN 

| pSnapShot Snapshot, IN WCHAR *VolumeName ) 
21244| { 



21245| ULONG Err=ERROR_INVALID_HANDLE; 

21246| pThreadStorage ThreadStorage = GetThreadStorage(); 

21 247| tPSM_Free Volume Volume; 

21248| 

21 249| DLOG((TEXT("Psm_Free Volume Called\n"))); 
21250| 

21251| __try{ 
21252| if(!(Err = 

| GetNTDeviceName(VolumeName, Volume. VolumeName,256, FALSE)) 

l){ 

21253| if(!(Err = FreeOneVolumeForSnapShot ( 

| Snapshot, Volume. VolumeName ))) { 
21254| Volume. KernelSnapShotPointer = 

| SnapShot->KernelSnapShotPointer; 
21255| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21256| Err=PSMI_FreeVolume( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| &Volume ); 
21257| }else{ 

21 258| DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21259| } 
21260| }else{ 

21 261 1 DLOG((TEXT("Error %08x freeing volume 

| '%S' = VoSW'),Err,VolumeName,Volume.VolumeName)); 
21262| } 
21263| }else{ 

21264| DLOG((TEXT("Error %08x getting device name 

| for '%S'\n M ), Err, VolumeName)); 
21265| } 

21266| } except(EXCEPTION_EXECUTE_HANDLER) { 

21 267| DLOG((TEXT("Exception %08x Freeing 

| Volume\n M ),Err)); 
21 268| Err = GetExceptionCode(); 
21269| } 
21270| 

21271| return Err; 

21272| } 

21273| 

21274| DLLEXPORT PSMSTATUS PSMAPI Psm_FreeVolumeA( IN 

| pSnapShot Snapshot, IN CHAR *VolumeName ) 
21275| { 

21 276| WCHAR VolNameW[256]; 

21277| OemToCharW(VolumeName,VolNameW); 

21278| return Psm_FreeVolumeW(SnapShot,VolNameW); 

21279| } 

21280| 

21281| DLLEXPORT PSMSTATUS PSMAPI Psm_GetError( OUT 



I pPSM_GetErrorOut Out ) 
21282| { 

21283| ULONG Err=ERROR_INVALID_HANDLE; 

21 284| pThreadStorage ThreadStorage = GetThreadStorage(); 

21285| 

21286| __try{ 

21287| DLOG((TEXT( M Psm_GetErrorCalled\n"))); 
21288| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21289| Err=PSMI_GetError( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Out, NULL); 
21290| }else{ 

21291 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21292| } 
21293| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21294| Err = GetExceptionCode(); 

21 295| DLOG((TEXT("Exception %08x getting error 

| info\n"),Err)); 
21296| } 
21297| return Err; 
21298| } 
21299| 

21300| DLLEXPORT PSMSTATUS PSMAPI Psm_GetSnapShotError( IN 

| pSnapShot Snapshot, OUT pPSM_GetErrorOut Out ) 
21301| { 

21302| ULONG Err=ERROR_INVALID_HANDLE; 

21303| pThreadStorage ThreadStorage = GetThreadStorage(); 

21304| 

21305| __try { 

21306| DLOG((TEXT("Psm_GetSnapShotErrorCalled\n M ))); 
21307| 

21308| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21309| Err=PSMI_GetError( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Out, Snapshot ); 
21310| }else{ 

2131 1 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21312| } 
21313| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21314| Err = GetExceptionCode(); 

21315| DLOG((TEXT("Exception %08x getting error 

| info\n"),Err)); 



21316| } 

21317| return Err; 

21318| } 

21319| 

21320| DLLEXPORT PSMSTATUS PSMAPI Psm_GetProgress( OUT 

| pPSM_GetProgressOut Out ) 
21321| { 

21322| ULONG Err=ERROR_INVALID_HANDLE; 

21323| pThreadStorage ThreadStorage = GetThreadStorage(); 

21324| 

21325| __try{ 

21326| // DLOG((TEXT("Psm_GetProgress Called\n"))); 
21327| 

21328| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
2 1 329 1 E rr= PS M l_Get P rog ress ( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Out, NULL); 
21330| }else{ 

21331 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21332| } 
21333| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21334| Err = GetExceptionCode(); 

21335| DLOG((TEXT("Exception %08x getting 

| progress\n"),Err)); 
21336| } 
21337| return Err; 
21338| } 
21339| 

21340| DLLEXPORT PSMSTATUS PSMAPI Psm_GetSnapShotProgress( IN 

| pSnapShot Snapshot, OUT pPSM_GetProgressOut Out ) 
21341| { 

21342| ULONG Err=ERROR_INVALID_HANDLE; 

21343| pThreadStorage ThreadStorage = GetThreadStorageQ; 

21344| 

21345| __try{ 

21346| // D LOG ((TEXT("Psm_GetP rog ress CalledXn"))); 
21347| 

21348| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
2 1 349 1 E rr= PS M l_Get P rog ress ( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Out, Snapshot); 
21350| }else{ 

21 351 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 



21352| } 
21353| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21354| Err = GetExceptionCode(); 

21355| DLOG((TEXT("Exception %08x getting 

| progress\n"),Err)); 
21356| } 
21357| return Err; 
21358| } 
21359| 

21360| DLLEXPORT PSMSTATUS PSMAPI Psm_OpenExclusive( pSnapShot 

| Snapshot ) 
21361| { 

21362| ULONG Err=ERROR_INVALID_HANDLE; 

21363| pThreadStorage ThreadStorage = GetThreadStorageQ; 

21364| 

21365| __try{ 

21366| DLOG((TEXT("Psm_OpenExclusiveCalled\n M ))); 
21367| 

21368| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21 369| Err= PSM l_Open Exclusive( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Snapshot ); 
21370| }else{ 

21371 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21372| } 
21373| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21374| Err = GetExceptionCode(); 

21 375| DLOG((TEXT("Exception %08x opening 

| exclusive\n"),Err)); 
21376| } 
21377| return Err; 
21378| } 
21379| 

21380| DLLEXPORT PSMSTATUS PSMAPI Psm_CloseExclusive( 

| pSnapShot Snapshot ) 
21381| { 

21382| ULONG Err=ERROR_INVALID_HANDLE; 

21383| pThreadStorage ThreadStorage = GetThreadStorage(); 

21384| 

21385| __try{ 

21386| DLOG((TEXT("Psm_CloseExclusiveCalled\n"))); 
21387| 

21388| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 
| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 



21389| Err=PSMI_CloseExclusive( 

| ThreadStorage->PSManHandle, ThreadStorage->PSMan Event, 

| Snapshot); 
21390| }else{ 

21 391 1 DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21392| } 
21393| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21394| Err = GetExceptionCode(); 

21 395| DLOG((TEXT("Exception %08x closing 

| exclusive\n"),Err)); 
21396| } 
21397| return Err; 
21398| } 
21399| 

21400| DLLEXPORT PSMSTATUS PSMAPI Psm_CreateSnapShotW( 

21401| IN pOpenTransactionln3W In, 

21402| IN ULONG NumVolumes, 

21403| IN PVOID InVolumeMap, 

21404| IN ULONG *VolumeMap Flags, 

21405| IN ULONG OutVolumeMapByteSize, 

21406| INOUT PVOID OutVolumeMap, 

21407| OUT pOpenTransactionOutW Out, 

21408| OUT pSnapShot *SnapShot, 

21409| INOUT LPOVERLAPPED Overlapped, 

21 4-10| IN LPOVERLAPPEDCOMPLETIONROUTINE 

| CompletionRoutine ) 
21411| { 

21412| ULONG Err=ERROR_INVALID_HANDLE; 

21413| pThreadStorage ThreadStorage = GetThreadStorage(); 

21414| ULONG DoLogErr = 1 ; 

21415| ULONG DoCleanup = 1 ; 

21416| 

21417| _try{ 

21418| DLOG((TEXT("Psm_CreateSnapShot Called\n M ))); 
21419| 

21420| if(ThreadStorage->RegisterCalled) { 
21421| if 

| (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) { 
21422| if(!HasEvalExpired(NULL)) { 

21423| if(Overlapped) { 

21424| DLOG((TEXT("Creating PSM 

| snapshot Async\n"))); 
21425| 

21426| Err=PSMI_OpenEx( 

| ThreadStorage->PSManHandle, In, NumVolumes, 
| InVolumeMap, VolumeMapFlags, OutVolumeMapByteSize, 
| OutVolumeMap, Out, Overlapped, CompletionRoutine, 
| PSM_IFLAG_NEW_SNAPSHOT, SnapShot); 



21427| DLOG((TEXT("OpenEx returned 

| %08x\n M ),Err)); 
21428| jf(Err==ERROR_IO_PENDING) { 

21429| DoLogErr = 0; 

21430| } 
21431| DoCleanup=0; 
21432| }else{ 
21433| OVERLAPPED o={0}; 

21434| 

21435| DLOG((TEXT("Creating PSM 

| snapshot Sync\n"))); 
21436| 

| ResetEvent(ThreadStorage->PSManEvent); 
21437| o.hEvent = 

| ThreadStorage->PSMan Event; 
21438| 

21439| Err = 

| PSMI_OpenEx(ThreadStorage->PSManHandle,ln,NumVolumes, 
| InVolumeMap, VolumeMapFlags, OutVolumeMapByteSize, 
| OutVolumeMap, 

| Out,&o,NULL,PSM_IFLAG_NEW_SNAPSHOT,SnapShot); 
21440| 

21441 1 if (Err == ERROR_IO_PENDING) { 

21442| DoLogErr=0; 

21443| DoCleanup=0; 

21 444| DLOG((TEXT("Waiting for 

| Psm_Enable to finish\n"))); 
21 445| // wait for app to finish 

| running, or timeout 
21446| do{ 
21447| Err = 

| WaitForSingleObjectEx ( ThreadStorage->PSManEvent, 

| INFINITE, TRUE); 
21448| DLOG((TEXT("WFSO 

| finished %08x\n"), Err)); 
21449| } 

| while(Err==WAITJO_COMPLETION); 
21450| 

21451 1 if(Err==WAIT_OBJECT_0) 

| // get Win32 error code 
21452| Err = o.lnternalHigh; 

| // o. Internal is the nt status code 
21453| else 
21454| Err = Getl_astError(); 

21455| 

21456| DLOG((TEXT( M Err=%08x ols: 

| %08x %08x %08x %08x %08x\n"), Err, o.lnternalHigh, 
| o. Internal, o.OffsetHigh, o.Off set, Get Last Error())); 

21457| } 

21458| } 



21459| }else{ 

21460| Err = PSM_EVALUATION_EXPIRED; 

21 461 1 DLOG((TEXT("Error %08x psm eval 

| expired\n"),Err)); 
21462| PSMI_LogEvent( Err, Err, 0, NULL); 

21463| DoLogErr= 0; 

21464| } 
21465| }else{ 

21 466| DLOG((TEXT("Error %08x psm not 

| installed\n"),Err)); 
21467| } 
21468| }else{ 

21 469| DLOG((TEXT("Psm_Register not 

| called!\n"),Err)); 
21470| Err = PSM_ERROR_REGISTER_NOT_CALLED; 

21471 1 PSMI_LogEvent( Err, Err, 0, NULL); 

21472| DoLogErr = 0; 

21473| } 
21474| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21475| Err = GetExceptionCode(); 

21 476| DLOG((TEXT("Exception %08x opening 

| psm\n"),Err)); 
21477| } 

21478| if(DoCleanup) { 

21479| // clean up message status the com object may 
| have set 

21480| // as the kernel hasnt had a chance to execute 

| and clean 
21 481 1 // the message up. 

21482| Psm_SetStatus(PSM_IDLE,PSM_GLOBAL_STATUS); 
21483| } 

21484| if ((DoLogErr) && (Err)) { 
21485| WCHAR *Strings[1]; 
21486| WCHAR Error[20]; 
2 1 487 1 s wp ri ntf ( E rro r, L"%08x" , Err) ; 
21488| Strings[0] = Error; 
21489| PSMI_LogEvent( 

| PSM_SNAPSHOT_COULD_NOT_BE_CREATED, Err, 1, Strings ); 
21490| } 
21491| return Err; 
21492| } 
21493| 

21494| DLLEXPORT PSMSTATUS PSMAPI Psm_CreateSnapShotA( 

21495| IN pOpenTransactionln3A In, 

21496| IN ULONG NumVolumes, 

21497| IN PVOID In Volume Map, 

21498| IN ULONG *VolumeMapFlags, 

21499| IN ULONG OutVolumeMapByteSize, 

21500| INOUT PVOID OutVolumeMap, 



21 501 1 OUT pOpenTransactionOutA Out, 

21 502| OUT pSnapShot *SnapShot, 

21503| INOUT LPOVERLAPPED Overlapped, 

21504| IN LPOVERLAPPED_COMPLETION_ROUTINE 

| Completion Routine ) 
21505| { 

21506| tOpenTransactionln3W lnW={0}; 

21 507| PWCHAR *Vmw=NULL; 

21508| ULONG Err=0; 

21509| ULONG i; 

21510| CHAR**lnV; 

21511| 

21512| __try{ 

21513| if((!ln) || (!Out) || (MnVolumeMap) || 

| (IVolumeMapFlags) || (!OutVolumeMap) || 

| (OutVolumeMapByteSize<8) || ((signed)NumVolumes<1)) { 
21514| try_return ( Err= E R RO R_l N V AL I DP A R A METER); 

21515| } 
21516| 

21517| if( 

21518| (ln->Size!=sizeof(tOpenTransactionln3A)) && 

21519| (ln->Size!=sizeof(tOpenTransactionln2A)) && 

21520| (ln->Size!=sizeof(tOpenTransactionln1A)) 
21521| ){ 

21522| try_return(Err=ERROR_INVALID_PARAMETER); 

21523| } 

21524| 

21 525| // check the length so we dont copy over the 

| stack and destory 
21 526| // everything we are lookin at if the things 

| contain long names 
21527| if( 

| (!CheckForZeroTerminatorA(ln->CacheFileName,256)) || 
21528| 

| (!CheckForZeroTerminatorA(ln->PreOpenFile,256)) || 
21529| 

| (!CheckForZeroTerminatorA(ln->PostOpenFile,256)) || 
21530| 

| (!CheckForZeroTerminatorA(ln->PostCloseFile,256)) || 
21531| (!CheckForZeroTerminatorA(ln->UserName,40)) 
I II 

21532| (!CheckForZeroTerminatorA(ln->Password,40)) 
l){ 

21533| try_return(Err=ERROR_INVALID_PARAMETER); 

21534| } 

21535| 

21536| lnW.Size=sizeof(tOpenTransactionln3W); 
21537| InW.SizeOfCacheFileMB = ln->SizeOfCacheFileMB; 
21538| InW.MaxSizeOfCacheFileMB = 
| ln->MaxSizeOfCacheFileMB; 



21539| InW.FIags = ln->Flags; 

21540| InW.QuiescentWait = ln->QuiescentWait; 

21541 1 InW.QuiescentTimeout = ln->QuiescentTimeout; 

21542| InW.ErrorEvent = ln->ErrorEvent; 

21543| InW.AbortEvent = ln->AbortEvent; 

21544| 

21545| // Persistent structure is same size as 3A so 

| above stuff copyied all the right values 

21 546| if(ln->Size>=sizeof(tOpenTransactionln2A)) { 

21547| InW.Securitylnfo = ln->Securitylnfo; 
21548| 

21549| if(ln->Size>=sizeof(tOpenTransactionln3A)) 
|{ 

21550| InW.CallerPrivateUse = 

| ln->CallerPrivateUse; 

21551 1 InW.NumToKeep = ln->NumToKeep; 

21552| }else{ 

21553| InW.CallerPrivateUse = NULL; 

21554| InW.NumToKeep = -1; 

21555| } 

21556| }else{ 

21557| InW.Securitylnfo = NULL; 

21558| } 

21559| 

21560| 

| OemToCharW(ln->CacheFileName,lnW.CacheFileName); 

21561| OemToCharW(ln->PreOpenFile,lnW.PreOpenFile); 

21562| OemToCharW(ln->PostOpenFile,lnW.PostOpenFile); 
21563| 

| OemToCharW(ln->PostCloseFile,lnW.PostCloseFile); 

21564| OemToCharW(ln->UserName,lnW.UserName); 

21565| OemToCharW(ln->Password,lnW.Password); 
21566| 

21567| (PVOID)lnV = InVolumeMap; 
21568| 

21569| Vmw = 

| LocalAlloc(LPTR,NumVolumes*sizeof(PVOID)); 

21570| if(!Vmw){ 

21571 1 try_return(Err=ERROR_OUTOFMEMORY); 

21572| } 

21573| 

21574| for(i=0;i<NumVolumes;i++) { 

21575| Vmw[i] = 

| LocalAlloc(LPTR,strlen(lnV[i])*sizeof(WCHAR)+sizeof(WCHA 

I R)); 

21576| if(!Vmw[i]) { 

21577| ULONG j; 

21578| for (j=0;j<i;j++) { 

21579| LocalFree(Vmw[i]); 

21580| } 



21581| Local Free(Vmw); 

21582| try_return(Err=ERROR_OUTOFMEMORY); 
21583| } 

21584| OemToCharW(lnV[i],Vmw[i]); 

21585| } 

21586| 

21587| // put special marker in out so the APC routine 
| knows that 

21588| // it should be ansi and not Unicode 
21589| (*(DWORD*)Out) = 0x5a4b3c2d; 
21590| 

21591| // In, InVolumeMap, InVolumeMapFlags are 

| completely read only and not accessed after this 
21592| //function returns. 

21593| Err = Psm_CreateSnapShotW(&lnW,NumVolumes, Vmw, 
| VolumeMapFlags, OutVolumeMapByteSize, OutVolumeMap, 
| (tOpenTransactionOutW*)Out,SnapShot, Overlapped, Completio 
| nRoutine); 

21594| 

21595| for(i=0;i<NumVolumes;i++) { 
21596| LocalFree(Vmw[i]); 
21597| Vmw[i] = NULL; 

21598| } 

21599| LocalFree(Vmw); 
21600| 

21601 1 try_exit: 

21 602| // need to have a statement after a label 
21603| ; 
21604| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21 605| Err = GetExceptionCode(); 

21 606| DLOG((TEXT("Exception %08x converting ansi to 

| wide during open\n"),Err)); 
21607| } 
21608| return Err; 
21609| } 
21610| 
21611| 

21612| DLLEXPORT PSMSTATUS PSMAPI Psm_DestroySnapShot ( 

| tSnapShot *SnapShot ) 
21613| { 

21614| ULONG Err=ERROR_INVALID_HANDLE; 

21 61 5| pThreadStorage ThreadStorage = GetThreadStorage(); 

21616| 

21617| __try{ 

21618| DLOG((TEXT("Psm_DestroySnapShot Called\n"))); 
21619| __try{ 
21620| // close psm 

21621| if 

| ((ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) && 



I (ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE)) { 
21622| Err = 

| PSMI_Close(ThreadStorage->PSManHandle,ThreaclStorage->PSM 

| anEvent,SnapShot); 
21623| } 
21624| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

21 625| D LOG ( (TEXT(" Exceptio n %08x closing 

| psm\n"),Err)); 
21 626| Err = GetExceptionCode(); 

21627| } 
21628| } ^finally { 

21 629| // make sure we decrement this so we can close 
| the handle 

21 630| // and have the driver clean up after us, even 

| if the above call failed. 
21 631 1 if(ThreadStorage->NumOpens>0) 
21 632| ThreadStorage->NumOpens--; 
21 633| if(ThreadStorage->NumOpens) { 
21 634| DLOG((TEXT("Psm still open\n M ))); 

21635| } 
21636| } 
21637| 

21638| return Err; 

21639| } 

21640| 

21641| // 

| 

21642| // Internal support functions 
21643| 

21644| #ifdef _DEBUG 

21645| void PSM_LogDebuglnfo( const TCHAR *fmt,...) { 

21646| FILE *fp=NULL; 

21647| vajist argptr; 

21 648| TCHAR Buff[256]; 

21 649| TCHAR Buff2[256]; 

21650| TCHAR Timestr[30]; 

21651| time_tTime; 

21652| 

21653| if(!DebugMode) 
21654| return; 
21655| 

21 656 1 va_start(argptr, fmt); 

21 657| _vstprintf(Buff2, fmt, argptr); 

21 658| va_end(argptr); 

21659| 

21660| Time = time(NULL); 

21 661 1 _tcsftime(Timestr,40,TEXT("%m/%d/%y %H:%M:%S: 

| M ),localtime(&Time)); 
21662| 



21663| _stprintf(Buff,TEXT( M %s%s"),Timestr,Buff2); 
21664| 

21 665| if (Tlsl ndex !=Oxffffffff ) { 

21 666| pTh read Storage ThreadStorage = 

| GetThreadStorage(); 
21667| 
21668| 

| if(ThreadStorage->DebugLogFile!=INVALID_HANDLE_VALUE) { 
21669| U LONG Written; 

21670| // write to file. . 

21671| 

| WriteFile(ThreadStorage->DebugLogFile,Buff,_tcslen(Buff) 

| *sizeof(TCHAR),&Written,NULL); 
21672| } 
21673| } 
21674| 

21675| //write to debugger... 
21 676| OutputDebugString(Buff); 
21677| } 

21678| void PSM_LogDebuglnfoW( const WCHAR *fmt,...) { 

21679| FILE *fp=NULL; 

21680| vajist argptr; 

21681| WCHAR Buff[256]; 

21 682| WCHAR Buff2[256]; 

21 683| WCHAR Timestr[30]; 

21684| time_tTime; 

21685| 

21686| if(IDebugMode) 
21687| return; 
21688| 

21 689 1 va_start(argptr, fmt); 

21 690| vswprintf(Buff2, fmt, argptr); 

21 691 1 va_end(argptr); 

21692| 

21 693| Time = time(NULL); 

21 694| wcsftime(Timestr,40,L M %m/%d/%y %H:%M:%S: 

| ",localtime(&Time)); 
21695| 

21 696| swprintf(Buff,L M %s%s",Timestr,Buff2); 
21697| 

21 698| if (Tlsl ndex !=0xffffffff) { 

21 699| pTh read Storage ThreadStorage = 

| GetThreadStorage(); 
21700| 
21701| 

| if(ThreadStorage->DebugLogFile!=INVALID_HANDLE_VALUE) { 
21702| U LONG Written; 

21703| // write to file.. 

21704| 

| WriteFile(ThreadStorage->DebugLogFile,Buff,wcslen(Buff)* 



I sizeof(WCHAR),&Written,NULL); 



21705 
21706 
21707 
21708 
21709 
21710 
21711 
21712 
21713 
21714 
21715 
21716 
21717 
21718 
21719 
21720 
21721 



space, see mountmgr.h 



21722 
21723 
21724 
21725 



21726 
21727 
21728 
21729 
21730 
21731 
21732 
21733 
21734 
21735 
21736 
21737 
21738 
21739 
21740 
21741 
21742 
21743 
21744 
21745 
21746 
21747 
21748 



} 

} 

//write to debugger... 
OutputDebugStringW(Buff); 

} 

#endif 

STATIC ULONG GetDeviceName ( 
HANDLE VolHandle, 
WCHAR *DeviceName, 
ULONG BufferLengthlnChars ) 



{ 



ULONG dwBytesReturned; 

ULONG Err=ERROR_MORE_DATA; 

BOOL B; 

ULONG CurrentSize = 1 00; // sizeof volume in system 



PMOUNTDEV_NAME MN; 

do { 
MN = 



LocalAlloc(LPTR,CurrentSize+sizeof(MOUNTDEV_NAME)); 
if(MN) { 

if((B = DeviceloControl(VolHandle, 

lOCTLMOUNTDEVQUERYDEVICENAME, 
NULL, 0, 

MN, CurrentSize+sizeof(MOUNTDEV_NAME), 
&d wBy tes Retu r ned , 
NULL))) { 
Err = 0; 
} else { 

Err = GetLastError(); 
if(Err==ERRO R_M O R E_D ATA) { 
LocalFree(MN); 
CurrentSize*=2; 

} 

} 

} else { 

Err = ERROR_OUTOFMEMORY; 
B = FALSE; 

} 

} while(Err==ERROR_MORE_DATA); 



if(!Err) { 

int numChars = 

| min((ULONG)MN->NameLength/sizeof(WCHAR),BufferLengthlnCh 
I ars-1); 

21 749| wcsncpy(DeviceName,MN->Name,numChars); 



21750| //null terminate 

21 751 1 DeviceName[numChars] = 0; 

21752| }else{ 

21753| Err = Getl_astError(); 

21 754| DLOG((TEXT("Error %08x getting device 

| name\n"),Err)); 
21755| } 
21756| if(MN) 
21757| LocalFree(MN); 
21758| return Err; 
21759| } 
21760| 

21761| WCHAR NibbleToHexWChar( unsigned char In, BOOLEAN 

| TakeUpper ) 
21762| { 

21763| In = TakeUpper?(ln » 4):(ln & Oxf); 

21764| return (WCHAR)( ( In > 9 )?(ln - 10 + 'a'):(ln + 

I '0') ); 
21765| } 
21766| 

21767| ULONG BufferToHexWChar( PVOID Buffer, ULONG NumBytes, 

| PWCHAR Out, ULONG *OutSize) 
21768| { 

21769| ULONG Status = 0; 
21770| ULONG i; 

21 771 1 unsigned char *ln = (unsigned char*)Buffer; 
21772| 

21 773| //Round to take whole number of D_words 
21 774| NumBytes = (NumBytes+3)/4*4; 
21775| 

21776| if (Out==NULL) { 

21 777| *OutSize = (NumBytes*2+1 )*sizeof(WCHAR); 

21778| }else{ 

21779| if fOutSize < 2) { 

21 780 1 // just give back bad status as not room to 

| put even an empty string 
21781| Status = ERROR_INSUFFICIENT_BUFFER; 

21782| 

21783| }else{ 
21784| 

21 785| if ((NumBytes*2+1 )*sizeof (WCHAR) > *OutSize 

l){ 

21 786 1 //not enough room for all we have pack 

| the limit and give bad status 
21787| NumBytes = 

| (*OutSize/sizeof(WCHAR)-1)/2; 
21788| Status = ERROR_BUFFER_OVERFLOW; 

21789| } 

21 790| *OutSize = (NumBytes*2+1 )*sizeof(WCHAR); 

21791| 



21792| for (i=0;i<NumBytes;ln++,i++,Out+=2) { 

21793| Out[0] = NibbleToHexWChar(ln[0],1); 

21794| Out[1] = NibbleToHexWChar(ln[0],0); 

21795| } 

21796| Out[0] = L'\0'; 

21797| } 



21798| } 

21799| return Status; 

21800| } 

21801| 

21802| ULONG GetUniqueldForVolume ( 

21803| HANDLE VolHandle, 

21804| WCHAR *Uniqueld, 

21 805| ULONG UniqueldLength 

21806| ) 

21807| { 

21 808| ULONG dwBytes Returned; 

21809| ULONG Err=0; 

21810| BOOL B; 

2181 1 1 BYTE UniqueRaw[1 6+sizeof(MOUNTDEV_UNIQUE_ID)]; 

21812| PMOUNTDEV_UNIQUE_ID 

| UniquePtr=(PMOUNTDEV_UNIQUE_ID)UniqueRaw; 
21813| 

21814| if(Uniqueld) { 

21815| if((B = DeviceloControl(VolHandle, 

21816| IOCTL_MOUNTDEV_QUERY_UNIQUE_ID, 

21817| NULL, 0, 

2181 8| UniqueRaw, sizeof(UniqueRaw), 

21819| &dwBytes Retu rned , 

21820| NULL))) { 

21 821 1 Err = BufferToHexWChar( 

21 822| UniquePtr->Uniqueld, 

21823| 

| min(dwBytesReturned,UniquePtr->UniqueldLength), 

21824| Uniqueld, 

21825| &UniqueldLength); 

21826| }else{ 

21827| Err = GetLastError(); 

21828| } 

21829| } 
21830| 

21831| return Err; 

21832| } 

21833| 

21834| STATIC ULONG GetNTNameForUniqueld( WCHAR 

| *LookingForUniqueld, WCHAR *NTName, ULONG NTNameLen ) 
21835| { 

21836| ULONG Err = ERROR_INVALID_FUNCTION; 

21837| HANDLE Handle; 

21838| BOOL B; 



2 1 839 1 WCHAR Buffer[256]; 

21840| BOOL Leave=FALSE; 
21841| 

21842| if(((GetVersion() & OxffffOOOO) » 16) > 1381) { 

21843| Handle = pFindFirstVolume( Buffer, 

| sizeof(Buffer)/sizeof(WCHAR) ); 

21844| if(Handle!=INVALID_HANDLE_VALUE) { 

21845| do { 

21846| ULONG Good=FALSE; 

21847| UNICODE_STRING Uni; 

21848| HANDLE hVolume; 

21849| OBJECT_ATTRIBUTES 

| ObjectAttributes={0}; 

21850| IO_STATUS_BLOCK loStatus={0}; 

21851| WCHAR Uniqueld[20*4]; 

21852| ULONG UniqueldLength=sizeof(Uniqueld); 
21853| 

21854| switch(GetDriveTypeW(Buffer)) { 

21855| case DRIVE_FIXED 

21856| // if hard drive then good 

21857| DLOG((TEXT("Drive '%S' is local 

| hard drive\n"), Buffer)); 

21858| Good=TRUE; 

21859| break; 

21860| case DRIVE_REMOVABLE : 

21861 1 DLOG((TEXT("Drive '%S' is 

| removable\n"), Buffer)); 

21862| Good= FALSE; 

21863| break; 

21864| case DRIVE_REMOTE 

21865| DLOG((TEXT("Drive '%S' is not a 

| local hard drive\n"), Buffer)); 

21866| Good= FALSE; 

21867| break; 

21868| case DRIVE_CDROM 

21869| DLOG((TEXT("Drive '%S' is not a 

| local hard drive\n"), Buffer)); 

21870| Good= FALSE; 

21871| break; 

21872| case DRIVE_RAMDISK 

21873| DLOG((TEXT("Drive '%S' is not a 

| local hard drive\n"), Buffer)); 

21874| Good= FALSE; 

21875| break; 

21876| default: 

21877| Good= FALSE; 

21878| break; 

21879| } 
21880| 

21881| if(Good){ 



21 882| // Buffer = "\\?\Volume{xxx}\" 

21883| Buffer[1] = L'?'; 

21884| Buffer[wcslen(Buffer)-1]=0; 

21 885| // Buffer = "\??\Volume{xxx}" 

21886| 

21887| RtllnitUnicodeString( &Uni, 

| Buffer); 
21888| 

21889| InitializeObjectAttributes ( 

| &ObjectAttributes, 
21890| &Uni, 
21891| 

| OBJ_CASE_INSENSITIVE, 
21892| NULL, 
21893| NULL 

I); 

21894| 

21895| Err = NtCreateFile( &hVolume, 

21896| 

| FILE_GENERIC_READ, // desired access 

21897| 

| &ObjectAttributes, // object attributes 
21898| &loStatus, 
21899| NULL, 

| // alloc size 
21900| 

| FILE ATTRIBUTE NORMAL, // file attributes 
21901| 

| FILE SHARE WRITE | FILE_SHARE_READ, 

| // share access 
21902| FILE_OPEN, 

| // create disposition 
21903| 

| FILE_SYNCHRONOUS_IO_NONALERT, //create 
| options 

21904| NULL, // 

| eabuffer 

21905| 0); // 

| ealength 
21906| 

21907| if(!Err){ 
21908| Err = 

| GetUniqueldForVolume(hVolume,Uniqueld,sizeof(Uniqueld)); 
21909| 

21910| if(!Err){ 

2191 1 1 DLOG((TEXT( M Volume '%S' 

| unique id = '%S'\n"),Buffer,Uniqueld)); 
21912| 
21913| 

| if(_wcsicmp(Uniqueld,LookingForUniqueld)==0 ) { 



21914| Err = 

| GetDeviceName(hVolume,NTName,NTNamel_en); 
21915| if(!Err){ 
21916| 

| DLOG((TEXT("Success! '%S' = 

| '%S'\n"),LookingForUniqueld,NTName)); 
21917| Leave = TRUE; 

21918| }else{ 
21919| DLOG((TEXT("Error 

| %08x getting device name\n"),Err)); 
21920| } 
21921| } 
21922| }else{ 

21923| DLOG((TEXT("Error %08x 

| getting unique id\n"),Err)); 
21924| } 
21925| NtClose(hVolume); 
21926| }else{ 

21 927| DLOG((TEXT("Error %08x opening 

| volume\n"),Err)); 
21928| } 
21929| }//ifgood 
21930| 

21931| if(!Leave){ 
21932| B = 

| pFindNextVolume(Handle,Buffer,sizeof(Buffer)/sizeof(WCHA 

I R)); 

21933| }else{ 

21934| B = FALSE; 

21935| } 

21936| }while(B); 

21937| pFindVolumeClose(Handle); 

21938| }else{ 

21939| Err = GetLastError(); 

21940| DLOG((TEXT("Error %08x finding first 

| volume\n"),Err)); 
21941| } 
21942| } 
21943| return Err; 
21944| } 
21945| 

21946| /* This procedure can convert the following passed in 

| names 
21947| 1.c:\ 
21948| 2. \DosDevices\C: 
21949| 3. \DosDevices\HardDisk0\Partition1 
21950| 4. \??\HardDisk0\Partition1 

21951 1 5. \\?\Volume{e7df379c-5f0f-1 1 d3-bb4e-806d61 72696f} 
21952| 6. \Device\HarddiskDmVolumes\W2kServer1DgOWolume1 
21953| 7. \Device\HardDiskVolume1 



21954| 8. c:\drivee\ where drivee is a junction point 

21 955| 9. 1 234567800001 1 1 1 2222 - this is the unique id 

| of the volume 
21956| 7 

21957| STATIC ULONG GetNTDeviceName ( 

21 958| WCHAR *AName, 

21 959| WCHAR *NTName, 

21960| ULONG BufferLengthlnChars, 

21961| ULONG Fast) 

21962| { 

21963| UNICODE_STRING Str; 

21964| ULONG Err=0; 

21965| WCHAR Temp[256]={0}; 

21 966| WCHAR *pName=AName; 

21967| intlen = 0; 

21968| 

21 969| Str. Length=wcslen(AName)*sizeof (WCHAR); 

21970| Str.MaximumLength = Str.Length + sizeof (WCHAR); 

21971 1 Str.Buffer = AName; 
21972| 

21973| //case6&7 

21 974| if (_wcsnicmp(AName,L"\\Device\V , ,8)==0) { 

21 975| // already a NT device name 

21976| wcsncpy(NTName,AName,BufferLengthlnChars); 

21977| return 0; 

21978| } 

21979| 

21980| // get rid of extra slash 

21981 1 if(Str.Buffer[(Str.Length/2)-1] == LAV) { 

21982| Str.Length-=2; 

21983| } 

21984| 

21985| if((((GetVersion() & OxffffOOOO) » 16) > 1381) && 

I (Fast)) { 
21986| IsMountMgrName: 

21987| //case5 

21988| if(MOUNTMGRJS_VOLUME_NAME(&Str)) { 

21989| HANDLE hVolume = CreateFileW( 

21990| pName, 

21991| 0, 

21992| FILE_SHARE_READ | FILE_SHARE_WRITE, 

21993| NULL, 

21994| OPEN_EXISTING, 

21995| 0, 

21996| NULL); 

21997| if(hVolume!=INVALID_HANDLE_VALUE) { 

21998| Err = 

| GetDeviceName(hVolume,NTName,BufferLengthlnChars); 

21999| CloseHandle(hVolume); 

22000| return Err; 



22001| }else{ 

22002| Err = Getl_astError(); 

22003| DLOG((TEXT("Error %08x opening 

| volume\n"),Err)); 
22004| //fall through 

22005| } 
22006| } 
22007| // case 8 
22008| 

22009| // will not be first time through 
22010| if(pName!=Temp) { 
22011| 

| if(pGetVolumeNameForVolumeMountPoint(AName,Temp,BufferLe 
| ngthlnChars)) { 
22012| pName = Temp; 

22013| Str.Length=wcslen(pName)*sizeof(WCHAR); 
22014| Str.MaximumLength = Str.Length + 

| sizeof(WCHAR); 
22015| Str.Buffer = pName; 

2201 6| // get rid of extra slash 

22017| if(Str.Buffer[(Str.Length/2)-1] == 

I L'W) { 

22018| Str.Length-=2; 

22019| Temp[(Str.Length/2)]=0; 

22020| } 

22021 1 DLOG((TEXT( M GVNFVMP= , %S'\n"),pName)); 
22022| goto IsMountMgrName; 

22023| } else { 

22024| DLOG((TEXT("Error %08x getting volume 

| for mount point\n M ),Getl_astError())); 
22025| //fall through 

22026| } 
22027| } 

22028| } // of win2k specific stuff 
22029 | 

22030| wcscpy(Temp,AName); 

22031 1 len = wcslen(Temp); 

22032| if ((len > 0) && (Temp[len-1] == L'W)) { 

22033| Temp[len-1] = 0; 

22034| } 

22035| 

22036| SetLastError(O); 
22037| // case 1 , 2, 3, 4 
22038| 

| if(QueryDosDeviceW(Temp,NTName,BufferLengthlnChars)!=0) 
|{ 

22039| Err = 0; 

22040 1 } else { 

22041 1 Err = Getl_astError() ; 

22042 1 } 



22043| if(Err) { 

22044| Err = GetNTNameForUniqueld( AName, NTName, 

| BufferLengthlnChars ); 
22045| } 
22046| 

22047| DLOG((TEXT("GetNTDeviceName returning %08x: BL=%08x 

| '%S' = '%S'\n M ),Err,BufferLengthlnChars,Temp,NTName)); 
22048| return Err; 
22049| } 
22050| 
22051 1 

22052| STATIC ULONG MakeVolumeList ( 

22053| ULONG NumVolumes, 

22054| pVolMap VolumeMap, 

22055| ULONG BufferLength, 

22056| pOpenTransactionlnlnternal Internal, 

22057| ULONG InternalBufferChars ) 

22058| { 

22059| ULONG i = 0; 
22060| ULONG Err = 0; 

22061 1 PCHAR Buffer = (PCHAR)lnternal->DeviceName; 
22062| ULONG Len = 0; 
22063 1 

22064| // skip over list of pointers. 

22065| Buffer+=NumVolumes*sizeof(PVOID); 

22066| BufferLength-=NumVolumes*sizeof(PVOID); 

22067| 

22068| for(i=0;i<NumVolumes;i++) { 
22069| if((Err = 

| GetNTDeviceName(VolumeMap[i],(WCHAR*)Buffer,lnternalBuff 

| erChars,FALSE))!=0) { 
22070| return Err; 

22071 1 } 

22072| lnternal->DeviceName[i] = 

| DN_MakeOffset(lnternal,Buffer); 
22073 1 

| Len=wcslen((WCHAR*)Buffer)*sizeof(WCHAR)+sizeof(WCHAR); 
22074| Buffer+=Len; 
22075| BufferLength-=Len; 
22076| if((signed long)BufferLength<=0) { 
22077| DLOG((TEXT("Buffer too small\n M ))); 

22078| return ERROR_INSUFFICIENT_BUFFER; 

22079 1 } 

22080| DLOG((TEXT("MakeVolumeList: Vollndex=%lu, '%S' 
l = 

| '%S'\n' , ),i,VolumeMap[i],DN_MakePointer(lnternal,lnternal 

| ->DeviceName[i]))); 
22081 1 } 
22082 1 

22083| I nternal->NumberOf Devices = NumVolumes; 



22084| DLOG((TEXT("Number of volumes to psm = 
| %d\n M ),NumVolumes)); 



22085 
22086 
22087 
22088 
22089 
22090 
22091 
22092 
22093 
22094 
22095 
22096 
22097 
22098 
22099 
22100 
22101 
22102 
22103 
22104 



22105 
22106 
22107 
22108 
22109 
22110 
22111 
22112 
22113 
22114 
22115 
22116 
22117 
22118 
22119 
22120 
22121 
22122 
22123 
22124 
22125 
lis 
22126 
22127 
22128 
22129 



STATIC WCHAR Get First Free Drive Letter ( void ) 
{ 

ULONG i; 
WCHAR 

| DriveMap[]=L M 0123456789-^!#$%*)-_+[]{}'ABDEFGHIJKLMNOPQR 
| STUVWXYZ"; // C is skipped!! 

ULONG Len=wcslen(DriveMap); 



return 0; 

} 

STATIC ULONG Drive Letter Free( WCHAR Drive ) 
{ 

WCHAR DriveName[20]; 
WCHAR LinkName[256]; 

swprintf(DriveName,L"%c:", Drive); 

// if not found then we can use it. 

if(QueryDosDeviceW(DriveName,LinkName,256)==0) 

return TRUE; 
else 

return FALSE; 

} 



/* 

Works = ~ x !#$%*)-_+[]{}'.? 

Doesnt = @ A \&(=|;:",<>/ 

Iffy (ie it works but is it really good?) = .? 

7 

for(i=0;i<Len;i++) { 

if (DriveLetterFree(DriveMap[i])) 
return DriveMap[i]; 

} 

// no drive letter found 
return 0; 



} 



STATIC WCHAR GetFirstFreeNormalDriveLetter ( void ) 
{ 

ULONG i; 

WCHAR DriveMap[]=L"DEFGHIJKLMNOPQRSTUVWXYZAB"; 110 
skipped!! 

ULONG Len=wcslen(DriveMap); 

for(i=0;i<Len;i++) { 

if (DriveLetterFree(DriveMap[i])) 



22130| return DriveMap[i]; 

22131| } 

22132| 

221 33| // no drive letter found 
22134| return 0; 
22135| } 
22136| 

22137| STATIC ULONG RemoveDeviceName ( WCHAR *NTDeviceName) 
22138| { 

22139| ULONG Gotitl_ocked=0; 

22140| ULONG Err=0; 

22141 1 WCHAR *ToUse=NULL; 

22142| UNICODE_STRING Uni={0}; 

22143| OBJECT ATTRIBUTES ObjectAttributes={0}; 

22144| HANDLE hVolume; 

22145| IO_STATUS_BLOCK loStatus={0}; 

22146| ULONG Access; 

22147| 

22148| DLOG((TEXT("RemoveDevice: Nt = 

| '%S'\n M ),NTDeviceName)); 
22149| 

22150| RtllnitUnicodeString( &Uni, NTDeviceName); 
22151| 

221 52 1 InitializeObjectAttributes ( &ObjectAttributes, 
22153| &Uni, 

221 54| OBJ_CASE_INSENSITI VE, 

22155| NULL, 
22156| NULL); 
22157| 

22158| Access = FILE_GENERIC_READ | FILE_GENERIC_WRITE; 
22159| 

22160| DoOpen: 

221 61 1 Err = NtCreateFile( &hVolume, 
22162| Access, // 

| desired access 
221 63 1 &ObjectAttributes, 

| // object attributes 
22164| &loStatus, 
22165| NULL, // 

| alloc size 

221 66| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
221 67| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share 

| access 

22168| FILE_OPEN, // 

| create disposition 
22169| 

| FILE_SYNCHRONOUS_IO_NONALERT, //create 
| options 



22170| NULL, // eabuffer 

22171| 0); //ealength 

22172| if(Err) { 

221 73 1 if(Access & FILE WRITE DATA) { 

221 74| DLOG((TEXT("Error %08x opening '%S' for 

| write %08x\n"),Err,NTDeviceName,Access)); 

22175| Access = FILE_GENERIC_READ; 

22176| }else 

221 77| if(Access & FILE READ DATA) { 

221 78| D LOG ( (TEXT( M E rro r %08x opening '%S' for 

| read %08x\n"),Err,NTDeviceName,Access)); 

22179| Access = 0; 

22180| }else{ 

22181 1 D LOG ( (TEXT(" Erro r %08x opening '%S' for 

| query %08x\n"),Err,NTDeviceName,Access)); 

22182| return Err; 

22183| } 

22184| goto DoOpen; 

22185| } 

22186| 

221 87| // Lock and dismount the volume. 

221 88| // W2k doesnt need the lock 

22 1 89 1 // th is stuff su perceded 

22190| // if(((GetVersion() & OxffffOOOO) » 16) <= 1381) { 
22191| 

22192| //try and lockit so we can do an orderly dismount 

22193| GotitLocked = FALSE; // LockVolume(hVolume); 
22194| 
22195| 

221 96| // under nt4 sp4 and greater you can dismount 

| without locking first, so 

22197| //try it anyway... the famous "forced dismount" 

22198| if (DismountVolume(hVolume)) { 
22199| 

22200| DLOG((TEXT("Dismounted VoSW),NTDeviceName)); 
22201 | 

22202| // Set prevent removal to false and eject the 
| volume. 

22203| if (PreventRemovalOfVolume(hVolume, FALSE)) { 

22204| Auto EjectVolu me(hVolume) ; 

22205| } else { 

22206| Err = GetLastError(); 

22207| } 

22208| } else { 

22209 1 Err = GetLastError(); 

2221 0| DLOG((TEXT("Error %08x dismounting 

| '%S'\n"),Err,NTDeviceName)); 

22211| } 
22212| 

22213| if (GotitLocked) { 



22214| UnlockVolume(hVolume); 

22215| } 

22216| 

2221 7| II Close the volume so other processes can use the 
| drive. 

2221 8| NtClose(hVolume); 
22219| 

22220| return Err; 
22221 1 } 
22222 | 

22223| STATIC ULONG Add Win32 Link( WCHAR *Win32Link, WCHAR 

| *NTDeviceName ) 
22224| { 
22225| #if 1 

22226| tPSM_SetWin32Link Link; 
22227| ULONG returned; 
22228| ULONG B=FALSE; 

22229 1 pThreadStorage ThreadStorage = GetThreadStorage(); 
22230| 

22231 1 wcscpy(Link.Win32Link,L"\\??\\ M ); 

22232| wcscat(Link.Win32Link,Win32Link); 

22233| wcscpy(Link.NTDeviceName,NTDeviceName); 

22234| 

22235| Link.Operation = LINK_SetLink; 
22236| 

22237| DLOG(( M Linking '%S' to 

| '%S'\n",Link.Win32Link,Link.NTDeviceNaine)); 
22238| B = DeviceloControl( ThreadStorage->PSManHandle, 
22239| IOCTL_SET_WIN32_LINK, 
22240| &Link, 
22241 1 sizeof(Link), 
22242| NULL, 
22243 1 0, 
22244| &returned, 
22245| NULL); 
22246| return B ? 0 : GetLastError(); 
22247| #else 

22248| ULONG B = DefineDosDeviceW( D D D_R A W_T A RG ET_P ATH , 

| Win32Link, NTDeviceName); 
22249 1 if(B) { 
22250 1 return 0; 
22251 1 } else { 
22252| return GetLastError(); 
22253 1 } 
22254| #endif 
22255| } 
22256| 
22257| 

22258| STATIC ULONG RemoveWin32Link( WCHAR *Win32Link ) 
22259| { 



22260| #if 1 

22261 1 tPSM_SetWin32Link Link; 
22262| ULONG B=FALSE; 
22263| ULONG returned; 

22264| pThreadStorage ThreadStorage = GetThreadStorage(); 
22265| 

22266| wcscpy(Link.Win32Link,L M \\??\\ M ); 
22267| wcscat(Link.Win32Link,Win32Link); 
22268| Link.Operation = LINK_DeleteLink; 
22269 1 

22270| DLOG(( M Deleting Linking , %S'\n",Link.Win32Link)); 

22271 1 B = DeviceloControl( ThreadStorage->PSManHandle, 

22272 1 I OCTL_S ET_WI N 32_L INK, 

22273| &Link, 

22274| sizeof(Link), 

22275| NULL, 

22276| 0, 

22277| &returned, 

22278| NULL); 

22279| return B ? 0 : GetLastError(); 

22280 1 #else 

22281 1 ULONG B = Define Dos DeviceW(DDD_RAW_TARGET_PATH | 

| DDD_REMOVE_DEFINITION,Win32Link, NTDeviceName); 
22282 1 if(B) { 
22283 1 return 0; 
22284| } else { 
22285| return GetLastError(); 
22286| } 
22287| #endif 
22288| } 
22289| 
22290| 

22291 1 STATIC ULONG Re move Device ( tMapDrive *PsmObject ) 
22292 1 { 

22293| ULONG Err=0; 
22294| 

22295| DLOG((TEXT("RemoveDevice: Nt = 

| '%S'\n M ),PsmObject->NTDeviceName)); 
22296| DLOG((TEXT("RemoveDevice: Dos = 

| '%S'\n"),PsmObject->DriveLetterName)); 
22297| DLOG((TEXT("RemoveDevice: Share= 

| '%S'\n"),PsmObject->ShareName)); 
22298| DLOG((TEXT( M RemoveDevice: Win32= 

| '%S'\n M ),PsmObject->VolumeName)); 
22299 | 

22300 1 // remove Win32 crap 

22301 1 if(wcscmp(PsmObject->ShareName,L"")!=0) { 

22302| Err = NetShareDel( NULL, PsmObject->ShareName, 

|0); 
22303 1 } 



22304| 

22305| if(wcscmp(PsmObject->DriveLetterName,L m, )!=0) { 
22306| // if ( Def i ne Dos DeviceW( D D D_RA W_TARG ET_P ATH | 

| DDD_REMOVE_DEFINITION,PsmObject->DriveLetterName, 

| PsmObject->NTDeviceName)) { 
22307| Err = 

| RemoveWin32Link(PsmObject->DriveLetterName); 
22308| } 
22309| 

22310| if(wcscmp(PsmObject->VolumeName,L"")!=0) { 

2231 1 1 // if ( Def i ne Dos DeviceW( D D D_RA W_TARG ET_P ATH | 

| DDD_REMOVE_DEFINITION,PsmObject->VolumeName, 

| PsmObject->NTDeviceName)) { 
22312| Err = RemoveWin32Link(PsmObject->VolumeName); 
22313| } 
22314| 

22315| Err = RemoveDeviceName(PsmObject->NTDeviceName); 

22316| return Err; 

22317| } 

22318| 

22319| 

22320| STATIC WCHAR *RemovelnvalidChars( WCHAR *Name ) 
22321| { 

22322| ULONG Len=wcslen(Name); 
22323| WCHAR *p=Name; 
22324| 

22325| while(*p!=L'\0') { 
22326| 

| if(wcschr(L M ^!@#$% A &*()-=\\+|[]{}<>,.?/;V': M, ,*p)!=NULL 



22333| } 

22334| } 

22335| return Name; 

22336| } 

22337| 

22338| // for mount of volumes 

22339| STATIC ULONG TouchVolumeName( WCHAR *NTDeviceName ) 

22340| { 

22341 1 ULONG Err=0; 

22342| ULONG OldMode; 

22343| UNICODE_STRING Uni={0}; 

22344| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

22345| HANDLE hVolume; 

22346| IO_STATUS_BLOCK loStatus={0}; 



l){ 



22327| 
22328| 
22329 | 
22330| 
22331 | 
22332 | 



// found invalid char, remove it 
memmove(p,p+1 ,Len-(p-Name)); 
Name[Len] = 0; 
Len-; 
} else { 
P++; 



22347| ULONG Access; 
22348| WCHAR *Name; 
22349| 

22350| DLOG(( , TouchVolume , %S\n",NTDeviceName)); 

22351 1 OldMode = SetErrorMode(SEM_FAILCRITICALERRORS); 

22352 1 

22353| Name = 

| LocalAlloc(LPTR,wcslen(NTDeviceName)*sizeof(WCHAR)+2*siz 

| eof (WCHAR)); 
22354| if(!Name) { 
22355| Err = GetLastError(); 
22356| DLOG((TEXT("Error %08x allocing 

| memory\n"),Err)); 
22357| return Err; 
22358| } 
22359 1 

22360 1 // we need to "root" object 

22361 1 swprintf(Name,L"%s\\",NTDeviceName); 

22362 1 

22363| RtllnitUnicodeString( &Uni, Name); 
22364| 

22365| InitializeObjectAttributes ( &ObjectAttributes, 
22366| &Uni, 

22367| OBJ_CASE_INSENSITIVE, 
22368| NULL, 
22369| NULL); 



22372| Access = FILE_GENERIC_WRITE | FILE_GENERIC_READ; 

22373 1 

22374| 

22375| DoOpen: 

22376| Err = NtCreateFile( &hVolume, 
22377| Access, // desired 



22370| 
22371 1 



| access 
22378| & 

| object attributes 
22379 1 & 
22380 1 N 
22381 1 F 

| attributes 
22382 1 F 

| // share access 
22383 1 F 

| disposition 
22384| F 

| // create options 
22385| N 
22386| 0 
22387| if(Err) { 



&ObjectAttributes, 



NULL, //eabuffer 
0 ); //ealength 



&loStatus, 

NULL, // alloc size 

FILE_ATTRIBUTE_NORMAL, // file 



FILE_SYNCHRONOUS_IO_NONALERT, 



FILE SHARE WRITE | FILE SHARE READ, 



FILEOPEN, 



// create 



// 



22388| if(Access & F I L E_WR I TE_D ATA) { 

22389| DLOG((TEXT("Error %08x Touching '%S' for 

| write %08x\n"),Err,Name,Access)); 
22390| Access = FILE_GENERIC_READ; 

22391| }else 

22392| if(Access & FILE_READ_DATA) { 

22393| DLOG((TEXT("Error %08x Touching '%S' for 

| read %08x\n"),Err,Name,Access)); 
22394| Access = 0; 

22395| } else { 

22396| DLOG((TEXT("Error %08x Touching '%S' for 

| query %08x\n"),Err,Name,Access)); 
22397| Err = Getl_astError(); 

22398| goto Done; 

22399| } 

22400| goto DoOpen; 
22401 1 } 
22402| Done: 

22403| NtClose(hVolume); 
22404| Local Free(Name) ; 
22405| 

22406| SetErrorMode(OldMode); 
22407 1 return Err; 
22408| } 
22409| 

2241 0| // for mount of volumes 

2241 1 1 STATIC ULONG TouchVolume( tMapDrive *PsmObject ) 
22412| { 

22413| return TouchVolumeName(PsmObject->NTDeviceName); 

22414| } 

22415| 

22416| ULONG GetWin32NameForNtDeviceName( WCHAR *NTName, WCHAR 

| *Win32Name ) 
22417| { 

22418| WCHAR *Buffer,*p; 
22419| WCHAR Name[256]; 
22420| 

22421 1 Buffer = 

| (WCHAR*)LocalAlloc(LPTR,65536*sizeof(WCHAR)); 
22422| QueryDosDeviceW(NULL,Buffer,65536); 
22423 1 

22424| p = Buffer; 
22425| whilefp) { 

22426| QueryDosDeviceW(p,Name,256); 
22427| if(_wcsicmp(NTName,Name)==0) { 
22428| wcscpy(Win32Name,p); 
22429 1 } 

22430| P = P + wcslen(p)+1 ; 

22431 1 } 

22432| 



22433| LocalFree(Buffer); 

22434| return 0; 
22435| } 
22436| 

22437| ULONG GetVolumeGuidForNtDeviceName( WCHAR *NTName, 

| WCHAR *VolumeGuid) 
22438| { 

22439| WCHAR *Buffer,*p; 

22440| WCHAR Name[256]; 
22441 | 

22442| wcscpy(VolumeGuid,L ,m ); 
22443 1 

22444| Buffer = 

| (WCHAR*)LocalAlloc(LPTR,65536*sizeof(WCHAR)); 

22445| QueryDosDeviceW(NULL,Buffer,65536); 
22446| 

22447| p = Buffer; 

22448| while(*p) { 

22449| QueryDosDeviceW(p,Name,256); 

22450| if(_wcsicmp(NTName,Name)==0) { 

22451 1 // Volume{} 

22452| if((p[0]==L , V) && (p[1]==L'o') && 

I (P[6]==L'{')) { 

22453| wcscpy(VolumeGuid,p); 

22454 1 return 0; 

22455| } 

22456| } 

22457| P = P + wcslen(p)+1 ; 

22458| } 
22459 1 

22460 1 Local Free(Buffer) ; 

22461 1 return ERROR_NOT_FOUND; 

22462 1 } 

22463| 

22464| 

22465| ULONG GetDriveLetterForNtDeviceName( WCHAR *NTName, 

| WCHAR *Win32Name ) 
22466| { 

22467| WCHAR *Buffer,*p; 

22468| WCHAR Name[256]; 

22469| ULONG FoundOne=FALSE; 
22470 1 

22471 1 Buffer = 

| (WCHAR*)LocalAlloc(LPTR,65536*sizeof(WCHAR)); 

22472| QueryDosDeviceW(NULL,Buffer,65536); 
22473 1 

22474| p = Buffer; 

22475| while(*p) { 

22476| QueryDosDeviceW(p,Name,256); 

22477| if( (_wcsicmp(NTName,Name)==0) && 



22478| (*(p+1 )==|_':')){ 

22479| wcscpy(Win32Name,p); 
22480| FoundOne = TRUE; 

22481 1 break; 
22482 1 } 

22483| P = P + wcslen(p)+1 ; 

22484 1 } 

22485| 

22486| Local Free(Buffer); 
22487| if(FoundOne) { 
22488 1 return 0; 
22489 1 } else { 

22490| return ERROR_FILE_NOT_FOUND; 

22491| } 

22492| } 

22493| 

22494| 

22495| /* 

22496| Returns back device names to application that they 
| can use 

22497| FIXFIXFIX need to return back a user accessable 

| address, not the NT 
22498| device name 
22499| 7 
22500| /* 

22501 1 STATIC ULONG AddDrivesToSystem( tAPCContext *ApcContext 
I) 

22502 1 { 

22503| ULONG BS = sizeof(PVOID) * 

| ApcContext->OTO->NumberOf Devices; 
22504| ULONG i = 0; 

22505| PCHAR Buffer = ((char*)ApcContext->VolumeMap)+BS; 

22506| ULONG Len = 0; 

22507| pVolMap Map = 0; 

22508| tMapDrive *PsmObject = 0; 

22509| ULONG Status = 0; 

2251 0| WCHAR *ToUse = 0; 

2251 1 1 ULONG StartAdding = 0; 

2251 2 1 pThreadStorage ThreadStorage = GetThreadStorageQ; 
22513| 

22514| if ( BS > ApcContext->SizeOfVolumeMap ) { 
22515| return ERROR_INSUFFICIENT_BUFFER; 
22516| } 
22517| 

22518| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

22519| __try{ 

22520| StartAdding = 

| SharedMemory->NumberOfMappedVolumes; 
22521| 



22522| Map = ApcContext->VolumeMap; 
22523| 

22524| for(i=0;i<ApcContext->OTI->NumberOfDevices;i++) 
|{ 

22525| DLOG(("Mapping in %08x:%08x:'%S' = 

| '%S'\n",ApcContext->VolumeMapFlags[i],ApcContext->OTI->D 
| eviceName[i],DN_MakePointer(ApcContext->OTI,ApcContext-> 
| OTI->DeviceName[i]),DN_MakePointer(ApcContext->OTO,ApcCo 
| ntext->OTO->DeviceName[i]))); 

22526| 

22527| PsmObject = 

| &SharedMemory->MappedVolumes[SharedMemory->NumberOfMappe 
| dVolumes]; 

22528| memset(PsmObject,0,sizeof(tMapDrive)); 

22529| 

22530| 

| wcscpy(PsmObject->NTDeviceName, DN_MakePointer(ApcContext 
| ->OTO,ApcContext->OTO->DeviceName[i])); 
22531| 

| wcscpy(PsmObject->OriginalNTName,DN_MakePointer(ApcConte 
| xt->OTI,ApcContext->OTI->DeviceName[i])); 
22532| 

| wcscpy(PsmObject->Company,ThreadStorage->Company); 
22533| 

| wcscpy(PsmObject->Product,ThreadStorage->Product); 
22534| 

| wcscpy(PsmObject->Version,ThreadStorage->Version); 
22535| 

| wcscpy(PsmObject->Code,ThreadStorage->Code); 
22536| wcscpy(PsmObject->Key,ThreadStorage->Key); 
22537| 
22538| 

| GetWin32NameForNtDeviceName(PsmObject->OriginalNTName, Ps 
| mObject->OriginalUserName); 
22539| 

| if(wcscmp(PsmObject->OriginalUserName,L"")==0) { 
22540| 

| wcscpy(PsmObject->OriginalUserName, PsmObject->OriginalNT 

| Name); 
22541 1 } 
22542| ToUse = NULL; 

22543 1 

22544| // force volume to be mounted 

22545| TouchVolume(PsmObject); 
22546| 

22547| if(ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_VOLUME) { 
22548| // make a Win32 device object 

22549 1 

| swprintf(PsmObject->VolumeName,L"Psm%s",&PsmObject->NTDe 



I viceName[24]); 
22550| // NT name = 

| '\Device\PsmDevices_01 1 0\_Device_HarddiskDmVolumes_W2kse 

| rver1Dg0_Volume1_0' 
22551 1 // skip over '\Device\PsmDevices_01 1 0V 

22552| DLOG(("Mapping '%S' to 

| '%S'\n M ,PsmObject->VolumeName, 

| PsmObject->NTDeviceName)); 
22553| // if(!DefineDosDeviceW( 

| D D D_R A W_TA RG ET_P ATH , PsmObject->VolumeName, 

| PsmObject->NTDeviceName)) { 
22554| if((Status = AddWin32Link( 

| PsmObject->VolumeName, PsmObject->NTDeviceName))) { 
22555| DLOG((TEXT("Error %08x mapping 

| Win32 name\n"), Status)); 
22556| try_return(Status = Status); 

22557| } 

22558| ToUse = PsmObject->VolumeName; 

22559 1 } 

22560| if((ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_DRIVE_LETTER)) { 
22561 1 WCHAR DriveLetter; 

22562 1 

22563| if((ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_SHARE) || (ApcContext->VolumeMapFlags[i] 
| & PSM_VOLUME_MAP_USE_LETTER)) { 

22564| 

| DriveLetter=GetFirstFreeNormalDriveLetter(); 
22565| } else { 

22566| 

| DriveLetter=GetFirstFreeDrivel_etter(); 
22567| } 
22568| 

22569| // map drive letter 

22570| if(Drivel_etter!=0) { 

22571 | 

| swprintf(PsmObject->DriveLetterName,L"%c: M , DriveLetter); 
22572 1 

22573| DLOG(("Mapping '%S' to 

| VoS'Vn^PsmObject^DriveLetterName, 

| PsmObject->NTDeviceName)); 
22574| //if(!DefineDosDeviceW( 

| D D D_R A W_TA RG ET_P ATH , PsmObject->DriveLetterName, 

| PsmObject->NTDeviceName)) { 
22575| if((Status = AddWin32Link( 

| PsmObject->DriveLetterName, PsmObject->NTDeviceName))) 

|{ 

22576| DLOG((TEXT("Error %08x mapping 

| drive\n M ),Status)); 
22577| try_return(Status = Status); 



22578| } 

22579| ToUse = PsmObject->Drivel_etterName; 

22580| } else { 

22581 1 DLOG((TEXT("Error! out of drive 

| letters\n"))); 
22582| try_return(Status = 

| ERROR_CANCELLED); 
22583 1 } 
22584| } 

22585| if(ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_SHARE) { 
22586| // make a network share 

22587| // can only share if there is a "dos" 

| device 
22588| if(ToUse) { 

22589| WCHAR Temp = 

| LocalAlloc(LPTR,wcslen(ToUse)*sizeof(WCHAR)+2*sizeof(WCH 

I AR)); 

22590| if(Temp) { 

22591 1 swprintf(Temp,L"%s\Y\Tollse); 
22592| 

| swprintf(PsmObject->ShareName,L"Psm_%s",ToUse); 
22593 1 

| RemovelnvalidChars(PsmObject->ShareName); 
22594| DLOG(("Sharing ,0 /oS' as 

| '%S'\n",Temp, PsmObject->ShareName)); 
22595| Status = VDisk_MakeShareEx2( 

| PsmObject->ShareName, Temp, &ApcContext->Securitylnfo); 
22596| LocalFree(Temp); 
22597| if(Status) { 

22598| DLOG((TEXT("Error %08x 

| sharing\n"), Status)); 
22599| 

| wcscpy( PsmObject->ShareN ame, L"") ; 
22600| goto try_exit; 

22601 1 } 
22602 1 } else { 

22603| DLOG(("Error out of 

| memoryVn")); 
22604| } 
22605| } 
22606| } 
22607| 

22608| if(IToUse) 

22609| ToUse = PsmObject->NTDeviceName; 

22610| 

2261 1 1 if((*(DWORD*)ApcContext->Out) == 

| 0x5a4b3c2d) { 
22612| // ansi version 

22613| 



I Len=(wcslen(ToUse)*sizeof(CHAR))+sizeof(CHAR); 
22614| }else{ 
22615| //Unicode 
22616| 

| Len=(wcslen(ToUse)*sizeof(WCHAR))+sizeof(WCHAR); 
22617| } 
22618| BS+=Len; 

22619| if(BS>ApcContext->SizeOfVolumeMap) { 

22620| try_return(Status = 

| ERROR_INSUFFICIENT_BUFFER); 
22621 1 } 
22622 1 

22623| Map[i]=(PWCHAR)Buffer; 

22624| if((*(DWORD*)ApcContext->Out) == 

| 0x5a4b3c2d) { 
22625| CharToOemW(ToUse, Buffer); 

22626| } else { 

22627| wcscpy((PWCHAR)Buffer,ToUse); 

22628| } 

22629| Buffer+=Len; 

22630 1 

22631 1 PsmObject->SnapShotOffset 

| MakeOffset(*ApcContext->SnapShot); 
22632| SharedMemory->NumberOfMappedVolumes++; 
22633 1 Status = 0; 

22634| } 
22635| try_exit: 

22636| // remove all drives added. 

22637| if(Status) { 

22638| 

| for(i=SharedMemory->NumberOfMappedVolumes;i>StartAdding; 

I H { 
22639| 

| RemoveDevice(&SharedMemory->MappedVolumes[i]); 
22640 1 } 

22641 1 SharedMemory->NumberOfMappedVolumes = 

| StartAdding; 
22642 1 } 
22643| } ^finally { 

22644| ReleaseMutex(SharedMemoryMutex); 

22645| } 

22646| 

22647 1 return Status; 
22648| } 
22649| 7 
22650 1 

22651| // {6B23C937-106E-4f94-967D-E65B7E5FAD09} 
22652| #include <initguid.h> 

22653| DEFINE_GUID(PSM_VDISK_GUID, 0x6b23c937, 0x1 06e, 0x4f94, 
| 0x96, 0x7d, 0xe6, 0x5b, 0x7e, 0x5f, Oxad, 0x9); 



22654| 

22655| ULONG CreateRootSnapS hot Directory ( WCHAR *Root ) 
22656| { 

22657| DWORD dwRes; 
22658| ULONG Err; 

22659| PSID pEveryoneSID = NULL, pAdminSID = NULL, 

| pSystemSID = NULL; 
22660| PACL pACL = NULL; 

22661 1 PSECURITY_DESCRIPTOR pSD = NULL; 
22662| EXPLICIT_ACCESS ea[3]; 

22663| SID_IDENTIFIER_AUTHORITY SIDAuthWorld = 

| SECURITY_WORLD_SID_AUTHORITY; 
22664| SID_IDENTIFIER_AUTHORITY SIDAuthLocal = 

| SECURITY_LOCAL_SID_AUTHORITY; 
22665| SID_IDENTIFIER_AUTHORITY SIDAuthNT = 

| SECURITY_NT_AUTHORITY; 
22666| SECURITY ATTRIBUTES sa; 
22667| 

22668| // Create a SID for the BUILTIN\Administrators 

I group. 
22669| 

22670| if(! AllocateAndlnitializeSid( &SIDAuthNT, 2, 

22671 1 SECURITY_BUILTIN_DOMAIN_RID, 

22672| DOMAIN_ALIAS_RID_ADMINS, 

22673| 0, 0, 0, 0, 0, 0, 

22674| &pAdminSID) ) { 

22675| printf( "AllocateAndlnitializeSid Error %u\n M , 

| GetLastError() ); 
22676| goto Cleanup; 
22677| } 
22678| 

22679| // Create a well-known SID for the Everyone group. 
22680 1 

22681 1 if(! AllocateAndlnitializeSid( &SIDAuthWorld, 1 , 

22682| SECURITY_WORLD_RID, 

22683| 0, 0, 0, 0, 0, 0, 0, 

22684| &pEveryoneSID) ) { 

22685| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastErrorQ ); 
22686| goto Cleanup; 
22687| } 
22688| 

22689| // Create a well-known SID for the system group. 
22690| 

22691 1 if(! AllocateAndlnitializeSid( &SIDAuthNT, 1 , 



22692| SECURITY_LOCAL_SYSTEM_RID, 

22693| 0, 0, 0, 0, 0, 0, 0, 

22694| &pSystemSID) ) { 

22695| printf( "AllocateAndlnitializeSid Error %u\n", 



| GetLastErrorQ ); 



22696| goto Cleanup; 

22697| } 

22698| 

22699| // Initialize an EXPLICIT_ACCESS structure for an 
| ACE. 

22700| // The ACE will allow the Administrators group full 

| access to the key. 
22701 | 

22702| ZeroMemory(&ea, 3 * sizeof(EXPLICIT_ACCESS)); 
22703| ea[0].grfAccessPermissions = 



22704| GENERIC_READ | 

22705| GENERIC_ALL | 

22706| GENERIC_EXECUTE | 

22707| GENERIC_WRITE | 

22708| SPECIFIC_RIGHTS_ALL | 

22709| STANDARD_RIGHTS_ALL | 

22710| SYNCHRONIZE; 



22711| ; 

22712| ea[0].grfAccessMode = SET_ACCESS; 

2271 3 1 ea[0] .g rf I nheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

22714| ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

22715| ea[0].Trustee.TrusteeType = TRUSTEE_IS_GROUP; 

22716| ea[0].Trustee.ptstrName = (LPTSTR) pAdminSID; 
22717| 

22718| ea[1].grfAccessPermissions = 



22719| GENERIC_READ | 

22720| GENERIC_ALL | 

22721 1 GENERIC_EXECUTE | 

22722| GENERIC_WRITE | 

22723| SPECIFIC_RIGHTS_ALL | 

22724| STANDARD_RIGHTS_ALL | 

22725| SYNCHRONIZE; 
22726| 



22727| ea[1].grfAccessMode = SET_ACCESS; 
22728| ea[1].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 
22729| ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; 
22730| ea[1].Trustee.TrusteeType = TRUSTEE_IS_USER; 
22731| ea[1].Trustee.ptstrName = (LPTSTR) pSystemSID; 
22732 1 

22733| ea[2].grfAccessPermissions = GENERIC_READ; 
22734| ea[2].grfAccessMode = SET_ACCESS; 
22735| ea[2].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 
22736| ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; 
22737| ea[2]. Trustee. TrusteeType = 

| TRUSTEE_IS_WELL_KNOWN_GROUP; 
22738| ea[2].Trustee.ptstrName = (LPTSTR) pEveryoneSID; 
22739| 



22740| 

22741 1 // Create a new ACL that contains the new ACEs. 
22742 1 

22743 1 #define ONLY ADMIN 1 
22744| #define A D M I N_A N D_S YST E M 2 
22745| #define ADMIN_SYSTEM_AND_EVERYONE 3 
22746| 

22747| dwRes = SetEntrieslnAcl(ADMIN_AND_SYSTEM, ea, NULL, 
I &pACL); 

22748| if (ERROR_SUCCESS != dwRes) { 

22749| SetLastError(dwRes); 

22750| printf( "SetEntrieslnAcI Error %u\n", 

| GetLastError() ); 
22751 1 goto Cleanup; 
22752 1 } 
22753 1 

22754| // Initialize a security descriptor. 
22755| 

22756| pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, 

| SECURITY_DESCRIPTOR_MIN_LENGTH); 
22757| if (pSD == NULL) { 

22758| printf( "LocalAlloc Error %u\n M , GetLastError() 

I); 

22759| goto Cleanup; 
22760| } 
22761 1 

22762| if (!lnitializeSecurityDescriptor(pSD, 

| SECURITY_DESCRIPTOR_REVISION)) { 
22763| printf( "InitializeSecurityDescriptor Error 

| %u\n M , 

22764| GetLastError() ); 

22765| goto Cleanup; 
22766| } 
22767| 

22768| // Add the ACL to the security descriptor. 
22769 1 

22770| if (!SetSecurityDescriptorDacl(pSD, 
22771 1 TRUE, // f DaclPresent flag 

22772| pACL, 

22773| FALSE)) // not a default DACL 

22774| { 

22775| printf( "SetSecurityDescriptorDacI Error %u\n", 

| GetLastError() ); 
22776| goto Cleanup; 
22777| } 
22778| 

22779| // Initialize a security attributes structure. 
22780 1 

22781 1 sa.nLength = sizeof (SECURITY_ATTRIBUTES); 
22782| sa.lpSecurityDescriptor = pSD; 



22783| sa.blnheritHandle = FALSE; 
22784| 

22785| // Use the security attributes to set the security 

| descriptor 
22786| // when you create a key. 
22787| 

22788| if(CreateDirectoryW(Root,&sa)) { 
22789| // new directory 
22790| #if 0 

22791 1 // set if snapshot directory must be hidden 
22792 1 

| if(!SetFileAttributesW(Root,FILE_ATTRIBUTE_HIDDEN)) { 
22793| printf( M Error %08x setting 

| attributes\n",Getl_astError()); 
22794| goto Cleanup; 

22795| } 
22796| #endif 
22797| } 
22798| 

22799| SetLastError(O); 
22800| Cleanup: 
22801 | 

22802| Err = GetLastError(); 
22803 1 

22804| if (pEveryoneSID) { 
22805| FreeSid(pEveryoneSID); 
22806| } 

22807| if (pSystemSID) { 
22808| FreeSid(pSystemSID); 
22809 1 } 

22810| if (pAdminSID) { 

2281 1 1 FreeSid(pAdminSID); 

22812| } 

22813| if(pACL){ 

22814| LocalFree(pACL); 

22815| } 

22816| if (pSD){ 

22817| LocalFree(pSD); 

22818| } 

22819| return Err; 

22820| } 

22821 1 

22822| ULONG Create PS MWorkDi rectory ( WCHAR *Root ) 
22823 1 { 

22824| DWORD dwRes; 
22825| ULONG Err; 

22826| PSID pEveryoneSID = NULL, pAdminSID = NULL, 

| pSystemSID = NULL; 
22827| PACL pACL = NULL; 

22828| PSECURITY_DESCRIPTOR pSD = NULL; 



22829| EXPLICIT_ACCESS ea[3]; 

22830| SID_IDENTIFIER_AUTHORITY SIDAuthWorld = 

| SECURITY_WORLD_SID_AUTHORITY; 
22831 1 SID_IDENTIFIER_AUTHORITY SIDAuthLocal = 

| SECURITY_LOCAL_SID_AUTHORITY; 
22832| SID_IDENTIFIER_AUTHORITY SIDAuthNT = 

| SECURITY_NT_AUTHORITY; 
22833| SECURITY_ATTRIBUTES sa; 
22834| 

22835| // Create a SID for the BUILTIN\Administrators 

I group. 
22836| 

22837| if(! AllocateAndlnitializeSid( &SIDAuthNT, 2, 

22838| SECURITY_BUILTIN_DOMAIN_RID, 

22839| DOMAIN_ALIAS_RID_ADMINS, 

22840| 0, 0, 0, 0, 0, 0, 

22841| &pAdminSID) ) { 

22842| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastError() ); 
22843| goto Cleanup; 
22844| } 
22845| 

22846| // Create a well-known SID for the Everyone group. 
22847| 

22848| if(! AllocateAndlnitializeSid( &SIDAuthWorld, 1 , 

22849| SECURITY_WORLD_RID, 

22850| 0, 0, 0, 0, 0, 0, 0, 

22851| &pEveryoneSID) ) { 

22852| printf( "AllocateAndlnitializeSid Error %u\n", 

| Getl_astError() ); 
22853| goto Cleanup; 
22854| } 
22855| 

22856| // Create a well-known SID for the system group. 
22857| 

22858| if(! AllocateAndlnitializeSid( &SIDAuthNT, 1 , 

22859| SECURITY JJDCAL_SYSTEM_RID, 

22860| 0, 0, 0, 0, 0, 0, 0, 

22861| &pSystemSID) ) { 

22862| printf( "AllocateAndlnitializeSid Error %u\n", 

| GetLastError() ); 
22863| goto Cleanup; 
22864| } 
22865| 

22866| // Initialize an EXPLICIT_ACCESS structure for an 
| ACE. 

22867| // The ACE will allow the Administrators group full 

| access to the key. 
22868| 

22869| ZeroMemory(&ea, 3 * sizeof(EXPLICIT_ACCESS)); 



22870| ea[0].grfAccessPermissions = 

22871 1 STANDARD_RIGHTS_ALL | 

22872| STANDARD_RIGHTS_REQUIRED | 

22873| SYNCHRONIZE | 

22874| FILE_ADD_FILE | // this is so 

| we can create files in the directory 

22875| FILE_READ_ATTRIBUTES | 

22876| FILE_WRITE_ATTRIBUTES; 
22877| 



22878| ; 

22879| ea[0].grfAccessMode = SET_ACCESS; 

22880 1 ea[0] .grfln heritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

22881 1 ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

22882| ea[0].Trustee.TrusteeType = TRUSTEE_IS_GROUP; 

22883| ea[0].Trustee.ptstrName = (LPTSTR) pAdminSID; 
22884 1 

22885| ea[1].grfAccessPermissions = 



22886| GENERIC_READ | 

22887| GENERIC_ALL | 

22888| GENERIC_EXECUTE | 

22889| GENERIC_WRITE | 

22890| SPECIFIC_RIGHTS_ALL | 

22891 1 STANDARD_RIGHTS_ALL | 

22892| SYNCHRONIZE; 
22893| 



22894| ea[1].grfAccessMode = SET_ACCESS; 
22895| ea[1].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 
22896| ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; 
22897| ea[1].Trustee.TrusteeType = TRUSTEE_IS_USER; 
22898| ea[1].Trustee.ptstrName = (LPTSTR) pSystemSID; 
22899 1 

22900| ea[2].grfAccessPermissions = GENERIC_READ; 
22901 1 ea[2].grfAccessMode = SET_ACCESS; 
22902 1 ea[2] .g rf I nheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 
22903| ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; 
22904 1 ea[2]. Trustee. TrusteeType = 

| TRUSTEE_IS_WELL_KNOWN_GROUP; 
22905| ea[2].Trustee.ptstrName = (LPTSTR) pEveryoneSID; 
22906| 
22907| 

22908| // Create a new ACL that contains the new ACEs. 
22909 | 

22910| #define ONLY_ADMIN 1 
2291 1 1 #define A D M I N_A N D_S YST E M 2 
22912| #define ADMIN_SYSTEM_AND_EVERYONE 3 
22913| 

22914| dwRes = SetEntrieslnAcl(ADMIN_AND_SYSTEM, ea, NULL, 



I &pACL); 

22915| if (ERROR_SUCCESS != dwRes) { 

2291 6| SetLastError(dwRes); 

2291 7| printf( "SetEntrieslnAcI Error %u\n", 

| GetLastError() ); 
22918| goto Cleanup; 
22919| } 
22920| 

22921 1 // Initialize a security descriptor. 
22922 | 

22923| pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, 

| SECURITY_DESCRIPTOR_MIN_LENGTH); 
22924| if (pSD == NULL) { 

22925| printf( "LocalAlloc Error %u\n", GetLastError() 

I); 

22926| goto Cleanup; 

22927| } 

22928| 

22929| if (!lnitializeSecurityDescriptor(pSD, 

| SECURITY_DESCRIPTOR_REVISION)) { 
22930| printf( "InitializeSecurityDescriptor Error 

| %u\n", 

22931| GetLastError() ); 

22932| goto Cleanup; 
22933| } 
22934| 

22935| // Add the ACL to the security descriptor. 
22936| 

22937| if (!SetSecurityDescriptorDacl(pSD, 
22938| TRUE, // f DaclPresent flag 

22939| pACL, 

22940| FALSE)) // not a default DACL 

22941 1 { 

22942| printf( "SetSecurityDescriptorDacI Error %u\n", 

| GetLastError() ); 
22943| goto Cleanup; 
22944| } 
22945| 

22946| // Initialize a security attributes structure. 
22947| 

22948| sa.nLength = sizeof (SECURITY_ATTRIBUTES); 
22949| sa.lpSecurityDescriptor = pSD; 
22950| sa.blnheritHandle = FALSE; 
22951 | 

22952 1 // Use the security attributes to set the security 

| descriptor 
22953 1 // when you create a key. 
22954| 

22955| if(CreateDirectoryW(Root,&sa)) { 
22956 1 // new directory 



22957| #if 0 

22958| // set if snapshot directory must be hidden 
22959| 

| if(!SetFileAttributesW(Root,FILE_ATTRIBUTE_HIDDEN)) { 
22960| printf("Error %08x setting 

| attributes\n",GetLastError()); 
22961 1 goto Cleanup; 

22962 1 } 
22963| #endif 
22964| } 
22965| 

22966| SetLastError(O); 
22967| Cleanup: 
22968| 

22969| Err = Getl_astError(); 
22970 1 

22971 1 if (pEveryoneSID) { 
22972| FreeSid(pEveryoneSID); 
22973 1 } 

22974| if (pSystemSID) { 
22975| FreeSid(pSystemSID); 
22976| } 

22977| if (pAdminSID) { 

22978| FreeSid(pAdminSID); 

22979 1 } 

22980 1 if (pACL) { 

22981| LocalFree(pACL); 

22982| } 

22983| if (pSD) { 

22984| LocalFree(pSD); 

22985| } 

22986| return Err; 

22987| } 

22988| 

22989| 

22990| STATIC ULONG AddDrivesToSystemPersistent( tAPCContext 

| *ApcContext, PLARGEJNTEGER Time ) 
22991 | { 

22992| ULONG 

| BS=sizeof(PVOID)*ApcContext->OTO->NumberOfDevices; 
22993| ULONG i; 

22994| PCHAR Buffer=((char*)ApcContext->VolumeMap)+BS; 

22995| ULONG Len; 

22996| ULONG Status = 0; 

22997| WCHAR *ToUse=NULL; 

22998| pVolMap Map; 

22999| WCHAR SnapShotDirName[256]; 

23000| 

23001 1 if(BS>ApcContext->SizeOfVolumeMap) { 
23002| return ERROR_INSUFFICIENT_BUFFER; 



23003| } 
23004| 

23005| Map = ApcContext->VolumeMap; 
23006| 

23007| MakeSnapShotDirectoryName(SnapShotDirName, 

| ApcContext->ln.CacheFileName,ApcContext->OTO->KernelSnap 
| ShotPointer); 

23008| 

23009| // check for duplicate names on all volumes 

| that this snapshot has in it 
23010| { 

23011| WCHAR Dir[1024]; 

23012| ULONG lndex=0; 

23013| 

23014| i=0; 

23015| wcscpy(Dir,SnapShotDirName); 
23016| DLOG(("AddDrivesToSystemPersistent: 

| NumberOfDevices=%d\n",ApcContext->OTI->NumberOfDevices)) 

I; 

23017| 

2301 8| while(i<ApcContext->OTI->NumberOf Devices) { 

2301 9| WCHAR VolumeName[1 00]; 

23020| HANDLE DirHandle; 

23021 1 WIN32_FIND_DATAW FindFileData; 

23022| ULONG Nolnc = FALSE; 

23023| 

23024| 

| if(GetDriveLetterForNtDeviceName(DN_MakePointer(ApcConte 
| xt->OTI,ApcContext->OTI->DeviceName[i]), 
| VolumeName)!=0) { 
23025 1 D LOG (("Add D rivesToSystem Persistent : 

| (1) DeviceName[i] = 

| , %S'\n M ,i,DN_MakePointer(ApcContext->OTI,ApcContext->OTI 

| ->DeviceName[i]) )); 
23026| GetWin32NameForNtDeviceName( 

| DN_MakePointer(ApcContext->OTI,ApcContext->OTI->DeviceNa 

| me[i]), VolumeName); 
23027 1 D LOG (("Add D rivesToSystem Persistent : 

| (2) DeviceName[i] = 

| '%S'\n",i,DN_MakePointer(ApcContext->OTI,ApcContext->OTI 

| ->DeviceName[i]) )); 
23028| } 
23029| 

23030| // at this point we want 

| "C:\\snapshots\hourly" 
23031 1 // VolumeName contains something like 

| "C:" or "\device\HardDiskVolume1" 
23032| // SnapShotDirName contains something 

| like 'snapshots\hourly' or 'snapshots\my snapshot at 

| 5:00pm' 



23033| if(lndex==0) { 

23034| 

| swprintf(Dir,L"%s\\%s",VolumeName,SnapShotDirName); 
23035| } else { 

23036| 

| swprintf(Dir,L"%s\\%s.%d",VolumeName,SnapShotDirName,lnd 

I ex); 
23037| } 
23038| 

23039| // See if directory already exists 

23040| DirHandle = FindFirstFileW( Dir, 

| SFindFileData); 
23041 1 while(DirHandle!=INVALID_HANDLE_VALUE) 

|{ 

23042| // shoot, the directory exists, so 

| lets try and make it unique 
23043| FindClose(DirHandle); 
23044| 

23045| lndex++; 

23046| 

23047| 

| swprintf(Dir,L"%s\\%s.%d",VolumeName,SnapShotDirName,lnd 
I ex); 
23048| 

23049| // start back at beginning looking 

| for dups 
23050| Nolnc = TRUE; 

23051 1 i=0; 
23052 1 

23053| DirHandle = FindFirstFileW( Dir, 

| SFindFileData); 
23054| } // while 

23055| 

23056| if(Nolnc) { 

23057| Nolnc=FALSE; 

23058| } else { 

23059| i++; 

23060 1 } 

23061| }// while 

23062| 

23063| if(lndex>0) { 

23064| 

| swprintf(SnapShotDirName,L"%s.%d",SnapShotDirName,lndex) 

I ; 

23065| } 
23066| } 
23067| 

23068| // make the name persist 
23069| 

| Psm_SetUserName(ApcContext->OTO->KernelSnapShotPointer,S 



I napShotDirName,sizeof(SnapShotDirName)); 
23070| 

23071| for(i=0;i<ApcContext->OTI->NumberOfDevices;i++) 
|{ 

23072| WCHAR Dir[1 024]; 

23073| WCHAR Link[256]; 

23074| WCHAR BigBuffer[1 024]; 

23075| 

23076| ToUse = NULL; 

23077| 

23078| DLOG(("Mapping in %08x:%08x:'%S' = '%S'\n M , 

23079| ApcContext->VolumeMapFlags[i], 
23080| ApcContext->OTI->DeviceName[i], 
23081 | 

| DN_MakePointer(ApcContext->OTI,ApcContext->OTI->DeviceNa 
I me[i]), 
23082 1 

| DN_MakePointer(ApcContext->OTO,ApcContext->OTO->DeviceNa 
I me[i]))); 
23083 1 

23084| if(ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_MOUNT_POINT) { 
23085| 
23086| 

| if(GetDriveLetterForNtDeviceName(DN_MakePointer(ApcConte 
| xt->OTI,ApcContext->OTI->DeviceName[i]), BigBuffer)!=0) 
|{ 

23087| GetWin32NameForNtDeviceName( 

| DN_MakePointer(ApcContext->OTI,ApcContext->OTI->DeviceNa 
| me[i]), BigBuffer); 

23088| } 

23089 1 

23090| 

| swprintf(Dir,L"%s\\%s",BigBuffer,SnapShotLocation); 
23091 1 // make root dir for snapshots on this 

| volume if it 
23092 1 // doesnt exist 

23093| CreateRootSnapShotDirectory(Dir); 
23094| 
23095| 

| swprintf(Dir,L"%s\\%s",BigBuffer,SnapShotDirName); 
23096| // remove the dir if it exists ( we 

| just proved it didnt in the above code., rob 

| 12-19-2000) as 
23097| // set file time will not work if the 

| directory is a junction point 
23098| RemoveDirectoryW(Dir); 
23099| // Create and set the time of the 

| directory 

231 00| SetTimeForFile( Dir, Time ); 



23101| 
23102| 

| wcscpy(Link,DN_MakePointer(ApcContext->OTO,ApcContext->0 
| TO->DeviceName[i])); 
23103| 

23104| ToUse= Dir; 

23105| 

23106| Status = 

| CreateJunction2(Dir,Link,Time); 
23107| if(Status==0) { 

231 08| // force volume to be mounted 

231 09| TouchVolumeName(Link); 
23110| }else{ 

231 1 1 1 if((ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_DRIVE_LETTER)) { 
231 12| // lets try and map a drive 

| letter, as it may be fat 
23113| Tollse = NULL; 

23114| }else{ 
23115| ToUse = Link; 

231 1 6| // make the name persist 

23117| 

| Psm_SetUserName(ApcContext->OTO->KernelSnapShotPointer,T 

| oUse,sizeof(ToUse)); 
23118| } 
23119| } 
23120| } 

231 21 1 if ((ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_DRIVE_LETTER)) { 
23122| WCHAR DriveLetter; 

23123| 

23124| if(!ToUse) { 

23125| // if no mount points set, then 

| lets do a drive letter 
23126| 

23127| if((ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_SHARE) || (ApcContext->VolumeMapFlags[i] 
| & PSM_VOLUME_MAP_USE_LETTER)) { 

23128| 

| DriveLetter=GetFirstFreeNormalDriveLetter(); 
23129| }else{ 
23130| 

| DriveLetter=GetFirstFreeDriveLetter(); 
23131| } 
23132| 

23133| // map drive letter 

23134| if(DriveLetter!=0) { 

23135| 

| swprintf(Link,L"%c: M ,DriveLetter); 
23136| 



23137| DLOG(("Mapping '%S' to 

| '%S'\n",Link, 

| DN_MakePointer(ApcContext->OTO,ApcContext->OTO->DeviceNa 
I me[i]))); 

23138] //if(Def ineDosDeviceW( 

| D D D_RA W TA RG ET_P ATH , Link, 

| DN_MakePointer(ApcContext->OTO,ApcContext->OTO->DeviceNa 
I me[i]))) { 

231 39| Status = AddWin32Link( Link, 

| DN_MakePointer(ApcContext->OTO,ApcContext->OTO->DeviceNa 
I me[i])); 

23140| if(Status==0) { 

23141| ToUse = Link; 

231 42| // make the name persist 

23143| //lets not do this for 

| drive letters 
23144| // 

| Psm_SetUserName(ApcContext->OTO->KernelSnapShotPointer,T 
| oUse,sizeof(ToUse)); 
23145| }else{ 

231 46| DLOG((TEXT("Error %08x 

| mapping drive\n M ), Status)); 
23147| } 
23148| }else{ 

23149| DLOG((TEXT("Error! out of drive 

| letters\n"))); 

231 50 1 Status = ERROR_CANCELLED; 

23151| } 
23152| } 
23153| } 

23154| if(ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_SHARE) { 
23155| //share the volume FIXFIXFIX 

23156| } 

23157| if(ApcContext->VolumeMapFlags[i] & 

| PSM_VOLUME_MAP_VOLUME) { 
23158| if(!ToUse) { 

23159| // make a Win32 volume guid. 

231 60 1 GetWin32NameForNtDeviceName( 

| DN_MakePointer(ApcContext->OTI,ApcContext->OTI->DeviceNa 

| me[i]), BigBuffer); 
23161| ToUse = BigBuffer; 

231 62 1 // make the name persist 

23163| 

| Psm_SetUserName(ApcContext->OTO->KernelSnapShotPointer,T 

| oUse,sizeof(ToUse)); 
23164| } 
23165| } 
23166| 

23167| if(!ToUse) { 



231 68| // use the nt device name 

23169| ToUse = 

| DN_MakePointer(ApcContext->OTI,ApcContext->OTI->DeviceNa 

I me[i]); 

231 70| // make the name persist 

23171| 

| Psm_SetL)serName(ApcContext->OTO->KernelSnapShotPointer,T 

| oUse,sizeof(ToUse)); 
23172| } 
23173| 

23174| // 

231 75| if ((*(DWORD*)ApcContext->Out) == 

| 0x5a4b3c2d) { 
23176| // ansi version 

23177| 

| Len=(wcslen(ToUse)*sizeof(CHAR))+sizeof(CHAR); 
23178| }else{ 
23179| //Unicode 
23180| 

| Len=(wcslen(ToUse)*sizeof(WCHAR))+sizeof(WCHAR); 
23181| } 
23182| BS+=Len; 

23183| if(BS>ApcContext->SizeOfVolumeMap) { 

23184| Status = ERROR_INSUFFICIENT_BUFFER; 

23185| return Status; 

23186| } 
23187| 

231 88| Map[i]=(PWCHAR)Buffer; 

23189| if((*(DWORD*)ApcContext->Out) == 

| 0x5a4b3c2d) { 
23190| CharToOemW(ToUse, Buffer); 

23191| }else{ 

23192| wcscpy((PWCHAR)Buffer,ToUse); 

23193| } 

23194| Buffer+=Len; 

23195| 

23196| Status = 0; 

23197| } 

23198| return Status; 

23199| } 

23200| 

23201 1 

23202| // SharedMemoryMutex MUST be acquired before calling 
| this routine 

23203| STATIC ULONG FreeVolumesForSnapShot ( pSnapShot 

| Snapshot ) 
23204| { 

23205| ULONG Err=0; 
23206| ULONG i=0; 

23207| while(i<SharedMemory->NumberOfMappedVolumes) { 



23208| DLOG((TEXT("RVFS: %d: %08x (%08x) %08x 

| (%08x)\n")J,SharedMemory->MappedVolumes[i].SnapShotOffs 
| et,MakePointer(SharedMemory->MappedVolumes[i].SnapShotOf 
| fset),MakeOffset(SnapShot), Snapshot)); 

23209| 

23210| 

| if(MakePointer(SharedMemory->MappedVolumes[i].SnapShotOf 
| fset) == Snapshot) { 
23211| 

| RemoveDevice(&SharedMemory->MappedVolumes[i]); 
23212| 

| memmove(&SharedMemory->MappedVolumes[i],&SharedMemory->M 

| appedVolumes[i+1 ],(SharedMemory->NumberOfMappedVolumes-i 

| -1 )*sizeof(SharedMemory->MappedVolumes[0])); 
23213| SharedMemory->NumberOfMappedVolumes--; 
23214| // dont inc i since we moved everything 

| down one 
23215| }else{ 
23216| i++; 
23217| } 
23218| } 
23219| return Err; 
23220| } 
23221| 

23222| STATIC ULONG FreeOneVolumeForSnapShot ( pSnapShot 

| Snapshot, WCHAR *NTName ) 
23223| { 

23224| ULONG Err=0; 
23225| ULONG i=0; 
23226| 

23227| DLOG(( M FreeOneVolumeForSnapShot\n")); 
23228| 

23229| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

23230| __try { 
23231 | 

23232| while(i<SharedMemory->NumberOfMappedVolumes) { 

23233| DLOG((TEXT("RVFS: %d: %08x (%08x) %08x 

| (%08x)\n"),i,SharedMemory->MappedVolumes[i].SnapShotOffs 
| et,MakePointer(SharedMemory->MappedVolumes[i].SnapShotOf 
| fset) , MakeOff set (S napS hot) , S napS hot) ) ; 

23234| 

23235| 

| if((MakePointer(SharedMemory->MappedVolumes[i].SnapShotO 
| ffset) == Snapshot) && 
23236| 

| ((_wcsicmp(SharedMemory->MappedVolumes[i].OriginalNTName 
| ,NTName)==0) || 
23237| 

| (_wcsicmp(SharedMemory->MappedVolumes[i].NTDeviceName,NT 



I Name)==0))) { 
23238| 

| RemoveDevice(&SharedMemory->MappedVolumes[i]); 
23239| 

| memmove(&SharedMemory->MappedVolumes[i],&SharedMemory->M 

| appedVolumes[i+1 ],(SharedMemory->NumberOfMappedVolumes-i 

| -1 )*sizeof(SharedMemory->MappedVolumes[0])); 
23240| SharedMemory->NumberOfMappedVolumes--; 
23241 1 // dont inc i since we moved everything 

| down one 
23242 1 } else { 

23243| i++; 
23244| } 
23245| } 
23246| } ^finally { 

23247| ReleaseMutex(SharedMemoryMutex); 

23248| } 

23249 1 return Err; 

23250 1 } 

23251 | 

23252| STATIC ULONG GetOriginalNameFromVDiskName( WCHAR 

| *VDiskName, WCHAR *NTName ) 
23253 1 { 

23254| ULONG Err=0; 
23255| ULONG i=0; 
23256| 

23257| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

23258| __try { 
23259 1 

23260| while(i<SharedMemory->NumberOfMappedVolumes) { 
23261 1 

| if(_wcsicmp(SharedMemory->MappedVolumes[i].NTDeviceName, 
| NTName)==0) { 
23262 1 

| wcscpy(NTName,SharedMemory->MappedVolumes[i].OriginalNTN 
| ame); 



23263 1 break; 

23264| } else { 

23265| i++; 

23266| } 

23267| } 

23268| } ^finally { 

23269| ReleaseMutex(SharedMemoryMutex); 

23270| } 

23271 1 return Err; 



23272 1 } 
23273 1 

23274| STATIC ULONG GetVirtualFromOriginal(pSnapShot 
| SnapShot,WCHAR *OriginalDrive, WCHAR *VirtualDrive, 



I ULONG Size) 
23275| { 

23276| ULONG Err=0; 
23277| ULONG i=0; 
23278| 

23279| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

23280| __try { 
23281 | 

23282| while(i<SharedMemory->NumberOfMappedVolumes) { 
23283 1 

I if((_wcsicmp(SharedMemory->MappedVolumes[i].OriginalNTNa 
| me,OriginalDrive)==0) && 
23284| 

| (SharedMemory->MappedVolumes[i].SnapShotOffset == 
| MakeOffset(SnapShot))) { 
23285| 

| wcscpy(VirtualDrive,SharedMemory->MappedVolumes[i].NTDev 

| iceName); 
23286| break; 
23287| } else { 

23288| 

23289 1 } 
23290 1 } 
23291| } ^finally { 

23292| ReleaseMutex(SharedMemoryMutex); 

23293| } 

23294| return Err; 

23295| } 

23296| 

23297| 

23298| STATIC ULONG RemoveAIIVDisksForThread( ) 
23299| { 

23300| ULONG i; 
23301| ULONG Err=0; 

23302| pThreadStorage ThreadStorage = GetThreadStorage(); 
23303| 

23304| DLOG(( M RemoveAIIVDisksForThread\n M )); 
23305| 

23306| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

23307| __try { 

23308| for(i=ThreadStorage->NumSnapShots;i>0;i--) { 
23309| 

| FreeVolumesForSnapShot(MakePointer(ThreadStorage->SnapSh 
| otsOffset[i-1])); 
23310| } 

2331 1 1 ThreadStorage->NumSnapShots = 0; 
23312| 

23313| } finally { 



23314| ReleaseMutex(SharedMemoryMutex); 

23315| } 

23316| return Err; 

23317| 

23318| } 

23319| 

23320| STATIC ULONG PSMIJsAnPSMVolume( WCHAR *VolumeName ) 
23321 | { 

23322| ULONG Err=ERROR_INVALID_PARAMETER; 

23323| ULONG i; 

23324| 

23325| WaitForSingleObject ( SharedMemoryMutex, INFINITE 

I); 

23326| 

23327| _try { 
23328| 

| for(i=0;i<SharedMemory->NumberOfMappedVolumes;i++) { 
23329 1 if( 

| (_wcsicmp(SharedMemory->MappedVolumes[i].DriveLetterName 

| ,VolumeName)==0) || 
23330 1 

| (_wcsicmp(SharedMemory->MappedVolumes[i].VolumeName,Volu 
| meName)==0) || 
23331 1 

| (_wcsicmp(SharedMemory->MappedVolumes[i].ShareName,Volum 
| eName)==0) || 
23332 1 

| (_wcsicmp(SharedMemory->MappedVolumes[i].NTDeviceName,Vo 

| lumeName)==0)) { 
23333| Err = 0; 

23334| break; 
23335| } else { 

23336| Err= ERROR_INVALID_PARAMETER; 

23337| } 
23338| } 
23339| } ^finally { 

23340| ReleaseMutex(SharedMemoryMutex); 
23341 1 } 

23342| return Err==0 ? TRUE : FALSE; 

23343 1 } 

23344| 

23345| #define MOUNTMGR_IS_VOLUME_NAME_STRING(s) ( 

|\ 

23346| (wcslen(s) == 96 || (wcslen(s) == 98 && (s)[48] == 

| L'W)) && \ 
23347| (s)[0] == L'W && 

|\ 

23348| ((s)[1] == L'?' || (s)[1] == L'W) && 
|\ 

23349| (S)[2] == L'?' && 



I\ 

23350| (s)[3] == L'W && 
|\ 

23351 1 (s)[4] == L'V && 

|\ 

23352| (s)[5] == L'o' && 

|\ 

23353| (s)[6] == LT && 

|\ 

23354| (s)[7] == L'u' && 

|\ 

23355| (s)[8] == L'm' && 

|\ 

23356| (s)[9] == L'e' && 

|\ 

23357| (s)[10]== L'{'&& 
|\ 

23358| (s)[19]==L'-'&& 

|\ 

23359 1 (s)[24] == L'-' && 

|\ 

23360| (s)[29] == L'-' && 

|\ 

23361 1 (s)[34] == L'-' && 

|\ 

23362| (s)[47] == L'}' 

|\ 

23363 1 ) 
23364| 

23365| STATIC ULONG PSMI_CanBePSMed( WCHAR *VolumeName, ULONG 

| *VolumeType ) 
23366| { 

23367| WCHAR Buffer[256]; 

23368| UNICODE_STRING Str; 

23369| HANDLE hVolume; 

23370| ULONG Err; 
23371 1 

23372| *VolumeType = PSMJSJJNKNOWN; 
23373 1 

23374| Err = GetNTNameForUniqueld( VolumeName, Buffer, 

I 256); 

23375| if(Err) { 

23376| // check to see if valid win32/NT name 

23377| if((Err = 

| GetNTDeviceName(VolumeName,(WCHAR*)Buffer,256,FALSE))!=0 

l){ 

23378| DLOG((TEXT("Error %08x getting device 

| name\n"),Err)); 

23379| return FALSE; 

23380| } 



23381 1 } else { 

23382| // unique id 

23383| *VolumeType = PSM_IS_SUPPORTED; 

23384| return TRUE; 

23385| } 
23386| 

23387| if(PSMIJsAnPSMVolume(Buffer)) { 

23388| // can not psm an psm volume 

23389| DLOG((TEXT(' M %S' is PSM volume 

| VoSW),VolumeName,Buffer)); 

23390| *VolumeType = PSM_IS_PSM; 

23391 1 return FALSE; 

23392 1 } 
23393 | 

23394| // if it like so \??\G:\ then it is a subst drive 

23395| if( (Buffer[0]==L'\V) && 

23396| (Buffer[1 ]==L'?') && 

23397| (Buffer[2]==L'?') && 

23398| (Buffer[3]==L'\V)) { 

23399 | 

23400| if(!MOUNTMGR_IS_VOLUME_NAME_STRING(Buffer)) { 

23401 1 DLOG((TEXT("'%S' is a symbolic link to 

| VoSW),VolumeName,Buffer)); 

23402| *VolumeType = PSM_IS_SUBST; 

23403 1 return FALSE; 

23404| } 

23405| } 
23406| 

23407| // make "C:" into "C:\" 

23408| wcscpy(Buffer,VolumeName); 

23409| if(Buffer[wcslen(Buffer)-1] != LAV) 

23410| wcscat(Buffer,L M \\ M ); 
2341 1 | 

23412| switch(GetDriveTypeW(Buffer)) { 

23413| case DRIVE_REMOVABLE : 

23414| case DRIVE_FIXED 

2341 5| // if hard drive then good 

2341 6| DLOG((TEXT("Drive '%S' is local hard 

| drive\n M ), Buffer)); 

2341 7\ *VolumeType = PSM_IS_SUPPORTED; 

23418| return TRUE; 

23419| case DRIVE_REMOTE 

23420| *VolumeType = PSM_IS_REMOTE; 

23421 1 D LOG ( (TEXT(" D rive '%S' is not a local hard 

| drive\n M ), Buffer)); 

23422| return FALSE; 

23423| case DRIVE CDROM 

23424| *VolumeType = PSM_IS_CDROM; 

23425| D LOG ( (TEXT(" D rive ,0 /oS' is not a local hard 

| drive\n M ), Buffer)); 



23426| 
23427| 
23428| 
23429| 



return FALSE; 



case DRIVE_RAMDISK 

*VolumeType = PSM_IS_VIRTUAL; 
DLOG((TEXT("Drive '%S' is not a local hard 



| driveW 
23430| 



'),Buffer)); 

return FALSE; 



23431 1 case 1 : 
23432| default: 

23433| DLOG((TEXT("Do not know what Drive '%S' is 

| yet\n"),Buffer)); 
23434| break; 
23435| } // switch 
23436| 

23437| // Hmm, if Win2k check to see if volume name 
23438| 

23439| if (((GetVersion() & OxffffOOOO) » 1 6) > 1 381 ) { 
23440| DLOG((TEXT("Doing win2k checks\n M ))); 
23441 | 

23442| Str.Length=wcslen(VolumeName)*sizeof(WCHAR); 
23443| Str.MaximumLength = Str.Length + sizeof(WCHAR); 
23444| Str.Buffer = VolumeName; 
23445| 

23446| IsMountMgrName: 
23447| // if mount manager name 
23448| if(MOUNTMGR_IS_VOLUME_NAME(&Str)) { 
23449| DLOG((TEXT("Volume is mount manager 

| volume\n"))); 

23450| *VolumeType = PSM_IS_SUPPORTED; 

23451| return TRUE; 

23452| } 
23453| 

23454| if(Str.Buffer == VolumeName) { 
23455| // if it is a mount point and a local 

| volume 
23456| 

| if(pGetVolumeNameForVolumeMountPoint(VolumeName,Buffer,2 
I 56)) { 



23457| 

23458| DLOG((TEXT( M Volume is mount 



I pointXn"))); 
23459| 



| Str.Length=wcslen(Buffer)*sizeof(WCHAR); 
23460| Str.MaximumLength = Str.Length + 



| sizeof(WCHAR); 
23461| Str.Buffer = Buffer; 

23462| // get rid of extra slash 

23463| if(Str.Buffer[(Str.Length/2)-1] == 



I L'W) { 

23464| Str.Length-=2; 

23465| Str.Buffer[(Str.Length/2)]=0; 



23466| } 

23467| DLOG((TEXT( M GVNFVMP='%S , \n M ), Buffer)); 

23468| goto IsMountMgrName; 

23469| } else { 

23470| DLOG((TEXT("Error %08x getting volume 

| for mount point\n"),Getl_astError())); 
23471| //fall through 

23472| } 
23473| } 
23474| 

23475| if (_wcsnicmp(Str. Buffer, L M \\device\Y\8)==0) { 

23476| UNICODE_STRING Uni={0}; 

23477| OBJ ECT_ATTRI BUTES ObjectAttributes={0}; 

23478| HANDLE hVolume; 

23479| IO_STATUS_BLOCK loStatus={0}; 

23480| 

23481 1 RtllnitUnicodeString( &Uni, Str.Buffer); 

23482| 

23483| InitializeObjectAttributes ( 

| &ObjectAttributes, 
23484| &Uni, 
23485| 

| OBJ_CASE_INSENSITIVE, 
23486| NULL, 
23487| NULL ); 

23488| 

23489| Err = NtCreateFile( &hVolume, 

23490| FILE_GENERIC_READ, 

| // desired access 
23491 1 &ObjectAttributes, 

| // object attributes 
23492| &loStatus, 
23493| NULL, // 

| alloc size 

23494| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
23495| FILE SHARE WRITE | 

| FILE_SHARE_READ, //share 

| access 

23496| FILE_OPEN, // 

| create disposition 
23497| 

| FILE_SYNCHRONOUS_IO_NONALERT, // create 

| options 

23498| NULL, // eabuffer 

23499 1 0); //ealength 

23500| if(!Err) { 

23501 1 Err = 

| GetDeviceName(hVolume,Buffer,256); 
23502| NtClose(hVolume); 



23503| 

23504| if(!Err) { 

23505| DLOG((TEXT( M Volume supports storage 

| get device name\n"))); 
23506| *VolumeType = PSM_IS_SUPPORTED; 

23507| return TRUE; 

23508| } else { 

23509| DLOG((TEXT("Volume does not support 

| storage get device name\n"))); 
23510| } 
2351 1 1 } else { 

2351 2| DLOG((TEXT("Error %08x opening 

| device\n"),Err)); 
23513| } 
23514| }else{ 

2351 5| hVolume = CreateFileW( 

23516| VolumeName, 
23517| 0, 

23518| FILE_SHARE_READ | FILE SHARE WRITE, 

23519| NULL, 
23520| OPEN_EXISTING, 
10, 

23521| NULL); 

23522| if(hVolume!=INVALID_HANDLE_VALUE) { 

23523| Err = 

| GetDeviceName(hVolume,Buffer,256); 
23524| CloseHandle(hVolume); 
23525| 

23526| // if it supports that ioctl it is a 

| dasd drive 
23527| if(!Err) { 

23528| DLOG((TEXT( M Volume supports storage 

| get device name\n"))); 
23529| *VolumeType = PSM_IS_SUPPORTED; 

23530| return TRUE; 

23531| } 
23532| } else { 

23533| Err = GetLastError(); 

23534| DLOG((TEXT("Error %08x opening 

| volume\n"),Err)); 
23535| //fall through 

23536| } 
23537| } 

23538| } // of win2k specific stuff 
23539| 

23540| DLOG((TEXT("Error %08x determing if volume is local 

| hard drive\n"))); 
23541 | 

23542| *VolumeType = PSM_IS_UN KNOWN; 
23543| // if it failed all of the above., must not be a 



I local hard drive 
23544| return FALSE; 
23545| } 
23546| 

23547| STATIC ULONG PSMI_GetSnapShotlnfoFromVolume( WCHAR 

| *VolumeName, tSnapShotlnfoW *SnapShotlnfo ) 
23548| { 

23549| ULONG Err=ERROR_INVALID_PARAMETER; 
23550| ULONG i; 
23551 | 

23552| WaitForSingleObject ( Shared Memory Mutex, INFINITE 

I); 

23553 1 

23554| __try { 
23555| 

| for(i=0;i<SharedMemory->NumberOfMappedVolumes;i++) { 
23556| if( 

| (_wcsicmp(SharedMemory->MappedVolumes[i].DriveLetterName 

| ,VolumeName)==0) || 
23557| 

| (_wcsicmp(SharedMemoiy->MappedVolumes[i].VolumeName,Volu 
| meName)==0) || 
23558| 

| (_wcsicmp(SharedMemory->MappedVolumes[i].ShareName,Volum 
| eName)==0) || 
23559 1 

| (_wcsicmp(SharedMemory->MappedVolumes[i].NTDeviceName,Vo 

| lumeName)==0)) { 
23560| if(SnapShotlnfo->Size == 

| sizeof(tSnapShotlnfoW)) { 
23561 1 pSnapShot Snap = 

| MakePointer(SharedMemory->MappedVolumes[i].SnapShotOffse 

It); 
23562 1 
23563 1 

| memmove(&(SnapShotlnfo->SnapShot),Snap,sizeof(tSnapShot) 

I); 

23564| 

23565| wcscpy(SnapShotlnfo->Volume 

| ,SharedMemory->MappedVolumes[i].OriginalUserName); 
23566| 

| wcscpy(SnapShotlnfo->Company,SharedMemory->MappedVolumes 
| [i]. Company); 
23567| 

| wcscpy(SnapShotlnfo->Product,SharedMemory->MappedVolumes 

| [j]. Product); 
23568| wcscpy(SnapShotlnfo->Code 

| ,SharedMemory->MappedVolumes[i].Code); 
23569 1 

| wcscpy(SnapShotlnfo->Version,SharedMemory->MappedVolumes 



I [i]. Version); 
23570| wcscpy(SnapShotlnfo->Key 

| ,SharedMemory->MappedVolumes[i].Key); 
23571 1 Err = 0; 

23572 
23573 
23574 
23575 
23576 
23577 
23578 
23579 
23580 
23581 
23582 
23583 
23584 
23585 
23586 
23587 
23588 
23589 
23590 
23591 
23592 
23593 

|_stprintf(Name,TEXT("\\\\.\\%s_%04x"),TEXT("psman"), 
| PSM_LOW_COMPATIBLE_VERSION ); 
*h Device = CreateFile( Name, 

GENERIC_READ | GENERIC_WRITE, 
FILE_SHARE_READ | FILE_SHARE_WRITE, 
NULL, 

OPEN_EXISTING, 
FILE_FLAG_OVERLAPPED, 
NULL 

); 



23594 
23595 
23596 
23597 
23598 
23599 
23600 
23601 
23602 
23603 
23604 
23605 
23606 
23607 
23608 
23609 
23610 
23611 
23612 
23613 
23614 
23615 



break; 
} else { 

Err = ERROR_INVALID_PARAMETER; 

} 

} 

} 

} ^finally { 

ReleaseMutex(SharedMemoryMutex); 

} 

return Err; 

} 



STATIC ULONG PSMI_OpenManager( HANDLE *hDevice ) 
{ 

TCHAR Name[40]={0}; 
ULONG returned=0; 
BOOL B= FALSE; 
ULONG Err=0; 



if(*hDevice) { 
Err = 0; 

} else { 

Err = GetLastError(); 

} 

return Err; 



STATIC void OpenAPCRoutine( 



2361 6| IN pAPCContext ApcContext, 
23617| IN PIO_STATUS_BLOCK loStatus, 
23618| IN ULONG Reserved 
23619| ) 
23620| { 

23621 1 ULONG Err=0; 
23622 1 WCHAR Str[80]; 

23623 1 pThreadStorage ThreadStorage = GetThreadStorage(); 
23624| pSnapShot Snap=NULL; 
23625| tSnapShot SnapTemp; 
23626| 

23627| WaitForSingleObject ( OpenCloseMutex, INFINITE ); 
23628| __try { 

23629| Err = RtlNtStatusToDosError(loStatus->Status); 
23630| 

23631 1 DLOG((TEXT("OpenAPCRoutine %08x %08x %08x %08x 
| %08x\n M ),ApcContext,Err,loStatus->Status,loStatus->lnfor 
| mation, Reserved)); 

23632 1 

23633| if(!Err) { 

23634| // temp so we can alloc the snapshot 

23635| if(!ApcContext->SnapShot) { 

23636| DLOG((TEXT("Snapshot is null, using 

| temp\n"))); 

23637| ApcContext->SnapShot = &Snap; 

23638| } 
23639 1 

23640 1 /* 

23641 1 // OTM fossil 

23642 1 if(ApcContext->OTI-> Internal Flags & 

| PSM_I FLAG_P E RSI STENT) { 
23643| (*ApcContext->SnapShot) = &SnapTemp; 

23644| } else { 

23645| (*ApcContext->SnapShot) = 

| AllocSnapShotQ; 
23646| } 
23647| 7 

23648| (*ApcContext->SnapShot) = &SnapTemp; 

23649 1 

23650| if((*ApcContext->SnapShot)) { 

23651 1 (*ApcContext->SnapShot)->SnapShotTime = 

| ApcContext->OTO->SnapShotTime; 
23652 1 

| (*ApcContext->SnapShot)->KernelSnapShotPointer = 

| ApcContext->OTO->KernelSnapShotPointer; 
23653| (*ApcContext->SnapShot)->OwningThread = 

| ThreadStorage; 
23654| (*ApcContext->SnapShot)->lnstance = 

| ApcContext->OTO->lnstance; 
23655| 



23656| if(ApcContext->OTI->lnternalFlags & 

| PSM_I FLAG_P E RSI STENT) { 
23657| 

| (*ApcContext->SnapShot)->SnapShotType = 

| PSM_SS_TYPE_PERSISTENT; 
23658| ThreadStorage-> Persistent = TRUE; 

23659| } else { 

23660| 

| (*ApcContext->SnapShot)->SnapShotType = 

| PSM_SS_TYPE_TEMPORARY; 
23661 1 ThreadStorage-> Persistent = FALSE; 

23662 1 } 
23663 1 

23664| DLOG((TEXT("sst=%l64x, kssp=%08x, 

| ts=%08x, 

| i=%d\n"),ApcContext->OTO->SnapShotTime,ApcContext->OTO-> 
| KernelSnapShotPointer,ThreadStorage,ApcContext->OTO->lns 
| tance)); 
23665| 

23666| Err = 

| AddDrivesToSystemPersistent(ApcContext,&ApcContext->OTO- 

| >SnapShotTime); 
23667| (*ApcContext->SnapShot) = 

| ApcContext->OTO->KernelSnapShotPointer; 
23668| ApcContext->SnapShot = NULL; 

23669 1 

| UpdateClusterRegistries(ApcContext->OTO->KernelSnapShotP 
| ointer); 
23670 1 /* 

23671 1 if(!ThreadStorage->Persistent) { 

23672| Err = 

| AddDrivesToSystem(ApcContext); 
23673| if(!Err) { 

23674| ThreadStorage->NumOpens++; 
23675| 

| ThreadStorage->SnapShotsOffset[ThreadStorage->NumSnapSho 
| ts++] = MakeOffset((*ApcContext->SnapShot)); 
23676| 

23677| WaitForSingleObject ( 

| SharedMemoryMutex, INFINITE ); 
23678| __try { 

23679| DLOG(("Adding Snapshot %08x 

| %d (%08x) to 

| Hst\n",(*ApcContext->SnapShot),(*ApcContext->SnapShot)- 
| >lnstance,(*ApcContext->SnapShot)->KernelSnapShotPointer 

I)); 

23680 1 

| SharedMemory->SnapShotsOffset[SharedMemory->NumberOfSnap 
| Shots++] = MakeOffset((*ApcContext->SnapShot)); 
23681 1 } finally { 



23682| 

| ReleaseMutex(SharedMemoryMutex) ; 
23683| } 

23684| if((*(DWORD*)ApcContext->Out) 

| == 0x5a4b3c2d) { 
23685| // skip over \DosDevices\ 

| we added 
23686| 

| CharToOemW(&ApcContext->OTO->CacheFileName[1 2],(CHAR*)Ap 

| cContext->Out->CacheFileName); 
23687| } else { 

23688| 

| wcscpy((WCHAR*)ApcContext->Out->CacheFileName,&ApcContex 

| t->OTO->CacheFileName[12]); 
23689 1 } 
23690| 

23691 1 } 
23692 1 

23693| // some error occured having our 

| volumes mapped in 
23694| // (maybe out of drive letters ;) 

23695| if(Err) { 

23696| HANDLE hEvent = CreateEvent( 

| NULL, FALSE, FALSE, NULL ); 
23697| // unable to add volumes to 

| system, error out. 
23698| DLOG(("Error %08x during drive 

| adding, calling close\n",Err)); 
23699 1 

| PSMI_Close_lnternal(ThreadStorage->PSManHandle,hEvent,Ap 

| cContext->OTO->KernelSnapShotPointer); 
23700| CloseHandle(hEvent); 
23701 1 loStatus->Status = Err; 

23702| 

| FreeSnapShot((*ApcContext->SnapShot)); 
23703| } 
23704| 

23705| } else {// if Ipersistent 

23706| Err = 

| AddDrivesToSystemPersistent(ApcContext,&ApcContext->OTO- 

| >SnapShotTime); 
23707| (*ApcContext->SnapShot) = 

| ApcContext->OTO->KernelSnapShotPointer; 
23708| ApcContext->SnapShot = NULL; 

23709| 

| UpdateClusterRegistries(ApcContext->OTO->KernelSnapShotP 

| ointer); 
23710| } 
2371 1 1 7 
23712| }else{ 



23713| HANDLE hEvent = CreateEvent( NULL, 

| FALSE, FALSE, NULL); 
2371 4| // out of memory? 

23715| // unable to add volumes to system, 

| error out. 

2371 6| DLOG(("Error %08x during memory alloc 



| for snapshot\n M ,GetLastError())); 
23717| 

| PSMI_Close_lnternal(ThreadStorage->PSManHandle,hEvent,Ap 

| cContext->OTO->KernelSnapShotPointer); 
23718| CloseHandle(hEvent); 
2371 9| Err = loStatus->Status = 

| ERROR_OUTOFMEMORY; 
23720| } 
23721| }else{ 

23722| // delete cache file if ANY error occured. 

| This is to keep zero length files 
23723| //from hanging around... one day we may 

| want to use another function than 
23724| // GetTempFile so we do not make these temp 

| files. 

23725| // only delete cache file if it was a temp 

| and not permanent 
23726| DLOG(("Error %08x during open\n",Err)); 

23727| if(ThreadStorage->UsedTempFile) { 

23728| DLOG((TEXT("Deleting cache file due to 

| error %08x\n"),loStatus->Status)); 
23729| 

| DeleteFileW(ApcContext->ln.CacheFileName); 
23730| } 
23731| } 
23732| 

23733| swprintf(Str,L"%08x",Err); 
23734| // execute postopen file 
23735| 

| ExecuteFile(PostOpenFile,Str,ChildUser,ChildPassword); 
23736| 

23737| // set last error now that we are done with all 

| routines that will access it. 
23738| SetLastError(Err); 
23739| 

23740| if(ApcContext->Overlapped) { 

23741 1 ApcContext->Overlapped->lnternal = 

| loStatus->Status; 
23742| ApcContext->Overlapped->lnternalHigh = Err; 

23743 1 

| if(ApcContext->Overlapped->hEvent!=INVALID_HANDLE_VALUE) 

I { 
23744| 

| SetEvent(ApcContext->Overlapped->h Event); 



23745| } 
23746| } 
23747| 

23748| if(ApcContext->OverlappedRoutine) { 

23749| _try { 

23750| 

| ( ApcContext->Overlapped Routine) ( Err, loStatus->l nformatio 

| n,ApcContext->Overlapped); 
23751 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

23752| DLOG((TEXT("Exception %08x in ape 

| call\n"),GetExceptionCode())); 
23753 1 } 
23754| } 
23755| 

23756| LocalFree(ApcContext->VolumeMapFlags); 
23757| Local Free( ApcContext->OTI ) ; 
23758| LocalFree(ApcContext->OTO); 
23759| LocalFree(ApcContext); 
23760 1 

23761 1 } ^finally { 

23762| ReleaseMutex(OpenCloseMutex); 

23763 1 } 

23764| 

23765| return; 
23766| } 
23767| 
23768| 

23769| STATIC LONG SetFlushRoutineForDriver( HANDLE hDevice ) 
23770 1 { 

23771 1 ULONG B=FALSE; 

23772| tSetFlushRoutine Flush; 

23773| LONG Err; 

23774| OVERLAPPED o; 

23775| ULONG returned; 

23776| 

23777| 

23778| Flush.ZwFlushBuffersFile = 

| (void*)GetProcAddress(GetModuleHandle("ntdll.dll"),"ZwFI 

| ushBuffersFile"); 
23779| //Flush.ZwFlushBuffersFile = 

| (void*)GetProcAddress(GetModuleHandle("ntdll.dll"),"_imp 

| _ZwFlushBuffersFile"); 
23780| 

23781 1 if(Flush.ZwFlushBuffersFile) { 
23782| memset(&o,0,sizeof(o)); 

23783| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL ); 
23784| 

23785| B = DeviceloControl( hDevice, 



23786| 
23787| 
23788| 
23789| 
23790| 
23791| 
23792| 
23793| 
23794| 
23795| 
23796| 
23797| 
23798| 



IOCTL_SET_FLUSH_ROUTINE, 

&Flush, 

sizeof(Flush), 

NULL, 

0, 

& returned, 
&o); 



if(B) { 
Err = 0; 



} else { 

Err = GetLastError(); 

DLOG((TEXT("Error %08x Calling set flush 



| routine\n"),Err)); 
23799| } 

23800 1 C loseH and le(o . h Eve nt) ; 

23801 1 } else { 

23802 1 Err = GetLastError(); 

23803| DLOG((TEXT("Error %08x getting entry point for 

|flush\n M ),Err)); 

23804| } 

23805| return Err; 
23806| } 
23807| 

23808| STATIC ULONG PSMI_CommonOpen( 

23809| HANDLE hDevice, 

23810| IN pOpenTransactionln3W In, 

2381 1 1 IN ULONG NumVolumes, 

23812| IN PVOID InVolumeMap, 

23813| IN ULONG *VolumeMapFlags, 

23814| IN ULONG OutVolumeMapByteSize, 

23815| INOUT PVOID OutVolumeMap, 

2381 6| OUT pOpenTransactionOutW Out, 

2381 7| INOUT LPOVERLAPPED Overlapped, 

23818| IN LPOVERLAPPED_COMPLETION_ROUTINE 

| CompletionRoutine, 

23819| IN ULONG InternalFlags, 

23820| OUT pSnapShot *SnapShot 
23821| ) 
23822| { 

23823| ULONG Err=0; 

23824| pThreadStorage ThreadStorage = GetThreadStorageQ; 

23825| tAPCContext *APCContext; 

23826| WCHAR Str[80]; 

23827| HKEY Key; 

23828| ULONG DataSize; 

23829| TCHAR RegStr[255]; 

23830| ULONG InternalBufferChars = 0; 

23831| 

23832| if((!ln) || (!Out) || (MnVolumeMap) || 



I (IVolumeMapFlags) || (!OutVolumeMap) || 

| (OutVolumeMapByteSize<8) || ((signed)NumVolumes<1)) { 
23833| return ERROR_INVALID_PARAMETER; 
23834| } 
23835| 

23836| // make sure they are passing in something we know 

| about 
23837| if( 

23838| (ln->Size != sizeof(tOpenTransactionln3W)) && 
23839| (ln->Size != sizeof(tOpenTransactionln1 W)) && 
23840| (ln->Size != sizeof(tOpenTransactionln2W)) 
23841 1 ) { 

23842| return ERROR_INVALID_PARAMETER; 

23843 1 } 

23844| 

23845| // check the length so we dont copy over the stack 

| and destory 
23846| // everything we are lookin at if the things 

| contain long names 
23847| if( 

| !CheckForZeroTerminatorW(ln->CacheFileName,256)) { 
23848| return ERROR_INVALID_PARAMETER; 
23849 1 } 

23850| if ((!CheckForZeroTerminatorW(ln->PreOpenFile,256)) 
I II 

23851| (!CheckForZeroTerminatorW(ln->PostOpenFile,256)) 

I II 
23852| 

| (!CheckForZeroTerminatorW(ln->PostCloseFile,256)) || 

23853| (!CheckForZeroTerminatorW(ln->UserName,40)) || 

23854| (!CheckForZeroTerminatorW(ln->Password,40)) ) { 

23855| return ERROR_INVALID_PARAMETER; 

23856| } 
23857| 

23858| /* //OTM fossil 

23859| if(!(ln->Flags & PSM_FLAG_PERSISTENT_SNAPSHOT)) { 

23860| // not used in persistent snapshots 
23861 | 

23862 1 // 1 terabyte 

23863| if(ln->SizeOfCacheFileMB > 1 * 1024 * 1024) { 

23864| return ERROR_INVALID_PARAMETER; 

23865| } 

23866| if(ln->MaxSizeOfCacheFileMB > 1 * 1024 * 1024) 
|{ 

23867| return ERROR_INVALID_PARAMETER; 

23868| } 

23869| if(ln->SizeOfCacheFileMB > 

| ln->MaxSizeOfCacheFileMB) { 

23870| return ERROR_INVALID_PARAMETER; 

23871 1 } 



23872| // 1 hour 

23873| if(ln->QuiescentWait > 1 * 60 * 60) { 
23874| return ERROR_INVALID_PARAMETER; 

23875| } 
23876| // 1 week 

23877| if(ln->QuiescentTimeout > 1 * 7 * 24 * 60 * 60) 
|{ 

23878| return ERROR_INVALID_PARAMETER; 

23879 1 } 
23880 1 } 
23881 1 7 
23882 1 

23883| if((Overlapped) && 

| (Overlapped->h Event !=INVALID_H AN DLEVALUE)) 
23884| Reset Event (Overlapped->h Event); 
23885| 

23886| APCContext = LocalAlloc(LPTR,sizeof(tAPCContext)); 

23887| if(APCContext) { 

23888| 

23889| // keep this read only... 

23890| memmove(&APCContext->ln,ln,sizeof(*ln)); 

23891| 

23892| // 4 bytes per pointer, 1 00 bytes (by default) 

| of "string space" 
23893| InternalBufferChars = 100 * NumVolumes; 
23894| APCContext->SizeofOTI = 

| sizeof(tOpenTransactionlnlnternal)+(NumVolumes*4)+(lnter 

| nalBufferChars*sizeof(WCHAR)); 
23895| APCContext->SizeofOTO = 

| sizeof(tOpenTransactionOutlnternal)+(NumVolumes*4)+(lnte 

| rnalBufferChars*sizeof(WCHAR)); 
23896| APCContext->OTI = 

| LocalAlloc(LPTR,APCContext->SizeofOTI); 
23897| APCContext->OTO = 

| LocalAlloc(LPTR,APCContext->SizeofOTO); 
23898| APCContext->VolumeMapFlags = 

| LocalAlloc(LPTR,NumVolumes*sizeof(ULONG)); 
23899 1 

23900| if((!APCContext->OTI) || (!APCContext->OTO) || 

| (!APCContext->VolumeMapFlags)) { 
23901 1 Err = ERROR_OUTOFMEMORY; 

23902| goto ErrorExit; 

23903 1 } 
23904| 

| memset(APCContext->OTI,0,APCContext->SizeofOTI); 
23905| 

| memset(APCContext->OTO,0,APCContext->SizeofOTO); 
23906| 

| memcpy(APCContext->VolumeMapFlags,VolumeMapFlags,NurnVolu 
| mes*sizeof(ULONG)); 



23907| 

23908| if((ln->Size>=sizeof(tOpenTransactionln2W)) && 

| (ln->Securitylnfo)) { 
23909| 

| if(ln->Securitylnfo->Size==sizeof(tPSM_Securitylnfo)) { 
23910| 

| memcpy(&APCContext->Securitylnfo,ln->Securitylnfo,sizeof 
| (tPSM_Securitylnfo)); 
23911| }else{ 

23912| Err = ERROR_INVALID_PARAMETER; 

23913| goto ErrorExit; 

23914| } 
23915| }else{ 

2391 6| APCContext->Securitylnfo.Size = 

| sizeof(tPSM_Securitylnfo); 
23917| 

| wcscpy(APCContext->Securitylnfo.Remark,L"PSM Shared 
| Drive"); 

23918| APCContext->Securitylnfo.MaxUses = 

| SHI_USES_UNLIMITED; 
23919| APCContext->Securitylnfo. Permissions = 

| ACCESS_READ | ACCESS_EXEC; 
23920| APCContext->Securitylnfo.SecurityDescriptor 

| = NULL; 
23921| } 
23922| 
23923| { 
23924| ULONG i; 

23925| for(i=0;i<NumVolumes;i++) { 

23926| DLOG((TEXT("Flags %d (%08x) = 

| %08x:%08x\n"),i,APCContext->VolumeMapFlags,APCContext->V 

| olumeMapFlags[i],VolumeMapFlags[i])); 
23927| } 
23928| } 
23929| 

23930| APCContext->SizeOfVolumeMap = 

| OutVolumeMapByteSize; 
23931 1 APCContext->VolumeMap = OutVolumeMap; 
23932| APCContext->Out = Out; 
23933| APCContext->Overlapped = Overlapped; 
23934| APCContext->OverlappedRoutine = 

| CompletionRoutine; 
23935| APCContext->SnapShot = Snapshot; 
23936| 

23937| APCContext->OTI->Size 

| s izeof (tOpenTransactio nln Internal); 
23938| APCContext->OTI->SizeOfCacheFileMB = 

| ln->SizeOfCacheFileMB; 
23939| APCContext->OTI->MaxSizeOfCacheFileMB = 

| ln->MaxSizeOfCacheFileMB; 



23940| APCContext->OTI->Flags 
| ln->Flags; 

23941 1 APCContext->OTI->QuiescentWait 

| ln->QuiescentWait; 
23942| APCContext->OTI->QuiescentTimeout 

| ln->QuiescentTimeout; 
23943| APCContext->OTI->AbortEvent 

| ln->AbortEvent; 
23944| APCContext->OTI->lnternalFlags 

| InternalFlags; 
23945| APCContext->OTI->CallerPrivateUse = 

| ln->CallerPrivateUse; 
23946| APCContext->OTI->NumToKeep 

| ln->NumToKeep; 
23947| APCContext->OTI->Priority = 

| ((tOpenTransactionlnPersistentW*)ln)->Priority; 
23948| APCContext->OTI->SnapShotFlags = 

| ((tOpenTransactionlnPersistentW*)ln)->SnapShotFlags; 
23949 1 

23950| // we dont have a need for this yet.. 

23951| APCContext->OTI->DIIPrivateUse = NULL; 

23952| 

23953| if(ln->Flags & PSM_FLAG_PERSISTENT_SNAPSHOT) { 
23954| APCContext->OTI->lnternalFlags |= 

| PSM_IFLAG_PERSISTENT; 
23955| } 
23956| 

23957| if(ln->Flags & PSM_FLAG_SAVE_TEMP_ON_EXIT) { 
23958| APCContext->OTI->lnternalFlags |= 

| PSM_IFLAG_SAVE_TEMP_ON_EXIT; 
23959| } 
23960| 

23961 1 // exchange the two if backwards 
23962 1 

| if(APCContext->OTI->QuiescentWait>APCContext->OTI->Quies 

| centTimeout) { 
23963| ULONG Save = 

| APCContext->OTI->QuiescentTimeout; 
23964| APCContext->OTI->QuiescentTimeout = 

| APCContext->OTI->QuiescentWait; 
23965| APCContext->OTI->QuiescentWait = Save; 

23966| } 
23967| 

23968| ThreadStorage->AbortEvent = ln->AbortEvent; 
23969 1 

23970 1 // do volumemap conversion here. 
23971 1 

23972| Err = MakeVolumeList ( 
23973| NumVolumes, 
23974| InVolumeMap, 



23975| OutVolumeMapByteSize, 
23976| APCContext->OTI, 
23977| InternalBufferChars ); 

23978| 

23979| if ( Err != 0 ) { 

23980| // specified nothing to do. 

23981 1 goto ErrorExit; 

23982 1 } 

23983 1 

23984| APCContext->OTI->NumberOfDevices = NumVolumes; 
23985| 

| if(APCContext->OTI->NumberOfDevices>MAX_VOLUMES_SUPPORTE 
I D){ 

23986| Err = ERROR_OUT_OF_STRUCTURES; 

23987| goto ErrorExit; 

23988| } 
23989 1 
23990 | 

23991 1 if(wcscmp(ln->CacheFileName,L"")==0) { 
23992| WCHAR TempPath[255]; 

23993 | 

23994| if(CacheFileLocationKeyExists) { 

23995| if(wcscmp(CacheFileLocation,L m, )==0) { 

23996| // Empty registry key, pick file in 

| temp directory 
23997| GetTempPathW(255,TempPath); 
23998| } else { 

23999 1 // okay use path specified 

24000| wcscpy(TempPath,CacheFilel_ocation); 
24001| } 
24002| } else { 

24003| // key doesnt exist so lets find a 

| suitable volume 
24004| // for our cache file, peferablly one 

| not being 
24005| // psmed 

24006| 

| FindBestVolumeForCache(ln,TempPath,sizeof(TempPath)/size 

| of(TempPath[0])); 
24007| } 
24008| 

24009| GetTempFileNameW( 

2401 0| TempPath, // pointer to directory name 

| for temporary file 
2401 1 1 L"PSM", // pointer to filename 

| prefix 

24012| ThreadStorage->NumOpens, // 

| number used to create temporary filename 
24013| ThreadStorage->TempFileName); 
24014| ThreadStorage->UsedTempFile = TRUE; 



24015| 

| swprintf(APCContext->OTI->CacheFileName,L"\\DosDevices\\ 

| %s",ThreadStorage->TempFileName); 
24016| }else{ 
24017| // must be in Unicode... 

24018| 

| swprintf(APCContext->OTI->CacheFileName,L"\\DosDevices\\ 

| %s'\ln->CacheFileName); 
24019| ThreadStorage->UsedTempFile = FALSE; 

24020| } 
24021 | 

24022 1 #if 0 

24023| if(DebugMode) 

24024| 

| wprintf(L ,M %s'\n",APCContext->OTI->CacheFileName); 
24025| #endif 
24026| 

24027| // if a temp file we created, always delete it 
24028| if(ThreadStorage->UsedTempFile) { 
24029| APCContext->OTI->Flags &= 

| ~PSM_FLAG_DO_NOT_DELETE_CACHE; 
24030| } 

24031 1 // map errorcallback here 
24032| APCContext->OTI->ErrorEvent 

| ln->ErrorEvent; 
24033 1 

24034| // they specified batch files 

24035| wcscpy(PreOpenFile,ln->PreOpenFile); 

24036| if(wcscmp(PreOpenFile,L"")==0) 

24037| wcscpy(PreOpenFile,L"preopen M ); 

24038| 

24039| wcscpy(PostOpenFile,ln->PostOpenFile); 
24040| if(wcscmp(PostOpenFile,L" M )==0) 
24041 1 wcscpy(PostOpenFile,L"postopen"); 
24042 1 

24043| wcscpy(PostCloseFile,ln->PostCloseFile); 
24044| if(wcscmp(PostCloseFile,L"")==0) 
24045| wcscpy(PostCloseFile,L"postclse M ); 
24046| 

24047| wcscpy(ChildUser,ln->UserName); 
24048| wcscpy(ChildPassword,ln->Password); 
24049| if(wcscmp(ChildUser,L"")==0) { 
24050| wcscpy(ChildUser,L MM ); 
24051 1 wcscpy(ChildPassword,L""); 
24052 1 
24053 1 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d M ), NtBuildNumber > 1381 ? 5 : 4); 

24054| // open the registry 

24055| Err = RegOpenKeyEx( 



24056| 
I key 

24057| 
| open 

24058| 

24059| 

24060| 

24061 1 

24062 1 

24063 1 

24064| 

24065| 

24066| 

24067| 



HKEY_LOCAL_MACH I N E, // handle of open 
RegStr, // address of name of subkey to 
0, // reserved 

KEY_READ, // security access mask 
&Key// address of handle of open key 

); 

if(Err==0) { 

DataSize = 256; 

Err= RegQuery Value ExW( 
Key, // handle of key to query 
L"ChildUser", // address of name 



| of value to query 



24068| 
24069| 

| value type 
24070| 

| data buffer 
24071 1 

| buffer size 
24072 1 
24073 1 
24074| 
24075| 
24076| 
24077| 



NULL, // reserved 

NULL, // address of buffer for 

(char*)ChildUser, // address of 

&DataSize // address of data 



); 



DataSize = 256; 
RegQueryValueExW( 

Key, // handle of key to query 
U'ChildPassword", // address of 
| name of value to query 
24078| NULL, //reserved 

24079| NULL, // address of buffer for 

| value type 

24080| (char*)ChildPassword, // address 

I of data buffer 



24081 1 

| buffer size 
24082| 



&DataSize // address of data 



); 



// close the registry 
Reg C loseKey ( Key ) ; 



} 



} 



24083 1 
24084| 
24085| 
24086| 
24087| 
24088| 
24089| 
24090| 

| ExecuteFile(PreOpenFile,L' M, ,ChildUser,ChildPassword); 
24091| 

24092| APCContext->loStatus.Status=0; 
24093| APCContext->loStatus. Information^; 
24094| 



// execute preopen file 



24095| if(hDevice) { 
24096| 

24097| // make sure it has access to flush routine 

24098| // we have to do this as ntoskrnl doesnt 

| export Nt/ZwFlushBuffersFile 
24099| // or any routines to dynamically import 

| the routine 

241 00| Err = SetFlushRoutineForDriver(hDevice); 

24101| if(Err) { 

24102| goto BadBadExit; 

24103| } 

24104| 

241 05| Err = NtDeviceloControlFile( 

24106| hDevice, 

24107| NULL, 

241 08| OpenAPCRoutine, 

24109| APCContext, 

241 1 0| &APCContext->loStatus, 

241 1 1 1 IOCTL_TURNON_PSM, 

24112| APCContext->OTI, 

24113| APCContext->SizeofOTI, 

241 1 4| APCContext->OTO, 

241 1 5| APCContext->SizeofOTO 

24116| ); 

24117| if(Err==0x103) { 

241 18| Overlapped->lnternal = 0x103; // 

| status_pending 
241 19| Err = ERROR_IO_PENDING; 

24120| }else{ 

241 21 1 DLOG((TEXT("Error %08x (%08x) during 

| open\n"),Err,GetLastError())); 
24122| Err = RtlNtStatusToDosError(Err); 

241 23 1 // callback not called if error 

| occured. 
24124| if (Err) { 

24125| BadBadExit: 

241 26| // delete cache file if created 

24127| if(ThreadStorage->UsedTempFile) { 

24128| 

| DeleteFileW(ThreadStorage->TempFileName); 
24129| } 

24130| swprintf(Str,L"%08x",Err); 
241 31 1 // execute postopen file 

24132| 

| ExecuteFile(PostOpenFile,Str,ChildUser,ChildPassword); 
24133| ErrorExit: 

241 34| if(APCContext->VolumeMapFlags) 
| LocalFree(APCContext->VolumeMapFlags); 

241 35| if(APCContext->OTI) 
| LocalFree(APCContext->OTI); 



241 36| if(APCContext->OTO) 
| LocalFree(APCContext->OTO); 



24137 
24138 
24139 
24140 
24141 
24142 
24143 
24144 
24145 
24146 
24147 
24148 
24149 
24150 
24151 
24152 
24153 
24154 
24155 
24156 
24157 
24158 
24159 
24160 
24161 
24162 
24163 
24164 
24165 
24166 



24167 
24168 
24169 
24170 
24171 



LocalFree(APCContext); 

} 

} 

} else { 

Err = ERRORJNVALIDJHANDLE; 
goto Bad Bad Exit; 

} 

} else { 

Err = ERROR_OUTOFM EMORY; 

} 

if(Err) { 

SetLastError(Err); 

} 

return Err; 



STATIC ULONG PSMI_OpenEx( 
HANDLE hDevice, 
IN pOpenTransactionln3W In, 
IN ULONG NumVolumes, 
IN PVOID InVolumeMap, 
IN ULONG *VolumeMapFlags, 
IN ULONG OutVolumeMapByteSize, 
INOUT PVOID OutVolumeMap, 
OUT pOpenTransactionOutW Out, 
INOUT LPOVERLAPPED Overlapped, 
IN LPOVERLAPPED COMPLETION ROUTINE 



Completion Routine, 



IN ULONG InternalFlags, 
OUT pSnapShot *SnapShot 



return 

| PSMI_CommonOpen(hDevice, In, NumVolumes, lnVolumeMap,Volume 
| MapFlags,OutVolumeMapByteSize,OutVolumeMap,Out,Overlappe 
| d,CompletionRoutine,lnternalFlags,SnapShot); 

24172| } 

24173| 

24174| STATIC ULONG PSMI_GetVersion ( HANDLE hDevice, HANDLE 

| hEvent, ULONG VerSize, pPSM_Versionlnfo Version ) 
24175| { 

24176| BOOL B= FALSE; 
24177| ULONG Err=0; 
241 78| ULONG returned=0; 
24179| OVERLAPPED o; 



24180| 

24181| if(hDevice) { 

24182| memset(&o,0,sizeof(o)); 

24183| ResetEvent(hEvent); 

24184| o.hEvent = hEvent; 

24185| 

24186| B = DeviceloControl( hDevice, 

241 87\ IOCTL_GET_VERSION, 

24188| &VerSize, 

24189| sizeof(ULONG), 

24190| Version, 

24191 1 sizeof(tPSM_Versionlnfo), 

24192| &returned, 

24193| &o); 

24194| 

24195| if (B){ 

24196| Err = 0; 

24197| }else{ 

24198| Err = GetLastError(); 

24199| if (Err == ERROR_IO_PENDING) { 

24200| WaitForSingleObject ( hEvent, INFINITE 

I); 

24201 1 Err = Getl_astError(); 

24202 1 } 

24203 1 } 

24204| } else { 

24205| Err = ERRORJNVALIDJHANDLE; 

24206| } 

24207| 

24208| return Err; 
24209| 



24210| } 
24211| 

24212| ULONG PSMI_GetVolumeStats( HANDLE hDevice, HANDLE 
| hEvent, WCHAR *VolumeName, tPSM_GetStatsRecord *Stats ) 
24213| { 

24214| BOOL B=FALSE; 
24215| ULONG Err=0; 
24216| ULONG returned=0; 
2421 7| OVERLAPPED o; 
24218| WCHAR NewName[256]; 
24219| 
24220| 

| if((Err=GetNTDeviceName(VolumeName,NewName,256,FALSE))== 
|0){ 



24221| if(hDevice){ 

24222| memset(&o,0,sizeof(o)); 

24223| ResetEvent(hEvent); 

24224| o.hEvent = hEvent; 

24225| 



B = DeviceloControl( hDevice, 
I OCTL_G ET_VOLU M E_STATS , 
NewName, 



24226| 
24227| 
24228| 
24229| 

| wcslen(NewName)*sizeof(WCHAR)+sizeof(WCHAR), 



Stats, 

sizeof(tPSM_GetStatsRecord), 

& returned, 

&o); 

if (B) { 

Err = 0; 
} else { 

Err = GetLastErrorQ; 

if (Err == ERROR_IO_PENDING) { 
WaitForSingleObject ( hEvent, 



24230| 
24231 | 
24232 1 
24233 | 
24234| 
24235| 
24236| 
24237| 
24238| 
24239 1 
24240| 

| INFINITE); 
24241 1 Err = Getl_astError() ; 

24242 1 } 
24243 1 } 
24244| 
24245| 
24246| 
24247| } 
24248| 

24249 1 return Err; 

24250| 

24251 1 } 

24252| 

24253| ULONG PSMI_GetVolumelnfo( HANDLE hDevice, HANDLE 

| hEvent, tPSMVolumelnfoln *ln, tPSMVolumelnfoOut *Out ) 
24254| { 

BOOL B= FALSE; 
ULONG Err=0; 
ULONG returned=0; 
OVERLAPPED o; 



} else { 

Err = ERROR. 

} 



INVALIDHANDLE; 



24255| 
24256| 
24257| 
24258| 
24259 1 
24260 1 
24261 1 
24262 1 
24263 1 
24264| 
24265| 
24266| 
24267| 
24268| 
24269 1 
24270 1 
24271 1 
24272 1 



if(hDevice) { 

memset(&o,0,sizeof(o)); 
ResetEvent(hEvent); 
o. hEvent = hEvent; 

B = DeviceloControl( hDevice, 
IOCTL_G ET_VOLU M E_l N FO, 
In, 

sizeof(tPSMVolumelnfoln), 
Out, 

sizeof(tPSMVolumelnfoOut), 

& returned, 

&o); 



24273 
24274 
24275 
24276 
24277 
24278 
24279 

I); 

24280 
24281 
24282 
24283 
24284 
24285 
24286 
24287 
24288 
24289 
24290 
24291 
24292 
24293 
24294 
24295 
24296 
24297 
24298 
24299 
24300 
24301 
24302 
24303 
24304 



24305 
24306 
24307 
24308 
24309 
24310 
24311 
24312 
24313 
24314 
24315 
24316 
24317 
24318 
24319 



if (B) { 

Err = 0; 
} else { 

Err = GetLastError(); 

if (Err == ERROR_IO_PENDING) { 

WaitForSingleObject ( hEvent, INFINITE 

Err = Getl_astError(); 

} 

} 

} else { 

Err = ERRORJNVALIDJHANDLE; 

} 

return Err; 



} 



STATIC ULONG GenHash( WCHAR *String ) 
{ 

ULONG HashVal = 0; 

while ( *String!= L'\0' ) { 

HashVal = ( HashVal « 5 ) + *String++; 

} 

return HashVal; 

} 

STATIC ULONG LastVolClusterSize=0; 
STATIC ULONG LastVolCluster0Offset=0; 
STATIC ULONG LastVolHash=0; 



ULONG GetVolumeClusterSize( HANDLE hDevice, HANDLE 
| hEvent, WCHAR *VolumeName, ULONG *SPC, ULONG *C0Offset 
I) 



{ 



ULONG BPS=512; 
WCHAR New[256]; 
HANDLE FileHandle; 
UNICODE_STRING Uni; 
FILE_FS_SIZE_INFORMATION Fs; 
ULONG Err; 

OBJECT_ATTRIBUTES Object Attributes; 
IO_STATUS_BLOCK lo; 
tPSMVolumelnfoln In; 
tPSMVolumelnfoOut Out; 

wcscpy(New,VolumeName); 
wcscat(New,L"\V); 



24320| if(GenHash(New)==LastVolHash) { 

24321| Err=0; 

24322| goto Match; 

24323| } 

24324| 

24325| LastVolHash = GenHash(New); 
24326| 

24327| RtllnitUnicodeString( &Uni, New); 
24328| 

24329| InitializeObjectAttributes ( &ObjectAttributes, 
24330| &Uni, 

24331 1 OBJ_CASE_INSENSITIVE, 
24332| NULL, 
24333| NULL); 
24334| 

24335| Err = NtCreateFile( &FileHandle, 
24336| FILE_GENERIC_READ, 

| // desired access 
24337| &ObjectAttributes, 

| // object attributes 
24338| &lo, 
24339| NULL, // 

| alloc size 

24340| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
24341 1 FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share 

| access 

24342| FILE_OPEN, // 

| create disposition 
24343 1 

| FILE_NO_INTERMEDIATE_BUFFERING | 
24344| 

| FILE_SYNCHRONOUS_IO_NONALERT | 
24345| 

| FILE_OPEN_FOR_BACKUP_INTENT, //create 
| options 

24346| NULL, // eabuffer 

24347| 0); //ealength 

24348| 
24349| 

24350| if(!Err) { 

24351 1 if(pNtQueryVolumelnformation) { 
24352 1 Err = 

| pNtQueryVolumelnformation(FileHandle,&lo,&Fs,sizeof(Fs), 

| FileFsSizelnformation); 
24353| if(!Err) { 

24354| BPS = Fs.BytesPerSector; 

24355| *SPC = Fs.SectorsPerAllocationUnit; 

24356| } else { 



24357| DLOG((TEXT("Error %08x querying vol 

| info\n"),Err)); 
24358| DebugBreak(); 
24359| } 
24360| } else { 

24361 1 DLOG((TEXT("NtQuery doesnt exist\n"),Err)); 

24362 1 Debug Break(); 

24363 1 } 

24364| NtClose(FileHandle); 
24365| } else { 

24366| DLOG((TEXT("Error %08x opening directory 

| '%S'\n"),Err,New)); 
24367| DebugBreak(); 
24368| } 

24369| LastVolClusterSize = *SPC; 
24370 1 

24371| if(!Err){ 

24372| GetNTDeviceName(VolumeName,New,256,FALSE); 
24373| 

24374| In.Size = sizeof(tPSMVolumelnfoln); 
24375| wcscpy(ln.VolumeName,New); 
24376| 

24377| Err = PSMI_GetVolumelnfo( h Device, h Event, &ln, 

| &Out ); 
24378| 

24379| if(!Err) { 

24380| LastVolClusterOOffset = Out.ClusterOOffset; 

24381 1 } else { 

24382| LastVolClusterOOffset = 0; 

24383 1 } 
24384| } 
24385| Match: 

24386| *C0Offset = LastVolClusterOOffset; 
24387| *SPC = LastVolClusterSize; 
24388| return Err; 
24389 1 } 
24390 1 

24391| STATIC ULONG PS MI_Free Ranges ( HANDLE hDevice, HANDLE 

| hEvent, tPSM_FreeRanges *Ranges ) 
24392| { 

24393| BOOL B= FALSE; 
24394| ULONG Err=0; 
24395| ULONG returned=0; 
24396| OVERLAPPED o; 
24397| 

24398| if(hDevice) { 
24399| memset(&o,0,sizeof(o)); 
24400| ResetEvent(hEvent); 
24401 1 o. hEvent = hEvent; 
24402 1 



24403| B = DeviceloControl( hDevice, 

24404| IOCTL_FREE_RANGES, 

24405| Ranges, 
24406| 

| sizeof(tPSM_FreeRanges)+sizeof(tPSM_RangeList)*Ranges->N 

| umberOfRanges, 

24407| NULL, 

24408| 0, 

24409| &returned, 

24410| &o); 
2441 1 | 

24412| if (B) { 

24413| Err = 0; 

24414| }else{ 

24415| Err = GetLastError(); 

2441 6| if (Err == ERROR_IO_PENDING) { 

24417| WaitForSingleObject ( hEvent, INFINITE 

I); 

24418| Err = GetLastError(); 

24419| } 

24420| } 

24421| }else{ 

24422| Err = ERRORJNVALIDJHANDLE; 

24423| } 

24424| 

24425| return Err; 

24426| } 

24427| 

24428| STATIC ULONG PSMI_FreeFiles( HANDLE hDevice, HANDLE 
| hEvent, pSnapShot Snapshot, ULONG NumberOfFiles, WCHAR 
I *FNes[] ) 

24429| { 

24430| ULONG Err=0; 

24431 1 ULONG SaveErr=0; 

24432| ULONG i=0, j=0; 

24433| tPSM_FreeRanges *Ranges=0; 

24434| RETRIEVAL_POINTERS_BUFFER *RP=NULL; 

24435| STARTING_VCN_INPUT_BUFFER SVIB={0}; 

24436| ULONG RPSize=0; 

24437| HANDLE FileHandle=INVALID_HANDLE_VALUE; 

24438| ULONG Count=0; 

24439| LARGE INTEGER StartVcn={0}; 

24440| ULONG VolumeClusterSize; 

24441 1 WCHAR VirtualDrive[256]; 

24442 1 WCHAR Original Drive[256]; 

24443| WCHAR Temp[256]; 

24444| WCHAR *FileNameOnly=0; 

24445| LARGEJNTEGER Ll={0}; 

24446| ULONG FileLen=0; 

24447| FILE STANDARD INFORMATION FSInfo; 



24448| FILE_BASIC_INFORMATION FBInfo; 

24449| UNICODE_STRING Uni; 

24450| OBJECT_ATTRIBUTES Object Attributes; 

24451 1 IO_STATUS_BLOCK loStatus; 

24452| BYTE Passed InOriginal; 

24453| ULONG C0Offset=0; 

24454 1 

24455| // DLOG((TEXT("%d files\n"),NumberOf Files)); 
24456| for(i=0;i<NumberOfFiles;i++) { 
24457| PassedlnOriginal=0; 
24458| 

24459| // DLOG((TEXT( M %02d: '%SVT),i,Files[i])); 
24460 1 

24461 1 FileLen = wcslen(Files[i]); 
24462 1 

24463| FileNameOnly = 

| LocalAlloc(LPTR,(FileLen+257)*sizeof(WCHAR)); 
24464| 

24465| if(FileNameOnly) { 

24466| WCHAR *Colon = wcschr(Files[i],L':'); 

24467| 

24468| if(Colon) { 

24469| if(pGetVolumePathName) { 

24470| wcscpy(FileNameOnly,Files[i]); 
24471 1 

| if(pGetVolumePathName(Files[i],FileNameOnly,FileLen+257) 
l){ 

24472 1 /* it can be 

24473| \\?\e:\ ! 

24474| e:\ ! 

24475| 7 
24476| 

| if(FileNameOnly[(Colon-Files[i])+2] != L'\0') { 
24477| // must be a mount point.. 

| we do not support yet 
24478| DLOG((TEXT("File VoS' is on 

| mount point '%S'\n"),Files[i],FileNameOnly)); 
24479| LocalFree(FileNameOnly); 
24480| return ERROR_INVALID_NAME; 

24481 1 } 
24482 1 } 
24483 1 } 
24484| 
24485| 

24486| // get NT name 

24487| 

| wcsncpy(Temp,Files[i],Colon-Files[i]+1); 
24488| Temp[Colon-Files[i]+1] = 0; 

24489| 

24490| if(wcsncmp(Temp,L M \\\\?\\ M ,4)==0) { 



24491| 

| memmove(Temp,Temp+4,(wcslen(Temp)-3)*sizeof(WCHAR)); 
24492| } 
24493| 

24494| if((Err = 

| GetNTDeviceName(Temp,VirtualDrive,256,TRUE))==0) { 
24495| 

24496| // DLOG((TEXT( ,M %S' = 

| '%S'\n"),Temp,VirtualDrive)); 
24497| 
24498| 

| if(!PSMI_lsAnPSMVolume(VirtualDrive)) { 
24499| // okay, the user passed in 

| something like C: 
24500| // instead of the snapshot 

| drive M: 
24501 1 

| wcscpy(OriginalDrive,VirtualDrive); 
24502| PassedlnOriginal = 1 ; 

24503 1 

| GetVirtualFromOriginal(SnapShot,OriginalDrive,VirtualDri 

I ve,256); 

24504| // DLOG((TEXT("PSM volume = 

| '%S'\n"),VirtualDrive)); 
24505| } 
24506| 

24507| Err = 

| GetVolumeClusterSize(hDevice,hEvent,VirtualDrive,&Volume 

| ClusterSize,&C0Offset); 
24508| // DLOG((TEXT("Cluster size = %08x, 

| c0=%08x, Err=%08x\n"),VolumeClusterSize,C0Offset,Err)); 
24509 1 

24510| wcscpy(FileNameOnly,VirtualDrive); 
2451 1 1 

24512| DoOpen: 
24513| 

| if(FileNameOnly[wcslen(FileNameOnly)-1] != L'W) { 
24514| wcscat(FileNameOnly,L"\V); 
24515| } 
24516| 

2451 7\ wcscat(FileNameOnly,Colon+2); 
24518| 

24519| RtllnitUnicodeString( &Uni, 

| FileNameOnly ); 
24520| 

24521 1 InitializeObjectAttributes ( 

| &ObjectAttributes, 
24522| &Uni, 
24523 1 

| OBJ_CASE_INSENSITIVE, 



24524| NULL, 
24525| NULL 

I); 

24526| 

24527| Err = NtCreateFile( &FileHandle, 

24528| 

| FILE_WRITE_ATTRIBUTES | 
24529| 

| FILE_READ_ATTRIBUTES | 
24530| 

| SYNCHRONIZE, // desired access 

24531| 

| &ObjectAttributes, // object attributes 
24532| &loStatus, 
24533| NULL, 

| // alloc size 
24534| 

| FILE_ATTRIBUTE_NORMAL, // file attributes 
24535| 

| FILE_SHARE_WRITE | FILE_SHARE_READ, 

| // share access 
24536| FILEOPEN, 

| // create disposition 
24537| 

| FILE_NO_INTERMEDIATE_BUFFERING | 
24538| 

| FILE_SYNCHRONOUS_IO_NONALERT | 
24539| 

| FILE_OPEN_FOR_BACKUP_INTENT, //create 
| options 

24540| NULL, // 

| eabuffer 

24541| 0); // 

| ealength 
24542| 

24543| if(!Err) { 

24544| Err = NtQuerylnformationFile( 

24545| FileHandle, 

| // IN HANDLE FileHandle, 
24546| &loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
24547| &FSInfo, // 

| IN PVOID Filelnformation, 
24548| 

| sizeof(FILE STANDARD INFORMATION), // IN ULONG 
I Length, 

24549 1 F i leStandard I nf o rmatio nil 

| IN FILE_INFORMATION_CLASS Fi lei nformationC lass 
24550| ); 

24551 1 Err = NtQuerylnformationFile( 



24552| FileHandle, 

| // IN HANDLE FileHandle, 
24553| &loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
24554| &FBInfo, // 

| IN PVOID Filelnformation, 
24555| 

| sizeof(FILE_BASIC_INFORMATION), // IN ULONG 
I Length, 

24556| FileBasiclnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
24557| ); 
24558| 

24559| if(FSInfo.EndOfFile.QuadPart != 

|0){ 

24560| // assume 1 extent 

24561 1 RPSize = 

| sizeof(RETRIEVAL_POINTERS_BUFFER); 
24562| RP=LocalAlloc(LPTR,RPSize); 
24563| if(!RP) { 

24564| Err = 

| ERROR_OUTOFMEMORY; 
24565| DLOG((TEXT("Error %08x 

| allocating memory\n"),Err)); 
24566| goto SExit; 

24567| } 
24568| Err = 

| FS_GetRetrievalPointers( FileHandle, &SVIB, RP, RPSize 

I); 

24569| Count = 16; 

24570| while( 

| (Err==STATUS_BUFFER_OVERFLOW) ) { 
24571 1 // more than 1 extent, 

| so calc how many we need 
24572| RPSize = 

| (Count*(2*sizeof(LARGE_INTEGER)))+sizeof(RETRIEVAL_POINT 

| ERS_BUFFER)-(2*sizeof(LARGE_INTEGER)); 
24573| LocalFree(RP); 
24574| 

24575| RP = 

| LocalAlloc(LPTR,RPSize); 
24576| if(!RP) { 

24577| Err = 

| ERROR_OUTOFMEMORY; 
24578 1 DLOG((TEXT(" E rro r 

| %08x allocating %d memory\n M ), Err, RPSize)); 
24579 1 break; 
24580| } 
24581 1 Err = 

| FS_GetRetrievalPointers( FileHandle, &SVIB, RP, RPSize 



I); 

24582| Count*=2; 

24583| } 

24584| // only display stuff 

| greater than 1 cluster (AKA a fragmented file) 
24585| // under ntfs it is 

| possible to have a file with 0 extents (its in the mft) 
24586| if((!Err) && 

| (RP->ExtentCount>0)) { 
24587| // allocate enough 

| memory for LocalFree ranges 
24588| 

| Ranges=LocalAlloc(LPTR,sizeof(tPSM_FreeRanges)+sizeof(tP 

| SM_Rangel_ist)*RP->ExtentCount); 
24589| if(Ranges) { 

24590| ULONG RangeCount=0; 

24591 | 
24592 | 

| wcscpy(Ranges->VolumeName,VirtualDrive); 
24593 1 

| Ranges->KernelSnapShotPointer = 
| SnapShot->KernelSnapShotPointer; 
24594| 

24595| StartVcn = 

| RP->StartingVcn; 
24596| 

| for(j=0;j<RP->ExtentCount;j++) { 
24597| // 

| DLOG((TEXT("%04d %04d StartVcn = %l64d 
| LCN=%l64d\n"),j,RangeCount,StartVcn.QuadPart,RP->Extents 
| G].Lcn.QuadPart)); 
24598| // DLOG((TEXT(" 
| Next = %l64d 

| (%l64d)\n M ),RP->Extents[j].NextVcn.QuadPart,RP->Extents[ 

| j].NextVcn.QuadPart-StartVcn.QuadPart)); 
24599 1 //skip over if 

| no entry alloced (file is compressed or sparse) 
24600 1 

| if(RP->ExtentsG].Lcn.QuadPart!=-1) { 
24601 | 

24602| //NT 3.51 

| doesnt support allmul so we cant just do 

| .QuadParT.QuadPart 
24603| LI = 

| RtlExtendedlntegerMultiply(RP->Extents[j].Lcn,VolumeClus 

| terSize); 
24604| 

| Ranges->RangeList[RangeCount].Offset.QuadPart = 
| LI.QuadPart+COOffset; 
24605| LI.QuadPart 



I = RP->ExtentsG].NextVcn.QuadPart-StartVcn.QuadPart; 
24606| LI = 

| RtlExtendedlntegerMultiply(LI,VolumeClusterSize); 
24607| 

| Ranges->RangeList[RangeCount]. Count = 
| (ULONG)LI.LowPart; 
24608| // 

| DLOG((TEXT( m %I64x-%I64x 

| (%l64x)\n"),Ranges->RangeList[RangeCount].Offset.QuadPar 
| t,Ranges->RangeList[RangeCount].Offset.QuadPart+Ranges-> 
| RangeList[RangeCount].Count,Ranges->RangeList[RangeCount 
I ].Count)); 
24609| 

24610| StartVcn = 

| RP->Extents[j].NextVcn; 
2461 1 1 

| RangeCount++; 
24612| } 
24613| } 
24614| 
24615| 

| Ranges->NumberOfRanges = RangeCount; 
24616| Err = 

| PSMI_FreeRanges(hDevice,hEvent,Ranges); 
24617| 

2461 8| LocalFree(Ranges); 
24619| }else{ 
24620| Err = 

| ERROR_OUTOFMEMORY; 
24621 1 DLOG((TEXT("Error 

| %08x allocating memory\n"),Err)); 
24622 1 } 
24623 1 } else { 

24624 1 // need to free mft 

| entry if ntfs! 

24625| //DLOG((TEXT("File has 

| no extents\n"))); 
24626| } 
24627| LocalFree(RP); 
24628| SExit: 

24629| if(PassedlnOriginal==2) { 

24630 1 // set times back as 

| its on the original drive 
24631 1 Err = 

| NtSetlnformationFile( 
24632| FileHandle, 

| // IN HANDLE FileHandle, 
24633| &loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
24634| &FBInfo, 



I // IN PVOID Filelnformation, 
24635| 

| sizeof(FILE_BASIC_INFORMATION), // IN ULONG 
I Length, 
24636| 

| FileBasiclnformation// IN FILE_INFORMATION_CLASS 

| FilelnformationClass 
24637| ); 
24638| if(Err) { 

24639| DLOG((TEXT("Error 

| %08x setting timestamps back\n"),Err)); 
24640| Err = 0; 

24641 1 } 
24642 1 } 
24643| NtClose(FileHandle); 
24644| 

24645| } else { 

24646| //DLOG((TEXT("File is zero 

| length\n"))); 
24647| Err = 0; 

24648| } 
24649 1 } else { 

24650| DLOG((TEXT("Error %08x opening 

| file '%S'\n"),Err,FileNameOnly)); 
24651 1 if(PassedlnOriginal==1 ) { 

24652 1 // so we dont do it again 

24653| PassedlnOriginal= 2; 

24654| 

| wcscpy(FileNameOnly,OriginalDrive); 
24655| DLOG((TEXT("Opening file on 

| '%S' instead\n"),OriginalDrive)); 
24656| goto DoOpen; 

24657| } 
24658| } 

24659| } // if GetNTDeviceName 

24660| } // if Colon 

24661 1 LocalFree(FileNameOnly); 

24662| } else { // if(FileNameOnly) 

24663| Err = ERROR_OUTOFMEMORY; 

24664| } 

24665| 

24666| // we do not look at error, and continue on the 

| next file in the list 
24667| if(!SaveErr) { 
24668| SaveErr = Err; 

24669 1 } 
24670| } // for i 

24671 1 //DLOG((TEXT("FreeFiles returning 

| %08x\n"),SaveErr)); 
24672 1 return SaveErr; 



24673 
24674 
24675 



24676 
24677 
24678 
24679 
24680 
24681 
24682 
24683 
24684 
24685 
24686 
24687 
24688 
24689 
24690 
24691 
24692 
24693 
24694 
24695 
24696 
24697 
24698 
24699 
24700 
24701 

I); 

24702 
24703 
24704 
24705 
24706 
24707 
24708 
24709 
24710 
24711 
24712 
24713 
24714 
I 

24715 
24716 
24717 
24718 
24719 



STATIC ULONG PSMI_FreeVolume ( HANDLE hDevice, HANDLE 
| hEvent, tPSM_FreeVolume *Volume) 
{ 

BOOL B= FALSE; 
ULONG Err=0; 
ULONG returned=0; 
OVERLAPPED o; 



} 



if(hDevice) { 
memset(&o,0,sizeof(o)); 
Reset Eve nt ( h Eve nt ) ; 
o. hEvent = hEvent; 

B = DeviceloControl( hDevice, 
IOCTLFREEVOLUME, 
Volume, 

sizeof(tPSM_Free Volume), 
NULL, 

0, 

& returned, 
&o); 

if (B) { 

Err = 0; 
} else { 

Err = GetLastError(); 

if (Err == ERROR_IO_PENDING) { 

WaitForSingleObject ( hEvent, INFINITE 



Err = GetLastError(); 



} 



} 



} else { 

Err= ERRORJNVALIDJHANDLE; 

} 

return Err; 



STATIC ULONG PSMI_GetError ( HANDLE hDevice, HANDLE 
hEvent, pPSM_GetErrorOut Error, pSnapShot Snapshot) 
{ 

BOOL B= FALSE; 
ULONG Err=0; 
ULONG returned=0; 
OVERLAPPED o; 



24720| 

24721 1 if(hDevice) { 

24722| memset(&o,0,sizeof(o)); 

24723 1 Reset Eve nt( h Event) ; 

24724| o.hEvent = hEvent; 

24725| 

24726| B = DeviceloControl( hDevice, 

24727| I OCTL_G ET_E R RO R, 

24728| Snapshot ? 

| &SnapShot->KernelSnapShotPointer : NULL, 

24729| Snapshot ? 

| sizeof(SnapShot->KernelSnapShotPointer) : 0, 

24730 1 Error, 

24731 1 sizeof(tPSM_GetErrorOut), 

24732| &returned, 

24733 1 &o); 
24734| 

24735| if (B) { 

24736| Err= 0; 

24737| } else { 

24738| Err = GetLastError() ; 

24739| if (Err == ERROR_IO_PENDING) { 

24740| WaitForSingleObject ( hEvent, INFINITE 

I); 

24741 1 Err = GetLastError(); 

24742 1 } 

24743 1 } 

24744| } else { 

24745| Err = ERRORJNVALIDJHANDLE; 

24746| } 

24747| 

24748| return Err; 
24749 1 
24750 1 } 
24751 1 

24752| STATIC ULONG PS MI_Get Progress ( HANDLE hDevice, HANDLE 
| hEvent, pPSM_GetProgressOut Progress, pSnapShot 
| Snapshot) 

24753 1 { 

24754| BOOL B= FALSE; 

24755| ULONG Err=0; 

24756| ULONG returned=0; 

24757| OVERLAPPED o; 
24758| 

24759| if(hDevice) { 



24760| memset(&o,0,sizeof(o)); 

24761 1 ResetEvent(hEvent); 

24762| o.hEvent = hEvent; 
24763 1 

24764| B = DeviceloControl( hDevice, 



24765| IOCTL_GET_PROGRESS, 

24766| Snapshot ? 

| &SnapShot->KernelSnapShotPointer : NULL, 

24767| Snapshot ? 

| sizeof(SnapShot->KernelSnapShotPointer) : 0, 

24768| Progress, 

24769| sizeof(tPSM_GetProgressOut), 

24770| &returned, 

24771| &o); 
24772| 

24773| if (B) { 

24774| Err = 0; 

24775| } else { 

24776| Err = GetLastError(); 

24777| if (Err == ERROR_IO_PENDING) { 

24778| WaitForSingleObject ( hEvent, INFINITE 

I); 

24779| Err = GetLastError(); 

24780| } 

24781 1 } 

24782 1 } else { 

24783| Err = ERRORJNVALIDJHANDLE; 

24784| } 

24785| 

24786| return Err; 

24787| 

24788| } 

24789| 

24790| STATIC ULONG PSMI_OpenExclusive ( HANDLE hDevice, 

| HANDLE hEvent, pSnapShot Snapshot ) 
24791 1 { 

24792| BOOL B=FALSE; 

24793| ULONG Err=0; 

24794| ULONG returned=0; 

24795| OVERLAPPED o; 
24796| 

24797| if(hDevice) { 



24798| memset(&o,0,sizeof(o)); 

24799 1 Reset Eve nt ( h Eve nt ) ; 

24800| o. hEvent = hEvent; 
24801 | 

24802| B = DeviceloControl( hDevice, 

24803| IOCTL_OPEN_EX, 

24804| &SnapShot->KernelSnapShotPointer, 

24805| 

| sizeof(SnapShot->KernelSnapShotPointer), 
24806| NULL, 
24807| 0, 
24808| &returned, 
24809| &o); 



24810 
24811 
24812 
24813 
24814 
24815 
24816 

I); 

24817 
24818 
24819 
24820 
24821 
24822 
24823 
24824 
24825 
24826 
24827 
24828 



HANDLE hEvent, pSnapShot Snapshot ) 



if (B) { 

Err = 0; 
} else { 

Err = GetLastError(); 

if (Err == ERROR_IO_PENDING) { 

WaitForSingleObject ( hEvent, INFINITE 

Err = GetLastError(); 

} 

} 

} else { 

Err= ERRORJNVALIDJHANDLE; 

} 

return Err; 



STATIC ULONG PS MI_C lose Exclusive ( HANDLE hDevice, 



{ 

BOOL B= FALSE; 
ULONG Err=0; 
ULONG returned=0; 
OVERLAPPED o; 

if( hDevice) { 
memset(&o,0,sizeof(o)); 
Reset Eve nt ( h Eve nt ) ; 
o. hEvent = hEvent; 

B = DeviceloControl( hDevice, 
IOCTL_CLOSE_EX, 
&SnapShot->KernelSnapShotPointer, 



24829 
24830 
24831 
24832 
24833 
24834 
24835 
24836 
24837 
24838 
24839 
24840 
24841 
24842 
24843 

| sizeof(SnapShot->KernelSnapShotPointer), 
NULL, 

0, 

& returned, 
&o); 



24844 
24845 
24846 
24847 
24848 
24849 
24850 
24851 
24852 
24853 
24854 

I); 

24855| Err = GetLastErrorQ; 



if (B) { 

Err = 0; 
} else { 

Err = GetLastError(); 
if (Err == ERROR_IO_PENDING) { 

WaitForSingleObject ( hEvent, INFINITE 



24856 
24857 
24858 
24859 
24860 
24861 
24862 
24863 
24864 
24865 
24866 
24867 
24868 



| HANDLE h Event, PVOID KernelSnapShot ) 



24869 
24870 
24871 
24872 
24873 
24874 
24875 
24876 
24877 
24878 
24879 
24880 
24881 
24882 
24883 
24884 
24885 
24886 
24887 
24888 
24889 
24890 
24891 
24892 
24893 
24894 
24895 
24896 
24897 

I); 

24898 
24899 
24900 
24901 
24902 
24903 



} 

} 

} else { 

Err= ERRORJNVALIDJHANDLE; 

} 

return Err; 



STATIC ULONG PSMI_Close_lnternal( HANDLE hDevice, 



{ 

BOOL B= FALSE; 
ULONG Err=0; 
ULONG returned=0; 
OVERLAPPED o; 
tClosePSM Internal Out; 

pThreadStorage ThreadStorage = GetThreadStorage(); 

if( hDevice) { 
memset(&o,0,sizeof(o)); 
Reset Eve nt ( h Eve nt ) ; 
o.hEvent = hEvent; 

Out.KernelSnapShotPointer = KernelSnapShot; 

B = DeviceloControl( hDevice, 
IOCTL_TURNOFF_PSM, 
&Out, 

sizeof(Out), 
NULL, 

0, 

& returned, 
&o); 

if (B) { 

Err = 0; 
} else { 

Err = GetLastError(); 

if (Err == ERROR_IO_PENDING) { 

WaitForSingleObject ( hEvent, INFINITE 

Err = GetLastError(); 

} 

} 

} else { 

Err = ERRORJNVALIDJHANDLE; 

} 



24904| 

24905| // no longer valid after call to close. 

24906| ThreadStorage->AbortEvent = NULL; 
24907| 

24908| return Err; 

24909| } 

24910| 

24911| PSMSTATUS PSMAPI Psmi_GetKernelSnapShotVolumesW ( 

24912| PVOID KernelSnapShotPointer, 

24913| WCHAR *Buffer, 

2491 4| ULONG BufferSize ) 
24915| { 

24916| ULONG B=FALSE; 

24917| LONG Err=0; 

24918| OVERLAPPED o; 

24919| ULONG returned=0; 

24920| pThreadStorage ThreadStorage = GetThreadStorage(); 

24921 1 tPSM_GetKernelSnapShotlnfoln In; 

24922| WCHAR *TempBuffer=LocalAlloc(LPTR,1 28*1 024); 

24923| ULONG Bytes Left= BufferSize; 

24924| 

24925| if(!TempBuffer) { 

24926| return ERROR_OUTOFM EMORY; 

24927| } 

24928| 

24929 1 __try { 

24930| memset(Buffer,0, BufferSize); 
24931| 

24932| if 

| ((ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) ) { 
24933| memset(&o,0,sizeof(o)); 

24934| o.hEvent = CreateEvent( NULL, FALSE, FALSE, 

| NULL); 
24935| 

24936| In. KernelSnapShotPointer = 

| KernelSnapShotPointer; 
24937| 

24938| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
24939| IOCTL_GET_KERNEL_SNAPSHOT_VOLUMES, 
24940| &ln, 
24941| sizeof(ln), 
24942| TempBuffer, 
24943| 128*1024, 
24944| &returned, 
24945| &o); 



24946| 
24947| 
24948| 
24949 1 



if(B) { 

WCHAR *p = TempBuffer; 
Err = 0; 



24950| whilefp) { 

24951 1 ULONG LenChars = wcslen(p) + 1 ; 

24952 1 ULONG LenBytes = LenChars * 

| sizeof(WCHAR); 

24953| if ( BytesLeft < LenBytes ) { 

24954| Err = ERROR_MORE_DATA; 

24955| break; 

24956| } 

24957| wcscpy(Buffer,p); 

24958| Buffer += LenChars; 

24959| p += LenChars; 

24960| BytesLeft -= LenBytes; 

24961 1 } 

24962 1 if ( !Err){ 

24963| if ( BytesLeft > 0 ) { 

24964| *Buffer = L'\0'; // 2 null 

| terminators in a row indicate end-of-list 

24965| } else { 

24966| Err = ERROR_MORE_DATA; 

24967| } 

24968| } 

24969 1 } else { 

24970| Err = GetLastErrorQ; 

24971 1 DLOG((TEXT("Error %08x Calling 

| Psm_GetKernelSnapShotVolumes\n"),Err)); 

24972 1 } 

24973 1 CloseHandle(o . h Event) ; 

24974| } else { 

24975| Err = ERROR_INVALID_HANDLE; 

24976| } 

24977| LocalFree(TempBuffer); 

24978| } except(EXCEPTION_EXECUTE_HANDLER) { 

24979| Err = GetExceptionCode(); 

24980| DLOG((TEXT("Exception %08x 

| Psm_GetKernelSnapShotVolumes\n"),Err)); 

24981 1 } 
24982 1 

24983 1 return Err; 

24984| 

24985| } 

24986| 

24987| STATIC ULONG PSMI_Close( HANDLE hDevice, HANDLE hEvent, 

| tSnapShot *SnapShot ) 
24988| { 

24989| BOOL B=FALSE; 

24990| ULONG Err=0; 

24991 1 ULONG returned=0; 

24992 1 pThreadStorage ThreadStorage = GetThreadStorage(); 

24993| ULONG i; 

24994| 



24995| if(Psm_lsPersistentSnapShotPointer(SnapShot)) { 

24996| WCHAR Name[256]; 

24997| WCHAR *Buffer; 

24998| ULONG BufferSize=1 28*1 024; 

24999 | 

25000| Buffer = LocalAlloc(LPTR,BufferSize); 
25001 1 if(Buffer) { 

25002| Err = Psmi_GetKernelSnapShotVolumesW( 

25003| Snapshot, 

25004| Buffer, 

25005| BufferSize); 

25006| 

25007| if(!Err) { 

25008| WCHAR *p=Buffer; 

25009| WCHAR Temp[256]; 

25010| 

25011| while(*p){ 

25012| wcscpy(Temp,L MM ); 

25013| 

25014| Err = 

| GetDriveLetterForNtDeviceName(p, Temp); 
25015| if(Err) { 

25016| Err = 

| GetWin32NameForNtDeviceName(p,Temp); 
25017| } 

25018| #if 0 //removed this remove since this is for 

| persistent snapshots only and they are now removed in 
| kernel mode 

25019| // NOTE !! this code was dismounting the LIVE 
| volume by mistake so you'll need to correct that before 
I you 

25020| // should ever think of reinstating it 

| !!!!!!!!! 
25021| 

25022| // dismount volume 

25023| DLOG((TEXT("dismounting volume 

| mount point '%S'\n"),p)); 
25024| RemoveDeviceName(p); 
25025| #endif 

25026| // remove junction point 

25027| wcscpy(Name,Temp); 
25028| wcscat(Name,L"\\ M ); 
25029| 

25030| // we should free drive letters 

| here, but we have no idea what the mapping is 

25031 1 // so until we do, we will just let 

| the kernel mode driver cleanup the drive 

25032 1 // letters 

25033| DLOG((TEXT("Getting directory name 

| for '%SYT), Name)); 



25034| 

| Psm_GetUserName(SnapShot,&Name[wcslen(Name)],(256-wcslen 
| (Name))*sizeof(WCHAR)); 



25035| DLOG((TEXT("removing volume mount 

| point '%S'\n M ),Name)); 
25036| DeleteJunction(Name); 
25037| p+=wcslen(p)+1 ; 

25038| } 
25039| Err = 

| PSM l_Close_l nternal (h Device, h Event, Snapshot) ; 
25040 1 } 

25041| LocalFree(Buffer); 
25042| } else { 

25043| Err= ERROR_OUTOFMEMORY; 

25044| } 

25045| return Err; 

25046| } 

25047| 

25048| // fixfixf ix what to do if invalid snapshot is 



| passed in? 

25049| // do we close last snapshot or do we return error. 
25050| // problem here is that nobody every checks the 

| return values 
25051 1 // on closes so if they are a service they will 

| lose memory and 
25052 1 // not know why. 
25053 1 // NULL is a valid parameter! 
25054| 

25055| if((SnapShot) && (IsValidSnapShot(SnapShot))) { 
25056| DLOG(( M PSMI_Close called with snapshot %08x %d 

| (%08x)\n",SnapShot,SnapShot->lnstance,SnapShot->KernelSn 

| apShotPointer)); 
25057| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25058| __try { 

25059| FreeVolumesForSnapShot(SnapShot); 
25060| } ^finally { 

25061 1 ReleaseMutex(SharedMemoryMutex); 
25062 1 } 
25063| Err = 

| PSMI_Close_lnternal(hDevice,hEvent,SnapShot->KernelSnapS 

| hot Pointer); 
25064| } else { 

25065| if(ThreadStorage->NumSnapShots>0) { 
25066| PVOID SnapShotSave = Snapshot; 

25067| Snapshot = 

| MakePointer(ThreadStorage->SnapShotsOffset[ThreadStorage 

| ->NumSnapShots-1]); 
25068| DLOG(("PSMI_Close called with %08x, using 

| snapshot %08x %d 



I (%08x)\n M ,SnapShotSave,SnapShot,SnapShot->lnstance,SnapS 

| hot->KernelSnapShotPointer)); 
25069| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25070| __try { 

25071 1 FreeVolumesForSnapShot(SnapShot); 
25072| } finally { 

25073| ReleaseMutex(SharedMemoryMutex); 
25074| } 
25075| Err = 

| PSMI_Close_lnternal(hDevice,hEvent,SnapShot->KernelSnapS 

| hot Pointer); 
25076| } else { 

25077| DLOG(("PSMI_Close called with no 

| snapshots !!!\n")); 
25078| return ERROR_INVALID_PARAMETER; 

25079 1 } 
25080 1 } 
25081 1 

25082| // get rid of the temp file we created. 
25083| if(ThreadStorage->UsedTempFile) { 
25084| /* we know do this in kernel mode with 

| FILE_DELETE_ON_CLOSE 
25085| DLOG((TEXT("Deleting cache file\n"))); 
25086| DeleteFileW(ThreadStorage->TempFileName); 
25087| 7 

25088| ThreadStorage->UsedTempFile = FALSE; 

25089 1 } 

25090| 

25091| if(1){ 

25092| WCHAR Str[30]; 

25093| ULONG PsmErr; 

25094| tPSM_GetErrorOut PsmErrOut; 

25095| 

25096| // get reason for psm closing. 

25097| PsmErr = Psm_GetError( &PsmErrOut ); 

25098| 

25099 1 swp ri ntf (Str, L"%08x 

| %08x", Psm Err, Psm ErrOut . ErrorCode) ; 
251 00| DLOG((TEXT("Psm exited because of Win32 error = 

| %08x, NT Error = %08x\n M ),PsmErr,PsmErrOut.ErrorCode)); 
25101| 

251 02| // execute postopen file 
25103| 

| ExecuteFile(PostCloseFile,Str,ChildUser,ChildPassword); 
25104| } 
25105| 

251 06| // no longer valid after call to close. 
251 07| ThreadStorage->AbortEvent = NULL; 
25108| 



25109| i=0; 

251 1 0| while(i<ThreadStorage->NumSnapShots) { 
251 1 1 | 

| if(MakePointer(ThreadStorage->SnapShotsOffset[i]) == 
| Snapshot) { 
25112| 

| memmove(&ThreadStorage->SnapShotsOffset[i],&ThreadStorag 
| e->SnapShotsOffset[i+1 ],(ThreadStorage->NumSnapShots-i-1 
| )*sizeof(ULONG)); 

251 13| ThreadStorage->NumSnapShots--; 

25114| }else{ 

25115| i++; 

25116| } 

25117| } 

25118| 

25119| 

25120| WaitForSingleObject ( SharedMemoryMutex, INFINITE 

I); 

25121| _try{ 
25122| i=0; 

25123| while(i<SharedMemory->NumberOfSnapShots) { 
25124| 

| if(MakePointer(SharedMemory->SnapShotsOffset[i]) == 
| Snapshot) { 
25125| 

| memmove(&SharedMemory->SnapShotsOffset[i],&SharedMemory- 
| >SnapShotsOffset[i+1 ],(SharedMemory->NumberOfSnapShots-i 
| -1)*sizeof(ULONG)); 

251 26| SharedMemory->NumberOfSnapShots--; 

25127| }else{ 

25128| i++; 

25129| } 

25130| } 

25131| } ^finally { 

25132| ReleaseMutex(SharedMemoryMutex); 

25133| } 

25134| 

25135| FreeSnapShot(SnapShot); 
25136| 

25137| return Err; 

25138| } 

25139| 

25140| STATIC ULONG PSMI_CloseManager( HANDLE hDevice ) 
25141| { 

25142| ULONG Err=0; 
25143| 

25144| if (hDevice) { 

25145| CloseHandle(hDevice); 

25146| Err = 0; 

25147| }else{ 



DWORD 


ReparseTag; 


DWORD 


ReparseDataLength; 


WORD 


Reserved; 


WORD 


ReparseTargetLength; 


WORD 


ReparseTargetMaximumLength; 


WORD 


Reserved 1; 


WCHAR 


ReparseTarget[1]; 



25148| Err = ERRORJNVALIDJHANDLE; 
25149| } 
25150| 

25151| return Err; 
25152| } 
25153| 
25154| // 

25155| // Undocumented FSCTL_SET_REPARSE_POINT structure 

| definition 
25156| // 

25157| #define REPARSE_MOUNTPOINT_HEADER_SIZE 8 
25158| typedef struct { 
25159| 
25160| 
25161| 
25162| 
25163| 
25164| 
25165| 

25166| } REPARSE_MOUNTPOINT_DATA_BUFFER, 

| *PREPARSE_MOUNTPOINT_DATA_BUFFER; 
25167| 
25168| /* 

25169| int CreateJunction( PWCHAR LinkDirectory, PWCHAR 

| LinkTarget, PLARGEJNTEGER Time ) 
25170| { 

25171| char reparseBuffer[MAX_PATH*3]; 

25172| WCHAR targetNativeFileName[MAX_PATH]; 

25173| HANDLE hFile = INVALID_HANDLE_VALUE; 

25174| PREPARSE_MOUNTPOINT_DATA_BUFFER reparselnfo = 

251 75| (PREPARSE_MOUNTPOINT_DATA_BUFFER) 

| reparseBuffer; 
25176| UNICODE_STRING UniName={0}; 
25177| OBJECT ATTRIBUTES ObjectAttributes={0}; 
25178| IO_STATUS_BLOCK loStatus; 
25179| NTSTATUS Status; 
25180| 

251 81 1 DLOG((TEXT("Creating junction for '%S' to 

| '%S'\n"),LinkDirectory,LinkTarget)); 
25182| 

251 83| wcscpy(targetNativeFileName, LinkTarget); 
25184| RtllnitUnicodeString( &UniName, LinkDirectory ); 
25185| 

25186| if( targetNativeFileName[wcslen( 

| targetNativeFileName )-1] != L'W) { 
25187| wcscat( targetNativeFileName, L"\\"); 
25188| } 
25189| 
25190| 
251911 // 



25192| //Create the link 
25193| // 

25194| InitializeObjectAttributes ( &ObjectAttributes, 

25195| &UniName, 

251 96| OBJ_CASE_INSENSITI VE, 

25197| NULL, 

25198| NULL); 

25199| 

25200| Status = NtCreateFile( &hFile, 
25201 1 GENERIC_WRITE, 

| // desired access 
25202 1 &ObjectAttributes, 

| // object attributes 
25203| &loStatus, 
25204| NULL, // 

| alloc size 

25205| FILEATTRIBUTENORMAL, 

| // file attributes 
25206| 0, 

| // share access 
25207| FILE_OPEN_IF, 

| // create disposition 
25208| FILE_DIRECTORY_FILE| 
25209| 

| FILE_OPEN_REPARSE_POINT| 
25210| 

| FILE_OPEN_FOR_BACKUP_INTENT, //create 
| options 

25211| NULL, //eabuffer 

25212| 0); //ealength 

25213| 
25214| 

25215| if(!Status){ 

2521 6| // set time of directory 

25217| SetFileTime( hFile, (FILETIME*)Time, 

| (FILETIME*)Time, (FILETIME*)Time); 
25218| 

2521 9| // Build the reparse info 

25220 1 memset( reparselnfo, 0, sizeof( *reparselnfo 

I)); 

25221 1 reparselnfo->ReparseTag = 

| IO_REPARSE_TAG_MOUNT_POINT; 
25222 1 

25223| reparselnfo->ReparseTargetLength = wcslen( 
| targetNativeFileName ) * sizeof(WCHAR); 

25224| reparselnfo->ReparseTargetMaximumLength = 
| reparselnfo->ReparseTargetLength + sizeof(WCHAR); 

25225| wcscpy( reparselnfo->ReparseTarget, 
| targetNativeFileName ); 

25226| reparselnfo->ReparseDataLength = 



I reparselnfo->ReparseTargetl_ength + 12; 



25227| 




25228| 


// Set the link 


25229 1 


Status = NtDeviceloControlFile( 


25230 1 


hFile, 


25231 | 


NULL, 


25232 1 


NULL, 


25233 1 


NULL, 


25234| 


SloStatus, 


25235| 


FSCTL_SET_REPARSE_POINT, 


25236| 


reparselnfo, 


25237| 


reparselnfo->ReparseDataLength + 


| REPARSE_MOUNTPOINT_HEADER_SIZE, 


25238| 


NULL, 


25239 1 


0 


25240 1 


); 


25241 1 




25242 1 


if(Status==0) { 


25243| 


DLOG((TEXT("Success creating 


| junction\n"))); 


25244| 


} else { 


25245| 


FILE_DISPOSITION_INFORMATION 


25246| 




25247| 


DLOG((TEXT("Error %08x creating 


| junction\n"), Status)); 


25248| 


// delete file if we could not create it 


25249 1 


Del.DeleteFile = TRUE; 


25250 1 


NtSetlnformationFile( hFile, 


25251 | 


SloStatus, &Del, sizeof(Del), 


25252 1 


FileDispositionlnformation 


25253 1 


); 


25254| 


} 


25255| 


} else { 


25256| 


DLOG((TEXT("Error %08x opening 


| directory\n"),Status)); 


25257| 


} 


25258| 




25259 1 


if ( hFile != INVALID_HANDLE_VALUE ) { 


25260 1 


NtClose(hFile); 



25261 1 } 

25262 1 return Status; 
25263 1 } 
25264| 7 
25265| 

25266| // Older SDK's had the wrong value specified for this 

| ioctl, so lets 
25267| // define it correctly 
25268| #ifndef FILE_SPECIAL_ACCESS 

25269| #define FILE_SPECIAL_ACCESS (FILE_ANY_ACCESS) 
25270| #undef FSCTL_SET_REPARSE_POINT 



25271 1 #define FSCTL_SET_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, 
| FILE_SPECIAL_ACCESS) // REPARSE_DATA_BUFFER, 

25272| #endif 

25273 1 

25274| // 



25275| // 

25276 1 // Create Junction 
25277| // 

252 78| // This routine creates a NTFS junction, using the 
| undocumented 

25279| // FSCTL_SET_REPARSE_POINT structure Win2K uses for 

| mount points 
25280 1 // and junctions. 
25281 1 // 

25282 1 // 

| 

25283| int CreateJunction2( PWCHAR LinkDirectory, PWCHAR 

| LinkTarget, PLARGEJNTEGER Time ) 
25284| { 

25285| NTSTATUS status = 0; 
25286| char reparseBuffer[MAX_PATH*3]; 
25287| WCHAR directoryFileName[MAX_PATH]; 
25288| WCHAR target F i leN a me[MAX_PATH]; 
25289| WCHAR targetNativeFileName[MAX_PATH]; 
25290| PWCHAR filePart; 

25291 1 HANDLE hFile = INVALID_HANDLE_VALUE; 
25292| DWORD returned Length; 

25293| PREPARSE_MOUNTPOINT_DATA_BUFFER reparselnfo = 
25294| (PREPARSE_MOUNTPOINT_DATA_BUFFER) 

| reparseBuffer; 
25295| 
25296| #if 0 
25297| // 

25298| // Get the full path referenced by the target 
25299 1 // 

25300| if( !GetFullPathName( LinkTarget, 

25301 1 MAX_PATH, targetFileName, 

25302| &filePart )) { 

25303| 

25304| _tprintf(_T("%s is an invalid file nameAn"), 

| LinkTarget ); 
25305| PrintWin32Error( GetLastError()); 
25306 1 return -1; 
25307| } 
25308| #else 

25309 1 wcscpy (targetFileName, LinkTarget); 

25310| #endif 

25311| 



25312| 
25313| // 

25314| // Get the full path referenced by the directory 
25315| // 

25316| if( !GetFullPathNameW( LinkDirectory, 
25317| MAX_PATH, directory File Name, 

25318| &filePart)){ 
25319| 

25320| DLOG((TEXT("%s is an invalid file name: 

| %08x\n M ), LinkDirectory,GetLastError()) ); 
25321 1 return Getl_astError(); 
25322 1 } 
25323 | 
25324| // 

25325| // Make the native target name 
25326| // 

25327| // _stprintf( targetNativeFileName, _T("\\??\\%s") J 

| targetFileName ); 
25328| wcscpy(targetNativeFileName ,targetFileName); 
25329| if( targetNativeFileName[wcslen( 

| targetNativeFileName )-1] != L'W) { 
25330| 

25331 1 wcscat( targetNativeFileName, L"\\"); 
25332 1 } 
25333 | 
25334| // 

25335| // Create the link - ignore errors since it might 

| already exist 
25336| // 

25337| CreateDirectoryW( LinkDirectory, NULL ); 
25338| 

25339| Login_EnablePrivilege ( S E BACKU P_N AM E ); 

25340| // Login_EnablePrivilege ( SE_TCB_NAME ); 

25341 1 // Login_EnablePrivilege ( SE_RESTORE_NAME ); 

25342| // Login_EnablePrivilege ( SE_CREATE_PERMANENT_NAME ); 

25343 1 

25344| hFile = CreateFileW( LinkDirectory, GENERIC_WRITE, 
|0, 

25345| NULL, OPEN_EXISTING, 

25346| 

| FILE_FLAG_OPEN_REPARSE_POINT|FILE_FLAG_BACKUP_SEMANTICS, 
| NULL); 

25347| if( hFile == IN VALI D_H AN DLE_VALU E ) { 
25348| 

25349| DLOG((TEXT("Error %08x creating %s:\n"), 

| GetLastError(), LinkDirectory )); 
25350| return GetLastError(); 
25351 1 } 
25352 1 

25353| // set time of directory 



25354| SetFileTime( hFile, (FILETIME*)Time, 

| (FILETIME*)Time, (FILETIME*)Time); 
25355| 
25356| // 

25357| // Build the reparse info 
25358| // 

25359| memset( reparselnfo, 0, sizeof( *reparselnfo )); 
25360| reparselnfo->ReparseTag = 

| IO_REPARSE_TAG_MOUNT_POINT; 
25361 1 

25362 1 reparselnfo->ReparseTargetl_ength = wcslen( 

| targetNativeFileName ) * sizeof(WCHAR); 
25363| reparselnfo->ReparseTargetMaximumLength = 

| reparselnfo->ReparseTargetl_ength + sizeof(WCHAR); 
25364| wcscpy( reparselnfo->ReparseTarget, 

| targetNativeFileName ); 
25365| reparselnfo->ReparseDatal_ength = 

| reparselnfo->ReparseTargetLength + 12; 
25366| 

25367| DLOG((TEXT( M rt=%08x, rdl=%08x, r=%04x, rtl=%04x, 

| rtml=%04x, r1=%04x, '%S'\n"), 
25368| reparselnfo->ReparseTag, 
25369| reparselnfo->ReparseDataLength, 
25370| reparselnfo->Reserved, 
25371 1 reparselnfo->ReparseTargetLength, 
25372| reparselnfo->ReparseTargetMaximumLength, 
25373| reparselnfo->Reserved1 , 
25374| reparselnfo->ReparseTarget 
25375| )); 
25376| 
25377| // 

25378| // Set the link 
25379 1 // 

25380| Login_EnablePrivilege ( S E BACKU P_N AM E ); 

25381 1 // Login_EnablePrivilege ( SE_TCB_NAME ); 

25382| // Login_EnablePrivilege ( SE_RESTORE_NAME ); 

25383| // Login_EnablePrivilege ( SE CREATE PERMANENT NAME ); 

25384| if( !DeviceloControl( hFile, 

| FSCTL_SET_REPARSE_POINT, 
25385| reparselnfo, 

25386| reparselnfo->ReparseDataLength + 

| REPARSE MOUNTPOINT H EADER SIZE, 
25387| NULL, 0, & returned Length, NULL )) { 

25388| 

25389| status = GetLastError(); 

25390| DLOG((TEXT("Error %08x setting junction for 

| %S:\n"), status, LinkDirectory )); 
25391 1 CloseHandle( hFile ); 
25392| RemoveDirectoryW( LinkDirectory ); 
25393 1 return status; 



25394| } 
25395| 

25396| CloseHandle (hFile); 

25397| DLOG((TEXT("Created: %S\nTargetted at: 

| %S\n"),directoryFileName, targetFileName )); 

25398| return status; 

25399| } 
25400| 
25401| 

25402| int DeleteJunction( PWCHAR Junction ) 

25403| { 

25404| Login_EnablePrivilege ( S E_BACKU P_N AM E ); 

25405| //Login_EnablePrivilege ( S E_TCB_N AM E ); 

25406| Login_EnablePrivilege ( SE RESTORE NAME ); 

25407| //Login_EnablePrivilege ( SE_CREATE_PERMANENT_NAME 

I); 

25408| 

25409| if(RemoveDirectoryW( Junction )) { 

25410| return 0; 

2541 1 1 } else { 

25412| DLOG((TEXT("Error %08x removing junction 

| '%S'\n"),GetLastError(),Junction)); 

25413| return Getl_astError(); 

25414| } 

25415| } 
25416| 

25417| STATIC int SetTimeForFile( PWCHAR File, PLARGE INTEGER 

| Time ) 

25418| { 

25419| WCHAR targetNativeFileName[MAX_PATH]; 

25420| HANDLE hFile; 

25421| UNICODE_STRING UniName={0}; 

25422| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

25423| IO_STATUS_BLOCK loStatus; 

25424| NTSTATUS Status; 

25425| 

25426| DLOG((TEXT("Setting time for '%S'\n"),File)); 
25427| 

25428| if (File[1 ]==':') { 

25429 1 // convert to Object name space name 

25430| wcscpy(targetNativeFileName,L M \\??\\"); 

25431 1 wcscat(targetNativeFileName,File); 

25432 1 } else { 

25433 1 // already a name space name 

25434| wcscpy(targetNativeFileName,File); 

25435| } 
25436| 

25437| if( targetNativeFileName[wcslen( 

| targetNativeFileName )-1] != L'W) { 

25438| wcscat( targetNativeFileName, L"\\"); 



25439| } 
25440| 

25441 1 RtllnitUnicodeString( &UniName,targetNativeFileName 

I); 

25442| 

25443| InitializeObjectAttributes ( &ObjectAttributes, 

25444| &UniName, 

25445| OBJ_CASE_INSENSITIVE, 

25446| NULL, 

25447| NULL); 

25448| 

25449| Status = NtCreateFile( &hFile, 
25450| GENERIC_WRITE, 

| // desired access 
25451 1 &ObjectAttributes, 

| // object attributes 
25452 1 &loStatus, 
25453| NULL, // 

| alloc size 

25454| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
25455| 0, 

| // share access 
25456| FILE_OPEN_IF, 

| // create disposition 
25457| FILE_DIRECTORY_FILE| 
25458| 

| FILE_OPEN_FOR_BACKUP_INTENT, //create 
| options 

25459| NULL, //eabuffer 

25460 1 0); //ealength 

25461 1 
25462 1 

25463 1 if(!Status) { 

25464| // set time of directory 

25465| ULONG B = SetFileTime( hFile, (FILETIME*)Time, 

| (FILETIME*)Time, (FILETIME*)Time); 
25466| if(B) { 

25467| DLOG((TEXT("Success setting time for 

| directory\n M ))); 
25468| } else { 

25469| DLOG((TEXT("Error %08x setting time for 

| directory\n M ),GetLastError())); 
25470 1 } 
25471 1 

25472| NtClose(hFile); 
25473 1 } else { 

25474| DLOG((TEXT("Error %08x opening 

| directory\n M ), Status)); 
25475| } 



25476| return Status; 

25477| } 

25478| 

25479| #ifdef _DEBUG 

25480| DLLEXPORT PSMSTATUS PSMAPI Psm_TestFunction( ULONG 

| Paraml, ULONG Param2) 
25481 1 { 

25482| ULONG B=FALSE; 

25483| LONG Err=0; 

25484| OVERLAPPED o; 

25485| ULONG returned; 

25486| pThreadStorage ThreadStorage = GetThreadStorage(); 

25487 1 typedef struct sTest { 

25488| ULONG Paraml; 

25489| ULONG Param2; 

25490| } tTest,*pTest; 

25491 1 tTest Test; 

25492| Test.Paraml = Paraml; 

25493| Test.Param2 = Param2; 

25494| 

25495| memset(&o,0,sizeof(o)); 

25496| o.hEvent = CreateEvent( NULL, FALSE, FALSE, NULL ); 
25497| 

25498| B = DeviceloControl(ThreadStorage->PSManHandle, 

25499| IOCTL_TEST_FUNCTION, 

25500| &Test, 

25501 1 sizeof(Test), 

25502| NULL, 

25503 1 0, 

25504| &returned, 

25505| &o); 

25506| 

25507| if(B) { 

25508| Err = 0; 

25509 1 } else { 

25510| Err = GetLastError(); 

2551 1 1 DLOG((TEXT("Error %08x Calling test 

| routine\n"),Err)); 

25512| } 

25513| CloseHandle(o.hEvent); 

25514| return Err; 

25515| } 

25516| #endif 

25517| 

25518| DLLEXPORT PSMSTATUS PSMAPI Psm_SetClusterRegistry( 

| PVOID Snapshot) 
25519| { 

25520| return UpdateClusterRegistries(SnapShot); 

25521| } 

25522| 



25523 
25524 



PSMSTATUS PSMAPI PSMI_LogEvent( ULONG Eventld, ULONG 
| Status, ULONG NumStrings, WCHAR *Stringsn ) 
{ 

ULONG B=FALSE; 
LONG Err; 
OVERLAPPED o; 
ULONG returned; 

pThreadStorage ThreadStorage = GetThreadStorage(); 
pPSM_LogEvent Log; 
ULONG i; 
ULONG Len; 



25525 
25526 
25527 
25528 
25529 
25530 
25531 
25532 
25533 
25534 
25535 
25536 
25537 
25538 
25539 
25540 
25541 
25542 
25543 

| of 
25544 

| to 
25545 
25546 
25547 
25548 
25549 
25550 
25551 
25552 
25553 
25554 
25555 
25556 
25557 
25558 
25559 
25560 
25561 
25562 
25563 
25564 
25565 
25566 
25567 

| NULL ) 
25568| 



Len = 0; 

if(NumStrings) { 
for(i=0;i<NumStrings;i++) { 
Len += wcslen(Strings[i]); 

} 

Len*=sizeof(WCHAR); 

Len+=NumStrings*sizeof(WCHAR); // nulls at end 

string 

Len+=NumStrings*sizeof(PVOID); // for pointers 
strings 
} 

Len +=s izeof (t PSM_Log Event) ; 

Log = LocalAlloc(LPTR,Len); 
if(Log) { 

PWCHAR p=(PWCHAR)Log->Strings; 
Log->Eventld = Eventld; 
Log->Status = Status; 
Log->NumStrings = NumStrings; 

if(NumStrings) { 

p+=NumStrings*sizeof(PVOID); 
for(i=0;i<NumStrings;i++) { 
wcscpy(p,Strings[i]); 
Log->Strings[i] = p; 
p+=wcslen(Strings[i]); 
*P=0; 
P++; 

} 

} 

memset(&o,0,sizeof(o)); 

o.hEvent = CreateEvent( NULL, FALSE, FALSE, 



25569| B = DeviceloControl( 

| ThreadStorage->PSManHandle, 
25570| IOCTL_LOG_EVENT, 
25571 1 Log, 
25572| Len, 
25573| NULL, 
25574| 0, 
25575| &returned, 
25576| &o); 
25577| 

25578| if(B) { 

25579| Err = 0; 

25580 1 } else { 

25581 1 Err = GetLastError(); 

25582| DLOG((TEXT("Error %08x Calling 

| LogEvent\n"),Err)); 
25583 1 } 

25584 1 C loseH and le(o . h Eve nt) ; 
25585| } else { 

25586| Err = ERROR_OUTOFM EMORY; 

25587| } 

25588 1 return Err; 

25589 1 } 

25590 1 

25591| 

25592| /* adapted from "Data structures and algotithms 
| analysis in C" 

25593| by Mark Allen Weiss, Second Edition, Addison Wesley, 

25594| ISBN :0-201 -49840-5 page 397 

25595| 

25596| original algorithm returned double instead of ULONG 
25597| 7 

25598| STATIC ULONG Random( void ) 
25599 1 { 

25600| ULONG TmpSeed; 
25601 1 int Decimal,Sign; 
25602 1 

25603| // do not change these numbers, see page 394=395 for 
| explanation 

25604| // but basically these provide a full generation of 

| random numbers 
25605| // before recycling 
25606| 

25607| #def ine A 48271 L 
25608| #define M 2147483647L 
25609|#defineQ(M/A) 
25610| #def ine R(M% A) 
2561 1 | 

25612| TmpSeed = A * (RandomNumberSeed % Q) - R * 
| (RandomNumberSeed / Q); 



25613| 

25614| if(TmpSeed>=0) 

25615| RandomNumberSeed = TmpSeed; 

25616| else 

25617| RandomNumberSeed = TmpSeed+M; 
25618| 

25619| return atol(_fcvt((1 .0*RandomNumberSeed) / 

| M,12,&Decimal,&Sign)); 
25620 1 } 
25621| 

25622| STATIC ULONG CheckKey( ULONG SerialNumber, ULONG 

| CheckCode ) 
25623| { 

25624| ULONG LoopCount; 
25625| ULONG CCode; 
25626| ULONG i; 
25627| 

25628| RandomNumberSeed = 

| (SerialNumber+2)*(SerialNumber+1 ); 
25629| LoopCount = (SerialNumber+1 ) % 63; 
25630| for(j=0;i<LoopCount;i++) { 
25631 1 CCode = Random(); 
25632 1 } 

25633| return (CCode == CheckCode); 
25634| } 
25635| 
25636| r 

25637| ProductType can be one of the following: 
25638| 

25639| WinNT = Windows NT workstation 

25640| LanmanNT = Windows NT Server domain controller (primary 
| or backup) 

25641 1 ServerNT = Windows NT Server stand-alone 
25642 1 

25643| On Special Editions of Windows NT the ProductSuite key 

| exists and can be the following values: 
25644| 

25645| Terminal Server = Windows NT Server 4.0 Terminal Server 
| Edition 

25646| Enterprise = Windows NT Server 4.0 Enterprise 

| Edition 
25647| 7 
25648| 

25649| STATIC int GetNTSystemType( ) 
25650 1 { 

25651| HKEY Key; 

25652| LONG Err=0; 

25653| TCHAR ProductType[80]; 

25654| TCHAR ProductSuite[80]; 

25655| LONG DataSize=sizeof( ProductType); 



25656| TCHAR KeyName[256]; 

25657| int Type; 

25658| 

25659| 

| _tcscpy(KeyName,TEXT( M SYSTEM\\CurrentControlSet\\Control 
| WProductOptions")); 
25660| 

25661 1 // open the registry 
25662| Err = RegOpenKeyEx( 

25663| HKEY_LOCAL_MACHINE, // handle of open key 
25664| KeyName, // address of name of subkey to 
| open 

25665| 0, //reserved 

25666| KEYREAD, // security access mask 

25667| &Key// address of handle of open key 

25668| ); 

25669 1 if(Err==0) { 

25670| Err = RegQueryValueEx( 

25671 1 Key, // handle of key to query 

25672| TEXT("ProductType"), // address of name 

| of value to query 
25673| NULL, //reserved 

25674| NULL, // address of buffer for value type 

25675| (char*)ProductType, // address of data 

| buffer 

25676| &DataSize // address of data buffer size 

25677| ); 

25678| 

25679| if(Err) { 

25680| D LOG ((TEXT(" Erro r %08x getting product 

|type\n"),Err)); 
25681 1 } else { 

25682| DLOG((TEXT("ProductType = 

| '%s'\n"),ProductType)); 
25683 1 } 
25684| 

25685| DataSize=sizeof(ProductSuite); 
25686| 

25687| Err = RegQueryValueEx( 

25688| Key, // handle of key to query 

25689| TEXT( M ProductSuite"), // address of name 

| of value to query 
25690| NULL, //reserved 

25691 1 NULL, // address of buffer for value type 

25692| (char*)ProductSuite, // address of data 

| buffer 

25693| &DataSize // address of data buffer size 

25694| ); 

25695| 

25696| // close the registry 



25697| RegCloseKey(Key); 

25698| } 

25699| 

25700| if (Err) { 

25701 1 DLOG((TEXT("Error %08x getting product 

| suite\n"),Err)); 
25702 1 _tcscpy ( ProductSu ite,TEXT("")) ; 
25703 1 } else { 

25704| DLOG((TEXT("ProductSuite = 

| '%s'\n"),ProductSuite)); 
25705| } 
25706| 

25707| Type = 0; 
25708| 

25709| if(_tcsicmp(TEXT("winnf'),ProductType)==0) 
2571 0| Type |= WINDOWS_NT_WORKSTATION; 
2571 1 1 else 

25712| if(_tcsicmp(TEXT("servernt"),ProductType)==0) 
25713| Type |= WINDOWS_NT_SERVER; 
25714| else 

2571 5| if (_tcsicmp(TEXT("lanmannt"), ProductType)==0) 

25716| Type |= WINDOWS_NT_SERVER | WINDOWS_NT_DOMAIN; 

25717| 

2571 8| // now check product suite 
2571 9| if(_tcsicmp(TEXT("Terminal 

| Server"), ProductSuite)==0) 
25720| Type |= WINDOWS_NT_TERMINAL_SERVER; 
25721 1 else 

25722 1 if (_tcsicmp(TEXT(" Enterprise") , ProductSu ite)==0) 
25723| Type |= WINDOWS_NT_ENTERPRISE; 
25724| 

25725 1 return Type; 

25726| 

25727| } 

25728| 

25729| #define SE_INTERACTIVE_LOGON_NAME 

| TEXT("Sel nteractiveLogon Rig ht") 
25730| #define SE_NETWORK_LOGON_NAME 

| TEXT("SeNetworkLogon Right") 
25731 1 #define SE_BATCH_LOGON_NAME 

| TEXT("SeBatchLogonRight") 
25732| #define SE_SERVICE_LOGON_NAME 

| TEXT("SeServiceLogonRight") 
25733 1 
25734| 

25735| STATIC BOOL Login_EnablePrivilege ( LPTSTR Privilege ) 
25736| { 

25737| BOOL Success; 
25738| HANDLE Token; 
25739 1 LUID Luid; 



25740| TOKEN_PRIVILEGES TokenPrivileges; 
25741 | 

25742 1 Success = 

| OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVIL 

| EGES | TOKEN_QUERY, &Token ); 
25743 1 if (Success) { 

25744| Success = LookupPrivilegeValue(0, Privilege, 

| &Luid ); 
25745| if(Success) { 

25746| Token Privileges. PrivilegeCount = 1; 

25747| TokenPrivileges. Privileges[0].Luid = Luid; 

25748| TokenPrivileges. Privileges[0]. Attributes = 

| SE_PRIVILEGE_ENABLED; 
25749 1 // always returns true 

25750| Success = AdjustTokenPrivileges( Token, 

| FALSE, &TokenPrivileges, 0, 0, 0 ); 
25751 1 if(GetLastError()==ERROR_SUCCESS) { 

25752| Success = TRUE; 

25753 1 } else { 

25754| DLOG((TEXT("Error %08x setting 

| privileges\n"),GetLastError())); 
25755| Success = FALSE; 

25756| } 
25757| } else { 

25758| DLOG((TEXT("Error %08x looking up privilege 

| value\n"),GetLastError())); 
25759 1 } 
25760 1 } else { 

25761 1 DLOG((TEXT("Error %08x opening process 

| token\n"),GetLastError())); 
25762 1 } 
25763 1 

25764 1 return Success; 

25765| } 

25766| 

25767| STATIC BOOL Login_DisablePrivilege ( LPTSTR Privilege ) 
25768| { 

25769| BOOL Success; 
25770| HANDLE Token; 
25771| LUID Luid; 

25772| TOKEN_PRIVILEGES TokenPrivileges; 
25773| 

25774| Success = 

| OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVIL 

| EGES | TOKEN QUERY, &Token ); 
25775| if(Success) { 



25776| Success = LookupPrivilegeValue(0, Privilege, 

| &Luid ); 
25777| if(Success) { 

25778| Token Privileges. PrivilegeCount = 1; 



25779| TokenPrivileges.Privileges[0].Luid = Luid; 

25780| TokenPrivileges.Privileges[0].Attributes = 

10; 

25781 1 // always returns true 

25782| Success = AdjustTokenPrivileges( Token, 

| FALSE, STokenPrivileges, 0, 0, 0 ); 
25783| if(GetLastError()==ERROR_SUCCESS) { 

25784| Success = TRUE; 

25785| } else { 

25786| DLOG((TEXT("Error %08x setting 

| privileges\n"),Getl_astError())); 
25787| Success = FALSE; 

25788| } 
25789 1 } else { 

25790| DLOG((TEXT("Error %08x looking up privilege 

| value\n"),GetLastError())); 
25791 1 } 
25792 1 } else { 

25793| DLOG((TEXT("Error %08x opening process 

| token\n"),GetLastError())); 
25794| } 
25795| 

25796| return Success; 

25797| } 

25798| 

25799| STATIC pSnapShot AllocSnapShot() 
25800 1 { 

25801 1 pSnapShot SnapShot=NULL; 
25802| ULONG i; 
25803 1 

25804| WaitForSingleObject ( SharedMemoryMutex, INFINITE 

I); 

25805| _try { 

25806| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 
25807| if(!(SharedMemory->SnapShotslnUse[i/8] & (1 

l« (i%8)))){ 
25808| CHAR Save = 

| SharedMemory->SnapShotslnUse[i/8]; 
25809 1 // Set bit 

25810| SharedMemory->SnapShotslnUse[i/8] |= (1 

I « (i % 8)); 
2581 1 1 Snapshot = 

| &SharedMemory->ActualSnapShotSpace[i]; 
2581 2| DLOG(("%08x: Set bit %d (%d %d) (%02x 

| %02x)\n",SnapShot,i,i/8,i%8,Save,SharedMemory->SnapShots 

| lnUse[i/8])); 
25813| break; 
25814| } 
25815| } 
25816| } ^finally { 



2581 7| ReleaseMutex(SharedMemoryMutex); 

25818| } 

25819| if(ISnapShot) { 

25820| DLOG(("Out of memory in global namespace!\n")); 
25821 1 SetLastError(ERROR_OUTOFMEMORY); 

25822 1 } 

25823| return Snapshot; 



25824| } 
25825| 

25826| STATIC void FreeSnapShot( pSnapShot Snapshot ) 
25827| { 

25828| ULONG i; 
25829| if(SnapShot) { 

25830| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25831 1 _try { 

25832| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 

25833| if(SnapShot == 

| &SharedMemory->ActualSnapShotSpace[i]) { 
25834| CHAR Save = 

| SharedMemory->SnapShotslnUse[i/8]; 
25835| // clear bit 

25836| SharedMemory->SnapShotslnUse[i/8] 

|&=~(1 « (i%8)); 
25837| DLOG(("%08x: Clr bit %d (%d %d) 

| (%02x 

| %02x)\n",SnapShot,i,i/8,i%8,Save,SharedMemory->SnapShots 
| lnUse[i/8])); 
25838| 

| memset(SnapShot,0,sizeof(tSnapShot)); 



25839| SnapShot=NULL; 

25840 1 break; 

25841 | } 

25842 1 } 

25843| if(SnapShot) { 

25844| DLOG(("Pointer %08x not 

| found!\n",SnapShot)); 
25845| } 
25846| } ^finally { 

25847| ReleaseMutex(SharedMemoryMutex); 
25848| } 
25849 1 } 



25850 1 } 
25851 | 

25852| STATIC ULONG lsValidSnapShot( pSnapShot Snapshot ) 
25853 1 { 

25854| ULONG i; 

25855| ULONG B=FALSE; 

25856| 

25857| if(SnapShot) { 



25858| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25859| __try { 

25860| for(i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++) { 

25861 1 if (Snapshot == 

| &SharedMemory->ActualSnapShotSpace[i]) { 
25862 1 

| if(SharedMemory->SnapShotslnUse[i/8] & (1 « (i % 8))) 
|{ 

25863| if(SnapShot->OwningThread == 

| GetThreadStorage()) { 
25864| B = TRUE; 

25865| break; 
25866| } 
25867| } 
25868| } 
25869| } 
25870| } ^finally { 

25871 1 ReleaseMutex(SharedMemoryMutex); 

25872 1 } 

25873 1 } 

25874| return B; 

25875| } 

25876| 

25877| // 

| 

25878| 
25879 1 

25880| DLLEXPORT PSMSTATUS PSMAPI Psm_GetActiveSnapshotTable ( 

25881 1 OUT ULONG * nu m be rOfActiveS naps hots, 

25882| OUT pSnapShot snapshotTable[], 

25883| IN ULONG snapshotTableSlots /* max number of 

| pointers 'snapshotTable' can hold*/ ) 
25884| { 

25885| PSMSTATUS err = 0; 
25886| 

25887| if ( numberOfActiveSnapshots && snapshotTable && 

| snapshotTableSlots>0 ) { 
25888| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25889| __try { 

25890| ULONG counter=0, i=0, j=0; 

25891| 

25892| // First pass... enumerate temporary 

| snapshots: 

25893| for ( i=0; i < MAX_NUMBER_OF_SNAPSHOTS; ++i 

l){ 

25894| if ( (SharedMemory->SnapShotslnUse[i/8] 

|&(1 « (i%8)))){ 
25895| pSnapShot snapshot = 



I &SharedMemory->ActualSnapShotSpace[i]; 
25896| PVOID kernelPointer = 

| snapshot->KernelSnapShotPointer; 
25897| ULONG isUnique = TRUE; 

25898| 

25899| for ( j=0; j<counter && isUnique; 

I ++j ) { 

25900| if ( kernelPointer == 

| snapshotTable[j]->KernelSnapShotPointer ) { 
25901 1 isUnique = FALSE; 

25902 1 } 
25903 1 } 
25904| 

25905| if ( isUnique ) { 

25906| if ( counter < 

| snapshotTableSlots-1 ) { 
25907| snapshotTable[counter++] = 

| snapshot; 
25908| } else { 

25909| err = ERROR_MORE_DATA; 

25910| break; 

2591 1 | } 

25912| } 

25913| } 

25914| } 

25915| 

25916| if ( !err ) { 

2591 7| // Second pass... append all persistent 

| snapshots: 

25918| if ( counter <= snapshotTableSlots ) { 

25919| err = Psm_GetPersistentSnapShots ( 

25920| &snapshotTable[counter], 
25921 1 sizeof(pSnapShot) * 

| (snapshotTableSlots - counter) ); 
25922 1 

25923 1 if ( !err ) { 

25924| // figure out how many are in 

| the array by looking for NULL termination. 
25925| while ( snapshotTable[counter] 

| != NULL) { 
25926| if ( counter == 

| snapshotXableSlots-1 ) { 
25927| err = ERROR_MORE_DATA; 

25928| break; 
25929| } 
25930 1 

25931 1 ++counter; 
25932 1 } 
25933 1 } 
25934| } else { 



25935| // sanity check: This should never 

| happen if first pass code is correct. 

25936| err = ERROR_MORE_DATA; 

25937| DLOG(("M! Sanity check failed in 

| Psm_GetActiveSnapshotTable: s=%lu 
| c=%lu\n",snapshotTableSlots,counter)); 

25938| } 

25939| } 

25940| 

25941 1 *numberOfActiveSnapshots = counter; 
25942| } ^finally { 

25943| ReleaseMutex(SharedMemoryMutex); 
25944| } 
25945| } else { 

25946| err = ERROR_INVALID_PARAMETER; 

25947| } 

25948| 

25949 1 return err; 
25950 1 } 
25951 1 
25952 1 // 



25953 1 
25954| 

25955| STATIC WCHAR *FNVFS_ListOfVolumeNames = NULL; 
25956| STATIC ULONG FNVFS_ListOfVolumeNamesSizelnBytes = 0; 
25957| 
25958| 

25959| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_FindNextVolumeForSnapshot ( 
25960| IN pSnapShot snapshot, 
25961 1 OUT WCHAR **originalVolumeName, 
25962| IN OUT ULONG *iteratorState ) 
25963 1 { 

25964| PSMSTATUS err=0; 
25965| ULONG i=0; 
25966| 

25967| if ( snapshot && originalVolumeName && 

| iteratorState ) { 
25968| *originalVolumeName = NULL; 
25969| WaitForSingleObject ( SharedMemoryMutex, 

| INFINITE ); 
25970 1 __try { 
25971 1 if ( 

| PsmJsPersistentSnapShotPointer(snapshot) ) { 
25972 1 // It's a fancy new persistent 

| snapshot... 
25973| if ( *iteratorState == 0 ) { 

25974| // This is the FindFirst call, so 

| get a list of all volumes up front. 



25975| // For each subsequent call, we 

| keep re-using the list. 
25976| if ( FNVFS_ListOfVolumeNames == 

| NULL){ 
25977| 

| FNVFS_ListOfVolumeNamesSizelnBytes = 32 * 1024 * 

| sizeof(WCHAR); 
25978| FNVFS_ListOfVolumeNames = 

| LocalAlloc (LPTR, FNVFS_ListOfVolumeNamesSizelnBytes); 
25979| if ( FNVFS_ListOfVolumeNames == 

| NULL){ 

25980| err = ERROR_OUTOFM EMORY; 

25981 | 

| FNVFS_ListOfVolumeNamesSizelnBytes = 0; 
25982 1 } 
25983| } 
25984| 

25985| if ( FNVFS_ListOfVolumeNames != 

| NULL ) { 
25986| err = 

| Psm_GetKernelSnapShotVolumesW ( 
25987| snapshot, 
25988| FNVFS_ListOfVolumeNames, 
25989| 

| FNVFS_ListOfVolumeNamesSizelnBytes ); 
25990 1 } 
25991| } 
25992| 

25993| if (!err){ 

25994| if ( FNVFS_ListOfVolumeNames == 

| NULL){ 

25995| err = ERROR_OUTOFMEMORY; 

25996| 

| FNVFS_ListOfVolumeNamesSizelnBytes = 0; 
25997| } else { 

25998| WCHAR *nthString = 

| FNVFS_ListOfVolumeNames; 
25999| for ( i=0; i < *iteratorState 

| && *nthString; ++i ) { 
26000| nthString += 

| wcslen(nthString) + 1; 
26001| } 
26002| 

26003| if ( *nthString ) { 

26004| *originalVolumeName = 

| nthString; 

26005| ++(*iteratorState); 
26006| } else { 

26007| *originalVolumeName = NULL; 

26008| } 



26009| } 
26010| } 
26011| }else{ 

26012| // It's an old-style temporary 

| snapshot... 
26013| for ( i = IteratorState; i < 

| SharedMemory->NumberOfMappedVolumes; ++i ) { 
26014| tMapDrive *volume = 

| &SharedMemory->MappedVolumes[i]; 
2601 5| pSnapShot volSnapshot = 

| MakePointer(volume->SnapShotOffset); 
2601 6| if ( volSnapshot == snapshot ) { 

2601 7| *originalVolumeName = 

| volume->OriginalUserName; 
26018| IteratorState = i + 1; 

26019| break; 
26020| } 
26021| } 
26022| } 
26023| } ^finally { 

26024| ReleaseMutex(SharedMemoryMutex); 
26025| } 
26026| } else { 

26027| err = ERROR_INVALID_PARAMETER; 

26028| } 

26029| 

26030| return err; 

26031| } 

26032| 

26033| 

26034| // 

| 

26035| 
26036| 

26037| DLLEXPORT PSMSTATUS PSMAPI 

| Psm_FindFirstVolumeForSnapshot ( 
26038| IN pSnapShot snapshot, 
26039| OUT WCHAR **originalVolumeName, 
26040| OUT ULONG *iteratorState ) 
26041 1 { 

26042| PSMSTATUS err = 0; 
26043 | 

26044| if ( snapshot && originalVolumeName && 

| iteratorState ) { 
26045| *iteratorState = 0; 

26046| err = Psm_FindNextVolumeForSnapshot ( snapshot, 

| originalVolumeName, iteratorState ); 
26047| } else { 

26048| err = ERROR_INVALID_PARAMETER; 
26049 1 } 



26050| 

26051 1 return err; 

26052 1 } 

26053| 

26054| 

26055| 

26056| // 



26057| 
26058| 

26059| DWORD ExceptionFilter( EXCEPTION_POINTERS *ep ) 
26060| { 

26061 1 ULONG ret; 
26062 1 

26063| DLOG(("Exception occured\n")); 
26064| DLOG(("Exception: 

| %08x\n",ep->ExceptionRecord->ExceptionCode)); 
26065| DLOG(("Flags : 

| %08x\n",ep->ExceptionRecord->ExceptionFlags)); 
26066| DLOG(("Address : 

| %08x\n",ep->ExceptionRecord->ExceptionAddress)); 
26067| 

26068| switch ( ep->ExceptionRecord->ExceptionCode ) { 
26069 1 

26070| case EXCEPTION_ACCESS_VIOLATION : 
26071 1 DLOG(("Attempted to %s invalid memory at 

| %08x\n", 
26072 1 

| ep->ExceptionRecord->Exceptionlnformation[0] ? 
| TEXTfwrite") : TEXT("read"), 
26073 1 

| ep->ExceptionRecord->Exceptionlnformation[1] 
26074| )); 
26075| 

26076| case EXCEPTION_ARRAY_BOUNDS_EXCEEDED 
26077| ret = EXCEPTION_EXECUTE_HANDLER; 

26078| break; 
26079 1 

26080| case EXCEPTION_BREAKPOINT : 
26081| case EXC E PT I O N_D ATATYP E_M I SAL I GN M E NT 
26082| case EXC E PT I O N_FLT_D E N O R M AL_0 P E RAN D : 
26083| case EXCEPTION_FLT_DIVIDE_BY_ZERO : 
26084| case EXC E PT I O N_FLT_I N EX ACT_R ESU LT : 
26085| case EXCEPTION_FLT_INVALID_OPERATION : 
26086| case EXCEPTION_FLT_OVERFLOW : 
26087| case EXCEPTION_FLT_STACK_CHECK : 
26088| case EXCEPTION FLT UNDERFLOW : 
26089| case EXCEPTIONJLLEGALJNSTRUCTION : 
26090| case EXC E PT I O N_l N_P AG E_E R RO R : 
26091| case EXCEPTION_INT_DIVIDE_BY_ZERO : 



26092| case EXCEPTION_INT_OVERFLOW : 

26093| case EXCEPTION_INVALID_DISPOSITION : 

26094| case EXCEPTION_NONCONTINUABLE_EXCEPTION : 

26095| case EXCEPTION_PRIVJNSTRUCTION : 

26096| case EXCEPTION_SINGLE_STEP : 

26097| case EXCEPTION_STACK_OVERFLOW : 

26098| default: 

26099| // pass to debugger or system 

261 00| ret = EXCEPTION_CONTINUE_SEARCH; 

26101| break; 

261 02 1 // EXCEPTION_CONTINUE_SEARCH = continue looking 

| for a error handler 

261 03 1 // EXCEPTION_EXECUTE_HANDLER = execute 

| exception handler 

261 04| // EXCEPTION_CONTINUE_EXECUTION = continue as 

| though nothing happened 
26105| 

26106| } 

26107| #ifdef _DEBUG 

26108| if(DebugMode) { 

26109| DebugBreak(); 

26110| } 
261 1 1 1 #endif 

26112| return ret; 
26113| } 
26114| 

26115| STATIC int ExecuteFile ( WCHAR *FileName, WCHAR 

| *Commandl_ine, WCHAR *ChildUser, WCHAR *ChildPassword ) 
26116| { 

26117| STARTUPINFOW Startup I nfo={0}; 

26118| PROCESSJNFORMATION Process I nformation={0}; 

26119| WCHAR CurrentDir[256]={0}; 

26120| WCHAR Comm[256]={0}; 

26121| BOOL UserSpecified=FALSE; 

26122| BYTE sidBuffer[1 00]={0}; 

26123| PSID psid=(PSID)&sidBuffer; 

26124| ULONG sidLen=sizeof(sidBuffer); 

26125| WCHAR DomainName[1 28]={0}; 

26126| ULONG DomainNameLen = 128; 

26127| SID_NAME_USE snu={0}; 

26128| BOOL B; 

26129| ULONG Err=0; 

261 30| LPWSTR pdc=NULL; 

26131| HANDLE Token; 

26132| WCHAR Ext[4]={0}; 

26133| HANDLE DirHandle; 

26134| WIN32_FIND_DATAW FindFileData; 

26135| WCHAR *p; 

26136| WCHAR FullFile[256]; 

261 37\ pThreadStorage ThreadStorage = GetThreadStorageQ; 



26138| 

26139| GetCurrentDi rectory W( 256, CurrentDir ); 
26140| 

26141 1 p = wcsrchr(FileName,TEXT('\V)); 
26142| 

261 43| // if a directory is specified 

26144| if((p) || (FileName[1]==L':')) { 

261 45| // save the directory 

26146| if(!p) p=FileName+2; 

26147| wcsncpy(CurrentDir,FileName,p-FileName); 

26148| CurrentDir[p-FileName] = 0; 

26149| 

261 50| p = wcschr(FileName,L7); 

26151 1 wcscpy(FullFile,FileName); 

26152| if(p) { 

26153| // if a extention specified, no need to 
| look for it 

26154| DirHandle = Find First FileW( FullFile, 

| &FindFileData); 

26155| if(DirHandle!=INVALID_HANDLE_VALUE) { 

261 56| FindClose(DirHandle); 

26157| goto RunFile; 

26158| } 

26159| } 

26160| }else{ 

261 61 1 // no directory specified, use current 
26162| 

| swprintf(FullFile,L"%s\\%s",CurrentDir,FileName); 

26163| } 
26164| 

261 65 1 // see if any pifs to run 

26166| swprintf(Comm,L M %s.pif",FullFile); 

26167| DirHandle = FindFirstFileW( Comm, &FindFileData); 

26168| if(DirHandle!=INVALID_HANDLE_VALUE) { 

261 69 1 FindClose(DirHandle); 

26170| goto RunFile; 

26171| } 

26172| 

261 73 1 // check for os/2 files 

261 74 1 swprintf(Comm,L M %s.cmd",FullFile); 

26175| DirHandle = FindFirstFileW( Comm, &FindFileData); 

26176| if(DirHandle!=INVALID_HANDLE_VALUE) { 

261 77| FindClose(DirHandle); 

26178| goto RunFile; 

26179| } 

26180| 

261 81 1 // check for batch files. 

26182| swprintf(Comm,L M %s.bat M ,FullFile); 

26183| DirHandle = FindFirstFileW( Comm, &FindFileData); 

26184| if(DirHandle!=INVALID_HANDLE_VALUE) { 



26185| FindClose(DirHandle); 

26186| goto RunFile; 

26187| } 
26188| 

261 89 1 // search for exe's 

26190| swprintf(Comm,L"%s.exe",FullFile); 

26191 1 DirHandle = FindFirstFileW( Comm, &FindFileData); 

26192| if(DirHandle!=INVALID_HANDLE_VALUE) { 

26193| FindClose(DirHandle); 

26194| goto RunFile; 

26195| } 

26196| 

261 97| // search for .com files 

26198| swprintf(Comm,L"%s.com",FullFile); 

26199| DirHandle = FindFirstFileW( Comm, &FindFileData); 

26200| if(DirHandle!=INVALID_HANDLE_VALUE) { 

26201 1 FindClose(DirHandle); 

26202| goto RunFile; 

26203| } 

26204| 

26205 1 // see if any file to run. 

26206| swprintf(Comm,L M %s.*",FullFile); 

26207| DirHandle = FindFirstFileW( Comm, &FindFileData); 

26208| if(DirHandle==INVALID_HANDLE_VALUE) { 

26209| // DLOG((TEXT("File not found\n M ))); 

26210| swprintf(Comm,L"%s %s",FileName,CommandLine); 

26211| goto RunFile2; 

26212| } 

26213| FindClose(DirHandle); 
26214| 

26215| RunFile: 

2621 6| p = wcsrchr(FindFileData.cFileName,L'.'); 

26217| if(p){ 

26218| if(_wcsnicmp(p+1 ,L"bat M ,3)==0) { 

26219| // a batch file, so run cmd.exe first. 

26220| swprintf(Comm,L"cmd.exe Ic \"%s\" %s M , 

| FindFileData.cFileName,CommandLine); 

26221| }else{ 

26222| // not a batch file 

26223 1 swpri ntf (Co m m , L' V%s\" 

| %s",FindFileData.cFileName,Commandl_ine); 

26224| } 

26225| } else { 

26226| // no extension found 

26227 1 swp ri ntf (Co m m , L"\"%s\" 

| %s",FindFileData.cFileName,Commandl_ine); 

26228| } 
26229| 

26230| RunFile2: 

26231 1 DLOG((TEXT("Going to run file '%S'\n M ),Comm)); 



26232| 
26233| 

26234| if (wcscmp(ChildUser,L"")!=0) { 

26235| UserSpecified = TRUE; 

26236| } else { 

26237| UserSpecified = FALSE; 

26238| } 

26239| 

26240| memsef(&Startuplnfo,0,sizeof(Startuplnfo)); 

26241 1 Startuplnfo.cb = sizeof(Startuplnfo); 

26242| Startuplnfo.dwFlags = STARTFJJSESHOWWINDOW; 

26243| Startuplnfo.wShowWindow = SWJHIDE | 

| SW_SHOWMINIMIZED | SW_MINIMIZE | SW_FORCEMINIMIZE; 
26244| 

| memset(&Processlnformation,0,sizeof(Processlnformation)) 



26246| if(UserSpecified) { 

26247| // get the domain of the user... 

26248| B = LookupAccountNameW( NULL, 

26249| ChildUser, 

26250| psid, 

26251 1 SsidLen, 

26252| DomainName, 

26253| SDomainNameLen, 

26254| &snu ); 

26255| 

26256| DLOG((TEXT("Found = %s, Name=%S, 

| Domain=%S\n"),B ? TEXT("True") : 

| TEXT("False"),ChildUser, DomainName)); 
26257| 

26258| // see if valid password it is case sensitive 
26259| if(B) { 

26260| WCHAR 'Domain = DomainName; 

26261 1 ULONG LogonType = 

| LOGON32_LOGON_INTERACTIVE; 
26262| ULONG LogonProvider = 

| LOGON32_PROVIDER_DEFAULT; 
26263 1 

26264| Token = 0; 

26265| Err = 0; 

26266| 

26267| // make sure this privilege is on... 

26268| 

| Login_EnablePrivilege(SE_INTERACTIVE_LOGON_NAME); 
26269| 

| Login_EnablePrivilege(SE_NETWORK_LOGON_NAME); 
26270| Login_EnablePrivilege(SE_BATCH_LOGON_NAME); 
26271 1 

| Login_EnablePrivilege(SE_SERVICE_LOGON_NAME); 



26272| 

26273| // loop through possible logon types, 

| hopefully 
26274| // one of them will work. 

26275| DoLogonAgain: 

26276| B = LogonUserW( ChildUser, Domain, 

| ChildPassword, LogonType, LogonProvider, &Token ); 

26277| if(!B) { 

26278| Err = GetLastErrorQ; 

26279| DLOG((TEXT("Error %08x during log on 

| for user '%S' in domain '%SVi"),Err, ChildUser, 
| Domain)); 

26280| if(LogonType<6) { 

26281| LogonType++; 

26282| goto DoLogonAgain; 

26283| } 

26284| // failed all attempts to log on 

26285| B = TRUE; // so we dont get 2 error 

| messages 
26286| //goto RunChildAsMe; 

26287| } else { 

26288| DLOG((TEXT("Success on LogonUser\n M ))); 

26289| Err = 0; 

26290| 

26291 1 // make sure this privilege is on... 

26292 1 

| if(!Login_EnablePrivilege(SE_ASSIGNPRIMARYTOKEN_NAME)) 
26293| DLOG((TEXT("Error Enabling 

| Privilege 

| SE_ASSIGNPRIMARYTOKEN_NAME\n"),GetLastError())); 
26294| 

| if(!Login_EnablePrivilege(SE_INCREASE_QUOTA_NAME)) 
26295| DLOG((TEXT("Error Enabling 

| Privilege S El N C R E AS E_Q U OT A_N AM E\n ") , Get Last E rro r ( ) ) ) ; 
26296| if(!Login_EnablePrivilege(SE_TCB_NAME)) 
26297| DLOG((TEXT("Error Enabling 

| Privilege S ETC B_N AM E\n ") , Get Last E rro r ( ) ) ) ; 
26298| 

26299| DLOG((TEXT("Running file as '%S' in 

| domain '%S'\n M ),ChildUser,Domain)); 
26300| DLOG((TEXT("Command 

| line='%S'\n"),Comm)); 
26301 1 DLOG((TEXT("Current 

| Dir='%S , \n"),CurrentDir)); 
26302 | 

26303 1 B = CreateProcessAsUserW( 

26304| Token, 

26305| NULL, // pointer to name of 

| executable module 
26306| Comm, // pointer to command line 



I string 

26307| NULL, // pointer to process 

| security attributes 
26308| NULL, // pointer to thread 

| security attributes 
26309| FALSE, // handle inheritance flag 

2631 0| NORMAL_PRIORITY_CLASS, // creation 

I flags 

2631 1 1 NULL, // pointer to new 

| environment block 
26312| CurrentDir, // pointer to current 

| directory name 
26313| &Startuplnfo, //pointer to 

| STARTUPINFO 
26314| &Processlnformation // pointer 

| to PROCESSJNFORMATION 
26315| ); 
26316| 

26317| WaitForApp: 



if(!B) { 

Err = GetLastError(); 
} else { 

HANDLE Handles[2]; 

// wait for app to finish running, 



26318| 
26319| 
26320| 
26321| 
26322| 
26323| 

| or timeout 
26324| Handles[0] = 

| Processlnformation.hProcess; 
26325| Handles[1] = 

| ThreadStorage->AbortEvent; 
26326| Err = WaitForMultipleObjects( 

| ThreadStorage->AbortEvent==INVALID_HANDLE_VALUE ? 1 

| 2, Handles, FALSE, INFINITE); 



26327| 
26328| 
26329 | 

| done\n"))); 
26330 1 
26331| 
26332| 
26333| 
26334| 



if(Err==WAIT_OBJECT_0) { 
// Process is gone 
DLOG((TEXT("Process is 

Err = 0; 
} else 

if(Err==WAIT_OBJECT_0+1) { 
// Abort event hit 
DLOG((TEXT("Abort event 



signalled during wait for processW))); 



26335| 
26336| 
26337| 
26338| 

| Wait\n"),Err)); 
26339 | 
26340 1 



Err = 0; 
B = FALSE; 
} else { 

DLOG((TEXT("Error%08x in 
B = FALSE; 



26341 | 

26342| // dont need the handles any more. 

26343 1 

| CloseHandle(Processlnformation.hThread); 
26344| 

| CloseHandle(Processlnformation.hProcess); 
26345| } 
26346| } 
26347| 

26348| // log off user.(if logged on) 

26349 1 if (Token != INVALID_HANDLE_VALUE) 

26350| CloseHandle(Token); 

26351 1 } else { 

26352| Err = Getl_astError(); 

26353| DLOG((TEXT("Error %08x looking up 

| user\n"),Err)); 
26354| B = TRUE; // so we dont get 2 messages 

26355| // fail execute so user can debug. 

26356| //goto RunChildAsMe; 

26357| } 
26358| } else { 
26359| //RunChildAsMe: 

26360| DLOG((TEXT("Running file as me\n"))); 
26361 1 DLOG((TEXT("Command line='%S'\n M ),Comm)); 
26362| DLOG((TEXT("Current Dir='%S , \n"),CurrentDir)); 
26363 1 

26364| B = CreateProcessW( 
26365| NULL, // pointer to name of executable 

| module 

26366| Comm, // pointer to command line string 

26367| NULL, // pointer to process security 

| attributes 

26368| NULL, // pointer to thread security 

| attributes 

26369| FALSE, // handle inheritance flag 

26370| NORMAL_PRIORITY_CLASS, // creation flags 

26371 1 NULL, // pointer to new environment block 

26372| CurrentDir, // pointer to current directory 

| name 

26373| &Startuplnfo, // pointer to STARTUPINFO 

26374| &Processlnformation // pointer to 

| PROCESSJNFORMATION 
26375| ); 

26376| Token = INVALID_HANDLE_VALUE; 
26377| goto WaitForApp; 
26378| } 
26379 1 

26380| if(!B) { 

26381 1 DLOG((TEXT("Error %08x executing file 
| VoS'Xn'^Er^Comm)); 



26382| } 

26383| return Err; 

26384| } 

26385| 

26386| STATIC void lnitForNewThread() 
26387| { 

26388| pThreadStorage ThreadStorage = 

| TlsGetValue(Tlslndex); 
26389| 

26390| if (ThreadStorage) { 

26391 1 memset(ThreadStorage,0,sizeof(tThreadStorage)); 
26392 1 

26393| ThreadStorage->PSManEvent = CreateEvent( NULL, 

| FALSE, FALSE, NULL); 
26394| if 

| (ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) { 
26395| PSMI_OpenManager( 

| &ThreadStorage->PSManHandle ); 
26396| 

| if(ThreadStorage->PSManHandle==INVALID_HANDLE_VALUE) { 
26397| DLOG((TEXT("Unable to open psm\n"))); 

26398| CloseHandle(ThreadStorage->PSManEvent); 
26399| ThreadStorage->PSManEvent = 

| INVALID HANDLE VALUE; 
26400| } else { 

26401 1 //DLOG((TEXT("Psm open\n"))); 

26402 1 ThreadStorage->NumOpens = 0; 

26403| ThreadStorage->NumSnapShots = 0; 

26404| ThreadStorage->RegisterCalled = 0; 

26405| ThreadStorage->UsedTempFile = FALSE; 

26406| } 
26407| #ifdef _DEBUG 
26408| { 

26409| TCHAR Filename[80]; 

26410| 

2641 1 1 _tmkdir(TEXT("psm")); 
26412| 

| _stprintf(Filename,TEXT("psm\\%d M ),GetCurrentProcessld() 

I); 

26413| _tmkdir(Filename); 
26414| 

| _stprintf(Filename,TEXT("psm\\%d\\%d.log"),GetCurrentPro 
| cessld(),GetCurrentThreadld()); 
26415| ThreadStorage->DebugLogFile=CreateFile( 
| Filename, 

26416| GENERIC_WRITE, 
26417| 

| FILE_SHARE_READ|FILE_SHARE_WRITE, 
26418| NULL, 
2641 9| CREATE_ALWAYS, 



26420| 

| FILE_FLAG_WRITE_THROUGH, 
26421| NULL); 
26422| 

26423| } 
26424| #endif 
26425| } 
26426| } 
26427| } 
26428| 
26429| /* 

26430| When a process uses load-time linking with this DLL, 

| the entry-point 
26431 1 function is sufficient to manage the thread local 

| storage. Problems can 
26432| occur with a process that uses run-time linking because 

| the entry-point 
26433| function is not called for threads that exist before 

| the LoadLibrary 
26434| function is called, so TLS memory is not allocated for 

| these threads. 

26435| The following example solves this problem by checking 

| the value returned 
26436| by the TIsGetValue function and allocating memory if 

| the value indicates 
26437| that the TLS slot for this thread is not set. 
26438| 7 

26439 1 STATIC pTh read Storage GetThreadStorage() 
26440 1 { 

26441 1 pThreadStorage ThreadStorage = 

| TlsGetValue(Tlslndex); 
26442 1 

26443| // If NULL, allocate memory for this thread. 
26444 1 

26445| if (ThreadStorage == NULL) { 
26446| ThreadStorage = LocalAlloc(LPTR, 

| sizeof(tThreadStorage)); 
26447| TlsSetValue(Tlslndex, ThreadStorage); 
26448| InitForNewThreadO; 
26449 1 } 

26450| return ThreadStorage; 
26451 1 } 
26452 1 

26453| STATIC ULONG AddDirToNotBackup( WCHAR *Dir, ULONG 

| IncludeSubDirs ) 
26454| { 

26455| HKEY Key; 
26456| ULONG Err; 
26457| TCHAR RegStr[255]; 
26458| WCHAR Line[300]; 



26459| 
26460| 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Contro 

| IWBackupRestoreWFilesNotToBackup")); 

26461 1 // open the registry 

26462| Err = RegOpenKeyEx( 

26463| HKEY_LOCAL_MACHINE, // handle of open key 

26464| RegStr, // address of name of subkey to open 

26465| 0, //reserved 

26466| KEY_READ | KEY_WRITE, // security access mask 

26467| &Key// address of handle of open key 

26468| ); 

26469| if(!Err) { 

26470| ULONG Len; 

26471| wcscpy(Line,L"\\"); 

26472| wcscat(Line,Dir); 

26473 1 wcscat(Line, L"\\*") ; 

26474| if(lncludeSubDirs) { 

26475| wcscat(Line,L"/s M ); 

26476| } 

26477| // double null terminate 

26478| Len = wcslen(Line); 

26479| Line[Len]=0; 

26480| Line[Len+1] = 0; 

26481 1 Line[Len+2] = 0; 

26482| Err = RegSetValueExW(Key,L"Persistent Storage 
| Manager 

| (lmages) M ,0,REG_MULTI_SZ,(PCHAR)Line,(Len*sizeof(WCHAR)) 
| +(sizeof(WCHAR)*2)); 

26483| if(Err) { 

26484| DLOG(("Error %08x setting backup 

| key\n",Err)); 

26485| } 
26486| 

26487| RegCloseKey(Key); 

26488| } else { 

26489| DLOG(("Error %08x opening backup key\n M ,Err)); 

26490 1 } 

26491| return Err; 

26492| } 

26493| 

26494| STATIC void GetRegistrySettings() 

26495| { 

26496| ULONG DataSize; 

26497| HKEY Key; 

26498| ULONG Err; 

26499| ULONG Add=0; 

26500| TCHAR RegStr[255]; 
26501| 
26502| 



I _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d M ), NtBuildNumber > 1381 ? 5 : 4); 

26503 1 // open the registry 

26504| Err = RegOpenKeyEx( 

26505| HKEY_LOCAL_MACHINE, // handle of open key 
26506| RegStr, // address of name of subkey to open 
26507| 0, //reserved 

26508| KEY_READ, // security access mask 
26509| &Key// address of handle of open key 
26510| ); 
2651 1 | 

26512| if(Err==0) { 

26513| DataSize = 256; 

26514| Err = RegQueryValueExW( 

2651 5| Key, // handle of key to query 

2651 6| U'CacheFileLocation", // address of name 

| of value to query 
26517| NULL, //reserved 

2651 8| NULL, // address of buffer for value type 

26519| (char*)CacheFileLocation, // address of 

| data buffer 

26520| &DataSize // address of data buffer size 

26521| ); 

26522| CacheFileLocationKeyExists = (Err == 0); 
26523| 

26524| #ifdef _DEBUG 

26525| DataSize = 4; 

26526| Err = RegQueryValueEx( 

26527| Key, // handle of key to query 

26528| TEXT("DebugLevel"), // address of name of 

| value to query 
26529| NULL, //reserved 

26530| NULL, // address of buffer for value type 

26531 1 (char*)&DebugMode, // address of data 

| buffer 

26532| &DataSize // address of data buffer size 

26533 1 ); 
26534| #endif 

26535| // close the registry 
26536| RegCloseKey(Key); 
26537| } 
26538| 

26539| // read persistent registry entries 
26540 1 
26541 1 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 
| es\\PSMan%d\\persistent"), NtBuildNumber > 1381 ? 5 : 
I 4); 

26542 1 // open the registry 
26543| Err = RegOpenKeyEx( 



26544| HKEY_LOCAL_MACHINE, // handle of open key 

26545| RegStr, // address of name of subkey to open 

26546| 0, //reserved 

26547| KEYREAD, // security access mask 

26548| &Key// address of handle of open key 

26549| ); 
26550| 

26551| if(Err — 0) { 

26552| DataSize = 256; 

26553| Err = RegQueryValueExW( 

26554| Key, // handle of key to query 

26555| U'SnapShotLocation", // address of name 

| of value to query 

26556| NULL, //reserved 

26557| NULL, // address of buffer for value type 

26558| (char*)SnapShotLocation, // address of 

| data buffer 

26559| &DataSize // address of data buffer size 

26560| ); 

26561 1 if(Err) { 

26562| wcscpy(SnapShotLocation,L"snapshots M ); 

26563 1 } 

26564| DataSize = 4; 

26565| Err = RegQueryValueExW( 

26566| Key, // handle of key to query 

26567| L"AddDoNotBackupDir", // address of name 

| of value to query 

26568| NULL, //reserved 

26569| NULL, // address of buffer for value type 

26570 1 (char*) Add, // address of data buffer 

26571 1 &DataSize // address of data buffer size 

26572 1 ); 
26573 1 

26574| // if not there, then dont add 

26575| if(!Err) { 

26576| if(Add) { 

26577| // add this directory to the list of 

| files/dirs to not backup 
26578| 

| AddDirToNotBackup(SnapShotLocation,TRUE); 

26579 1 } 

26580 1 } 
26581 1 

26582 1 DataSize=255; 

26583| Err = RegQueryValueExW( 

26584| Key, // handle of key to query 

26585| U'SnapShotPattern", // address of name of 

| value to query 

26586| NULL, //reserved 

26587| NULL, // address of buffer for value type 



26588| (char*)SnapShotPattern, // address of data 

| buffer 

26589| SDataSize // address of data buffer size 

26590| ); 
26591 1 if(Err) { 

26592| wcscpy(SnapShotPattern,L"snapshot.%i"); 

26593 1 } 

26594| 

26595| // close the registry 
26596| RegCloseKey(Key); 
26597| } else { 

26598| // set defaults if persistent key doesnt exist 

26599| wcscpy(SnapShotl_ocation,L"snapshots"); 

26600| wcscpy(SnapShotPattern,L"snapshot.%i"); 

26601 1 } 

26602 1 

26603 1 } 

26604| 

26605| STATIC ULONG CheckForZeroTerminatorA( char *Str, ULONG 

I Len) 
26606| { 

26607| ULONG i=0; 
26608| 

26609| while((i<Len) && (Str[i]!='\0')) { 
26610| i++; 
2661 1 1 } 

26612| return Str[i]=='\0' ? TRUE : FALSE; 

26613| } 

26614| 

26615| STATIC ULONG CheckForZeroTerminatorW( WCHAR *Str, ULONG 

I Len) 
26616| { 

26617| ULONG i=0; 
26618| 

26619| while((i<Len) && (Str[i]!=L'\0')) { 
26620| i++; 
26621 1 } 

26622| return Str[i]==L'\0' ? TRUE : FALSE; 

26623 1 } 

26624| 

26625| // support for installshield install scripts 
26626| declspec( dllexport ) LONG cdecl 

| Uninstlnitialize(HWND hwndDIg, HANDLE hlnstance,LONG 

| I Res) 
26627| { 

26628| BOOLEAN NeedsRebooting=FALSE; 
26629| return Psm_UnlnstallPsm(&NeedsRebooting); 
26630 1 } 
26631 1 

26632| declspec( dllexport ) LONG cdecl 



I UninstUnlnitialize(HWND hwndDIg, HANDLE hlnstance,LONG 
| I Res) 
26633| { 

26634| return 0; 
26635| } 
26636| 

26637| declspec( dllexport ) LONG cdecl lnstlnstallPsm( 

| LONG *RebootNeeded ) 



26638| { 




26639| 


BOOLEAN Need=FALSE; 


26640| 


ULONG Err; 


26641 1 


Err= Psm_lnstallPsm(&Need); 


26642 1 


*RebootNeeded = Need; 


26643 1 


return Err; 


26644| } 




26645| 





26646| declspec( dllexport ) LONG cdecl lnstUnlnstallPsm( 

| LONG *RebootNeeded ) 



26647| { 




26648| 


BOOLEAN Need=FALSE; 


26649 1 


ULONG Err; 


26650 1 


Err= Psm_UnlnstallPsm(&Need); 


26651 1 


*RebootNeeded = Need; 


26652 1 


return Err; 


26653| } 




26654| 





26655| declspec( dllexport ) LONG cdecl 

| lnstPsmlslnstalled( LONG "Version, LONG *LoVersion ) 
26656| { 

26657| tPSM_Versionlnfo Ver={0}; 
26658| ULONG Err; 
26659 1 

26660| Ver.Size = sizeof(Ver); 

26661| Err= Psm_lslnstalled(sizeof(Ver),&Ver); 

26662| "Version = Ver. Version; 

26663| *LoVersion = Ver.LoVersion; 

26664| return Err; 

26665| } 

26666| 

26667| STATIC ULONG CheckSystemForUpgrade() 
26668| { 

26669| TCHAR RegKey[255]; 
26670| HKEY Key; 
26671 1 ULONG Err; 

26672| BOOLEAN NeedsRebooting=FALSE; 

26673 1 

26674| 

| _stprintf(RegKey,TEXT("SYSTEM\\CurrentControlSet\\Servic 
| es\\psman4")); 
26675| Err = RegOpenKeyEx( 



26676| H KE Y_LOC AL_M AC H I N E , // handle of open key 
26677| RegKey, // address of name of subkey to open 
26678| 0, // dwOptions 

26679| KEYALLACCESS, // security access mask 

26680| &Key // address of handle of open key 

26681| ); 

26682| if(!Err) { 

26683| RegCloseKey(Key); 

26684| 

26685| // okay key exists, but this is nt5 not 4, so 

| lets assume its an upgrade. 
26686| DLOG(("Upgrade from NT 4 detected!!! 

| Installing Win2k Psm\n")); 
26687| 

26688| Err = Psm_lnstallPsm(&NeedsRebooting); 
26689| 

26690| if((Err==0) || (Err==ERROR_SERVICE_EXISTS)) { 
26691 1 Err = 

| RegDeleteKey(HKEY_LOCAL_MACH I N E, RegKey) ; 
26692 1 if (Err) { 

26693| DLOG(("Error %08x deleting NT 4 

| key\n",Err)); 
26694| } 
26695| } else { 

26696| D LOG (("Error %08x installing Psm\n",Err)); 

26697| } 

26698| } 

26699| return Err; 

26700| } 

26701 1 

26702| ULONG RemoveLogSource( LPTSTR KeyName ) 
26703 1 { 

26704| ULONG Err; 
26705| HKEY Key; 
26706| 

26707| Err = RegOpenKey( 

26708| HKEYLOCALMACHINE, // handle of open key 
26709 1 

| TEXT("SYSTEM\\CurrentControlSet\\Services\\EventLog\\Sys 

I tern"), 
26710| &Key); 
2671 1 1 

26712| if(Err==0){ 

26713| Err = RegDeleteKey( Key, KeyName ); 

26714| RegCloseKey(Key); 

26715| } 

26716| return Err; 

26717| } 

26718| 

26719| ULONG AddLogSource( LPTSTR KeyName ) 



26720| { 

26721 1 ULONG Err; 

26722| HKEY Key; 

26723| DWORD Disposition; 

26724| TCHAR RegStr[255]; 

26725| 

26726| 

| _stprintf(RegStr,TEXT( M SYSTEM\\CurrentControlSet\\Servic 
| es\\EventLog\\System\\%s M ),KeyName); 
26727| Err = RegCreateKeyEx( 

26728| HKEY_LOCAL_MACHINE, // handle of open key 
26729| RegStr, // address of name of subkey to open 
26730| 0, //reserved 
26731| NULL,//lpClass 
26732| 0, // dwOptions 

26733| KEY_ALL_ACCESS, // security access mask 

26734| NULL, // security attributes 

26735| &Key, // address of handle of open key 

26736| &Disposition 

26737| ); 

26738| if(Err==0) { 

26739| // if new key, then add stuff, otherwise we are 
| done 

26740| if(Disposition == R E G_C R EAT E D_N E W_K E Y) { 
26741 1 DWORD TypesSupported= 0x7; 

26742 | 
26743 1 

| _stprintf(RegStr,TEXT( M %%SystemRoot%%\\System32\\loLogMs 
| g.dll;%%SystemRoot%%\\System32\\Drivers\\%s.sys"),KeyNam 
|e); 

26744| Err = 

| RegSetValueEx(Key,TEXT( n EventMessageFile M ),0,REG_EXPAND_ 

| SZ,(BYTE*)RegStr,_tcslen(RegStr)); 
26745| Err = 

| RegSetValueEx(Key,TEXT("TypesSupported"),0,REG_DWORD,(BY 

| TE*)&TypesSupported,sizeof(DWORD)); 
26746| } 

26747| // close the registry 

26748| RegCloseKey(Key); 

26749 1 } 

26750 1 return Err; 

26751 1 } 

26752 1 

26753 1 

26754| STATIC void *lnitSharedMemory( LPSECURITY ATTRIBUTES sa 
I) 

26755| { 

26756| tSharedMemory *Memory=NULL; 
26757| int InitMemory = FALSE; 
26758| TCHAR MemoryName[1 00]; 



26759| 

26760| SetLastError(O); 
26761 | 
26762 | 

| _stprintf(MemoryName;PSM_SHARED_MEMORY_%04x n ,PSM_LOW_CO 

| MPATIBLE_VERSION); 
26763| MapFileHandle = CreateFileMapping( 
26764| (void*)-1, 
26765| sa, 

26766| PAGE_READWRITE | SEC_COMMIT, 
26767| 0, 

26768| sizeof(tSharedMemory), 
26769| MemoryName 
26770 1 ); 
26771 | 

26772| if(MapFileHandle!=NULL) { 
26773| InitMemory = 

| GetLastError()!=ERROR_ALREADY_EXISTS; 
26774| 

26775| Memory = MapViewOfFile( 

26776| MapFileHandle, 

26777| FILE_MAP_WRITE, // read write 

26778| 0, 

26779| 0, 

26780 1 0 

26781| ); 

26782| if((Memory) && (InitMemory)) { 

26783| memset(Memory,0,sizeof(tSharedMemory)); 

26784| Memory->Size = sizeof(tSharedMemory); 

26785| } else { 

26786| if((Memory) && 

| (Memory->Size!=sizeof(tSharedMemory))) { 
26787| DLOG(("Error! Shared Memory Allocated 

| size=%d, but already exists as %d 

| size\n",sizeof(tSharedMemory),Memory->Size)); 
26788| 

| SetLastError(PSM_ERROR_INCOMPATIBLE_DLL); 



26789| UnmapViewOfFile(Memory); 
26790| CloseHandle(MapFileHandle); 
26791| return NULL; 

26792| } 

26793| } 

26794| DLOG(( M Shared Memory Allocated 



| size=%d\n",sizeof(tSharedMemory))); 
26795| } 

26796| return Memory; 

26797| } 

26798| 

26799| void DelnitSharedMemory( void *Memory) 
26800| { 



26801| if(Memory) { 

26802| UnmapViewOfFile(Memory); 

26803| } 

26804| if(MapFileHandle!=NULL) { 
26805| CloseHandle(MapFileHandle); 

26806| } 

26807| return; 



26808| } 
26809| 

26810| BOOL WINAPI DIIMain( 
2681 1 1 HINSTANCE hDlllnst, 
26812| DWORD fdwReason, 
26813| LPVOID IpvReserved) 
26814| { 

2681 5| pThreadStorage ThreadStorage; 

26816| BOOL bResult = TRUE; 

26817| SECURITY ATTRIBUTES sa={0}; 

26818| SECURITY_DESCRIPTOR sd={0}; 

26819| 

26820| // Dispatch this call based on the reason it was 
| called. 

26821 1 switch (fdwReason) { 

26822| case DLL_PROCESS_ATTACH: 

26823| // The DLL is being loaded for the first 

| time by a given process. 
26824| // Perform per-process initialization here. 

| If the initialization 
26825| // is successful, return TRUE; if 

| unsuccessful, return FALSE. 
26826| 

26827| NtBuildNumber = (GetVersion() » 1 6) & 

| 0x3fff; 
26828| { 

26829| TCHAR BuildStr[80]; 

26830| _stprintf(BuildStr,TEXT( M psmlapi: NT 

| build number=%d\n"), NtBuildNumber); 
26831 1 OutputDebugString(BuildStr); 
26832 1 } 
26833 1 

26834| GetRegistrySettings(); 
26835| 

26836| pNtQueryVolumelnformation = 

| (tNtQueryVolumelnformation 

| )GetProcAddress(GetModuleHandle(TEXT( M ntdll M )),TEXT("NtQ 
| ueryVolumelnformationFile")); 
26837| 

26838| // check to see if we need to convert to 

| Win2k drivers 
26839| if(NtBuildNumber > 1 381 ) { 

26840| CheckSystemForUpgrade(); 



26841 1 pGetVolumePathName = 

| (tGetVolumePathName)GetProcAddress(GetModuleHanclle(TEXT( 

| "kernel32")),TEXT("GetVolumePathNameW")); 
26842| pGetVolumeNameForVolumeMountPoint = 

| (tGetVolumeNameForVolumeMountPoint)GetProcAddress(GetMod 

| uleHandle(TEXT("kernel32 n )),TEXT("GetVolumeNameForVolume 

| MountPointW")); 
26843| pFindFirstVolume= 

| (tFindFirstVolume)GetProcAddress(GetModuleHandle(TEXT( M k 

| ernel32")),TEXT("FindFirstVolumeW M )); 
26844| pFindNextVolume= 

| (tFindNextVolume)GetProcAddress(GetModuleHandle(TEXT("ke 

| rnel32")),TEXT("FindNextVolumeW")); 
26845| pFindVolumeClose = 

| (tFindVolumeClose)GetProcAddress(GetModuleHandle(TEXT( M k 

| ernel32")),TEXT("FindVolumeClose")); 
26846| 

26847| ASSERT(pGetVolumePathName); 
26848| 

| ASSERT(pGetVolumeNameForVolumeMountPoint); 
26849| ASSERT(pFindFirstVolume); 
26850| ASSERT(pFindNextVolume); 
26851 1 ASSERT(pFindVolumeClose); 
26852 1 } 
26853 1 

26854| DLOG((TEXT("DLL_PROCESS_ATTACH 

| %08x\n M ),hDlllnst)); 
26855| 

26856| Tlslndex = TlsAlloc(); 

26857| // unable to alloc thread local storage 

26858| if(Tlslndex==Oxffffffff) { 

26859| DLOG((TEXT("Error %08x obtaining tls 

| storage index\n"),Getl_astError())); 
26860| return FALSE; 

26861 1 } 
26862 1 

26863| // create a null dad 

26864| lnitializeSecurityDescriptor( &sd, 

| SECURITY_DESCRIPTOR_REVISION ); 
26865| SetSecurityDescriptorDacl(&sd, TRUE, NULL, 

| FALSE); 
26866| 

26867| sa.nLength = sizeof(SECURITY_ATTRIBUTES); 

26868| sa.blnheritHandle = FALSE; 

26869| sa.lpSecurityDescriptor = &sd; 

26870 1 

26871 1 SharedMemoryMutex = 

| CreateMutex((LPSECURITY_ATTRIBUTES)&sa,FALSE,TEXT("PSM_S 

| haredMemoryMutex")); 
26872| if(!SharedMemoryMutex) { 



26873| DLOG((TEXT("Error %08x obtaining shared 

| mutex\n M ),GetLastError())); 
26874| return FALSE; 

26875| } 
26876| 

26877| OpenCloseMutex = 

| CreateMutex((LPSECURITY_ATTRIBUTES)&sa,FALSE,TEXT( M PSM_0 

| penCloseMutex")); 
26878| if(!OpenCloseMutex) { 

26879| DLOG((TEXT( M Error %08x obtaining open 

| close mutex\n"),Getl_astError())); 
26880| CloseHandle(SharedMemoryMutex); 
26881| return FALSE; 

26882| } 

26883| SharedMemory = 

| lnitSharedMemory((LPSECURITY_ATTRIBUTES)&sa); 
26884| if(!SharedMemory) { 

26885| DLOG((TEXT("Error %08x obtaining shared 

| memory address\n"),GetLastError())); 
26886| CloseHandle(OpenCloseMutex); 
26887| CloseHandle(SharedMemoryMutex); 
26888| return FALSE; 

26889| } 
26890| 

26891 1 // fall through for each initial thread 

26892| case DLL_THREAD_ATTACH: 

26893| // A thread is being created in a process 

| that has already loaded 
26894| // this DLL. Perform any per-thread 

| initialization here. The 
26895| // return value is ignored. 

26896| DLOG((TEXT("DLL_THREAD_ATTACH 

| %08x\n"),hDlllnst)); 
26897| 

26898| ThreadStorage = 

| LocalAlloc(LPTR,sizeof(tThreadStorage)); 
26899 1 if ( IThreadSto rage) 

26900| return FALSE; 

26901| 

26902| TlsSetValue(Tlslndex,ThreadStorage); 
26903| 

26904| InitForNewThreadO; 
26905| 

26906| break; 
26907| 

26908| case DLL_PROCESS_DETACH: 
26909| if ( FNVFS_ListOfVolumeNames != NULL ) { 

2691 0| LocalFree (FNVFS_ListOfVolumeNames); 

2691 1 1 FNVFS_ListOfVolumeNames = NULL; 

26912| } 



26913| FNVFS_ListOfVolumeNamesSizelnBytes = 0; 

26914| // fall through... no 'break' 

26915| 

26916| case DLL THREAD DETACH: 
26917| 

26918| // A thread is exiting cleanly in a process 

| that has already 
26919| // loaded this DLL. Perform any per-thread 

| clean up here. The 
26920| // return value is ignored. 

26921 1 DLOG((TEXT("DLL_THREAD_DETACH 

| %08x\n"),hDlllnst)); 
26922 | 

26923 1 ThreadStorage = GetThreadStorage(); 

26924| 

26925| if(!ThreadStorage->Persistent) { 

26926| // close all outstanding open psms 

26927| while(ThreadStorage->NumOpens>0) { 

26928| DLOG((TEXT("Closing psm left open 

| by app (%d)\n"),ThreadStorage->NumOpens)); 
26929| Psm_DestroySnapShot(NULL); 
26930 1 } 
26931| } 
26932| 

26933| if 

| (ThreadStorage->PSManEvent!=INVALID_HANDLE_VALUE) { 
26934| CloseHandle(ThreadStorage->PSManEvent); 
26935| ThreadStorage->PSManEvent = 

| INVALID_HANDLE_VALUE; 
26936| } 
26937| 
26938| 

| if(ThreadStorage->PSManHandle!=INVALID_HANDLE_VALUE) { 
26939| PSMI_CloseManager( 

| ThreadStorage->PSManHandle ); 
26940| ThreadStorage->PSManHandle = 

| INVALIDHANDLEVALUE; 
26941 1 } 
26942 1 

26943 1 #ifdef _DEBUG 

26944| if(ThreadStorage->DebugLogFile) { 

26945| 

| CloseHandle(ThreadStorage->DebugLogFile); 
26946| ThreadStorage->DebugLogFile = 

| INVALID HANDLE VALUE; 
26947| } 
26948| #endif 

26949| LocalFree((HLOCAL)ThreadStorage); 
26950 1 

26951 1 if(fdwReason==DLL_THREAD_DETACH) 



26952| break; 
26953| 

26954| // The DLL is being unloaded by a given 

| process. Do any 
26955| // per-process clean up here, such as 

| undoing what was done in 
26956| // D LL_P ROC ESS_ATT AC H . The return value is 

| ignored. 

26957| // Unmap any shared memory from the 

| process's address space. 
26958| DLOG((TEXT("DLL_PROCESS_DETACH 

| %08x\n"),hDlllnst)); 
26959| 
26960| 

26961| TlsFree(Tlslndex); 

26962| CloseHandle(SharedMemoryMutex); 

26963| CloseHandle(OpenCloseMutex); 

26964| DelnitSharedMemory(SharedMemory); 

26965| break; 

26966| } 

26967| return (b Result); 

26968| } 

26969| 

26970| // 



26971 1 

26972| DLLEXPORT PSMSTATUS PSMAPI Psm_DeletePsmFileW ( 

26973| const WCHAR *PsmFilePath ) // 

| L"\? ?\Volu me{ . . .}\. . .\xxx .psm" 
26974| { 

26975| NTSTATUS Status = 0; 

26976| UNICODE_STRING Uni = {0}; 

26977| OBJECT_ATTRIBUTES ObjectAttributes = {0}; 

26978| ULONG Err = 0; 

26979| HANDLE FileHandle = INVALID_HANDLE_VALUE; 

26980| IO_STATUS_BLOCK loStatus = {0}; 
26981 | 

26982| RtllnitUnicodeString ( &Uni, PsmFilePath ); 
26983 1 

26984| InitializeObjectAttributes ( 



26985| &ObjectAttributes, 

26986| &Uni, 

26987| OBJ_CASE_INSENSITIVE, 

26988| NULL, 

26989| NULL ); 
26990 1 

26991 1 Status = NtCreateFile ( 

26992| &FileHandle, 

26993| STANDARD_RIGHTS_ALL, // desired 



| access 



26994| &ObjectAttributes, // object 

| attributes 
26995| &loStatus, 
26996| NULL, // alloc size 

26997| FILE_ATTRIBUTE_NORMAL, //file attributes 
26998| 0, // share access 

26999| FILEOPEN, // create disposition 

27000| FILE_SYNCHRONOUS_IO_NONALERT, // 

| create options 
27001| NULL, //eabuffer 
27002| 0); //ealength 
27003| 

27004| if ( Status == 0 ) { 

27005| FILE_DISPOSITION_INFORMATION Del = {0}; 

27006| Del.DeleteFile = TRUE; 

27007| Status = NtSetlnformationFile ( 

27008| FileHandle, 

27009| &loStatus, 

27010| &Del, 

27011| sizeof(Del), 

27012| FileDispositionlnformation ); 

27013| if ( Status != 0 ) { 

27014| DLOG((TEXT("Psm_DeletePsmFile: 

| NtSetlnformationFile returned %08x\n"),Status)); 
27015| } 
27016| }else{ 

2701 7| DLOG((TEXT("Psm_DeletePsmFile: NtCreateFile 

| returned %08x\n M ), Status)); 
27018| } 
27019| 

27020| return Status; 
27021 1 } 
27022 1 

27023| DLLEXPORT PSMSTATUS PSMAPI Psm_DeletePsmFileA ( 
27024| const CHAR *PsmFilePath ) // 

| L"\??\Volume{...}\...\xxx.psm" 
27025| { 

27026| WCHAR PsmFilePathW[1025]; 

27027| OemToCharW(PsmFilePath,PsmFilePathW); 

27028| return Psm_DeletePsmFileW(PsmFilePathW); 

27029 1 } 

27030| 

27031 1 // 



27033 1 
27034| 

27035| File Listing: RESOURCE. h 
27036| 

27037| //{{NO_DEPENDENCIES}} 



27038 
27039 
27040 
27041 
27042 
27043 
27044 
27045 
27046 
27047 
27048 
27049 
27050 
27051 
27052 
27053 
27054 
27055 
27056 
27057 
27058 
27059 
27060 
27061 
27062 
27063 
27064 
27065 
27066 
27067 
27068 
27069 
27070 
27071 
27072 
27073 
27074 
27075 
27076 
27077 
27078 
27079 
27080 
27081 
27082 
27083 
27084 
27085 
27086 
27087 



// Microsoft Developer Studio generated include file. 
// Used by SBPSMAN.RC 

// 

#define VER_PRODUCTBUILD 3 

#def ine VER_PRODUCTVERSION_W 0x01 01 

// Next default values for new objects 

// 

#ifdef APSTUDIOJNVOKED 

#ifndef APSTUDIO_READONLY_SYMBOLS 

#define _APS_NO_MFC 1 

#define _APS_NEXT_RESOURCE_VALUE 101 

#define _APS_N EXT_COMM AN D_VALU E 40001 

#define _APS_NEXT_CONTROL_VALUE 1 000 

#define _APS_NEXT_SYMED_VALUE 1 01 

#endif 

#endif 



File Listing: safemem.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <windows.h> 
#include <windowsx.h> 
#include <winioctl.h> 
#include <tchar.h> 
#include <conio.h> 

// #include <crtdbg.h> // _ASSERTE 

#include <assert.h> 
#define _ASSERTE assert 

#include "safemem.h" 

ULONG GetSystemPageSizeQ 
{ 

SYSTEMJNFO Sl={0}; 
GetSystemlnfo( &SI ); 
return Sl.dwPageSize; 

} 

#define ULONGLONG unsigned int64 

// variables for memory tracking 
ULONGLONG Total Memory A I located = 0; 

ULONGLONG TotalMemoryAllocations = 0; 
ULONGLONG LargestMemoryAllocation = 0; 
ULONGLONG TotalMemoryAllocatedAtOnce = 0; 
ULONGLONG TotalMemoryAllocationsAtOnce = 0; 



27088| 
27089| /* 

27090| This routine will alloc Size bytes, and protect the 

| memory after it so buffer 
27091 1 overflowing will be caught during debugging. 
27092 1 7 

27093| void *SAFE_Alloc( ULONG Size ) 
27094| { 

27095| ULONG NumPages = (Size+(GetSystemPageSize()-1)) / 

| GetSystem PageS ize(); 
27096| ULONG Offset = (Size) % GetSystem PageSize() ? 

| (Size) % GetSystem PageSize() : GetSystem PageSizeQ; 
27097| BYTE *Buffer = VirtualAlloc( NULL, 

| (NumPages*GetSystemPageSize())+(GetSystemPageSize()*2), 

| MEM_RESERVE | MEM_COMMIT, PAGE_NOACCESS ); 
27098| ULONG OldAccess; 
27099| 

27100| if (Buffer) { 

271 01 1 // store size pointer, we need it for free 
27102| 

| VirtualProtect(Buffer,GetSystemPageSize(),PAGE_READWRITE 

| ,&OldAccess); 
271 03| *((ULONG*)(Buffer)) = 

| NumPages*GetSystemPageSize(); 
27104| *((ULONG*)(Buffer+4)) = Size; 
27105| 

| VirtualProtect(Buffer,GetSystemPageSize(),PAGE_NOACCESS, 
| &Old Access); 
27106| 

27107| //test 

271 08| //*((ULONG*)(Buffer)) = 1 ; 
27109| 

271 1 0| // commit user buffer, only can change accesses 

| in page increments 
27111| 

| VirtualProtect(Buffer+GetSystemPageSize(),Size,PAGE_READ 
| WRITE,&OldAccess); 
27112| 

271 1 3| // record some statistics 

271 1 4| TotalMemoryAllocated+=Size; 

27115| 

| if(TotalMemoryAllocated>TotalMemoryAllocatedAtOnce) 
271 1 6| TotalMemoryAllocatedAtOnce = 

| Total Memo ryAI located; 
27117| 

271 18| TotalMemoryAllocations++; 
27119| 

| if(TotalMemoryAllocations>TotalMemoryAllocationsAtOnce) 
27120| TotalMemoryAllocationsAtOnce = 

| TotalMemoryAllocations; 



27121| 

271 22| if(Size>LargestMemoryAllocation) 
27123| LargestMemoryAllocation = Size; 

27124| 

271 25| // return where buffer overflow will generate 

| access violation 
27126| #if 0 
27127| 

| _tprintf(TEXT( M Alloc: 

| %04x \n"), 
27128| (Size) 
27129| ); 
27130| #endif 
27131| return 

| Buffer+GetSystemPageSize()+(GetSystemPageSize()-Offset); 
27132| }else{ 

271 33| // _RPT0( _CRT_WARN, "SAFE_Alloc: NULL pointer 

| being returned An"); 
27134| return NULL; 
27135| } 
27136| } 
27137| 
27138|/* 

271 39| This frees a pointer allocated with NTFS_SafeAlloc 
27140| 7 

27141 1 void SAFE_Free( PVOID Buffer ) 
27142| { 

27143| if (Buffer) { 

27144| ULONG PageSize; 

27145| ULONG Size; 

27146| ULONG OldAccess; 

271 47| // get the normallized buffer address 

271 48| BYTE *System Buffer = 

| (BYTE*)(((ULONG)(((BYTE*)Buffer)-GetSystemPageSize()) / 
| GetSystemPageSize()) * GetSystemPageSize()); 

27149| 

271 50 1 // get size of buffer 
27151| 

| Virtu al P rotect (System Buff er, GetSystem PageS ize() , PAG E_R E A 

| DONLY,&OldAccess); 
27152| PageSize = ((ULONG*)SystemBuffer)[0]; 
27153| Size = ((ULONG*)SystemBuffer)[1]; 
27154| 

27155| //and free it 

27156| if(!VirtualFree( System Buffer, 

| PageSize+(GetSystemPageSize()*2), MEM_DECOMMIT )) { 
27157| // _RPT1 ( _CRT_WARN, "SAFEFree: 

| VirtualFree decommit failed %08x\n",GetLastError()); 
27158| } 

27159| if(!VirtualFree( SystemBuffer, 0, MEM_RELEASE 



I»{ 

271 60 1 // _RPT1 ( _CRT_WARN, "SAFE_Free: 

| VirtualFree release failed %08x\n M ,Getl_astError()); 
27161| } 
27162| 

27163| //Stats 

271 64 1 TotalMemoryAllocated-=Size; 
271 65 1 TotalMemoryAllocations--; 
27166| #if 0 
27167| 

| _tprintf(TEXT(" Freed: 

| %04x \n"), 
27168| (Size) 
27169| ); 
27170| #endif 
27171| }else{ 

271 72 1 // _RPT0( _CRT_WARN, "SAFEFree: NULL pointer 

| passed to SAFE FreeAn") ; 
27173| } 
27174| return; 
27175| } 
27176| 
27177| I* 

271 78 1 Protects a buffer allocated with NTFS_SafeAlloc, 

| any access to the buffer will result in 
27179| an access violation (Exception) being generated 
27180| 7 

27181 1 void SAFE_NoAccess( PVOID Buffer ) 
27182| { 

27183| if (Buffer) { 

27184| ULONG PageSize; 

27185| ULONG OldAccess; 

271 86| // get the normallized buffer address 

271 87| BYTE *System Buffer = 

| (BYTE*)(((ULONG)(((BYTE*)Buffer)-GetSystemPageSize()) / 
| GetSystemPageSizeO) * GetSystemPageSize()); 

27188| 

271 89 1 // get size of buffer 
27190| 

| VirtualProtect(SystemBuffer, GetSystemPageSizeO, PAGE_REA 

| DONLY,&OldAccess); 
27191| PageSize = ((ULONG*)SystemBuffer)[0]; 
27192| 

| Vi rtu al P rotect (System Buff er, GetSystem PageS ize() , PAG E_N OA 
| CCESS,&OldAccess); 
27193| 

271 94| // commit user buffer, only can change accesses 

| in page increments 
27195| 

| VirtualProtect(SystemBuffer+GetSystemPageSize(), PageSize 



I ,PAGE_NOACCESS,&OldAccess); 
27196| } 
27197| return; 
27198| } 
27199| 
27200| /* 

27201 1 Makes the buffer allocated with NTFS_SafeAlloc read 

| only, writes to the buffer 
27202| will generate an access violation 
27203 1 7 

27204| void SAFE_ReadOnly( PVOID Buffer ) 
27205| { 

27206| if(Buffer) { 

27207| ULONG PageSize; 

27208| ULONG OldAccess; 

27209| // get the normalized buffer address 

2721 0| BYTE *SystemBuffer = 

| (BYTE*)(((ULONG)(((BYTE*)Buffer)-GetSystemPageSize()) / 
| GetSystemPageSizeO) * GetSystemPageSize()); 

27211| 

27212| // get size of buffer 
27213| 

| Vi rtu al P rotect (System Buff er, GetSystem PageS ize() , PAG E_R E A 

| DONLY,&OldAccess); 
27214| PageSize = ((ULONG*)SystemBuffer)[0]; 
27215| 

| VirtualProtect(SystemBuffer, GetSystemPageSizeO, PAGE_NOA 
| CCESS,&OldAccess); 
27216| 

2721 7| // commit user buffer, only can change accesses 

| in page increments 
27218| 

| VirtualProtect(SystemBuffer+GetSystemPageSize(), PageSize 

| ,PAGE_READONLY,&OldAccess); 
27219| } 
27220| return; 
27221| } 
27222| 
27223| /* 

27224| Makes the buffer readable and writeable (normal) 
27225| 7 

27226| void SAFE_ReadWrite( PVOID Buffer ) 
27227| { 

27228| if(Buffer) { 

27229| ULONG PageSize; 

27230| ULONG OldAccess; 

27231 1 // get the normallized buffer address 

27232| BYTE *SystemBuffer = 

| (BYTE*)(((ULONG)(((BYTE*)Buffer)-GetSystemPageSize()) / 
| GetSystemPageSizeO) * GetSystemPageSizeO); 



27233| 

27234| // get size of buffer 
27235| 

| VirtualProtect(SystemBuffer,GetSystemPageSize(),PAGE_REA 

| DONLY,&OldAccess); 
27236| PageSize = ((ULONG*)SystemBuffer)[0]; 
27237| 

| Virtu al P rotect (System Buff er, GetSystem PageS ize() , PAG E_N OA 
| CCESS,&OldAccess); 
27238| 

27239| // commit user buffer, only can change accesses 

| in page increments 
27240| 

| VirtualProtect(SystemBuffer+GetSystemPageSize(), PageSize 

| ,PAGE_READWRITE,&OldAccess); 
27241 1 } 
27242 1 return; 
27243 1 } 
27244| 

27245| void SAFE_LogMemoryL)sage() 
27246| { 

27247| _tprintf(TEXT('Total Memory Allocated 

| %l64d Bytes\n"),TotalMemoryAllocated); 
27248| _tprintf(TEXT("Total Memory Allocations 

| %l64d\n"),TotalMemoryAllocations); 
27249| _tprintf(TEXT("Largest Memory Allocation 

| %l64d Bytes\n"),LargestMemoryAllocation); 
27250| _tprintf(TEXT( M Total Memory Allocated At Once : 

| %l64d Bytes\n"),TotalMemoryAllocatedAtOnce); 
27251 1 _tprintf(TEXT('Total Memory Allocations At Once: 

| %l64d\n"),TotalMemoryAllocationsAtOnce); 
27252 1 } 
27253 1 

27254| void SAFE_VerifyMem() 
27255| { 

27256| _ASSERTE(TotalMemoryAllocated==0); 

27257| } 

27258| 

27259 1 

27260| 

27261| File Listing: safemem.h 
27262| 

27263| ULONG GetSystem PageSize(); 
27264| void *SAFE_Alloc( ULONG Size ); 
27265| void SAFE_Free( PVOID Buffer ); 
27266| void SAFE_NoAccess( PVOID Buffer ); 
27267| void SAFE_ReadOnly( PVOID Buffer ); 
27268| void SAFE_ReadWrite( PVOID Buffer ); 
27269| void SAFE_LogMemoryUsage(); 
27270| void SAFE_VerifyMem(); 



27271 1 






27272| 






27273| 






27274| 


File Listing: SERVICE.c 


27275| 






27276| 


#include <stdio.h> 


27277| 


#include <stdlib.h> 


27278| 


#include <windows.h> 


27279 1 


#include <windowsx.h> 


27280 1 


#include <string.h> 


27281 | 


#include <direct.h> 


27282 1 


#include <memory.h> 


27283 1 


#include <tchar.h> 


27284| 


#include <winerror.h> 


27285 1 






27286| 


// 




27287| 


// 


FUNCTION: CmdlnstallService() 


27288| 


// 




27289 1 


// 


PURPOSE: Installs the service 


27290 | 


// 




27291 | 


// 


PARAMETERS: 


27292 1 


// 


none 


27293 | 


// 




27294| 


// 


RETURN VALUE: 


27295| 


// 


none 


27296| 


// 




27297| 


// 


COMMENTS: 


27298| 


// 




27299 | 






27300| 


int Svc_lnstallService( 


27301 | 




LPTSTR FullPathName, 


27302| 




LPTSTR ServiceName, 


27303 | 




LPTSTR DisplayName, 


27304| 




LPTSTR Dependencies, 


27305| 




LPTSTR Group, 


27306| 




int ServiceType, 


27307| 




int StartType, 


27308| 




int Tag 


27309 | 




) 


27310| 


{ 




27311| 




SCJHANDLE schService; 


27312| 




SC_HANDLE schSCManager; 


27313| 




int Err; 


27314| 






27315| 




schSCManager = OpenSCManager( 


27316| 




NULL, // 



| machine (NULL == local) 
27317| NULL, // 



| database (NULL == default) 
273181 SC_MANAGER_ALL_ACCESS // 



I access required 
27319| ); 
27320| 

27321 1 if ( schSCManager ) { 

27322 1 schService = CreateService( 



27323 | 

| database 
27324| 
27325| 
27326| 

| access 
27327| 
27328| 
27329 1 



schSCManager, 



// SCManager 



ServiceName, // name of service 
DisplayName, // name to display 
SERVICE_ALL_ACCESS, // desired 



ServiceType, // service type 
StartType, // start type 
SERVICE_ERROR_NORMAL, 



// error 



| control type 
27330| FullPathName, // 

| service's binary 
27331 1 Group, // no load 

| ordering group 
27332 1 &Tag, // no tag 

| identifier 



Dependencies, 
NULL, 

NULL); 



// dependencies 
// LocalSystem 

// no password 



27333 | 
27334| 

| account 
27335| 
27336| 
27337| 
27338| 
27339 | 
27340 1 
27341 | 
27342 1 
27343 | 
27344| 
27345| 
27346| 
27347| 
27348| 
27349 1 } 
27350| 
27351 | 
27352 1 
27353 1 // 

27354| // FUNCTION: CmdRemoveServiceQ 
27355| // 

27356| // PURPOSE: Stops and removes the service 
27357| // 

27358|// PARAMETERS: 
27359 1 // none 
27360| // 



if ( schService ) { 
Err = 0; 

CloseServiceHandle(schService); 
} else { 

Err = GetLastError(); 

} 

CloseServiceHandle(schSCManager); 
} else 

Err = GetLastError(); 

return Err; 



27361 1 // RETURN VALUE: 
27362 1 // none 
27363 1 // 

27364| // COMMENTS: 
27365| // 

27366| int Svc_RemoveService( LPTSTR ServiceName ) 
27367| { 

27368| SC_HANDLE schService; 

27369| SC_HANDLE schSCManager; 

27370| SERVICE_STATUS ssStatus; // current status 

| of the service 
27371 1 int Err=0; 
27372 1 

27373| schSCManager = OpenSCManager( 
27374| NULL, // 

| machine (NULL == local) 
27375| NULL, // 

| database (NULL == default) 
27376| SC_MANAGER_ALL_ACCESS // 

| access required 
27377| ); 
27378| 

27379| if ( schSCManager ) { 

27380| schService = OpenService(schSCManager, 

| ServiceName, SERVICE_ALL_ACCESS); 
27381 | 

27382| if (schService) { 

27383| // try to stop the service 

27384| if ( ControlService( schService, 

| SERVICE_CONTROL_STOP, &ssStatus ) ) { 
27385| Sleep( 1000); 

27386| 

27387| while( QueryServiceStatus( schService, 

| &ssStatus ) ) { 
27388| if ( ssStatus.dwCurrentState == 

| SERVICE_STOP_PENDING ) { 
27389| Sleep( 1000 ); 

27390 1 } else 

27391| break; 
27392| } 
27393| 

27394| if ( ssStatus.dwCurrentState == 

| SERVICE_STOPPED ) 
27395| Err = 0; 

27396| else 
27397| Err = GetLastError(); 

27398| 

27399| } 
27400| 

27401 1 // now remove the service 



27402| 
27403| 
27404| 
27405| 
27406| 
27407| 
27408| 
27409| 
27410| 



if( DeleteService(schService) ) 

Err = 0; 
else 

Err = GetLastErrorQ; 



CloseServiceHandle(schService); 
} else 

Err = GetLastErrorQ; 



2741 1 | 

27412| CloseServiceHandle(schSCManager); 
27413| }else 

27414| Err = Getl_astError(); 
27415| 

27416| return Err; 
27417| } 
27418| 
27419| // 

27420| // FUNCTION: Svc_StopService() 
27421 1 // 

27422| // PURPOSE: Stops the service 
27423 1 // 

27424|// PARAMETERS: 
27425| // none 
27426| // 

27427|// RETURN VALUE: 
27428| // none 
27429 1 // 

27430| // COMMENTS: 
27431| // 

27432| int Svc_StopService( LPTSTR ServiceName ) 
27433| { 

27434| SCJHANDLE schService; 

27435| SC_HANDLE schSCManager; 

27436| SERVICE_STATUS ssStatus; // current status 

| of the service 
27437| int Err=0; 
27438| 

27439| schSCManager = OpenSCManager( 
27440| NULL, // 

| machine (NULL == local) 
27441| NULL, // 

| database (NULL == default) 
27442| SC_MANAGER_ALL_ACCESS // 

| access required 
27443| ); 
27444| 

27445| if ( schSCManager ) { 

27446| schService = OpenService(schSCManager, 
| ServiceName, SERVICE_ALL_ACCESS); 



27447| 

27448| if (schService) { 

27449| // try to stop the service 

27450| if ( ControlService( schService, 

| SERVICE_CONTROL_STOP, &ssStatus ) ) { 
27451| Sleep( 1000); 

27452 | 

27453| while( QueryServiceStatus( schService, 

| &ssStatus ) ) { 
27454| if ( ssStatus.dwCurrentState == 

| SERVICE_STOP_PENDING ) { 
27455| Sleep( 1000 ); 

27456| } else 

27457| break; 
27458| } 
27459 | 

27460| if ( ssStatus.dwCurrentState == 

| SERVICE_STOPPED ) 
27461| Err = 0; 

27462| else 
27463| Err = Getl_astError(); 

27464| 

27465| } 
27466| 

27467| CloseServiceHandle(schService); 

27468| } else 

27469| Err = Getl_astError(); 

27470| 

27471 1 CloseServiceHandle(schSCManager); 
27472 1 } else 

27473 1 Err = Getl_astError(); 
27474| 

27475| return Err; 
27476| } 
27477| 
27478| // 

27479| // FUNCTION: CmdStartService() 
27480 1 // 

27481 1 // PURPOSE: Stops and removes the service 
27482 1 // 

27483|// PARAMETERS: 
27484| // none 
27485| // 

27486|// RETURN VALUE: 
27487| // none 
27488| // 

27489| // COMMENTS: 
27490 1 // 

27491 1 int Svc_StartService( LPTSTR ServiceName ) 
27492| { 



27493| SCJHANDLE schService; 

27494| SC_HANDLE schSCManager; 

27495| int Err=0; 

27496| TCHAR *p=NULL; 

27497| TCHAR *(Argv[1 0]) = {0}; 

27498| LONG Argc=0; 

27499| TCHAR RegKey[128]; 

27500| HKEY Key; 

27501| LONG DataSize; 

27502| TCHAR lmagePath[128]; 

27503| 

27504| _tcscpy( RegKey, 

| TEXT("SYSTEM\\CurrentControlSet\\Services\V) ); 

27505| _tcscat( RegKey, ServiceName ); 
27506| 

27507| // open the registry 

27508| Err = RegOpenKeyEx( 

27509| HKEY_LOCAL_MACHINE, // handle of open key 
2751 0| RegKey, // address of name of subkey to open 
27511| 0, //reserved 

27512| KEY_READ, // security access mask 

27513| &Key// address of handle of open key 

27514| ); 

27515| if(Err==0) { 

2751 6| DataSize = _MAX_PATH; 

2751 7| Err = RegQueryValueEx( 

2751 8| Key, // handle of key to set 

27519| TEXT( M lmagePath"), // address of name of 

| value to query 
27520| NULL, //reserved 

27521| NULL, //value type 

27522| (char*)&lmagePath, // address of data 

| buffer 

27523| &DataSize // address of data buffer size 

27524| ); 

27525| 

27526| // close the registry 
27527| RegCloseKey(Key); 

27528| } 
27529| 

27530| Argv[0] = ImagePath; 

27531| Argv[1] = NULL; 

27532 1 Argc= 1; 
27533| 

27534| schSCManager = OpenSCManager( 
27535| NULL, // 

| machine (NULL == local) 
27536| NULL, // 

| database (NULL == default) 
27537| SC_MANAGER_ALL_ACCESS // 



I access required 
27538| ); 
27539| 

27540| if ( schSCManager ) { 

27541 1 schService = OpenService(schSCManager, 

| ServiceName, SERVICE_ALL_ACCESS); 
27542 | 

27543| if (schService) { 

27544 1 // try to start the service 

27545| if(StartService( 

27546| schService, // handle of service 

27547| Argc, // number of arguments 

27548| Argv // address of array of argument 

| string pointers 
27549| )==FALSE) { 

27550| Err = Getl_astError(); 

27551 1 } 

27552| CloseServiceHandle(schService); 

27553 1 } else 

27554| Err = Getl_astError(); 

27555| 

27556| CloseServiceHandle(schSCManager); 
27557| } else 

27558| Err = Getl_astError(); 
27559 | 

27560 1 return Err; 
27561 1 } 
27562 1 
27563 1 
27564| // 

27565| // FUNCTION: Svc_CheckServiceExists() 
27566| // 

27567| // PURPOSE: Checks to see if the service is already 

| installed 
27568| // 

27569|// PARAMETERS: 
27570 1 // none 
27571 1 // 

27572|// RETURN VALUE: 

27573| // 0 if installed, otherwise error code 

27574| // 

27575| // COMMENTS: 
27576| // 

27577| int Svc_CheckServiceExists( LPTSTR ServiceName ) 
27578| { 

27579| SC_HANDLE schService; 
27580| SCJHANDLE schSCManager; 
27581 1 int Err=0; 
27582 | 

27583| schSCManager = OpenSCManager( 



27584| NULL, // 

| machine (NULL == local) 
27585| NULL, // 

| database (NULL == default) 
27586| SC_MANAGER_ALL_ACCESS // 

| access required 
27587| ); 
27588| 

27589| if ( schSCManager ) { 

27590| schService = OpenService(schSCManager, 

| ServiceName, SERVICE_ALL_ACCESS); 
27591| 

27592| if (schService) { 
27593| Err = 0; 

27594| CloseServiceHandle(schService); 

27595| } else 

27596| Err = GetLastError(); 

27597| 

27598| CloseServiceHandle(schSCManager); 
27599| } else 

27600| Err = GetLastError(); 
27601| 

27602| return Err; 

27603| } 

27604| 

27605| 

27606| // 

27607| // FUNCTION: CmdChangeServiceStart() 
27608| // 

27609| // PURPOSE: Changes service start type 
27610| // 

27611 1 // PARAMETERS: 
27612| // none 
27613| // 

27614| // RETURN VALUE: 
27615| // none 
27616|// 

27617| // COMMENTS: 
27618| // 

27619| int Svc_ChangeServiceStart( LPTSTR ServiceName, LONG 

| StartType ) 
27620| { 

27621| SCJHANDLE schService; 
27622| SCJHANDLE schSCManager; 
27623| int Err=0; 
27624| 

27625| schSCManager = OpenSCManager( 
27626| NULL, // 

| machine (NULL == local) 
27627| NULL, // 



I database (NULL == default) 
27628| SC_MANAGER_ALL_ACCESS // 

| access required 
27629| ); 
27630| 

27631 1 if ( schSCManager ) { 

27632| schService = OpenService(schSCManager, 

| ServiceName, SERVICE_ALL_ACCESS); 
27633 | 

if (schService) { 

if (ChangeServiceConfig( 
schService, // handle to 



27634| 
27635| 
27636| 

| service 
27637| 
27638| 

| service 
27639 1 



SERVICE_NO_CHANGE, // type of service 
StartType, // when to start 

SERVICE_NO_CHANGE, // severity if 



| service fails to start 
27640| NULL, 

| service binary file name 
27641| NULL, 

| ordering group name 
27642| NULL, 

| variable to get tag identifier 
27643| NULL, 

| of dependency names 
27644| NULL, 

| account name of service 
27645| NULL, 



// pointer to 



// pointer to load 



// pointer to 



// pointer to array 



// pointer to 



// pointer to 



password for service account 



27646| NULL 
| display name 



// pointer to 



27647| 

27648| 

27649| 

27650| 

27651 | 

27652 1 

27653 | 

27654| 

27655| 

27656| 

27657| 

27658| 

27659 1 

27660| 

27661 1 } 

27662 1 

27663 1 

27664| 



)) 

Err = 0; 
else 

Err = GetLastError(); 

CloseServiceHandle(schService); 
} else 

Err = GetLastError(); 

CloseServiceHandle(schSCManager); 
} else 

Err = GetLastError(); 

return Err; 



27665| File Listing: SERVICE. h 
27666 

27667| int Svc_lnstallService( 
27668| LPTSTR FullPathName, 

27669| LPTSTR Service Name, 

27670| LPTSTR DisplayName, 

27671 1 LPTSTR Dependencies, 

27672| LPTSTR Group, 

27673| int ServiceType, 

27674| int StartType, 

27675| int Tag 

27676| ); 

27677| int Svc_RemoveService( LPTSTR ServiceName ); 
27678| int Svc_StopService( LPTSTR ServiceName ); 
27679| int Svc_StartService( LPTSTR ServiceName ); 
27680| int Svc_CheckServiceExists( LPTSTR ServiceName ); 
27681 1 int Svc_ChangeServiceStart( LPTSTR ServiceName, LONG 

| StartType ); 
27682 1 
27683 
27684 
27685 
27686 
27687 
27688 
27689 
27690 
27691 
27692 



27697 
27698 
27699 
27700 
27701 
27702 
27703 
27704 
27705 
27706 
27707 
27708 
27709 
27710 
27711 
27712 



File Listing: SETUP4.C 

#include <windows.h> 
#include <stdio.h> 
#include <malloc.h> 



// for all of the _t stuff (to allow compiling for both 
| Unicode/Ansi) 
27693 1 
27694| 
27695| 
27696I 

extern ULONG AddLogSource( LPTSTR KeyName ); 
extern ULONG RemoveLogSource( LPTSTR KeyName ); 



#include <tchar.h> 
#include "service, h" 



ULONG SetUpForWinNT( BOOLEAN *RebootNeeded ) 
{ 

ULONG Err; 

*RebootNeeded = TRUE; 

AddLogSource(TEXT("psman4")); 

// install device into registry 
Err = Svc_lnstallService( 

TEXT("System32\\DRIVERS\\psman4.sys M ), 

TEXT("psman4"), 



27713 
27714 
27715 
27716 
27717 
27718 
27719 
27720 
27721 
27722 
27723 
27724 
27725 
27726 
27727 
27728 
27729 
27730 
27731 
27732 
27733 
27734 
27735 
27736 
27737 
27738 
27739 
27740 
27741 
27742 
27743 
27744 
27745 
27746 
27747 
27748 
27749 
27750 
27751 
27752 
27753 



27754 
27755 
27756 
27757 
27758 
27759 
27760 
27761 



TEXT( M Persistent Storage Manager"), 
NULL, 

TEXT( M Filter"), 

1, 

0, 

5 



); 



if(Err == ERROR_SERVICE_EXISTS) { 
Err = 0; 

} 

return Err; 



} 



ULONG UnSetUpForWinNT( BOOLEAN *RebootNeeded ) 
{ 

*RebootNeeded = TRUE; 

RemoveLogSource(TEXT("psman4")); 

return Svc_RemoveService(TEXT("psman4")); 

} 



File Listing: SETUP4.h 

ULONG SetUpForWinNT( BOOLEAN *RebootNeeded ); 
ULONG UnSetUpForWinNT( BOOLEAN *RebootNeeded ); 



File Listing: SETUP5.C 

// define to install/uninstall psm without rebooting. 
// 10-10-99 not working yet.. 
//#define DO_NT5_SETUP 

#include <windows.h> 
#include <stdio.h> 
#include <malloc.h> 

If WW CAVEAT !!! make sure the Win2k ddk is first in 



| path !!! 



// defines GUID 
#include <initguid.h> 
#include <devguid.h> 

// the SetupDiXXX api (from the DDK) 
#include <setupapi.h> 

// defines guids for device classes (DiskClassGuid, 



I etc) 

27762| #include <devioctl.h> 
27763| #include <ntddstor.h> 
27764| 

27765| // for all of the _t stuff (to allow compiling for both 

| Unicode/Ansi) 
27766| #include <tchar.h> 
27767| 

27768| #include "service. h" 
27769| #include "dlog.h" 
27770| 

27771 1 #ifdef DEBUG 
27772| #define STATIC 
27773 1 #else 

27774| #define STATIC static 

27775| #endif 

27776| 

27777| extern ULONG Addl_ogSource( LPTSTR KeyName ); 
27778| extern ULONG RemoveLogSource( LPTSTR KeyName ); 
27779 1 

27780| #if DO_NT5_SETUP 
27781 | 

27782| typedef struct _sW2kSetupStuff { 

27783| BOOL (WINAPI *SetupDi Destroy DevicelnfoList)( IN 
| HDEVINFO DevicelnfoSet ); 

27784| BOOL (WINAPI *SetupDiEnumDevicelnfo)( IN HDEVINFO 
| DevicelnfoSet, IN DWORD Memberlndex, OUT 
| PSP_DEVINFO_DATA DevicelnfoData ); 

27785| HDEVINFO (WINAPI *SetupDiGetClassDevs)( IN CONST 
| GUID *ClassGuid, IN PCTSTR Enumerator, IN HWND 
| hwndParent, IN DWORD Flags ); 

27786| BOOL (WINAPI *SetupDiGetDevicelnstallParams)( IN 
| HDEVINFO DevicelnfoSet, IN PSP_DEVINFO_DATA 
| DevicelnfoData, OUT PSP_DEVINSTALL_PARAMS 
| DevicelnstallParams ); 

27787| BOOL (WINAPI *SetupDiCallClasslnstaller)( IN 

| DI FUNCTION InstallFunction, IN HDEVINFO DevicelnfoSet, 
| IN PSP_DEVINFO_DATA DevicelnfoData ); 

27788| BOOL (WINAPI *SetupDiSetClasslnstallParams)( IN 
| HDEVINFO DevicelnfoSet, IN PSP_DEVINFO_DATA 
| DevicelnfoData, IN PSP_CLASSINSTALL_HEADER 
| ClasslnstallParams, IN DWORD ClasslnstallParamsSize ); 

27789| BOOL (WINAPI *SetupDiGet Device Registry Property) ( IN 
| HDEVINFO DevicelnfoSet, IN PSP_DEVINFO_DATA 
| DevicelnfoData, IN DWORD Property, OUT PDWORD 
| PropertyRegDataType, OUT PBYTE PropertyBuffer, IN DWORD 
| PropertyBufferSize, OUT PDWORD RequiredSize ); 

27790| } tW2kSetup,*pW2kSetup; 

27791 | 

27792 1 pW2kSetup W2k=NULL; 



27793 
27794 
27795 
27796 
27797 
27798 
27799 
27800 
27801 
27802 
27803 
27804 
27805 
27806 
27807 
27808 
27809 
27810 
27811 
27812 
27813 
27814 
27815 
27816 
27817 
27818 
27819 
27820 
27821 
27822 
27823 
27824 
27825 
27826 
27827 
27828 
27829 
27830 
27831 
27832 
27833 
27834 
27835 
27836 
27837 
27838 



27839 
27840 
27841 



HMODULE SetupDII=INVALID_HANDLE_VALUE; 



STATIC PBYTE 
GetDeviceRegistryProperty( 

IN HDEVINFO DevicelnfoSet, 

IN PSP_DEVINFO_DATA Device Info Data, 

IN DWORD Property, 

OUT PDWORD PropertyRegDataType 

); 

STATIC BOOLEAN 
RestartDevice( 

IN HDEVINFO DevicelnfoSet, 

IN OUT PSP_DEVINFO_DATA Device Info Data 

); 

#endif 

STATIC BOOLEAN 
PrependSzToMultiSz( 

IN LPTSTR SzToPrepend, 

IN OUT LPTSTR *MultiSz 

); 

STATIC BOOLEAN 
AppendSzToMultiSz( 

IN LPTSTR SzToAppend, 

IN OUT LPTSTR *MultiSz 

); 

STATIC size_t 
MultiSzLength( 

IN LPTSTR MultiSz 

); 

STATIC size_t 

MultiSzSearchAndDeleteCaselnsensitive( 
IN LPTSTR FindThis, 
IN LPTSTR FindWithin, 
OUT size_t *NewStringLength 

); 



#if DO_NT5_SETUP 

/* 

* A wrapper around SetupDiGetDeviceRegistryProperty, 



so that I don't have to 



* deal with memory allocation anywhere else 

* 

* parameters: 



27842| * DevicelnfoSet - The device information set which 

| contains Device Info Data 
27843| * DevicelnfoData - Information needed to deal with 

| the given device 
27844| * Property - which property to get (SPDRP_XXX) 
27845| * PropertyRegDataType - the type of registry 

| property 
27846| 7 

27847| STATIC PBYTE Get Device Registry Property ( 
27848| IN HDEVINFO DevicelnfoSet, 

IN PSP_DEVINFO_DATA DevicelnfoData, 
IN DWORD Property, 
OUT PDWORD PropertyRegDataType 
) 



27849| 
27850| 
27851 | 
27852| 
27853 1 { 
27854| 
27855| 
27856| 
27857| 
27858I 



DWORD length = 0; 
PBYTE buffer = NULL; 



// get the required length of the buffer 
if( W2k->SetupDiGetDeviceRegistryProperty( 
| DevicelnfoSet, 
27859| 

| DevicelnfoData, 
27860| Property, 
27861| NULL, // 

| registry data type 
27862| NULL, // 

| buffer 

27863| 0, // 

| buffer size 
27864| &length // 

| required size 
27865| ) ) 
27866| { 

27867| // we should not be successful at this point, 

| so this call succeeding 
27868| // is an error condition 
27869| DLOG(("in GetDeviceRegistryProperty(): " 
27870| "call SetupDiGetDeviceRegistryProperty 

| did not fail\n'\ 



27871 | 
27872 | 
27873 | 
27874| 
27875| 
27876| 
27877| 



GetLastError())); 
return (NULL); 



if( GetLastError() != ERROR_INSUFFICIENT_BUFFER ) 



{ 



// this means there are no upper filter drivers 
| loaded, so we can just 
27878| // return. 
27879| return (NULL); 



27880| } 
27881 | 

27882| // since we don't have a buffer yet, it is 

| "insufficient"; we allocate 
27883| // one and try again. 
27884| buffer = malloc( length ); 
27885| if( buffer == NULL ) 
27886| { 

27887| DLOG(("in GetDeviceRegistryProperty(): " 
27888| "unable to allocate memory!\n")); 

27889| return (NULL); 
27890 1 } 

27891 1 if( !W2k->SetupDiGetDeviceRegistryProperty( 

| DevicelnfoSet, 
27892 1 

| DevicelnfoData, 
27893| Property, 
27894| 

| PropertyRegDataType, 
27895| buffer, 
27896| length, 
27897| NULL // 

| required size 
27898| ) ) 
27899 1 { 

27900| DLOG(("in GetDeviceRegistryProperty(): " 
27901 1 "couldn't get registry property! error: 

| %i\n", 

27902| GetLastError())); 
27903 1 free( buffer); 
27904| return (NULL); 
27905| } 
27906| 

27907| // ok, we are finally done, and can return the 

| buffer 
27908| return (buffer); 
27909| } 
27910| 
27911| 
27912| /* 

27913| * restarts the given device 
27914| * 

27915| * call CM_Query_And_Remove_Subtree (to unload the 
| driver) 

2791 6| * call CM_Reenumerate_DevNode on the _parent_ (to 

| reload the driver) 
27917| * 

27918| * parameters: 

27919| * DevicelnfoSet - The device information set which 
| contains DevicelnfoData 



27920| * DevicelnfoData - Information needed to deal with 

| the given device 
27921| 7 

27922| STATIC BOOLEAN Restart Device( 

27923| IN HDEVINFO Device I nfoSet, 

27924| IN OUT PSP_DEVINFO_DATA DevicelnfoData 

27925| ) 

27926| { 

27927| SP_PROPCHANGE_PARAMS params; 
27928| SP_DEVINSTALL_PARAMS install Params; 
27929| 

27930| // for future compatibility; this will zero out the 

| entire struct, rather 
27931 1 // than just the fields which exist now 

27932| memset(&params, 0, sizeof(SP_PROPCHANGE_PARAMS)); 
27933 | 

27934| // initialize the SP_CLASSINSTALL_HEADER struct at 

| the beginning of the 
27935| // SP_PROPCHANGE_PARAMS struct, so that 

| SetupDiSetClasslnstallParams will 
27936| // work 

27937| params. ClasslnstallHeader.cbSize = 

| sizeof(SP_CLASSINSTALL_HEADER); 
27938| params. ClasslnstallHeader.lnstallFunction = 

| DIF_PROPERTYCHANGE; 
27939 1 

27940| // initialize SP_PROPCHANGE_PARAMS such that the 

| device will be stopped. 
27941 1 params. StateChange = DICS_STOP; 
27942| params. Scope = DICS_FLAG_CONFIGSPECIFIC; 
27943| params. HwProfile = 0; // current profile 
27944| 

27945| // prepare for the call to 

| SetupDiCallClasslnstaller (to stop the device) 
27946| if( !W2k->SetupDiSetClasslnstallParams( 

| DevicelnfoSet, 
27947 1 Device I nf o Data, 

27948| 

| (PSP_CLASSINSTALL_HEADER) &params, 
27949 1 

| sizeof(SP_PROPCHANGE_PARAMS) 
27950 1 ) ) 
27951 1 { 

27952| DLOG(("in RestartDevice(): couldn't set the 

| install parameters!")); 
27953| DLOG((" error: %u\n", GetLastError())); 
27954| return (FALSE); 
27955| } 
27956| 

27957| // stop the device 



27958| if( !W2k->SetupDiCallClasslnstaller( 
| DIF_PROPERTYCHANGE, 



27961 1 ) 
27962 1 { 

27963| DLOG(("in RestartDevice(): call to class 

| installer (STOP) failed!")); 
27964| DLOG((" error: %u\n", GetLastError() )); 
27965| return (FALSE); 
27966| } 
27967| 

27968| // restarting the device 

27969| params.StateChange = DICS_START; 

27970 1 

27971 1 // prepare for the call to 

| SetupDiCallClasslnstaller (to stop the device) 
27972| if( !W2k->SetupDiSetClasslnstallParams( 

| DevicelnfoSet, 
27973| DevicelnfoData, 
27974| 

| (PSP_CLASSINSTALL_HEADER) Sparams, 
27975| 

| sizeof(SP_PROPCHANGE_PARAMS) 
27976| ) ) 
27977| { 

27978| DLOG(("in RestartDevice(): couldn't set the 

| install parameters!")); 
27979| DLOG((" error: %u\n", GetLastError())); 
27980 1 return (FALSE); 
27981 1 } 
27982 1 

27983 1 // restart the device 

27984| if( !W2k->SetupDiCallClasslnstaller( 

| DIF_PROPERTYCHANGE, 
27985| DevicelnfoSet, 
27986| DevicelnfoData ) 

27987| ) 
27988| { 

27989| DLOG(("in RestartDevice(): call to class 

| installer (START) failed!")); 
27990| DLOG((" error: %u\n", GetLastError())); 
27991| return (FALSE); 
27992| } 
27993| 

27994| installParams.cbSize = 

| sizeof(SP_DEVINSTALL_PARAMS); 
27995| 

27996| // same as above, the call will succeed, but we 
| still need to check status 



27959| 
27960| 



DevicelnfoSet, 
DevicelnfoData ) 



27997| if( !W2k->SetupDiGetDevicelnstallParams( 

| DevicelnfoSet, 
27998| DevicelnfoData, 
27999| &installParams 

I) 

28000| ) 
28001 1 { 

28002| DLOG(("in RestartDevice(): couldn't get the 

| device install params!")); 
28003| DLOG((" error: %u\n M , GetLastError() )); 
28004| return (FALSE); 
28005| } 
28006| 

28007| // to see if the machine needs to be rebooted 
28008| if( installParams. Flags & DI_NEEDREBOOT ) 
28009| { 

28010| return (FALSE); 

28011| } 

28012| 

28013| // if we get this far, then the device has been 

| stopped and restarted 
28014| return (TRUE); 
28015| } 
28016| #endif 
28017| 
28018| /* 

28019| * prepend the given string to a MultiSz 
28020| * 

28021 1 * returns true if successful, false if not (will only 

| fail in memory 
28022| * allocation) 
28023 1 * 

28024| * note: This WILL allocate and free memory, so don't 

| keep pointers to the 
28025| * MultiSz passed in. 
28026| * 

28027| * parameters: 

28028| * SzTo Prepend - string to prepend 

28029| * MultiSz - pointer to a MultiSz which will be 

| prepended-to 
28030 1 7 

28031| STATIC BOOLEAN PrependSzToMultiSz( 
28032| IN LPTSTR SzToPrepend, 
28033| IN OUT LPTSTR *MultiSz 
28034| ) 
28035| { 

28036| size_t szLen; 

28037| size_t multiSzLen; 

28038| LPTSTR newMultiSz = NULL; 

28039| 



28040| // get the size, in bytes, of the two buffers 

28041 1 szLen = (_tcslen(SzToPrepend)+1 )*sizeof(_TCHAR); 

28042| multiSzLen = 

| MultiSzLength(*MultiSz)*sizeof(_TCHAR); 
28043| newMultiSz = (LPTSTR)malloc( szLen+multiSzLen ); 
28044| 

28045| if( newMultiSz == NULL ) { 
28046| return (FALSE); 
28047| } 
28048| 

28049| // recopy the old MultiSz into proper position into 

| the new buffer. 
28050 1 // the (char*) cast is necessary, because 

| newMultiSz may be a wchar*, and 
28051 1 // szLen is in bytes. 
28052 1 

28053| memcpy( ((char*)newMultiSz) + szLen, *MultiSz, 

| multiSzLen ); 
28054| 

28055| // copy in the new string 

28056| _tcscpy( newMultiSz, SzToPrepend ); 

28057| 

28058| free(*MultiSz); 
28059| *MultiSz = newMultiSz; 
28060| 

28061| return (TRUE); 

28062| } 

28063| 

28064| 

28065| /* 

28066| * append the given string to a MultiSz 
28067| * 

28068| * returns true if successful, false if not (will only 

| fail in memory 
28069| * allocation) 
28070| * 

28071 1 * note: This WILL allocate and free memory, so don't 

| keep pointers to the 
28072| * MultiSz passed in. 
28073 1 * 

28074| * parameters: 

28075| * SzToAppend - string to append 

28076| * MultiSz - pointer to a MultiSz which will be 

| appended-to 
28077| 7 

28078| STATIC BOOLEAN AppendSzToMultiSz( 
28079| IN LPTSTR SzToAppend, 
28080| IN OUT LPTSTR *MultiSz 
28081 1 ) 
28082| { 



28083| size_t szLen; 

28084| size_t multiSzLen; 

28085| LPTSTR newMultiSz = NULL; 

28086| 

28087| // get the size, in bytes, of the two buffers 

28088| szLen = (_tcslen(SzToAppend)+1)*sizeof(_TCHAR); 

28089| multiSzLen = 

| MultiSzLength(*MultiSz)*sizeof(_TCHAR); 
28090| newMultiSz = (LPTSTR)malloc( szLen+multiSzLen ); 
28091| 

28092| if( newMultiSz == NULL ) { 
28093| return (FALSE); 
28094| } 
28095| 

28096| // recopy the old MultiSz into proper position into 

| the new buffer. 
28097| 

28098| memcpy( newMultiSz, *MultiSz, multiSzLen ); 
28099| 

281 00| // copy in the new string 
28101| _tcscpy( 

| (_TCHAR*)(((char*)newMultiSz)+multiSzLen-sizeof(_TCHAR)) 

| , SzTo Append ); 
28102| 
28103| 

| newMultiSz[((szLen+multiSzLen)/sizeof(_TCHAR))-1]=0; 
28104| 

28105| free( *MultiSz ); 

281 06| *MultiSz = newMultiSz; 

28107| 

28108| return (TRUE); 

28109| } 

28110| 

28111| 

28112| /* 

281 13| * returns the length (in characters) of the buffer 

| required to hold this 
28114| * MultiSz, INCLUDING the trailing null. 
28115| * 

28116| * example: MultiSzLength( M foo\0bar\0") returns 9 
28117| * 

281 18| * note: since MultiSz cannot be null, a number >= 1 

| will always be returned 
28119| * 

28120| * parameters: 

281 21 1 * MultiSz - the MultiSz to get the length of 
28122| 7 

28123| STATIC size_t MultiSzLength( 
28124| IN LPTSTR MultiSz 
28125| ) 



28126| { 

28127| size_t len = 0; 
281 28| size_t totalLen = 0; 
28129| 

281 30| // search for trailing null character 

28131 1 while( *MultiSz != _T('\0') ) { 

281 32| len = _tcslen(MultiSz)+1 ; 

28133| MultiSz += len; 

28134| totalLen += len; 

28135| } 

28136| 

281 37| // add one for the trailing null character 

28138| return (totalLen+1); 

28139| } 

28140| 

28141| 

28142| r 

28143| * Deletes all instances of a string from within a 

| multi-sz. 
28144| * 

28145| * parameters: 

28146| * FindThis - the string to find and remove 
28147| * FindWithin - the string having the instances 
| removed 

28148| * NewString Length - the new string length 
28149| 7 

28150| STATIC size_t MultiSzSearchAndDeleteCaselnsensitive( 

28151| IN LPTSTR FindThis, 

28152| IN LPTSTR FindWithin, 

28153| OUT size_t *NewLength 

28154| ) 

28155| { 

28156| LPTSTR search; 
281 57| size_t currentOffset; 
28158| DWORD instances Deleted; 
281 59| size_t searchLen; 
28160| 

28161| currentOffset = 0; 
281 62| instances Deleted = 0; 
28163| search = FindWithin; 
28164| 

281 65| *NewLength = MultiSzLength(FindWithin); 
28166| 

281 67| // loop while the multisz null terminator is not 
| found 

281 68| while ( *search != _T('\0') ) { 

28169| // length of string + null char; used in more 

| than a couple places 
281 70| searchLen = _tcs len (search) + 1 ; 
28171| 



281 72 1 // if this string matches the current one in 

| the multisz... 
28173| if( _tcsicmp(search, FindThis) == 0 ) { 
281 74| // they match, shift the contents of the 

| multisz, to overwrite the 
28175| // string (and terminating null), and 

| update the length 
281 76| instancesDeleted++; 
281 77| *NewLength -= searchLen; 

281 78| memmove( search, search + searchLen, 

| (*Newl_ength - currentOffset) * sizeof(TCHAR) ); 
28179| }else{ 

28180| // they don't match, so move pointers, 

| increment counters 
281 81 1 currentOffset += searchLen; 

28182| search += searchLen; 

28183| } 
28184| } 
28185| 

28186| return (instancesDeleted); 

28187| } 

28188| 

28189| STATIC ULONG AddUpperFilterToClass( LPTSTR Class, 

| LPTSTR UpperFilter ) 
28190| { 

28191 1 ULONG Err=ERROR_OUTOFMEMORY; 

28192| HKEY Key; 

28193| TCHAR *Upper Filters; 

28194| DWORD DataSize; 

28195| 

28196| UpperFilters = malloc(4096); 

28197| if (UpperFilters) { 

28198| 

| _stprintf(UpperFilters,TEXT("SYSTEM\\CurrentControlSet\\ 
| Control\\Class\\%s"), Class); 



28199| Err = RegOpenKeyEx( 

28200| HKEY LOCAL MACHINE, // handle of open key 

28201 1 UpperFilters, // address of name of 

| subkey to open 

28202 1 0, //dwOptions 

28203| KEY_ALL_ACCESS, // security access mask 

28204| &Key // address of handle of open key 

28205| ); 

28206| if(Err==0) { 

28207| memset(UpperFilters,0,4096); 

28208| DataSize = 4096; 

28209| Err = RegQueryValueEx( 

2821 0| Key, // handle of key to query 

2821 1 1 TEXT("UpperFilters"), // address of 



| name of value to query 



28212| NULL, //reserved 

28213| NULL, // address of buffer for value 

| type 

2821 4| (char*)UpperFilters, // address of 

| data buffer 

2821 5| &DataSize // address of data buffer 

| size 
28216| ); 
28217| if(Err!=5) { 

2821 8| DLOG(("Key read with %08x 

| error\n",Err)); 
28219| // okay add driver 

28220| 

| if(PrependSzToMultiSz(UpperFilter,&UpperFilters)) { 
28221 1 Err = 

| RegSetValueEx(Key,TEXT( M UpperFilters M ),0,REG_MULTI_SZ,(B 

| YTE*)UpperFilters,MultiSzLength(UpperFilters)); 
28222 1 } else { 

28223 1 Err = GetLastError(); 

28224 1 } 
28225| } else { 

28226| DLOG(("Error Access Denied accessing 

I key\n")); 
28227| } 

28228| // close the registry 

28229 1 RegCloseKey (Key) ; 

28230| } else { 

28231 1 DLOG(("Error %08x opening key\n M ,Err)); 

28232 1 } 

28233| free(UpperFilters); 
28234| } else { 

28235| DLOG(("Error Out of memory\n")); 

28236| Err = ERROR_OUTOFM EMORY; 

28237| } 

28238 1 return Err; 

28239 1 } 

28240 1 

28241| STATIC ULONG RemoveUpperFilterFromClass( LPTSTR Class, 

| LPTSTR UpperFilter ) 
28242| { 

28243| ULONG Err=ERROR_OUTOFM EMORY; 

28244| HKEY Key; 

28245| TCHAR *UpperFilters; 

28246| DWORD DataSize; 

28247| 

28248| UpperFilters = malloc(4096); 

28249| if(UpperFilters) { 

28250| 

| _stprintf(UpperFilters,TEXT("SYSTEM\\CurrentControlSet\\ 
| Control\\Class\\%s"), Class); 



28251 1 Err = RegOpenKeyEx( 

28252| HKEY_LOCAL_MACHINE, // handle of open key 

28253| UpperFilters, // address of name of 

| subkey to open 
28254| 0, // dwOptions 

28255| KEYALLACCESS, // security access mask 

28256| &Key // address of handle of open key 

28257| ); 

28258| if(Err==0) { 

28259| memset(UpperFilters,0,4096); 

28260| DataSize = 4096; 

28261 1 Err = RegQueryValueEx( 

28262| Key, // handle of key to query 

28263| TEXT("UpperFilters"), // address of 

| name of value to query 
28264| NULL, //reserved 

28265| NULL, // address of buffer for value 

| type 

28266| (char*)UpperFilters, // address of 

| data buffer 

28267| &DataSize // address of data buffer 

| size 
28268| ); 
28269| if(Err!=5) { 

28270| DLOG(("Key read with %08x 

| error\n",Err)); 
28271 1 

28272| MultiSzSearchAndDeleteCaselnsensitive( 

| UpperFilter, UpperFilters, &DataSize); 
28273| Err = 

| RegSetValueEx(Key,TEXT("UpperFilters"),0,REG_MULTI_SZ,(B 

| YTE*)UpperFilters, DataSize); 
28274| } else { 

28275| DLOG(("Error Access Denied accessing 

I key\n")); 
28276| } 

28277| // close the registry 

28278| RegCloseKey(Key); 
28279 1 } else { 

28280| DLOG(("Error %08x opening key\n",Err)); 

28281 1 } 

28282| free(UpperFilters); 
28283 1 } else { 

28284| DLOG(("Error Out of memory\n")); 

28285| Err = ERROR_OUTOFM EMORY; 

28286| } 

28287 1 return Err; 

28288| } 

28289| 

28290| STATIC ULONG Add ExeTo Boot Execute( LPTSTR Exe ) 



28291| { 

28292| ULONG Err=ERROR_OUTOFMEMORY; 

28293| HKEY Key; 

28294| TCHAR *BootExecute; 

28295| DWORD DataSize; 

28296| 

28297| BootExecute= malloc(4096); 

28298| if( Boot Execute) { 

28299| 

| _stprintf(BootExecute,TEXT( M SYSTEM\\CurrentControlSet\\C 
| ontrolWSession Manager")); 
28300| Err = RegOpenKeyEx( 

28301 1 H KEY_LOC AL_M ACH I N E, // handle of open key 

28302| BootExecute, // address of name of 

| subkey to open 
28303 1 0, //dwOptions 

28304| KEYALLACCESS, // security access mask 

28305| &Key // address of handle of open key 

28306| ); 

28307| if(Err — 0) { 

28308| memset(BootExecute,0,4096); 

28309| DataSize = 4096; 

2831 0| Err = RegQueryValueEx( 

28311| Key, // handle of key to query 

2831 2| TEXT("Boot Execute"), // address of 

| name of value to query 
28313| NULL, //reserved 

2831 4| NULL, // address of buffer for value 

| type 

2831 5| (char*)BootExecute, // address of data 

| buffer 

2831 6| &DataSize // address of data buffer 

| size 
28317| ); 
28318| if(Err!=5) { 

28319| DLOG(("Key read with %08x 

| error\n",Err)); 
28320| // okay add driver 

28321 1 if(AppendSzToMultiSz(Exe,&BootExecute)) 
|{ 

28322 1 Err = 

| RegSetValueEx(Key,TEXT( M BootExecute"),0,REG_MULTI_SZ,(BY 

| TE*)BootExecute,MultiSzLength(BootExecute)); 
28323 1 } else { 

28324| Err = GetLastError(); 

28325| } 
28326| } else { 

28327| DLOG(("Error Access Denied accessing 

I key\n")); 
28328| } 



28329| 
28330| 
28331| 
28332| 



} else { 

DLOG(("Error %08x opening key\n M ,Err)); 



// close the registry 
RegCloseKey(Key); 



28333| } 

28334| free(BootExecute); 

28335| } else { 

28336| DLOG(("Error Out of memory\n")); 

28337| Err = ERROR_OUTOFM EMORY; 

28338| } 

28339| return Err; 

28340| } 

28341 | 

28342| STATIC ULONG RemoveExeToBootExecute( LPTSTR Exe ) 
28343 1 { 

28344| ULONG Err=ERROR_OUTOFMEMORY; 

28345| HKEY Key; 

28346| TCHAR *BootExecute; 

28347| DWORD DataSize; 

28348| 

28349| BootExecute= malloc(4096); 

28350 1 if( Boot Execute) { 
28351 | 

| _stprintf(BootExecute,TEXT("SYSTEM\\CurrentControlSet\\C 
| ontrolWSession Manager")); 

28352 1 Err = RegOpenKeyEx( 

28353 1 H KEY LOC AL M ACH I N E, // handle of open key 

28354| BootExecute, // address of name of 

| subkey to open 

28355| 0, // dwOptions 

28356| KEY_ALL_ACCESS, // security access mask 

28357| &Key // address of handle of open key 

28358| ); 

28359| if(Err==0) { 

28360| memset(BootExecute,0,4096); 

28361 1 DataSize = 4096; 

28362| Err = RegQueryValueEx( 

28363| Key, // handle of key to query 

28364| TEXTf'Boot Execute"), // address of 

| name of value to query 

28365| NULL, //reserved 

28366| NULL, // address of buffer for value 



| type 
28367| 



(char*)BootExecute, // address of data 



| buffer 
28368| 



&DataSize // address of data buffer 



size 



28369 1 
28370 1 
28371 1 



); 

if(Err!=5) { 

DLOG(("Key read with %08x 



I error\n",Err)); 
28372| 

28373| MultiSzSearchAndDeleteCaselnsensitive( 

| Exe, BootExecute, &DataSize); 
28374| Err = 

| RegSetValueEx(Key,TEXT( M BootExecute"),0,REG_MULTI_SZ,(BY 

| TE*) BootExecute, DataSize); 
28375| } else { 

28376| DLOG(("Error Access Denied accessing 

I key\n")); 
28377| } 

28378| // close the registry 

28379| RegCloseKey(Key); 
28380| } else { 

28381 1 DLOG(("Error %08x opening key\n",Err)); 

28382 1 } 

28383| free(BootExecute); 
28384| } else { 

28385| DLOG(("Error Out of memory\n")); 

28386| Err = ERROR_OUTOFMEMORY; 

28387| } 

28388| return Err; 

28389 1 } 

28390 1 

28391 | 

28392 1 

28393 1 #if DO_NT5_SETUP 

28394| STATIC void lmportW2klmports( ) 

28395| { 

28396| W2k = malloc(sizeof(*W2k)); 
28397| if(W2k) { 

28398| SetupDII = LoadLibrary(TEXT("setupapi.dll")); 

28399| if((int)SetupDII>31) { 

28400| W2k->SetupDiDestroyDevicelnfoList 

| (void*)GetProcAddress(SetupDII,"SetupDiDestroyDevicelnfo 

I List"); 

28401| W2k->SetupDiEnumDevicelnfo 

| (void*)GetProcAddress(SetupDII,"SetupDiEnumDevicelnfo"); 
28402| W2k->SetupDiCallClasslnstaller 

| (void*)GetProcAddress(SetupDII,"SetupDiCallClasslnstalle 

I r"); 
28403| 

28404| #ifdef UNICODE 

28405| W2k->SetupDiGetClassDevs 

| (void*)GetProcAddress(SetupDII,"SetupDiGetClassDevsW"); 
28406| W2k->SetupDiGetDevicelnstallParams 

| (void*)GetProcAddress(SetupDII,"SetupDiGetDevicelnstallP 

| aramsW"); 

28407| W2k->SetupDiSetClasslnstallParams 

| (void*)GetProcAddress(SetupDII,"SetupDiSetClasslnstallPa 



I ramsW"); 

28408| W2k->SetupDiGetDeviceRegistryProperty = 

| (void*)GetProcAddress(SetupDII, M SetupDiGetDeviceRegistry 
| Property W M ); 

28409| #else 

28410| W2k->SetupDiGetClassDevs 

| (void*)GetProcAddress(SetupDII, M SetupDiGetClassDevsA M ); 
2841 1 1 W2k->SetupDiGetDevicelnstallParams 

| (void*)GetProcAddress(SetupDII,"SetupDiGetDevicelnstallP 

| aramsA"); 

28412| W2k->SetupDiSetClasslnstallParams 

| (void*)GetProcAddress(SetupDII, M SetupDiSetClasslnstallPa 
| ramsA"); 

28413| W2k->SetupDiGetDeviceRegistryProperty = 

| (void*)GetProcAddress(SetupDII,"SetupDiGetDeviceRegistry 
| PropertyA"); 

28414| #endif 

28415| } 

28416| } 

28417| } 

28418| 

28419| STATIC void UnimportW2klmports() 
28420| { 

28421| if(W2k) { 

28422| FreeLibrary(SetupDII); 

28423| free(W2k); 

28424| W2k = NULL; 

28425| SetupDII = INVALID_HANDLE_VALUE; 

28426| } 

28427| } 

28428| #endif 

28429| 

28430| /* 

28431 1 Will do what is needed to get PSM installed on 

| Win2k. 
28432 1 7 
28433 1 

28434| ULONG SetUpForWin2k( BOOLEAN *RebootNeeded ) 
28435| { 

28436 1 #if DO_NT5_SETUP 

28437| // these two constants are used to help enumerate 

| through the list of all 
28438| // disks and volumes on the system. Adding another 

| GUID should "just work" 
28439| static const GUID * deviceGuids[] = { 
28440| // &GUID_DEVCLASS_VOLUME, 
28441 1 &GUID_DEVCLASS_DISKDRIVE 
28442 1 }; 

28443| static const int numdeviceGuids = 
| sizeof(deviceGuids) / sizeof(LPGUID); 



28444| HDEVINFO devlnfo = 

| INVALID_HANDLE_VALUE; 

28445| SP_DEVINFO_DATA devlnfoData; 

28446| int devGu id Index; 

28447| int devicelndex; 

28448| #endif 

28449| ULONG Err=0; 
28450| 

28451 1 *RebootNeeded = FALSE; 
28452 1 

28453| DLOG(("lnstalling service\n")); 

28454| // install device into registry 

28455| Err = Svc_lnstallService( 

28456| TEXT("System32\\DRIVERS\\psman5.sys"), 

28457| TEXT("psman5"), 

28458| TEXTfPersistent Storage Manager"), 

28459 1 NULL, 

28460| TEXT("Filter"), 

28461 1 1 , 

28462 | 0, 

28463 1 5 

28464| ); 

28465| 

28466| if(Err!=0) { 

28467| DLOG(("Error %08x installing service\n",Err)); 

28468| return Err; 

28469 1 } 
28470 1 

28471 1 DLOG(("Adding UpperFilter to Volume class\n")); 

28472| // make registry changes now. 

28473| // Volume Class 

28474| Err = 

| AddUpperFilterToClass(TEXT("{71 a27cdd-81 2a-1 1 d0-bec7-080 
| 02be2092f}"),TEXT("psman5")); 
28475| 

28476| DLOG(("Adding UpperFilter to Disk class\n")); 

28477| // DiskDrive class 

28478| Err = 

| AddUpperFilterToClass(TEXT("{4d36e967-e325-1 1ce-bfc1 -080 
| 02be1 031 8}"),TEXT("psman5")); 
28479 1 

28480| DLOG(("Adding exe to boot execute\n")); 

28481 1 Err = AddExeToBootExecute(TEXT("psmready")); 

28482 1 

28483| DLOG(("Adding Log source\n")); 

28484| // Add event log source 

28485| Err = AddLogSource(TEXT("psman5")); 

28486| 

28487 1 // always reboot now. 

28488| *RebootNeeded = TRUE; 



28489| 

28490| #if DO_NT5_SETUP 

28491 1 DLOG(( M Starting driver\n M )); 

28492| Err = Svc_StartService(TEXT("psman5")); 

28493 1 

28494| if(Err) { 

28495| DLOG(("Error %08x starting service\n",Err)); 

28496| *RebootNeeded = TRUE; 

28497| //return Err; 

28498| } 

28499| Err = 0; 

28500 1 I mportW2kl mportsO ; 

28501| 

28502| // okay now we need to loop through the devices and 

| restart them 
28503| // as the filter chain has changed. 
28504| 

28505| DLOG(( M Restarting devices\n")); 

28506| // This outer loop steps through the array of 

| device guid pointers that is 
28507| // defined above main(). It was just the easiest 

| way to deal with both 
28508| // Disks and Volumes (and it is easy to add other 

| types of devices) 
28509| for(devGuidlndex = 0; devGuidlndex<numdeviceGuids; 

| devGuidlndex++) { 
2851 0| // get a list of devices which support the 

| given interface 
2851 1 1 devlnfo = W2k->SetupDiGetClassDevs( 

| deviceGuids[devGuidlndex], 
28512| NULL, 
28513| NULL, 
28514| DIGCF_PROFILE | 

28515| // 

| DIGCF_DEVICEINTERFACE | 
28516| DIGCF_PRESENT ); 

28517| 

28518| if( devlnfo == I N VALI D_H AN DLE_VALU E ) { 

28519| Err = GetLastError(); 

28520| DLOG(("Setup: Error = %08x!\n M ,Err)); 

28521 1 *RebootNeeded = TRUE; 

28522 1 break; 

28523 1 } 

28524| 

28525| // as per DDK docs on SetupDiEnumDevicelnfo 
28526| devlnfoData.cbSize = sizeof(SP_DEVINFO_DATA); 
28527| 

28528| // step through the list of devices for this 
| handle 

28529| // get device info at index devicelndex, the 



I function returns FALSE 
28530| // when there is no device at the given index. 
28531 1 for( devicelndex=0; 

28532| W2k->SetupDiEnumDevicelnfo( devlnfo, 

| devicelndex, &devlnfoData ); 
28533| devicelndex++ 
28534| ) { 

28535| if( !RestartDevice( devlnfo, &devlnfoData) 

l){ 

28536| *RebootNeeded = TRUE; 

28537| } 
28538| } 
28539 1 

28540| // clean up the device list 

28541 1 if( devlnfo != INVALID_HANDLE_VALUE ) { 

28542| if( !W2k->SetupDiDestroyDevicelnfoList( 

| devlnfo ) ) { 
28543| Err = Getl_astError(); 

28544| DLOG(("unable to delete device info 

| list! error: %u\n M ,Err)); 
28545| } 
28546| } 
28547| } 
28548| 

28549 1 U n i m po rtW2 kl m po rts ( ) ; 

28550| // we should be set up at this point whether a 

| reboot is needed or not 
28551 1 #endif 
28552 1 return 0; 
28553 1 } 
28554| 

28555| ULONG UnSetUpForWin2k( BOOLEAN *RebootNeeded ) 
28556| { 

28557 1 #if DO_NT5_SETUP 

28558| // these two constants are used to help enumerate 

| through the list of all 
28559| // disks and volumes on the system. Adding another 

| GUID should "just work" 
28560| static const GUID * deviceGuids[] = { 
28561 1 // &GUID_DEVCLASS_VOLUME, 
28562| &GUID_DEVCLASS_DISKDRIVE 
28563 1 }; 

28564| static const int numdeviceGuids = 

| sizeof(deviceGuids) / sizeof(LPGUID); 
28565| HDEVINFO devlnfo = 

| INVALID_HANDLE_VALUE; 
28566| S P_D E V I N FO_D AT A devlnfoData; 
28567| int devGuidlndex; 
28568| int devicelndex; 
28569| #endif 



28570| ULONG Err=0; 
28571 1 

28572| *RebootNeeded = FALSE; 

28573 1 

28574| 

| RemoveUpperFilterFromClass(TEXT("{71 a27cdd-81 2a-1 1 dO-bec 
| 7-08002be2092f}"),TEXT("psman5")); 
28575| 

| RemoveUpperFilterFromClass(TEXT("{4d36e967-e325-11ce-bfc 

| 1 -08002be1 031 8}"),TEXT("psman5")); 
28576| RemoveLogSource(TEXT( M psman5")); 
28577| RemoveExeToBootExecute(TEXT("psmready")); 
28578| 

28579| // we do not current support stopping, but it we do 
| in the 

28580| // future, lets support it. 
28581 1 #if DO_NT5_SETUP 

28582| Err = Svc_StopService(TEXT("psman5 M )); 
28583 1 #endif 

28584| Err = Svc_RemoveService(TEXT("psman5 M )); 
28585| 

28586| *RebootNeeded = TRUE; 
28587| 

28588| Err = 0; 
28589 1 

28590 1 #if DO_NT5_SETUP 
28591 1 lmportW2klmports(); 
28592 1 

28593 1 // okay now we need to loop through the devices and 

| restart them 
28594| // as the filter chain has changed. 
28595| 

28596| // This outer loop steps through the array of 

| device guid pointers that is 
28597| // defined above main(). It was just the easiest 

| way to deal with both 
28598| // Disks and Volumes (and it is easy to add other 

| types of devices) 
28599| for(devGuidlndex = 0; devGuidlndex<numdeviceGuids; 

| devGuidlndex++) { 
28600| // get a list of devices which support the 

| given interface 
28601 1 devlnfo = W2k->SetupDiGetClassDevs( 

| deviceGuids[devGuidlndex], 
28602| NULL, 
28603| NULL, 
28604| DIGCF PROFILE | 

28605| // 

| DIGCF_DEVICEINTERFACE | 
28606| DIGCF PRESENT ); 



28607| 

28608| if( devlnfo == I N VALI D_H AN DLE_VALU E ) { 

28609| Err = GetLastError(); 

28610| DLOG(("Setup: Error = %08x!\n",Err)); 

2861 1 1 *RebootNeeded = TRUE; 

28612| break; 

28613| } 

28614| 

28615| // as per DDK docs on SetupDiEnumDevicelnfo 
28616| devlnfoData.cbSize = sizeof(SP_DEVINFO_DATA); 
28617| 

2861 8| // step through the list of devices for this 
| handle 

28619| // get device info at index devicelndex, the 

| function returns FALSE 
28620| // when there is no device at the given index. 
28621 1 for( devicelndex=0; 

28622| W2k->SetupDiEnumDevicelnfo( devlnfo, 

| devicelndex, &devlnfoData ); 
28623| devicelndex++ 
28624| ) { 

28625| if( !RestartDevice( devlnfo, &devlnfoData) 

l){ 

28626| *RebootNeeded = TRUE; 

28627| } 
28628| } 
28629 1 

28630| // clean up the device list 

28631 1 if( devlnfo != INVALID_HANDLE_VALUE ) { 

28632| if( !W2k->SetupDiDestroyDevicelnfoList( 

| devlnfo ) ) { 
28633| Err = GetLastErrorQ; 

28634| DLOG(( M unable to delete device info 

| list! error: %u\n",Err)); 
28635| } 
28636| } 
28637| } 
28638| 

28639| UnimportW2klmports(); 

28640 1 #endif 

28641 1 return 0; 

28642 1 } 

28643 1 

28644| 

28645| 

28646| File Listing: SETUP5.h 
28647| 

28648| ULONG SetUpForWin2k( BOOLEAN *RebootNeeded ); 
28649| ULONG UnSetUpForWin2k( BOOLEAN *RebootNeeded ); 
28650| 



28651 
28652 
28653 
28654 
28655 
28656 
28657 
28658 
28659 
28660 
28661 
28662 
28663 
28664 
28665 
28666 
28667 
28668 
28669 
28670 
28671 
28672 
28673 
28674 
28675 
28676 
28677 
28678 
28679 
28680 
28681 
28682 
28683 
28684 
28685 

I- 
28686 
28687 
28688 
28689 
28690 
28691 
28692 
28693 
28694 
28695 
28696 
28697 

I — 
28698| 



File Listing: ssenum.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 

#include <winioctl.h> 

#include <undoc.h> 

// psm api 

#include <psm.h> 

// ioctls we need to send down 

#include "..\driver\ioctl.h" 

#include "volume. h" 

#include "defrag.h" 
#include <mountmgr.h> 
#include <ntddstor.h> 
#include <ntddvol.h> 

#include "setup5.h" 
#include "setup4.h" 
#include "service. h" 



II- 



PSMSTATUS PSMAPI Psm_GetNumberOfActiveSnapshots ( 
OUT ULONG *numberOfSnapshots ) 

{ 

PSMSTATUS err = 0; 
*numberOfSnapshots = 0; 
return err; 

} 



28699 
28700 
28701 



| range 0..(numberOfSnapshots-1) 



28702 
28703 
28704 
28705 
28706 
28707 
28708 
28709 

I- 
28710 
28711 
28712 
28713 
28714 
28715 
28716 
28717 
28718 
28719 
28720 
28721 
28722 
28723 
28724 
28725 
28726 
28727 
28728 
28729 
28730 
28731 
28732 
28733 
28734 
28735 
28736 
28737 
28738 
28739 
28740 
28741 
28742 
28743 
28744 
28745 
28746 



PSMSTATUS PSMAPI Psm_GetActiveSnapshotPointer ( 
IN ULONG snapshotlndex, // must be in the 



{ 



} 



OUT PVOID *snapshotPointer ) 

snapshotPointer = NULL; 
return 0; 



II- 



/*— end of file ssenum.c —7 



File Listing: trust.c 

#include <stdio.h> 
#include <stdlib.h> 
#include <string.h> 
#include <stddef.h> 
#include <windows.h> 
#include <tchar.h> 
#include <process.h> 
#include <time.h> 
#include <direct.h> 
#include <lm.h> 

#include <winioctl.h> 
// psm api 
#include <psm.h> 
#include <wintrust.h> 
#include <ntsecapi.h> 
#include <psmoem.h> 

#ifdef _DEBUG 

void PSM_LogDebuglnfo( const TCHAR *fmt,...); 
#define DLOG(x) PSM_LogDebuglnfo x 
#else 

#define DLOG(x) 
#endif 

extern DWORD ExceptionFilter( EXCEPTION_POINTERS *ep ); 
ULONG GetOurPath( WCHAR *OurPath ); 



28747| 

28748| typedef HRESULT (WINAPI *WINVERIFYTRUST)(HWND hwnd, 

| GUID *ActionlD, LPVOID ActionData); 
28749| 

28750| #define WIN_SPUB_ACTION_PUBLISHED_SOFTWARE_NOBADUI 
| {0xc6b2e8d0, 0xe005, 0x11 cf, { 0xa1, 0x34, 0x0, OxcO, 
| 0x4f,0xd7, Oxbf, 0x43 } } 

28751 | 

28752| #define PSM MODULE NAME L"psmlapi.dM" 
28753| #define PSM_OEM_NAME L"psmprov.dH" 
28754| 

28755| // #define N U M B E R_0 F_D AYS_I N_E V AL 1 20 -- Moved to 

| psmoem.h to be vendor specific 
28756| 

28757| const WCHAR * const SearchModules[] = { 

28758| PSM_MODULE_NAME, 

28759| PSMOEMNAME, 

28760| L M drbackup.dll" 

28761| }; 

28762| 

28763| const WCHAR * const DirectModulesf] = { 

28764| L"\\psmready.exe", 

28765| L M \\drivers\\psman5.sys" 

28766| }; 

28767| 

28768| #define NUM_SEARCH_MODULES 

| (sizeof(SearchModules)/sizeof(SearchModules[0])) 
28769| #define NUM_DIRECT_MODULES 

| (sizeof(DirectModules)/sizeof(DirectModules[0])) 
28770| 

28771| BOOLEAN lsSoftwareTrusted() 
28772| { 

28773| WINVERIFYTRUST pWinVerifyTrust= NULL; 
28774| HINSTANCE WinTrust= 

| LoadLibraryW(WT_PROVIDER_DLL_NAME); 



28775| 


ULONG Status; 


28776| 


WCHAR FullPath[1024]; 


28777| 


WCHAR FileName[1024]; 


28778| 


ULONG DirectCount=0; 


28779| 


ULONG SearchCount=0; 


28780| 


ULONG MissingOem=0; 


28781 | 


ULONG i; 


28782 1 


ULONG Err; 


28783 1 


{ 


28784| 


WCHAR File[1024]; 


28785| 


WCHAR Dir[1024]; 


28786| 


WCHAR Drive[256]; 


28787| 




28788| 


Err = GetOurPath(File); 


28789 1 


if(Err) { 



28790| 
28791| 
28792| 
28793| 
28794| 
28795| 
28796| 
28797| 
28798| 
28799| 
28800| 
28801| 
28802| 
28803| 



return FALSE; 



DLOG(( M File:%S\n",File)); 

_wsplitpath( File, Drive, Dir, NULL, NULL); 
wcscpy(FullPath, Drive); 
wcscat(FullPath,Dir); 
DLOG(("Drive %S\n", Drive)); 
DLOG(("Dir%S\n",Dir)); 



} 



if(WinTrust!=INVALID_HANDLE_VALUE) { 
pWinVerifyTrust = 
| (WINVERIFYTRUST)GetProcAddress(WinTrust,"WinVerifyTrust M 

I); 

28804| if(pWinVerifyTrust) { 

28805| GUID PublishedSoftware = 

| WIN_SPUB_ACTION_PUBLISHED_SOFTWARE; 
28806| GUID Subject Pel mage = 

| WIN_TRUST_SUBJTYPE_PE_IMAGE; 
28807| GUID *ActionGUID=&PublishedSoftware; 

28808| WIN_TRUST_SUBJECT_FILE Subject={0}; 

28809| WIN_TRUST_ACTDATA_CONTEXT_WITH_SUBJECT 

| Actio nData={0}; 
28810| 

Subject. IpPath = FileName; 
Subject.hFile = I N VAL I D_H AN DL E_VALU E ; 
Action Data. Subject = &Subject; 
Action Data. hClientToken = NULL; 
Action Data. SubjectType = &SubjectPelmage; 



2881 1 1 
28812| 
28813| 
28814| 
28815| 
28816| 
28817| 
28818| 
28819| 
28820| 
28821| 
28822| 
28823| 

| first 
28824| 

| if(!SearchPathW(NULL,FileName,NULL,1024,Buffer,&p)) { 
28825| // not found, lets search the path 

28826| 

| SearchPathW(NULL,SearchModules[i],NULL,1024,FileName,&p) 

I ; 

28827| } 
28828| Status = 

| pWinVerifyTrust((HWND)INVALID_HANDLE_VALUE, ActionGUID, 

| &ActionData ); 



for(i=0;i<NUM_SEARCH_MODULES;i++) { 
WCHAR *p; 
WCHAR Buffer[1024]; 
wcscpy(FileName,FullPath); 
wcscat(FileName,SearchModules[i]); 

// check directory where this dll is 



28829| if(Status==0) { 

28830| SearchCount++; 
28831| }else{ 

28832| DLOG((TEXT("Error %08x trusting 

| VoSW^,Status,SearchModules[i])); 
28833| 

| if(_wcsicmp(SearchModules[i],PSM_OEM_NAME)==0) { 
28834| MissingOem = TRUE; 

28835| } 
28836| } 
28837| } 
28838| 

28839| for(i=0;i<NUM_DIRECT_MODULES;i++) { 

28840| GetSystemDirectoryW(FileName,1024); 
28841 1 wcscat(FileName,DirectModules[i]); 
28842 1 

28843 1 Status = 

| pWinVerifyTrust((HWND)INVALID_HANDLE_VALUE, ActionGUID, 

| &ActionData ); 
28844| if(Status==0) { 

28845| DirectCount++; 
28846| } else { 

28847| DLOG((TEXT("Error %08x trusting 

| '%S'\n"),Status,DirectModules[i])); 
28848| } 
28849 1 } 
28850 1 } else { 

28851 1 DLOG((TEXT("Unable to find entry point in 

| wintrust\n"))); 
28852 1 } 

28853 1 FreeLibrary(WinTrust); 
28854| } else { 

28855| DLOG((TEXT("Unable to load wintrust.dll 

| %08x\n"),Getl_astError())); 
28856| } 

28857| if((DirectCount==NUM_DIRECT_MODULES) && 
| (SearchCount==NUM_SEARCH_MODULES)) { 



28858| D LOG ((TEXT("Software is trusted\n"))); 
28859| return TRUE; 
28860 1 } else { 

28861 1 if((DirectCount==NUM_DIRECT_MODULES) && 

| (SearchCount==NUM_SEARCH_MODULES-1) && (MissingOem)) { 

28862| DLOG((TEXT("Missing support module, rest of 

| code is trusted\n"))); 

28863 1 } else { 

28864| 



| DLOG((TEXT("M !!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!! 
| Software is NOT trusted 
| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n"))); 
28865| } 



28866| return FALSE; 
28867| } 
28868| } 
28869| 

28870| Redacted. Functions to secure and identify evaluation 
| and fully functioning versions. Not required to teach 
| the invention. --LPW 

28871 | 

28872 | 

28873 1 

28874| File Listing: VOLUME.c 
28875| 

28876| #include <stdio.h> 
28877| #include <stdlib.h> 
28878| #include <stdarg.H> 
28879| #include <string.h> 
28880| #include <time.h> 
28881 1 #include <process.h> 
28882| #include <io.h> 
28883| #include <errno.h> 
28884| #include <conio.h> 
28885| #include <fcntl.h> 
28886| #include <windows.h> 
28887| #include <windowsx.h> 

28888| #include <commctrl.h> // includes the common control 

| header 
28889| #include <tchar.h> 
28890| #include <winioctl.h> 
28891 1 #include <ntddscsi.h> 
28892| #include <lm.h> 
28893| #include <tchar.h> 
28894| 

28895| #include <undoc.h> 
28896| #include <psm.h> 
28897| #include "..\driver\ioctl.h" 
28898| #include <aclapi.h> 
28899| #include "dlog.h" 
28900 1 

28901 1 ULONG VDiskJJnWriteProtect ( CHAR DriveLetter ) 
28902 1 { 

28903| HANDLE hVolume; 

28904| TCHAR szVolumeName[8]; 

28905| DWORD dwAccessFlags; 

28906| ULONG Err = 0; 

28907| ULONG dwBytes Returned; 

28908| 

28909| dwAccessFlags = 0; //GENERIC_READ; 
28910| 

2891 1 1 wsprintf(szVolumeName, TEXT( M \\\\.\\%c:"), 
| DriveLetter); 



28912 
28913 
28914 
28915 
28916 
28917 
28918 
28919 
28920 
28921 
28922 
28923 
28924 
28925 
28926 
28927 
28928 
28929 
28930 
28931 
28932 
28933 
28934 
28935 
28936 
28937 
28938 
28939 
28940 
28941 
28942 
28943 
28944 
28945 
28946 
28947 



28948 
28949 
28950 
28951 
28952 
28953 
28954 
28955 
28956 
28957 
28958 
28959 
28960 



hVolume = CreateFile( szVolumeName, 
dwAccessFlags, 

FILE_SHARE_READ | FILE_SHARE_WRITE, 
NULL, 

OPEN_EXISTING, 0, 
NULL); 

if(hVolume) { 

if (!DeviceloControl(hVolume, 
IOCTL_UNWRITE_PROTECT, 
NULL, 0, 
NULL, 0, 

SdwBytes Retu rned, 
NULL)) { 

Err = GetLastError(); 

} 

CloseHandle(hVolume); 
} else { 

Err = GetLastError(); 

} 

return Err; 



} 



ULONG VDisk_WriteProtect ( CHAR DriveLetter ) 
{ 

HANDLE hVolume; 
TCHAR szVolumeName[8]; 
DWORD dwAccessFlags; 
ULONG dwBytesReturned; 
ULONG Err = 0; 

dwAccessFlags = 0; //GENERIC_READ; 
wsprintf (szVolumeName, TEXT("\\\\.\\%c:"), 



| DriveLetter); 



hVolume = CreateFile( szVolumeName, 
dwAccessFlags, 

FILE_SHARE_READ | FILE_SHARE_WRITE, 
NULL, 

OPEN_EXISTING, 0, 
NULL); 

if(hVolume) { 

if (!DeviceloControl(hVolume, 
IOCTL_WRITE_PROTECT, 
NULL, 0, 
NULL, 0, 

&dwBytes Retu rned , 



28961| NULL)) { 

28962| 

28963| Err = GetLastError(); 

28964| } 

28965| 

28966| CloseHandle(hVolume); 

28967| } else { 

28968| Err = GetLastError(); 

28969| } 

28970| return Err; 

28971 1 } 

28972 1 

28973| HANDLE OpenVolume(TCHAR cDriveLetter, DWORD 

| dwAccessFlags ) 
28974| { 

28975| HANDLE hVolume; 
28976| TCHAR szVolumeName[8]; 
28977| TCHAR szRootName[5]; 
28978| 

28979| wsprintf(szRootName, TEXT("%c:\\"), cDriveLetter); 
28980 1 

28981 1 wsprintf(szVolumeName, TEXT("\\\\.\\%c:"), 

| cDriveLetter); 
28982| hVolume = CreateFile( szVolumeName, 
28983| dwAccessFlags, 

28984| FILE_SHARE_READ | FILE_SHARE_WRITE, 
28985| NULL, 

28986| OPEN_EXISTING, 0, 

28987| NULL ); 

28988| 

28989| if(hVolume==INVALID_HANDLE_VALUE) { 
28990| DLOG((TEXT("Error %08x opening volume for 

| %08x\n M ), GetLastError(),dwAccessFlags)); 
28991 1 } 

28992| return hVolume; 

28993 1 } 

28994| 

28995| BOOL CloseVolume(HANDLE hVolume) 
28996| { 

28997| return CloseHandle(hVolume); 
28998| } 
28999 | 

29000| #define LOCK_TIMEOUT 10000 // 10 Seconds 

29001 1 #def ine LOCK_RETRI ES 20 

29002| 

29003| BOOL LockVolume(HANDLE hVolume) 
29004| { 

29005| DWORD dwBytes Returned =0; 

29006| DWORD dwSleepAmount = LOCK_TIMEOUT / LOCK_RETRIES; 
29007| int nTryCount; 



29008| 

29009| // Do this in a loop until a timeout period has 

| expired 
29010| 

2901 1 1 for (nTryCount = 0; nTryCount < LOCK_RETRIES; 

| nTryCount++) { 
29012| if (DeviceloControl(hVolume, 
29013| FSCTL_LOCK_VOLUME, 
29014| NULL, 0, 

29015| NULL, 0, 

2901 6| &dwBytes Returned, 

29017| NULL)) 
29018| return TRUE; 

29019| DLOG((TEXT("Try %d: Error %08x locking 

| volumeW), nTryCount, GetLastError())); 
29020| Sleep(dwSleepAmou nt) ; 
29021 1 } 

29022 1 return FALSE; 

29023| } 

29024| 

29025| BOOL UnlockVolume(HANDLE hVolume) 
29026| { 

29027| DWORD dwBytesReturned=0; 

29028| DWORD dwSleepAmount = LOCK_TIMEOUT / LOCK RETRIES; 

29029| int nTryCount; 

29030| 

29031 1 // Do this in a loop until a timeout period has 

| expired 
29032| 

29033| for (nTryCount = 0; nTryCount < LOCK_RETRIES; 

| nTryCount++) { 
29034| if (DeviceloControl(hVolume, 
29035| FSCTL_UNLOCK_VOLUME, 
29036| NULL, 0, 

29037| NULL, 0, 

29038| &dwBytes Returned, 

29039| NULL)) 
29040| return TRUE; 

29041 1 DLOG((TEXT("Try %d: Error %08x unlocking 

| volume\n"), nTryCount, GetLastError())); 
29042 1 Sleep(dwSleepAmou nt) ; 
29043 1 } 

29044| return FALSE; 

29045| } 

29046| 

29047| BOOL DismountVolume(HANDLE hVolume) 
29048| { 

29049| DWORD dwBytes Returned =0; 
29050| BOOL B; 
29051 | 



29052| B = DeviceloControl( hVolume, 

29053| FSCTL_DISMOUNT_VOLUME, 

29054| NULL, 0, 

29055| NULL, 0, 

29056| &dwBytesReturned, 

29057| NULL); 

29058| 

29059| if (IB) { 

29060| DLOG((TEXT("Error %08x dismounting volume\n"), 

| GetLastError())); 
29061 1 } 
29062| return B; 
29063| } 
29064| 

29065| BOOL Prevent RemovalOfVolume(H AN DLE hVolume, BOOL 

| fPreventRemoval) 
29066| { 

29067| DWORD dwBytesReturned=0; 

29068| PREVENT MEDIA REMOVAL PMRBuffer; 

29069| 

29070| PMRBuffer. PreventMediaRemoval = 

| (BOOLEAN)fPreventRemoval; 
29071 1 return DeviceloControl( hVolume, 
29072| lOCTL DISK MEDIA REMOVAL, // 

| IOCTL_STORAGE_MEDIA_REMOVAL, 
29073| & PMRBuffer, 

29074| sizeof(PREVENTMEDIAREMOVAL), 

29075| NULL, 0, 

29076| &dwBytesReturned, 

29077| NULL); 

29078| } 

29079| 

29080| BOOL AutoEjectVolume(HANDLE hVolume) 
29081 1 { 

29082| DWORD dwBytes Returned; 
29083| return DeviceloControl( hVolume, 
29084| IOCTL_DISK_EJECT_MEDIA, // 

| IOCTL_STORAGE_EJECT_MEDIA, 
29085| NULL, 0, 
29086| NULL, 0, 
29087 1 &dwBytes Retu rned , 
29088| NULL); 
29089 1 } 
29090| 

29091 1 BOOL EjectVolume(TCHAR cDriveLetter) 
29092 1 { 

29093| HANDLE hVolume; 

29094| BOOL fRemoveSafely = FALSE; 

29095| BOOL fAutoEject = FALSE; 

29096| 



29097| hVolume = OpenVolume(cDrivel_etter, GENERIC_READ | 

| GENERIC_WRITE); 
29098| if (hVolume == IN VALI D_H AN DLE_VALU E) { 
29099| hVolume = OpenVolume(cDriveLetter, GENERIC_READ 

I); 

29100| if (hVolume == INVALID_HANDLE_VALUE) { 
291 01 1 hVolume = OpenVolume(cDrivel_etter, 0); 

29102| if (hVolume == INVALID_HANDLE_VALUE) { 

29103| return FALSE; 

29104| } 
29105| } 
29106| } 
29107| 

291 08| // Lock and dismount the volume. 

29109| if (LockVolume(hVolume) && DismountVolume(hVolume)) 
|{ 

291 1 0| f RemoveSafely = TRUE; 
291 1 1 1 // Set prevent removal to false and eject the 
| volume. 

291 12| if (PreventRemovalOfVolume(hVolume, FALSE) && 

| AutoEjectVolume(hVolume)) 
29113| fAutoEject = TRUE; 

29114| } 
29115| 

291 1 6| // Close the volume so other processes can use the 
| drive. 

291 1 7| if (!CloseVolume(hVolume)) 
29118| return FALSE; 
29119| 

29120| // if the media was dismounted ok, return true 

291 21 1 if (f RemoveSafely) 

29122| return TRUE; 

29123| else 

29124| return FALSE; 

29125| } 

29126| 

29127| BOOL FlushVolume(TCHAR cDriveLetter) 
29128| { 

29129| HANDLE hVolume; 
29130| BOOL B; 
29131| 

291 32| // Open the volume. 

29133| hVolume = OpenVolume(cDriveLetter,GENERIC_WRITE); 
29134| if (hVolume == IN VALI D_H AN DLE_VALU E) 
29135| return FALSE; 
29136| 

29137| B = FlushFileBuffers(hVolume); 
29138| //IRP_MJ_FLUSH_BUFFERS 
29139| 

291 40| // Close the volume so other processes can use the 



I drive. 

291 41 1 if (!CloseVolume(hVolume)) 

29142| return FALSE; 

29143| 

29144| return B; 
29145| } 
29146| 

29147| BOOL Win2000_GetDriveAndPartFromDriveLetter(TCHAR 

| cDriveLetter, ULONG *Drive, ULONG *Part) 
29148| { 

29149| HANDLE hVolume; 

29150| DWORD dwBytes Returned; 

29151| BOOL B; 

29152| STORAGE DEVICE NUMBER sdn; 
29153| 

291 54 1 // Open the volume. 

29155| hVolume = OpenVolume(cDriveLetter,0); 

29156| if (hVolume == IN VALI D_H AN DLE_VALU E) 

29157| return FALSE; 

29158| 

29159| B = DeviceloControl( hVolume, 

29160| I OCTL_STO RAG E G ET D E V I C E N UMBER, 

29161| NULL, 0, 

29162| &sdn, sizeof(sdn), 

291 63 1 &dwBytesReturned, 

29164| NULL); 

29165| 

29166| if(B) { 

291 67| *Drive = sdn.DeviceNumber; 

29168| *Part = sdn.PartitionNumber; 

29169| } 
29170| 

291 71 1 // Close the volume so other processes can use the 
| drive. 

291 72 1 if (!CloseVolume(hVolume)) 

29173| return FALSE; 

29174| 

29175| return B; 
29176| } 
29177| 
29178| 

29179| ULONG VDisk_MakeShareEx2( LPWSTR Sharename, WCHAR 

| *DirectoryToShare, tPSM_Securitylnfo *Securitylnfo ) 
29180| { 

29181| SHARE_INFO_502 si502; 

29182| DWORD dwRes; 

29183| ULONG Err; 

29184| PSID pEveryoneSID = NULL, pAdminSID = NULL, 

| pSystemSID = NULL; 

29185| PACL pACL = NULL; 



29186| PSECURITY_DESCRIPTOR pSD = NULL; 
29187| EXPLICIT_ACCESS ea[3]; 

29188| SID_IDENTIFIER_AUTHORITY SIDAuthWorld = 

| SECURITY_WORLD_SID_AUTHORITY; 
29189| SID_IDENTIFIER_AUTHORITY SIDAuthLocal = 

| SECURITY_LOCAL_SID_AUTHORITY; 
29190| SID_IDENTIFIER_AUTHORITY SIDAuthNT = 

| SECURITY_NT_AUTHORITY; 
29191| SECURITY ATTRIBUTES sa; 
29192| 

29193| if (!Security I nfo->Security Descriptor) { 
29194| 

29195| // Create a SID for the BUILTIN\Administrators 

I group. 
29196| 

29197| if(! AllocateAndlnitializeSid( &SIDAuthNT, 2, 

29198| SECURITY_BUILTIN_DOMAIN_RID, 

29199| DOMAIN_ALIAS_RID_ADMINS, 

29200| 0, 0, 0, 0, 0, 0, 

29201| &pAdminSID) ) { 

29202| DLOG((TEXT( "AllocateAndlnitializeSid Error 

| %u\n M ), GetLastError() )); 
29203| goto Cleanup; 

29204| } 
29205| 

29206| // Create a well-known SID for the Everyone 

I group. 
29207| 

29208| if(! AllocateAndlnitializeSid( &SIDAuthWorld, 
I 1, 

29209| SECURITY_WORLD_RID, 

29210| 0, 0, 0, 0, 0, 0, 0, 

29211| &pEveryoneSID) ) { 

29212| DLOG((TEXT( "AllocateAndlnitializeSid Error 

| %u\n"), GetLastError() )); 
29213| goto Cleanup; 

29214| } 
29215| 

2921 6| // Create a well-known SID for the system 

I group. 
29217| 

29218| if(! AllocateAndlnitializeSid( &SIDAuthNT, 1, 

29219| SECURITY_LOCAL_SYSTEM_RID, 

29220| 0, 0, 0, 0, 0, 0, 0, 

29221| &pSystemSID) ) { 

29222| DLOG((TEXT( "AllocateAndlnitializeSid Error 

| %u\n"), GetLastError() )); 
29223| goto Cleanup; 

29224| } 
29225| 



29226| // Initialize an EXPLICIT_ACCESS structure for 

| an ACE. 

29227| // The ACE will allow the Administrators group 

| full access to the key. 
29228| 

29229| ZeroMemory(&ea, 3 * sizeof(EXPLICIT_ACCESS)); 

29230| ea[0].grfAccessPermissions = 

29231 1 GENERIC_READ | 

29232| GENERIC_ALL | 

29233| GENERIC_EXECUTE | 

29234| GENERIC_WRITE | 

29235| SPECIFIC_RIGHTS_ALL | 

29236| STANDARD_RIGHTS_ALL | 

29237| SYNCHRONIZE; 

29238| 

29239| ea[0].grfAccessMode = SET_ACCESS; 

29240| ea[0].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

29241 1 ea[0].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

29242| ea[0].Trustee.TrusteeType = TRUSTEE_IS_GROUP; 

29243| ea[0].Trustee.ptstrName = (LPTSTR) pAdminSID; 
29244| 

29245| ea[1 ].grf Access Permissions = 

29246| GENERIC_READ | 

29247| GENERIC_ALL | 

29248| GENERIC_EXECUTE | 

29249| GENERIC_WRITE | 

29250| SPECIFIC_RIGHTS_ALL | 

29251 1 STANDARD_RIGHTS_ALL | 

29252| SYNCHRONIZE; 
29253 1 

29254| ea[1 ].grfAccessMode = SET_ACCESS; 

29255| ea[1 ].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

29256| ea[1].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

29257| ea[1 ].Trustee.TrusteeType = TRUSTEE_IS_USER; 

29258| ea[1].Trustee.ptstrName = (LPTSTR) pSystemSID; 
29259| 

29260| ea[2].grfAccessPermissions = GENERIC_READ; 

29261 1 ea[2].grfAccessMode = SET_ACCESS; 

29262| ea[2].grflnheritance= 

| SUB_CONTAINERS_AND_OBJECTS_INHERIT; 

29263| ea[2].Trustee.TrusteeForm = TRUSTEE_IS_SID; 

29264| ea[2].Trustee.TrusteeType = 

| TRUSTEE_IS_WELL_KNOWN_GROUP; 

29265| ea[2].Trustee.ptstrName = (LPTSTR) 

| pEveryoneSID; 
29266| 
29267| 

29268| // Create a new ACL that contains the new ACEs. 



29269| 

29270| #define ONLY_ADMIN 1 
29271| #define ADMIN_AND_SYSTEM 2 
29272| #def ine ADM I N SYSTEM AN D EVE RYON E 3 
29273| 

29274| dwRes = 

| SetEntrieslnAcl(ADMIN_SYSTEM_AND_EVERYONE, ea, NULL, 
I &pACL); 

29275| if (ERROR_SUCCESS != dwRes) { 
29276| SetLastError(dwRes); 

29277| DLOG((TEXT( "SetEntrieslnAcI Error %u\n"), 

| GetLastError() )); 
29278| goto Cleanup; 

29279| } 
29280| 

29281 1 // Initialize a security descriptor. 
29282 1 

29283| pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, 

| SECURITY_DESCRIPTOR_MIN_LENGTH); 
29284| if (pSD == NULL) { 

29285| DLOG((TEXT( TocalAlloc Error %u\n"), 

| GetLastErrorQ )); 
29286| goto Cleanup; 

29287| } 
29288| 

29289| if (!lnitializeSecurityDescriptor(pSD, 

| SECURITY_DESCRIPTOR_REVISION)) { 
29290 1 D LOG ( (TEXT( "Initial izeSecu rity Descripto r 

| Error %u\n"), 
29291| GetLastError() )); 

29292| goto Cleanup; 

29293| } 
29294| 

29295| // Add the ACL to the security descriptor. 
29296| 

29297| if (!SetSecurityDescriptorDacl(pSD, 
29298| TRUE, // f Dad Present flag 

29299| pACL, 

29300| FALSE)) // not a default DACL 

29301 1 { 

29302| DLOG((TEXT( "SetSecurityDescriptorDacI 

| Error %u\n"), GetLastError() )); 
29303| goto Cleanup; 

29304| } 
29305| 

29306| // Initialize a security attributes structure. 
29307| 

29308| sa.nLength = sizeof (SECURITY_ATTRIBUTES); 
29309| sa.lpSecurityDescriptor = pSD; 
29310| sa.blnheritHandle = FALSE; 



2931 1 1 } // if securitydescriptor 

29312| 

29313| // 

29314| // setup share info structure 

29315| // 

29316| 

2931 7\ II the header says these are TCHARs but they really 

| are WCHARs. 
29318| si502.shi502_netname = Sharename; 

29319| si502.shi502_type 

| STYPE_DISKTREE; 
29320| si502.shi502_remark 

| Securitylnfo->Remark; 
29321 1 si502.shi502_permissions 

| Securitylnfo->Permissions; 
29322| si502.shi502_max_uses 

| Securitylnfo->MaxUses; 
29323| si502.shi502_current_uses = 0; 
29324| si502.shi502_path 

| Directory ToShare; 
29325| si502.shi502_passwd = NULL; 

29326| si502.shi502_reserved = 0; 

29327| si502.shi502_security_descriptor = 

| Securitylnfo->SecurityDescriptor ? 

| Securitylnfo->SecurityDescriptor : pSD; 
29328| 

29329| DLOG((TEXT("Calling NetShareAdd '%S' for 

| '%S'\n M ), Sharename, DirectoryToShare)); 
29330| Err = NetShareAdd( 
29331 1 NULL, // share is on local machine 
29332| 502, // info-level 

29333| (LPBYTE)&si502, // info-buffer 
29334| NULL // don't bother with parm 

29335| ); 
29336| 

29337| if(Err != NO_ERROR) { 

29338| //Err = GetLastErrorQ; 

29339| if(Err==NERR_DuplicateShare) { 

29340| // already exists, probally due to crash 

29341 1 DLOG((TEXT("NetShareAdd Share already 

| exists\n M ))); 
29342| Err = 0; 

29343 1 } else { 

29344| DLOG((TEXT("NetShareAdd error! 

| (rc=%08x),LE=%08x\n M ), Err,GetLastError())); 
29345| goto Cleanup; 

29346| } 
29347| } else { 

29348| DLOG((TEXT( M NetShareAddsuccessfull\n"))); 
29349 1 } 



29350 
29351 
29352 
29353 
29354 
29355 
29356 
29357 
29358 
29359 
29360 
29361 
29362 
29363 
29364 
29365 
29366 
29367 
29368 
29369 
29370 
29371 
29372 
29373 
29374 
29375 
29376 
29377 
29378 
29379 
29380 
29381 
29382 



29383 
29384 
29385 
29386 
29387 

I 

29388 
29389 
29390 
29391 
29392 
29393 
29394 
29395 
29396 
29397 



Err = 0; 



Cleanup: 



// 

//free allocated resources 

// 

if (pEveryoneSID) { 

FreeSid(pEveryoneSID); 

} 

if (pSystemSID) { 

FreeSid(pSystemSID); 

} 

if (pAdminSID) { 

FreeSid(pAdminSID); 

} 

if (pACL) { 

LocalFree(pACL); 

} 

if (pSD) { 

LocalFree(pSD); 

} 



return Err; 



File Listing: VOLUME. h 



// low level volume api 

HANDLE OpenVolume(TCHAR cDriveLetter, DWORD 
dwAccessFlags ); 

BOOL CloseVolume(HANDLE hVolume); 
BOOL LockVolume(HANDLE hVolume); 
BOOL UnlockVolume(HANDLE hVolume); 
BOOL DismountVolume(HANDLE hVolume); 
BOOL PreventRemovalOfVolume(HANDLE hVolume, BOOL 
fPreventRemoval); 

BOOL AutoEjectVolume(HANDLE hVolume); 
BOOL EjectVolume(TCHAR cDriveLetter); 
BOOL FlushVolume(TCHAR cDriveLetter); 



// ioctls to send to vdisk 

ULONG VDisk_UnWriteProtect ( CHAR DriveLetter ); 
ULONG VDisk_WriteProtect ( CHAR DriveLetter ); 

// high level api 



29398| void FlushAIIVolumes(); 

29399| ULONG VDisk_MakeShare( LPTSTR Sharename, TCHAR Drive ); 
29400| ULONG VDisk_MakeShareEx( LPWSTR Sharename, WCHAR 

| *DirectoryToShare ); 
29401| ULONG VDisk_MakeShareEx2( LPWSTR Sharename, WCHAR 

| *DirectoryToShare, tPSM_Securitylnfo *Securitylnfo ); 
29402| ULONG VDisk_SetSecurity( CHAR Drive ); 
29403| 

29404| ULONG VDisk_Add Drive And Part( TCHAR OriginalDriveLetter, 

| TCHAR NewDriveLetter, ULONG Drive, ULONG Part, 

| pSnapShot Snapshot ); 
29405| ULONG VDisk_RemoveDriveAndPart( TCHAR 

| OriginalDriveLetter, TCHAR NewDriveLetter, ULONG Drive, 

| ULONG Part, pSnapShot Snapshot ); 
29406| BOOL Win2000_GetDriveAndPartFromDriveLetter(TCHAR 

| cDriveLetter, ULONG *Drive, ULONG *Part); 
29407| 
29408| 
29409| 

29410| PSM System Driver Source 
2941 1 | 

29412| The Driver provides kernel mode support for the PSM 

| volume snapshot system. --LPW 
29413| 
29414| 
29415| 

29416| File Listing: BIT.cpp 
29417| 

29418| #include "precomp.h" 
29419| 

29420| /* 



29421| ULONG SafeBitAllocRange ( P F AST_M UT EX Mutex, 

| PRTL_BITMAP bitArray, ULONG Count ) 
29422| { 

29423| ULONG Ret; 
29424| 

29425| pmAcquireMutex ( Mutex, NULL ); 

29426| Ret = RtlFindClearBitsAndSet( bitArray, Count, 0 ); 

29427| pmReleaseMutex ( Mutex ); 

29428| return Ret; 

29429| } 

29430| 

29431 1 /* 



29432| void SafeBitFreeRange ( PFAST_MUTEX Mutex, PRTL_BITMAP 

| bitArray, ULONG Bit, ULONG Count ) 
29433 1 { 

29434| pmAcquireMutex ( Mutex, NULL ); 
29435| RtlClearBits(bitArray,Bit,Count); 



29436| pmReleaseMutex ( Mutex ); 

29437| } 

29438| 

29439| r 



29440| void SafeBitClear ( P FAST_M UTEX Mutex, PRTL_BITMAP 

| bitArray, ULONG bitNumber ) 
29441 1 { 

29442| SafeBitFreeRange( Mutex, bitArray, bitNumber, 1); 

29443 1 } 

29444| 

29445| 

29446| void ChangeTheBitsWithinBounds ( unsigned int ChangeTo, 

| PRTL BITMAP BMHeader, ULONG Start, ULONG Count) 
29447| { 

29448| ASSERT (ChangeTo < 2); 
29449 1 

29450| if (Start >= BMHeader->SizeOfBitMap) { 
29451 1 Debug(1 , ("Ignoring bit action out of map 

| range!\n")); 
29452 1 return; 
29453 1 } 
29454| 

29455| if (Start+Count > BMHeader->SizeOfBitMap) { 
29456| Debug(1 , ("Ignoring bit action out of map 
| range!\n")); 

29457| Count= BMHeader->SizeOfBitMap - Start; 
29458| } 
29459 1 

29460| if (ChangeTo) { 

29461 1 RtlSetBits ( BMHeader, Start, Count); 
29462 1 } else { 

29463 1 RtlClearBits ( BMHeader, Start, Count); 

29464| } 

29465| } 

29466| 

29467| #if 0 

29468| #define Noneln (Start > BM->??) 
29469| #define Someln (Start+Count>BM->??) 
29470 1 

29471 1 #define TheSome (Bm->??-Start) 
29472 1 #define TheAII (count) 
29473 1 

29474| #define Warn ( Debug(DEBUG_DCPSM, ("Ignoring bit action 

| out of map range!\n")), \ 
29475| DbgBreakPoint() 

|\ 

29476| ) 
29477| 

29478| #define WithinBoundPartOf(BM,Start,Count) ( Noneln ? 



I (Warn,0) : ( Someln ? (Warn, TheSome) : TheAII )) 
29479| #endif 
29480| 
29481 1 
29482 1 

29483| File Listing: BIT.h 
29484| 

29485| #define NUMBER_OF_BITS_IN_A_BYTE 8 
29486| 

29487| #define CHANG E_TO_CLEAR 0 
29488| #define CHANG E_TO_SET 1 
29489 1 

29490| ULONG SafeBitAllocRange ( PFAST_MUTEX Mutex, 

| PRTLBITMAP bitArray, ULONG Count ); 
29491 1 void SafeBitFreeRange ( PFAST_MUTEX Mutex, PRTL_BITMAP 

| bitArray, ULONG Bit, ULONG Count ); 
29492| void SafeBitClear ( PFAST_MUTEX Mutex, PRTL BITMAP 

| bitArray, ULONG bitNumber ); 
29493| void ChangeTheBitsWithinBounds ( unsigned int ChangeTo, 

| PRTL_BITMAP BMHeader, ULONG Start, ULONG Count); 
29494| 

29495| // The following are convenient debugging functions for 

| bitmaps. 
29496| 

29497| #ifdef DEBUG 

29498| inline void PsmBitMapValidate ( PRTL_BITMAP BitMap 
I) 

29499 1 { 

29500| ASSERT (BitMap != NULL); 

29501 1 if ( BitMap != NULL ) { 

29502| ASSERT (BitMap->Buffer != NULL); 

29503| ASSERT (BitMap->Buffer < 

| &BitMap->SizeOf BitMap || BitMap->Buffer >= 

| PULONG(&BitMap->Buffer + 1)); 
29504| ASSERT (BitMap->SizeOfBitMap > 0); 

29505| } 
29506| } 
29507| 

29508| inline void PsmBitPositionValidate ( PRTL_BITMAP 

| BitMap, ULONG Bitlndex ) 
29509 1 { 

29510| PsmBitMapValidate (BitMap); 
2951 1 1 if ( BitMap != NULL ) { 

2951 2| ASSERT (Bitlndex < BitMap->SizeOf BitMap); 

29513| } 
29514| } 
29515| 

29516| inline void PsmBitRangeValidate ( PRTL_BITMAP 

| BitMap, ULONG Startlndex, ULONG Count ) 
29517| { 



29518| PsmBitMapValidate (BitMap); 
29519| ASSERT (Count > 0); 
29520| if ( BitMap != NULL ) { 

29521 1 ASSERT (Startlndex < BitMap->SizeOfBitMap); 

29522| ASSERT (Startlndex+Count <= 

| BitMap->SizeOf BitMap); 
29523 1 } 
29524| } 
29525| #else 

29526| #define PsmBitMapValidate(BitMap) 
I ((void)0) 

29527| #define PsmBitPositionValidate(BitMap,Bitlndex) 

I ((void)0) 
29528| #define 

| PsmBitRangeValidate(BitMap,Startlndex,Count) 

I ((void)0) 
29529| #endif TDEBUG7 
29530 1 
29531 | 
29532 1 

29533| File Listing: boot.h 
29534| 

29535| NTSTATUS InitBootUp(void); 
29536| NTSTATUS DelnitBootUp(void); 

29537| NTSTATUS BootPSMNotlnited( PDEVICE_OBJECT DeviceObject, 

| PIRP Irp); 
29538| 

29539 1 //#define DO_BOOT_UP 
29540 1 
29541 1 
29542 1 

29543| File Listing: BUILDNUM.h 
29544| 

29545| #define _BuildNumber_ 2100 
29546| #define_BuildNumberStr_ "2100\0" 
29547| #define _BuildNumberWStr_ L"21 00\0" 
29548| 
29549 1 
29550 1 

29551| File Listing: CDP.h 
29552| 

29553| #define VER_COMPANYNAME_STR "Columbia Data 
| Products, Inc." 

29554| #define VER_LEGALTRADEMARKS_STR "PSM\256 is a 

| trademark of " VER_COM PAN YN AM E_STR 
29555| 

29556| #define VER LEGALCOPYRIGHT YEARS "1995-2001" 
29557| #define VER_LEGALCOPYRIGHT_STR "Copyright \251 " 

| VER_LEGALCOPYRIGHT_YEARS " " VER_COMPANYNAME_STR 
29558| 



#if DBG 

#define VER_DEBUG VS_FF_DEBUG 
#else 

#define VERDEBUG 0 
#endif 

#if BETA 

#define VER_PRODUCTBETA_STR "BETA" 
#define VER_PRERELEASE VS_FF_PRERELEASE 
#else 

#define VER_PRERELEASE 0 
#define VER_PRODUCTBETA_STR 
#endif 

#define VER_FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 
#define VER_FILEOS VOS_NT_WINDOWS32 
#define VER FILEFLAGS (VER PRERELEASE | 



29559 
29560 
29561 
29562 
29563 
29564 
29565 
29566 
29567 
29568 
29569 
29570 
29571 
29572 
29573 
29574 
29575 

| VER_DEBUG) 
29576 
29577 
29578 
29579 
29580 
29581 
29582 
29583 
29584 

I- 
29585 
29586 
29587 
29588 
29589 
29590 
29591 
29592 
29593 
29594 
29595 
29596 
29597 
29598 
29599 



File Listing: CLEANUP.cpp 
#include "precomp.h" 

/* 

7 

NTSTATUS 
PSManCleanup( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 
) 

/*++ 

Routine Description: 
Pass irp to handler 
Arguments: 



DriverObject - Pointer to device object to being 
| shutdown by system. 
29600| 
29601 1 
29602 1 
29603| 

29604| NT Status 
29605 



Irp - IRP involved. 
Return Value: 



29606| -7 
29607| 
29608| { 

29609| NTSTATUS Status; 
29610| 

2961 1 1 switch(PsmGetObjectType(DeviceObject)) { 

29612| case OBJECTJNTERNAL 

29613| Status = PSManCleanupObject(DeviceObject, 
I Irp); 

29614| break; 

29615| case OBJECT_FILTEREDDISK : 

2961 6| Status = PSManCleanupDevice(DeviceObject, 
I Irp); 

29617| break; 

29618| case OBJ ECT_VIRTUALDISK : 

29619| Status = PSManCleanupVDisk(DeviceObject, 
I Irp); 

29620| break; 

29621| case OBJECT_FS_OBJECT : 

29622| Status = PSManCleanupFSObject(DeviceObject, 
I Irp); 

29623| break; 

29624| case OBJECT_FS_FILTER : 

29625| Status = PSManCleanupFSFilter(DeviceObject, 
I Irp); 

29626| break; 

29627| default: 

29628| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 

29629| lrp->loStatus. Information = 0 ; 

29630| loComplete Request (Irp, IO_NO_INCREMENT) ; 

29631 1 break; 

29632 1 } 

29633| return Status; 
29634| 

29635| } // end PSManCleanup() 

29636| 

29637| 

29638| 

29639 1 

29640| r 



29641 1 STATIC NTSTATUS 

29642| PSManCleanupObject ( 

29643| IN PDEVICE_OBJECT DeviceObject, 

29644| IN PIRP Irp 

29645| ) 

29646| /*++ 

29647| 

29648| Routine Description: 



29649| 

29650| This routine will match the file object of the 
| cleanup 

29651 1 IRP with any IRP's that are outstanding in our wait 

29652| queue. If it finds some, then it will cancel those 

29653| IRP's. 

29654| 

29655| 

29656| Arguments: 
29657| 

29658| DriverObject - Pointer to device object for this 

| operation 
29659| Irp - IRP to work on. 
29660| 

29661 1 Return Value: 
29662 1 

29663 1 NT Status 

29664| 

29665| -7 

29666| { 

29667| 

29668| pOTJJSER User; 

29669| NTSTATUS Status=STATUS_SUCCESS; 
29670| 

29671 1 NOT_REFERENCED(DeviceObject); 
29672 1 PAG E D_CO D E () ; 
29673 1 

29674| Hint -save -e746 7 

29675| Debug(DEBUG_PROCCALL,("PSManCleanupObject Called: 
| PsGetCurrentProcess=%08x " 



29676| 


"PsGetCurrentThread=%08x " 


29677| 


M loGetCurrentProcess=%08x " 


29678| 


M KeGetCurrentThread=%08x " 


29679 1 


"User Thread=%08x " 


29680 1 


"OFO=%08x\n", 


29681 1 


PsGetCurrentProcess(), 


29682 1 


PsGetCurrentThread(), 


29683 1 


loGetCurrentProcess(), 


29684| 


KeGetCurrentThread(), 


29685| 


I rp->Tail. Overlay. Thread, 


29686| 





| lrp->Tail. Overlay. OriginalFileObject 
29687| )); 
29688| Hint -restore 7 
29689 1 

29690| // cleanup disptach routine can be called in any 

| thread context, so find 
29691 1 // object that was created during create 
29692| User = FindPSMUserByFileObject( 

| lrp->Tail. Overlay. OriginalFileObject ); 



29693| 

29694| if(User) { 

29695| if(User->Persistent || User->SaveTempOnExit) { 

29696| Status = STATUS_SUCCESS; 

29697| goto ExitClean; 

29698| } 

29699| 

29700| pmAcquireMutex ( &PSMUserMutex, NULL ); 
29701 1 // set event in case they are in the middle of 

| enabling psm. 
29702 1 if(User->AbortEvent) { 
29703 1 pmSetEvent(User->AbortEvent); 
29704| } 

29705| pmReleaseMutex ( &PSMUserMutex); 

29706| } 

29707| 

29708| // Close PSM incase the controlling program 

| disappears (Terminated by user) 
29709| if ((User) && (User->Open)) { 

29710| Debug(DEBUG_INIT,("PSM is still open %d times 

| by user, calling ClosePsm\n",User->Open)); 
29711| 

29712| while(User->Open) { 
29713| 

| if(AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0) { 
29714| lnternalClosePSM(User,NULL); 
2971 5| ReleaseOpenCloseResource(); 
29716| } 
29717| } 
29718| } 
29719| 

29720| if(!User) { 

29721 1 Debug(DEBUG_INIT,("Error User not found during 

| cleanup\n")); 
29722 1 } 

29723| // we delete the "user" node during close 
29724| 

29725| ExitClean: 

29726| // Set the information for completion of the 

I IRP_MJ_CLEANUP. 
29727| lrp->loStatus.Status = Status; 
29728| lrp->loStatus. Information = 0 ; 
29729 1 

29730| // Complete the request. 

29731 1 loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
29732 1 

29733| // Return success. 
29734| 

29735| Debug (DEBUG_PROCCALL,("PSManCleanupObject 
| Done\n")) ; 



29736| return Status ; 

29737| } 

29738| 

29739| 

29740| I* 



29741 1 STATIC NTSTATUS 

29742| PSManCleanupDevice( 

29743| IN PDEVICE_OBJECT DeviceObject, 

29744| IN PIRP Irp 

29745| ) 

29746| 

29747| /*++ 

29748| 

29749| Routine Description: 
29750 1 

29751 1 Pass irp to handler 
29752 1 

29753| Arguments: 
29754| 

29755| DriverObject - Pointer to device object to being 

| shutdown by system. 
29756| Irp - IRP involved. 
29757| 

29758| Return Value: 
29759 1 

29760 1 NT Status 
29761 1 
29762 1 --*/ 
29763 1 
29764| { 

29765| NTSTATUS Status; 
29766| r 

29767| PIO_STACK_LOCATION currentlrpStack = 

| lo GetCu rrent I rpStackLocatio n( I rp) ; 
29768| 

29769| TRACE( TRACECLEANUP, 
29770 1 

| cu rrentl rpStack-> Parameters . Read. ByteOff set. High Part, 
29771 1 

| cu rrentl rpStack-> Parameters . Read. ByteOff set. LowPart, 
29772| currentlrpStack->Parameters. Read. Length, 

29773| currentlrpStack->Parameters. Read. Key, 

29774| ""); 
29775| #ifdef DEBUG 
29776| if(PsmActive) { 
29777| Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManCleanupDevice Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
29778| } 



29779| #endif 
29780| 7 

29781 1 Status = PSManPassThru( DeviceObject, Irp ); 
29782 1 
29783 1 r 

29784| #ifdef DEBUG 

29785| if (Psm Active) { 

29786| Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManCleanupDevice Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 

29787| } 

29788| #endif 

29789 1 7 

29790| return Status; 

29791 1 } // end PSManCleanupDevice() 

29792 1 

29793| I* 



29794| STATIC NTSTATUS PSManCleanupVDisk( 
29795| IN PDEVICE_OBJECT DeviceObject, 
29796| IN PIRP Irp 
29797| ) 
29798| { 

29799| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
29800 1 

29801 1 Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManCleanupVDisk Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
29802| lrp->loStatus. Information = 0; 
29803| lrp->loStatus.Status = Status; 
29804| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
29805| Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManCleanupVDisk Done\n")); 
29806| 

29807| return Status; 

29808| } 

29809| 

29810| 

2981 1 1 r 



29812| STATIC NTSTATUS 

29813| PSManCleanupFSFilter( 

29814| IN PDEVICE_OBJECT DeviceObject, 

29815| IN PIRP Irp 

29816| ) 

29817| 

29818| /*++ 

29819| 

29820| Routine Description: 
29821 | 



29822| Pass irp to handler 
29823| 

29824| Arguments: 
29825| 

29826| DriverObject - Pointer to device object to being 

| shutdown by system. 
29827| Irp - IRP involved. 
29828| 

29829| Return Value: 
29830| 

29831 1 NT Status 
29832 1 
29833 1 --*/ 
29834| 
29835| { 

29836| NTSTATUS Status; 
29837| /* 

29838| #ifdef DEBUG 

29839 1 if (Psm Active) { 

29840| Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManCleanupFSFilter Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
29841 1 } 
29842| #endif 
29843 1 7 

29844| Status = PSManFSPassThru( DeviceObject, Irp ); 
29845| /* 

29846| #ifdef DEBUG 

29847| if (Psm Active) { 

29848| Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManCleanupFSFilter Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 

29849 1 } 

29850| #endif 

29851 1 7 

29852| return Status; 

29853| } // end PSManCleanupFSFilter() 

29854| 

29855| r 



29856| STATIC NTSTATUS PSManCleanupFSObject( 
29857| IN PDEVICE_OBJECT DeviceObject, 
29858| IN PIRP Irp 
29859 1 ) 
29860 1 { 

29861 1 NTSTATUS Status=STATUS_SUCCESS; 
29862 1 

29863| Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManCleanupFSObject Called Dev=%p, 
| lrp=%p\n",DeviceObject,lrp)); 



29864| lrp->loStatus. Information = 0; 

29865| lrp->loStatus.Status = Status; 

29866| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

29867| Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManCleanupFSObject Done\n")); 
29868| 

29869| return Status; 
29870| } 
29871 | 
29872 1 
29873 1 

29874| File Listing: CLEANUP. h 
29875| 

29876| NTSTATUS 
29877| PSManCleanup( 

29878| IN PDEVICE_OBJECT DeviceObject, 
29879| IN PIRP Irp 
29880 1 ); 
29881 1 

29882| STATIC void PSManCancelRoutine ( IN PIRP Irp ); 
29883| 

29884| STATIC void 

29885| PSManCancelObject( 

29886| IN PDEVICE_OBJECT DeviceObject, 

29887| IN PIRP Irp 

29888| ); 

29889| 

29890 1 STATIC NTSTATUS 

29891 1 PSManCleanupObject ( 

29892| IN PDEVICE_OBJECT DeviceObject, 

29893| IN PIRP Irp 

29894| ); 

29895| 

29896| STATIC NTSTATUS 

29897| PSManCleanupDevice( 

29898| IN PDEVICE_OBJECT DeviceObject, 

29899| IN PIRP Irp 

29900 1 ); 

29901 1 

29902| STATIC NTSTATUS PSManCleanupVDisk( 
29903| IN PDEVICE_OBJECT DeviceObject, 
29904| IN PIRP Irp 
29905| ); 
29906| 

29907| STATIC NTSTATUS PSManCleanupFSObject( 
29908| IN PDEVICE_OBJECT DeviceObject, 
29909| IN PIRP Irp 
29910| ); 
2991 1 | 

29912| STATIC NTSTATUS PSManCleanupFSFilter( 



29913| IN PDEVICE_OBJECT DeviceObject, 

29914| INPIRPIrp 

29915| ); 

29916| 

29917| 

29918| 

29919| File Listing: CLOSE.cpp 
29920| 

29921 1 #include "precomp.h" 
29922 1 
29923 1 

29924| I* 



29925| NTSTATUS 
29926| PSManClose( 

29927| IN PDEVICE_OBJECT DeviceObject, 

29928| IN PIRP Irp 

29929 1 ) 

29930 1 

29931 1 /*++ 

29932 1 

29933| Routine Description: 
29934| 

29935| Pass irp to handler 
29936| 

29937| Arguments: 
29938| 

29939| DriverObject - Pointer to device object to being 
| closed 

29940| Irp - IRP involved. 
29941 1 

29942| Return Value: 
29943 1 

29944| NT Status 

29945| 

29946| --*/ 

29947| 

29948| { 

29949 1 NTSTATUS Status; 
29950 1 

29951 1 switch(PsmGetObjectType(DeviceObject)) { 
29952| case OBJECT_INTERNAL 
29953| Status = PSManCloseObject(DeviceObject, 

I Irp); 

29954| break; 

29955| case OBJECT_FILTEREDDISK : 
29956| Status = PSManCloseDevice(DeviceObject, 

I Irp); 

29957| break; 

29958| case OBJ ECT_VIRTUALDISK : 



29959| 

I Irp); 
29960| 
29961 1 
29962 1 

I irp); 

29963 1 
29964| 
29965| 
I irp); 

29966| 



Status = PSManCloseVDisk(DeviceObject, 



break; 

case OBJECT_FS_FILTER : 

Status = PSManCloseFSFilter(DeviceObject, 



break; 

case OBJECT_FS_OBJECT : 

Status = PSManCloseFSObject(DeviceObject, 



break; 



29967| default: 

29968| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 
29969| lrp->loStatus. Information = 0 ; 
29970| loComplete Request (Irp, IO_NO_INCREMENT) ; 
29971 1 break; 
29972 1 } 
29973 1 

29974| return Status; 
29975| 

29976| } // end PSManCloseQ 

29977| 

29978| 

29979 1 STATIC NTSTATUS 

29980| PSManCloseObject( 

29981 1 IN PDEVICE_OBJECT DeviceObject, 

29982| IN PIRP Irp 

29983 1 ) 

29984| 

29985| /*++ 

29986| 

29987| Routine Description: 
29988| 

29989| This routine is called when a user mode apps closes 

| the handle, or 
29990| is unloaded. 
29991 | 

29992| Arguments: 
29993 1 

29994| DeviceObject - Pointer to device object being 
| closed. 

29995| Irp - IRP involved. 
29996| 

29997| Return Value: 
29998| 

29999 1 NT Status 
30000| 
30001 1 --*/ 
30002| 



30003| { 

30004| pOTJJSER User; 
30005| 

30006| PAGED_CODE(); 
30007| 

30008| Hint -save -e746 7 

30009| Debug(DEBUG_PROCCALL,("PSManCloseObject Called: 
| PsGetCurrentProcess=%08x " 



30010| 


"PsGetCurrentThread=%08x " 


3001 1 | 


"loGetCurrentProcess=%08x " 


30012| 


"KeGetCurrentThread=%08x " 


30013| 


"User Thread=%08x " 


30014| 


"OFO=%08x\n", 


30015| 


PsGetCurrentProcess(), 


30016| 


PsGetCurrentThread(), 


30017| 


loGetCurrentProcess(), 


30018| 


KeGetCurrentThread(), 


30019| 


lrp->Tail.Overlay.Thread, 


30020| 





| lrp->Tail. Overlay. OriginalFileObject 
30021| )); 
30022| Hint -restore 7 
30023| 

30024| // close disptach routine can be called in any 

| thread context, so find 
30025| // object that was created during create 
30026| User = FindPSMUserByFileObject( 

| lrp->Tail. Overlay. OriginalFileObject ); 
30027| 

30028| // Close PSM incase the controlling program 

| disappears (Terminated by user) 
30029| // this should never occur as it occurs in 

| cleanup.c but just in case.. 
30030| 

30031 1 if ((User) && (User->Persistent || 

| User->SaveTempOnExit)) { 
30032| goto ExitClose; 
30033| } 
30034| 

30035| if ((User) && (User->Open)) { 

30036| Debug(DEBUG_INIT,("PSM is still open %d times 

| by user, calling ClosePsm\n",User->Open)); 
30037| while(User->Open) { 
30038| 

| if(AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0) { 
30039| lnternalClosePSM(User,NULL); 
30040| ReleaseOpenCloseResource(); 
30041 1 } 
30042| } 
30043| } 



30044| 

30045| if(User) { 
30046| DeletePSMUser(User); 
30047| FREEPOINTER(User); 
30048| } else { 

30049| Debug(DEBUG_INIT,("Error User not found during 

| close\n")); 
30050| } 
30051 | 

30052| // cant access GlobalData->NumActive here as if a 

| close request comes in after 
30053 1 // an init, but before active, then we close psm 

| inadvertantly and cause a bsod. 
30054| // we do not want to wait on the global open/close 

| event as it would take to long 
30055| // if an open was pending. 
30056| // if((GlobalData->NumActive==0) && 

| (PSManPSMInited)) { 
30057| 

30058| // so now check to see if no users left and psm 
| still inited. 

30059| pmAcquireMutex ( &PSMUserMutex, NULL ); 
30060| User = GlobalData->PSMUsers; 
30061 1 pmReleaseMutex ( &PSMUserMutex ); 
30062| 

30063| if((User==NULL) && (PSManPSMInited)) { 
30064| // no users left, but psm is inited, 

| application probally exited during Psm_Enable 
30065| Debug(DEBUG_CLOSE,("PSManCloseObject: Psm 

| inited, but not active, closing\n")); 
30066| 

| if(AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0) { 
30067| lnternalClosePSM(User,NULL); 
30068| ReleaseOpenCloseResource(); 
30069| } 
30070| } 
30071| 

30072| ExitClose: 

30073| lrp->loStatus.Status = STATUS_SUCCESS; 

30074| lrp->loStatus. Information = 0; 

30075| loCompleteRequest(lrp, IO_NO_INCREMENT); 

30076| 

30077| Debug(DEBUG_PROCCALL,("PSManCloseObject Done\n M )); 

30078| return STATUS_SUCCESS; 

30079| 

30080| } //end PSManCloseObject() 
30081 | 
30082 1 

30083| I* 



30084| STATIC NTSTATUS 

30085| PSManCloseDevice( 

30086| IN PDEVICE_OBJECT DeviceObject, 

30087| IN PIRP Irp 

30088| ) 

30089| 

30090| /*++ 

30091| 

30092| Routine Description: 
30093| 

30094| Pass irp to handler 
30095| 

30096| Arguments: 
30097| 

30098| DriverObject - Pointer to device object to being 

| shutdown by system. 
30099| Irp - IRP involved. 
30100| 

30101| Return Value: 
30102| 

30103| NT Status 

30104| 

30105| -7 

30106| 

30107| { 

301 08| NTSTATUS Status; 
30109| r 

301 1 0| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
301 1 1 1 TRACE( TRACE_CLOSE, 
30112| 

| currentlrpStack->Parameters.Read.ByteOffset.HighPart, 
30113| 

| cu rrent I rpStack-> Parameters . Read . ByteOff set. LowPart, 
301 14| currentlrpStack->Parameters. Read. Length, 

301 15| currentlrpStack->Parameters. Read. Key, 

30116| ""); 
30117| #ifdef DEBUG 
30118| if(PsmActive) { 
30119| Debug(DEBUG_CLOSE | 

| DEBUG_PROCCALL,("PSManCloseDevice Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
30120| } 
30121| #endif 
30122| 7 
30123| 

30124| Status = PSManPassThru( DeviceObject, Irp ); 

30125| 

30126| I* 

30127| #ifdef DEBUG 



30128| if (Psm Active) { 

30129| Debug(DEBUG_CLOSE | 

| DEBUG_PROCCALL,("PSManCloseDevice Done Device 
| lrp=%p, Status=%08x\n M ,DeviceObject,lrp,Status)); 

30130| } 

30131| #endif 

30132| 7 

30133| return Status; 

30134| } //end PSManCloseDeviceQ 

30135| 

30136|/* 



30137| STATIC NTSTATUS PSManCloseVDisk( 
30138| IN PDEVICE_OBJECT DeviceObject, 
30139| INPIRPIrp 
30140| ) 
30141| { 

30142| NTSTATUS Status=STATUS_SUCCESS; 
30143| 

301 44| Debug(DEBUG_PROCCALL | 

| DEBUG_CLOSE,( M PsmanCloseVDisk Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
30145| lrp->loStatus. Information = 0; 
30146| lrp->loStatus.Status = Status; 
30147| 

30148| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
301 49| Debug(DEBUG_PROCCALL | 

| DEBUG_CLOSE,( M PsmanCloseVDisk Done\n")); 
30150| 

30151| return Status; 

30152| } 

30153| 

30154| /* 



30155| STATIC NTSTATUS 

30156| PSManCloseFSFilter( 

30157| IN PDEVICE_OBJECT DeviceObject, 

30158| INPIRPIrp 

30159| ) 

30160| 

30161 1 /*++ 

30162| 

30163| Routine Description: 
30164| 

301 65 1 Pass irp to handler 
30166| 

30167| Arguments: 
30168| 

301 69| DriverObject - Pointer to device object to being 
| shutdown by system. 



30170| Irp - IRP involved. 
30171| 

30172| Return Value: 
30173| 

30174| NT Status 

30175| 

30176| -7 

30177| 

30178| { 

30179| return PSManFSCIose(DeviceObjectJrp); 

30180| } //end PSManCloseFSFilter() 

30181| 

30182| r 



30183| STATIC NTSTATUS PSManCloseFSObject( 
30184| IN PDEVICE_OBJECT DeviceObject, 
30185| INPIRPIrp 
30186| ) 
30187| { 

30188| NTSTATUS Status=STATUS_SUCCESS; 
30189| 

30190| Debug(DEBUG_PROCCALL | 

| DEBUG_CLOSE,("PsmanCloseFSObject Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
30191 1 I rp->loStatus. Information = 0; 
30192| lrp->loStatus.Status = Status; 
30193| 

30194| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
30195| Debug(DEBUG_PROCCALL | 

| DEBUG_CLOSE,("PsmanCloseFSObject Done\n")); 
30196| 

30197| return Status; 

30198| } 

30199| 

30200| 

30201 | 

30202| File Listing: CLOSE.h 
30203 1 

30204| NTSTATUS 
30205| PSManClose( 

30206| IN PDEVICE_OBJECT DeviceObject, 
30207| IN PIRP Irp 
30208| ); 
30209| 

30210| STATIC NTSTATUS 

3021 1 1 PSManCloseObject( 

30212| IN PDEVICE_OBJECT DeviceObject, 

30213| INPIRPIrp 

30214| ); 

30215| 



30216 
30217 
30218 
30219 
30220 
30221 
30222 
30223 
30224 
30225 
30226 
30227 
30228 
30229 
30230 
30231 
30232 
30233 
30234 
30235 
30236 
30237 
30238 
30239 
30240 
30241 
30242 
30243 



30244 
30245 
30246 
30247 
30248 
30249 
30250 
30251 
30252 
30253 
30254 
30255 
30256 
30257 
30258 
30259 
30260 

I); 

30261 
30262 



STATIC NTSTATUS 
PSManCloseDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS PSManCloseVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManCloseFSObject( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManCloseFSFilter( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 



File Listing: CONT.cpp 
#include "precomp.h" 



#if TRACK_CONTENTIONS 
KSPIN_LOCK ContentionSpinl_ock=0; 
LIST_ENTRY 

| RegisteredObjects={&RegisteredObjects,&RegisteredObjects 

IJ; 



typedef struct sRegisteredObject { 

LIST_ENTRY ListEntry; 

char Name[40]; 

PVOID Object; 

tPrimateObjectType ObjectType; 

tpmContentionCounters Counter; 
} tRegisteredObject,*pRegisteredObject; 



STATIC pRegisteredObject FindObject ( PVOID Object ) 
{ 

PLIST_ENTRY ListEntry; 
KIRQL Oldlrql = 0; 

KeAcquireSpinLock ( &ContentionSpinLock, &Oldlrql 



ListEntry = RegisteredObjects.Flink; 



30263| 

30264| while(ListEntry!=&RegisteredObjects) { 
30265| pRegisteredObject ro = 

| CONTAINING_RECORD(ListEntry,tRegisteredObject,ListEntry) 

I ; 

30266| if(ro->Object == Object ) { 

30267| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); 
30268| return ro; 

30269| } 

30270| ListEntry = ListEntry->Flink; 
30271 | } 

30272| KeReleaseSpinLock ( SContentionSpinLock, Oldlrql ); 

30273 1 return NULL; 

30274| } 

30275| 

30276| 

30277| NTSTATUS pmRegisterObject( PVOID Object, char *Name, 

| tPrimateObjectType ObjectType ) 
30278| { 

30279| KIRQL Oldlrql = 0; 
30280 1 pRegisteredObject ro = 

| ExAllocatePool(NonPagedPool,sizeof(tRegisteredObject)); 
30281 1 if(ro) { 

30282| memset(ro,sizeof(tRegisteredObject),0); 

30283| ro->Object = Object; 

30284| ro->ObjectType = ObjectType; 

30285| strcpy(ro->Name,Name); 

30286| 

30287| KeAcquireSpinLock ( &ContentionSpinLock, 

| SOIdlrql ); 
30288| 

| lnsertTailList(&RegisteredObjects,&ro->ListEntry); 
30289| KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30290| } else { 

30291 1 return STATUS_INSUFFICIENT_RESOURCES; 
30292 1 } 
30293 1 

30294| return STATUS_SUCCESS; 

30295| } 

30296| 

30297| 

30298| NTSTATUS pmDeRegisterObject( PVOID Object ) 
30299 1 { 

30300| pRegisteredObject ro=FindObject(Object); 
30301| KIRQL Oldlrql; 
30302| if(ro) { 

30303| KeAcquireSpinLock ( SContentionSpinLock, 
| SOIdlrql ); 



30304| RemoveEntryList(&ro->ListEntry); 

30305| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); 
30306| ExFreePool(ro); 
30307| return STATUS_SUCCESS; 
30308| } else { 
30309| DbgBreakPoint(); 

30310| return STATUS_I N VALI D_PARAM ETER; 

30311| } 

30312| } 

30313| 

30314| 

30315| NTSTATUS pmWaitForMultipleObjects( PVOID ObjectsQ, 

| ULONG Num, PLARGEJNTEGER Timeout ) 
30316| { 

30317| ULONG i; 

3031 8| pRegisteredObject ro; 

30319| NTSTATUS Err; 

30320| 

30321 1 ASSERT(Timeout==NULL); 
30322 | 

30323| // Objects valid for this call 
30324| // Semaphore 
30325| // Event 
30326| //Not valid: 

30327| // Mutex - Needs special function to acquire 
30328| // RwLock - Needs special function to acquire 
30329| // SpinLock - Needs special function to acquire 
30330| 
30331| 

30332| for(i=0;i<Num;i++) { 

30333| ro = FindObject(Objects[i]); 

30334| if(ro) { 

30335| // this is a cheat 

30336| // we only wait for the first semaphore to 

| occur 

30337| ASSERT(ro->ObjectType==pmSemaphore); 
30338| return (Err = 

| pmAcquireSemaphore(Objects[i],Timeout))==0 ? i : Err; 
30339| } 
30340| } 

30341 1 // no semaphores so just wait 
30342 1 return 

| KeWaitForMultipleObjects(Num, Objects, WaitAny,Suspended,( 
| KPROCESSOR_MODE)KernelMode, FALSE, Timeout,NULL); 

30343 1 } 

30344| 

30345| // 



30346| // Statistics Collection Functions 



30349| 

30350| NTSTATUS pmAcquireSemaphore ( 
30351 1 PKSEMAPHORE Semaphore, 
30352| PLARGEJNTEGER Timeout ) 
30353 1 { 

30354| // Check to see if we will block... and remember 
| for later. 

30355| LONG semState = KeReadStateSemaphore ( Semaphore ); 

30356| BOOLEAN willProbablyBlock = (semState <= 0); 

30357| 

30358| LARGE INTEGER performanceFrequency = {0}; 
30359| LARGE_INTEGER timeBefore = {0}; 
30360| NTSTATUS ntStatus = 0; 
30361| KIRQL Oldlrql = 0; 

30362| pRegisteredObject ro = FindObject(Semaphore); 
30363| 

30364| if(ro) { 

30365| if ( willProbablyBlock ) { 

30366| // Don't call a potentially expensive 

| routine unless we think we're going to block. 
30367| // What time is it before acquiring the 

| semaphore? 

30368| timeBefore = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30369| } 
30370| 

30371 1 // acquire semaphore 

30372| ntStatus = KeWaitForSingleObject ( 

30373| Semaphore, 

30374| Executive, 

30375| KernelMode, 

30376| FALSE, 

30377| Timeout); 

30378| 

30379| KeAcquireSpinLock ( &ContentionSpinLock, 
| &Oldlrql ); 

30380| ++ro->Counter.SemaphoreCounter.Total.QuadPart; 
30381 1 KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30382 1 

30383| if ( willProbablyBlock ) { 
30384| // Getting here means we (almost) certainly 

| blocked 

30385| // while waiting for the semaphore. 

30386| 

30387| // What time is it after acquiring the 

| semaphore? 



30388| LARGEJNTEGER timeAfter = 

| KeQueryPerformanceCounter ( &performanceFrequency ); 
30389| 

30390| ULARGEJNTEGER elapsed = {0}; 

30391 1 elapsed.QuadPart = timeAfter.QuadPart - 

| timeBefore.QuadPart; 
30392| 

30393| KeAcquireSpinLock ( &ContentionSpinLock, 

| &Oldlrql ); 
30394| 

| ro->Counter.SemaphoreCounter.TotalWaitTime.QuadPart += 

| elapsed.QuadPart; 
30395| if ( elapsed.QuadPart > 

| ro->Counter.SemaphoreCounter.MaxWaitTime.QuadPart ) { 
30396| 

| ro->Counter.SemaphoreCounter.MaxWaitTime.QuadPart = 

| elapsed.QuadPart; 
30397| } 
30398| 

| ++ro->Counter.SemaphoreCounter.Contentions.QuadPart; 
30399| KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30400| } 
30401| }else{ 

30402| Debug(DEBUG_INFO,("lnvalid semaphore object 

| %08x\n",Semaphore)); 
30403| DbgBreakPoint(); 
30404| } 
30405| 

30406| return ntStatus; 

30407| } 

30408| 

30409| 

30410| void pmAcquireMutex ( 
3041 1 1 PFAST_MUTEX FastMutex, 
30412| PLARGEJNTEGER Timeout) 
30413| { 

30414| KIRQL Oldlrql = 0; 

30415| LARGEJNTEGER performanceFrequency = {0}; 
30416| pRegisteredObject ro = FindObject(FastMutex); 
30417| 

30418| if ( ro ) { 

30419| if ( ExTryToAcquireFastMutex(FastMutex) ) { 
30420| // Getting here means we did acquire the 

| mutex without wait. 
30421 1 KeAcquireSpinLock ( &ContentionSpinLock, 

| &Oldlrql ); 

30422| ++ro->Counter.MutexCounter.Total.QuadPart; 
30423| KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 



30424| 

30425| } else { 

30426| // Getting here means we will have to wait 

| before acquiring the mutex. 
30427| 

30428| ULARGEJNTEGER elapsed = {0}; 

30429| LARGEJNTEGER timeAfter = {0}; 

30430| LARGEJNTEGER timeBefore = 

| KeQueryPerformanceCounter ( &performanceFrequency ); 
30431 1 ExAcquireFastMutex ( FastMutex ); 

30432| timeAfter = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30433| elapsed.QuadPart = timeAfter.QuadPart - 

| timeBefore. QuadPart; 
30434| 

30435| KeAcquireSpinLock ( &ContentionSpinl_ock, 

| &Oldlrql ); // hold your breath! 
30436| 

30437| ++ro->Counter.MutexCounter.Total. QuadPart; 

30438| 

| ++ro->Counter.MutexCounter.Contentions. QuadPart; 
30439 1 

| ro->Counter.MutexCounter.TotalWaitTime. QuadPart += 

| elapsed.QuadPart; 
30440| if ( elapsed.QuadPart > 

| ro->Counter.MutexCounter.MaxWaitTime. QuadPart ) { 
30441 | 

| ro->Counter.MutexCounter.MaxWaitTime. QuadPart = 

| elapsed.QuadPart; 
30442 1 } 
30443 1 

30444| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); // now exhale... ah! 
30445| } 
30446| } else { 

30447| Debug(DEBUG_INFO,("lnvalid mutex object 

| %08x\n M ,FastMutex)); 
30448| DbgBreakPoint(); 
30449 1 } 
30450 1 } 
30451 | 
30452 1 

30453 1 void pmAcquireSpinLock ( 
30454| PKSPIN_LOCK SpinLock, 
30455| PKIRQL callersOldlrql) 
30456| { 

30457| ULARGE INTEGER elapsed = {0}; 

30458| LARGE_INTEGER timeAfter = {0}; 

30459| LARGE_INTEGER timeBefore = {0}; 

30460| LARGE_INTEGER performanceFrequency = {0}; 



30461 1 pRegisteredObject ro = FindObject(SpinLock); 
30462 1 

30463 1 if ( ro ) { 

30464| KIRQL Oldlrql = 0; 

30465| BOOLEAN WillBlock = (*Spinl_ock != 0); 

30466| 

30467| if ( WillBlock ) { 

30468| timeBefore = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30469 1 } 
30470| 

30471 1 KeAcquireSpinLock ( SpinLock, callersOldlrql ); 

| //This is for the caller 
30472 1 

30473| if ( WillBlock ) { 

30474| timeAfter = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30475| elapsed.QuadPart = timeAfter.QuadPart - 

| timeBefore. QuadPart; 
30476| } 
30477| 

30478| KeAcquireSpinLock ( &ContentionSpinLock, 

| &Oldlrql ); 
30479 1 

30480| ++ro->Counter.SpinLockCounter.Total. QuadPart; 
30481 1 if ( WillBlock ) { 
30482 1 

| ++ro->Counter.SpinLockCounter.Contentions. QuadPart; 
30483 1 

30484| if ( elapsed.QuadPart > 

| ro->Counter.SpinLockCounter.MaxWaitTime. QuadPart ) { 
30485| 

| ro->Counter.SpinLockCounter.MaxWaitTime. QuadPart = 

| elapsed.QuadPart; 
30486| } 
30487| 
30488| 

| ro->Counter.SpinLockCounter.TotalWaitTime. QuadPart += 

| elapsed.QuadPart; 
30489 1 } 
30490 | 

30491 1 KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30492 1 } else { 

30493| Debug(DEBUG_INFO,("lnvalid mutex object 

| %08x\n",SpinLock)); 
30494| DbgBreakPoint(); 
30495| } 
30496| } 
30497| 



30498| 

30499| BOOLEAN pmAcquireReaderLock ( 
30500| PERESOURCE Resource, 
30501| BOOLEAN Wait) 
30502| { 

30503| BOOLEAN Immediate = ExAcquireResourceSharedLite ( 

| Resource, FALSE ); 
30504| BOOLEAN ReturnValue = Immediate; 
30505| ULARGEJNTEGER elapsed = {0}; 
30506| LARGEJNTEGER timeAfter = {0}; 
30507| LARGEJNTEGER timeBefore = {0}; 
30508| LARGEJNTEGER performanceFrequency = {0}; 
30509| ULONG NumActiveReaders = 0; 
30510| KIRQLOIdlrql = 0; 

3051 1 1 pRegisteredObject ro = FindObject(Resource); 
30512| 

30513| if ( ro ) { 
30514| 

30515| KeAcquireSpinLock ( &ContentionSpinLock, 
| &Oldlrql ); 

30516| ++ro->Counter.RwCounter.TotalReaders. QuadPart; 
3051 7\ KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30518| 

30519| if ( !lmmediate){ 

30520| timeBefore = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30521 1 ReturnValue = ExAcquireResourceSharedLite ( 

| Resource, TRUE ); 
30522| NumActiveReaders = ExGetSharedWaiterCount ( 

| Resource ); 
30523 1 

30524| timeAfter = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30525| elapsed.QuadPart = timeAfter.QuadPart - 

| timeBefore. QuadPart; 
30526| 

30527| KeAcquireSpinLock ( &ContentionSpinLock, 

| &Oldlrql ); 
30528| 

| ro->Counter.RwCounter.TotalReadWaitTime. Quad Part += 

| elapsed.QuadPart; 
30529| if ( elapsed.QuadPart > 

| ro->Counter.RwCounter.MaxReadWaitTime. QuadPart ) { 
30530| 

| ro->Counter.RwCounter.MaxReadWaitTime. QuadPart = 

| elapsed.QuadPart; 
30531| } 
30532| 

| ++ro->Counter.RwCounter.ReaderContentions. QuadPart; 



30533| 

| ro->Counter.RwCounter.TotalActiveReaders.QuaclPart += 

| NumActiveReaders; 
30534| if(NumActiveReaders > 

| ro->Counter.RwCounter.MaxReaders.LowPart) { 
30535| 

| ro->Counter.RwCounter.MaxReaders.LowPart = 
| NumActiveReaders; 
30536| } 

30537| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); 
30538| } else { 

30539| NumActiveReaders = ExGetSharedWaiterCount ( 

| Resource ); 

30540| KeAcquireSpinLock ( &ContentionSpinl_ock, 

| &Oldlrql ); 
30541 | 

| ro->Counter.RwCounter.TotalActiveReaders.QuadPart += 

| NumActiveReaders; 
30542| if(NumActiveReaders > 

| ro->Counter.RwCounter.MaxReaders.LowPart) { 
30543 1 

| ro->Counter.RwCounter.MaxReaders.LowPart = 
| NumActiveReaders; 
30544| } 

30545| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); 
30546| } 
30547| } else { 

30548| Debug(DEBUG_INFO, ("Invalid resource object 

| %08x\n", Resource)); 
30549| DbgBreakPoint(); 
30550 1 } 
30551 1 

30552| return ReturnValue; 

30553 1 } 

30554| 

30555| 

30556| BOOLEAN pmAcquireWriterLock ( 
30557| PERESOURCE Resource, 
30558| BOOLEAN Wait) 
30559 1 { 

30560| BOOLEAN Immediate = ExAcquireResourceExclusiveLite 

| ( Resource, FALSE ); 
30561 1 BOOLEAN ReturnValue = Immediate; 
30562| ULARGEJNTEGER elapsed = {0}; 
30563| LARGEINTEGER timeAfter = {0}; 
30564| LARGE_INTEGER timeBefore = {0}; 
30565| LARGE_INTEGER performanceFrequency = {0}; 
30566| KIRQL Oldlrql = 0; 



30567| pRegisteredObject ro = FindObject(Resource); 
30568| 

30569| if ( ro ) { 
30570| 

30571 1 KeAcquireSpinLock ( &ContentionSpinl_ock, 
| &Oldlrql ); 

30572| ++ro->Counter.RwCounter.TotalWriters.QuadPart; 
30573| KeReleaseSpinLock ( &ContentionSpinl_ock, 

| Oldlrql ); 
30574| 

30575| if ( ! Immediate ) { 

30576| timeBefore = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30577| ReturnValue = 

| ExAcquireResourceExclusiveLite ( Resource, TRUE ); 
30578| timeAfter = KeQueryPerformanceCounter ( 

| &performance Frequency ); 
30579 1 

30580| elapsed.QuadPart = timeAfter.QuadPart - 

| timeBefore. QuadPart; 
30581 | 

30582| KeAcquireSpinLock ( &ContentionSpinl_ock, 

| &Oldlrql ); 
30583 1 

| ro->Counter.RwCounter.TotalWriteWaitTime. QuadPart += 

| elapsed.QuadPart; 
30584| if ( elapsed.QuadPart > 

| ro->Cou nter.RwCounter. Max Write WaitTime. Quad Part ) { 
30585| 

| ro->Counter.RwCounter.MaxWriteWaitTime. QuadPart = 

| elapsed.QuadPart; 
30586| } 
30587| 

| ++ro->Counter.RwCounter.WriterContentions. QuadPart; 
30588| KeReleaseSpinLock ( &ContentionSpinLock, 

| Oldlrql ); 
30589 1 } 
30590| 

30591| }else{ 

30592| Debug(DEBUG_INFO,("lnvalid resource object 

| %08x\n", Resource)); 
30593| DbgBreakPointQ; 
30594| } 
30595| 

30596| return ReturnValue; 

30597| } 

30598| 

30599| 

30600| // 



30601 1 // Statistics Dump Functions 
30602 1 // 



30604| 

30605| void pmDump_MutexCounters ( 
30606| const pRegisteredObject Ro) 
30607| { 

30608| ULARGE INTEGER Average WaitTi me = {0}; 

30609| tMutexCounters *Counters=&Ro->Counter.MutexCounter; 

30610| 

3061 1 1 if ( Counters->Contentions.QuadPart > 0 ) { 

30612| AverageWaitTime.QuadPart = 

30613| Counters->TotalWaitTime.QuadPart / 

| Counters->Contentions.QuadPart; 
30614| } 
30615| 
30616| 

30617| Debug(DEBUG_INFO,("Mutex : %08x 

| '%s'\n M , Ro->Object, Ro->Name)) ; 
30618| Debug(DEBUG_INFO,(" Total=%l64d, 

| Cont=%l64d, WaitT=%l64d, MaxW=%l64d\n M , 
30619| Counters->Total, 
30620| Counters->Contentions, 
30621 1 Counters->TotalWaitTime, 
30622| Counters->MaxWaitTime)); 
30623| Debug(DEBUG_INFO,(" 

| AverageW=%l64d\n",AverageWaitTime)); 
30624| } 
30625| 
30626| 

30627| void pmDump_SemaphoreCounters ( 
30628| const pRegisteredObject Ro) 
30629| { 

30630| ULARGE_INTEGER Average WaitTi me = {0}; 
30631 1 tSemaphoreCounters 

| *Counters=&Ro->Counter.SemaphoreCounter; 
30632 1 

30633| if ( Counters->Contentions.QuadPart > 0 ) { 

30634| AverageWaitTime.QuadPart = 

30635| Counters->TotalWaitTime.QuadPart / 

| Counters->Contentions.QuadPart; 
30636| } 
30637| 

30638| Debug(DEBUG_INFO,("Semaphore: %08x 

| '%s'\n M , Ro->Object, Ro->Name)) ; 
30639| Debug(DEBUG_INFO,(" Total=%l64d, 

| Cont=%l64d, WaitT=%l64d, MaxW=%l64d\n M , 
30640| Counters->Total, 
30641 1 Counters->Contentions, 



30642 1 Cou nters->Total WaitTime, 
30643| Counters->MaxWaitTime)); 
30644| Debug(DEBUG_INFO,(" 

| AverageW=%l64d\n",AverageWaitTime)); 
30645| 
30646| } 
30647| 
30648| 

30649| void pmDump_RwLockCounters ( 
30650| pRegisteredObject Ro) 
30651 1 { 

30652| ULARGEJNTEGER Average ={0}; 
30653| ULARGE_INTEGER AverageR = {0}; 
30654| ULARGE_INTEGER AverageW = {0}; 
30655| tReaderWriterCounters 

| *Counters=&Ro->Counter.RwCounter; 
30656| 

30657| Debug(DEBUG_INFO,("RwLock : %08x 

| '%s'\n M , Ro->Object, Ro->Name)) ; 
30658| Debug(DEBUG_INFO,(" RTotal=%l64d, 

| RCont=%l64d, RTotalW=%l64d, RMaxWaitTime=%l64d, 

| MaxR=%l64d\n", 
30659| Counters->TotalReaders, 
30660 1 Cou nters-> ReaderCo ntentions, 
30661 1 Counters->TotalReadWaitTime, 
30662| Counters->MaxReadWaitTime, 
30663 1 Counters->MaxReaders) ); 
30664| 

30665| Debug(DEBUG_INFO,(" WTotal=%l64d, 

| WCont=%l64d, WTotalW=%l64d, WMaxWaitTime=%l64d\n", 
30666| Cou nters->Total Writers, 
30667| Counters->WriterContentions, 
30668| Cou nters->Total Write WaitTime, 
30669| Counters->MaxWriteWaitTime) ); 
30670| 

30671 1 if ( Counters->ReaderContentions.QuadPart > 0 ) { 

30672| AverageR.QuadPart = 

30673| Counters->TotalReadWaitTime.QuadPart / 

| Counters->ReaderContentions.QuadPart; 
30674| } 
30675| 

30676| if ( Counters->WriterContentions.QuadPart > 0 ) { 

30677| AverageW.QuadPart = 

30678| Counters->TotalWriteWaitTime.QuadPart / 

| Counters->WriterContentions.QuadPart; 
30679 1 } 
30680| 

30681 1 if ( Counters->TotalReaders.QuadPart > 0 ) { 
30682| Average.QuadPart = 

30683| Counters->TotalActiveReaders.QuadPart / 



I Cou nters->Total Readers . Quad Part; 
30684| } 
30685| 

30686| Debug(DEBUG_INFO,(" AvgRWaitTime=%l64d, 

| AvgWWaitTime=%l64d, AvgActiveReaders=%l64d\n", 
30687| Average R,AverageW, Average) ); 
30688| } 
30689| 
30690| 

30691| void pmDump_SpinlockCounters ( 
30692| pRegisteredObject Ro) 
30693| { 

30694| ULARGEJNTEGER Average WaitTi me = {0}; 
30695| tSpinLockCounters 

| *Counters=&Ro->Counter.SpinLockCounter; 
30696| 

30697| if ( Counters->Contentions.QuadPart > 0 ) { 

30698| AverageWaitTime.QuadPart = 

30699| Counters->TotalWaitTime.QuadPart / 

| Counters->Contentions.QuadPart; 
30700| } 
30701| 

30702| Debug(DEBUG_INFO,("Spinl_ock : %08x 

| '%s'\n M ,Ro->Object,Ro->Name)); 
30703| Debug(DEBUG_INFO,(" Total=%l64d, 

| Cont=%l64d, WaitT=%l64d, MaxW=%l64d\n", 
30704| Counters->Total, 
30705| Counters->Contentions, 
30706| Counters->TotalWaitTime, 
30707| Counters->MaxWaitTime)); 
30708| Debug(DEBUG_INFO,(" 

| AverageW=%l64d\n",AverageWaitTime)); 
30709| } 
30710| 
3071 1 | 

30712| void pmDumpStatistics (void) 
30713| { 

3071 4| PLIST_ENTRY ListEntry; 
30715| KIRQLOIdlrql = 0; 
30716| 

30717| __try{ 

30718| KeAcquireSpinLock ( &ContentionSpinLock, 

| &Oldlrql ); 
30719| __try{ 
30720| 

30721 1 ListEntry = RegisteredObjects.Flink; 

30722| 

30723| while(ListEntry!=&RegisteredObjects) { 

30724| pRegisteredObject ro = 

| CONTAINING_RECORD(ListEntry,tRegisteredObject,ListEntry) 



switch(ro->ObjectType) { 
case pmSpinLock : 

pmDump_SpinlockCounters( ro ); 
break; 
case pmMutex 

pmDump_MutexCounters ( ro ); 
break; 
case pmSemaphore 

pmDump_SemaphoreCounters ( ro 

break; 
case pmRwLock : 

pmDump_RwLockCounters ( ro ); 
break; 
default: 

Debug(DEBUG_INFO,("Unknown object 
| type %08x for '%s'\n",ro->ObjectType,ro->Name)); 
30741 1 DbgBreakPoint(); 
30742 1 } 
30743 1 

30744| ListEntry = ListEntry->Flink; 

30745| } 
30746| } ^finally { 

30747| KeReleaseSpinLock ( SContentionSpinLock, 

| Oldlrql ); 
30748| } 

30749| } except( EXC E PTI ON_EX ECUT E_H AN D L E R) { 

30750| Debug(DEBUG_INFO,(" Exception occurred\n")); 

30751 | } 

30752 | } 

30753 1 

30754| 

30755| #endif 
30756| 
30757| 
30758| 

30759| File Listing: CONT.h 
30760| 

30761 1 #if TRACK_CONTENTIONS 

30762 1 

30763 1 r 

30764| cont.h 

30765| 

30766| Debug code for collecting contention statistics. 
30767| 7 
30768| 
30769 1 

30770| typedef struct sHistogram { 



I ; 

30725| 
30726| 
30727| 
30728| 
30729 1 
30730| 
30731 | 
30732 1 
30733 | 
30734| 

I ); 

30735| 
30736| 
30737| 
30738| 
30739 1 
30740 1 



30771 
30772 
30773 
30774 
30775 
30776 
30777 
30778 
30779 
30780 
30781 
30782 
30783 
30784 
30785 
30786 
30787 
30788 
30789 
30790 
30791 
30792 
30793 
30794 
30795 
30796 
30797 
30798 
30799 
30800 
30801 
30802 
30803 
30804 
30805 
30806 
30807 
30808 
30809 
30810 
30811 
30812 
30813 
30814 
30815 
30816 
30817 
30818 
30819 
30820 



HANDLE WaiterThreadld; 
ULARGEJNTEGER Count; 
} tHistogram, *pHistogram; 



typedef struct sMutexCounters { 

ULARGEJNTEGER Total; 

ULARGEJNTEGER Contentions; 

ULARGEJNTEGER TotalWaitTime; 

ULARGEJNTEGER MaxWaitTime; 

ULONG Num Histograms; 

tHistogram Histogram[256]; 
} tMutexCounters; 

typedef struct sReaderWriterCounters { 

ULARGEJNTEGER TotalReaders; 

ULARGEJNTEGER TotalWriters; 

ULARGEJNTEGER Total Active Readers; 

ULARGEJNTEGER MaxReaders; 

ULARGEJNTEGER ReaderContentions; 

ULARGEJNTEGER WriterContentions; 

U LA RG E J NTEG E R Total Read WaitTi me ; 

ULARGEJNTEGER MaxReadWaitTime; 

ULARGEJNTEGER TotalWriteWaitTime; 

ULARGEJNTEGER MaxWriteWaitTime; 

ULONG Num Histograms; 

tHistogram Histogram[256]; 
} tReaderWriterCounters; 



typedef struct sSemaphoreCounters { 

ULARGEJNTEGER Total; 

ULARGEJNTEGER Contentions; 

ULARGEJNTEGER TotalActive; 

ULONG NumActiveMeasurement; 

ULARGEJNTEGER TotalWaitTime; 

ULARGEJNTEGER MaxWaitTime; 

ULONG Num Histograms; 

tHistogram Histogram [256]; 
} tSemaphoreCounters; 



typedef struct sSpinLockCounters { 

ULARGEJNTEGER Total; 

ULARGEJNTEGER Contentions; 

ULARGEJNTEGER TotalWaitTime; 

ULARGEJNTEGER MaxWaitTime; 

ULONG Num Histograms; 

tHistogram Histogram[256]; 
} tSpinLockCounters; 



30821 
30822 
30823 
30824 
30825 
30826 
30827 
30828 
30829 
30830 
30831 
30832 
30833 
30834 
30835 
30836 
30837 
30838 
30839 
30840 
30841 
30842 
30843 
30844 
30845 



30848 
30849 
30850 
30851 
30852 
30853 
30854 
30855 
30856 
30857 
30858 
30859 
30860 
30861 
30862 
30863 
30864 
30865 
30866 
30867 
30868 



typedef struct spmContentionCounters { 
union { 

tMutexCounters MutexCounter; 
tReaderWriterCounters RwCounter; 
tSemaphoreCounters SemaphoreCounter; 
tSpinLockCounters SpinLockCounter; 

}; 

} tpmContentionCounters,*ppmContentionCounters; 



extern KSPIN_LOCK ContentionSpinLock; 



// undefine these so the functions get called instead. 

#undef pmAcquireSemaphore 

#undef pmAcquireMutex 

#undef pmAcquireSpinLock 

#undef pmAcquireReaderLock 

#undef pmAcquireWriterLock 

#undef pmRegisterObject 

#undef pmDeRegisterObject 

#undef pmWaitForMultipleObjects 



NTSTATUS pmWaitForMultipleObjects( PVOID Objects^, 
| ULONG Num, PLARGEJNTEGER Timeout ); 
30846| 

30847| NTSTATUS pmRegisterObject( PVOID Object, char *Name, 



| tPrimateObjectType ObjectType ); 



NTSTATUS pmDeRegisterObject( PVOID Object ); 

NTSTATUS pmAcquireSemaphore ( 
PKSEMAPHORE Semaphore, 
PLARGEJNTEGER Timeout ); 

void pmAcquireMutex ( 

PFAST_MUTEX fastMutex, 
PLARGEJNTEGER Timeout ); 

void pmAcquireSpinLock ( 
PKSPINJ.OCK spinLock, 
PKIRQL callersOldlrql ); 

BOOLEAN pmAcquireReaderLock ( 
PERESOURCE Resource, 
BOOLEAN Wait); 

BOOLEAN pmAcquireWriterLock ( 
PERESOURCE Resource, 
BOOLEAN Wait); 



30869 
30870 
30871 
30872 
30873 
30874 
30875 
30876 
30877 
30878 
30879 
30880 
30881 

I- 
30882 
30883 
30884 
30885 
30886 
30887 
30888 
30889 
30890 
30891 
30892 
30893 
30894 
30895 
30896 
30897 
30898 
30899 
30900 
30901 
30902 
30903 
30904 
30905 
30906 
30907 



30908 
30909 
30910 
30911 
30912 



30914 
30915 



void pmDumpStatistics (void); 
#endif // TRACK CONTENTIONS 

File Listing: CREATE. cpp 
#include "precomp.h" 



r 

7 

NTSTATUS 
PSManCreate( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 



/*++ 

Routine Description: 

Passes the device object to the correct handler 

Arguments: 

DeviceObject - Context for the activity. 

Irp - The device control argument block. 

Return Value: 

NT Status 

--*/ 
{ 

#ifdef DEBUG 

// Code for hunting down weird bug where return 



| address appears to be corrupted... (part 1 of 2) 



PVOID Daddyl = NULL; 
PVOID Grandpal = NULL; 
RtlGetCallersAddress(&Daddy1, &Grandpa1); 
#endif /* DEBUG*/ 

ULONG FlowTrace = 0; // also for tracking down 



| weird bug 
309131 



NTSTATUS Status = STATUS UNSUCCESSFUL; 



3091 6| FlowTrace A = 0x20; 

3091 7| switch(PsmGetObjectType(DeviceObject)) { 

30918| case OBJECTJNTERNAL 

30919| FlowTrace A = 0x01 ; 

30920| Status = PSManCreateObject(DeviceObject, 
I Irp); 

30921 1 FlowTrace A = 0x01 ; 

30922 1 break; 

30923| case OBJECT FILTEREDDISK : 

30924| FlowTrace A = 0x02; 

30925| Status = PSManCreateDevice(DeviceObject, 
I "rp); 

30926| FlowTrace A = 0x02; 

30927| break; 

30928| case OBJ ECT_VIRTUALDISK : 

30929| FlowTrace A = 0x04; 

30930| Status = PSManCreateVDisk(DeviceObject, 
I "rp); 

30931 1 FlowTrace A = 0x04; 

30932| break; 

30933| case OBJECT_FS_FILTER : 

30934| FlowTrace A = 0x08; 

30935| Status = PSManCreateFSFilter(DeviceObject, 
I "rp); 

30936| FlowTrace A = 0x08; 

30937| break; 

30938| caseOBJECT_FS_OBJECT : 

30939 1 FlowTrace A = 0x1 0; 

30940| Status = PSManCreateFSObject(DeviceObject, 
I "rp); 

30941 1 FlowTrace A = 0x1 0; 

30942 1 break; 

30943| default: 

30944| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 

30945| lrp->loStatus. Information = 0 ; 

30946| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

30947| break; 

30948| } 

30949| FlowTrace A = 0x20; 
30950 1 

30951 1 ASSERT(FlowTrace==0); 
30952| #ifdef DEBUG 

30953| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 2 of 2) 

30954| PVOID Daddy2 = NULL; 

30955| PVOID Grandpa2 = NULL; 

30956| RtlGetCallersAddress (&Daddy2, &Grandpa2); 

30957| ASSERT(Daddy1 == Daddy2); 

30958| ASSERT(Grandpa1 == Grandpa2); 



30959 
30960 
30961 
30962 
30963 
30964 
30965 



| PETHREAD Threadld, PFILE_OBJECT FileObject ) 



30966 
30967 



| (PagedPool, sizeof(tOT_USEFt),USERTAG); 



30968 
30969 
30970 
30971 
30972 
30973 
30974 
30975 
30976 
30977 
30978 
30979 
30980 
30981 
30982 
30983 
30984 
30985 
30986 

I- 
30987 
30988 
30989 
30990 
30991 
30992 
30993 
30994 
30995 
30996 
30997 
30998 
30999 
31000 
31001 
31002 
31003 
31004 
31005 



#endif /*DEBUG7 

return Status; 
} // end PSManCreateO 

pOTJJSER lnternalCreateUser( PEPROCESS Processld, 



{ 

pOTJJSER User = (pOTJJSER) MemAllocatePoolWithTag 



if(User) { 

RtlZeroMemory(User,sizeof(tOT_USER)); 
User->ProcesslD = Processld; 
User->ThreadlD = Threadld; 
User->Persistent = FALSE; 
User->SaveTempOnExit = FALSE; 
User->Open = 0; 
User->NumOpenSnapShots = 0; 
User->FileObject = FileObject; 
User->ErrorEvent= NULL; 
User->AbortEvent= NULL; 
Initial izeListHead(&User->SnapShots); 
AddPSMUser(User); 

} 

return User; 

} 



/*- 



7 

STATIC NTSTATUS 
PSManCreateObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 

/*++ 

Routine Description: 

This routine services open commands. It establishes 
the driver's existance by returning status success. 

Arguments: 

DeviceObject - Context for the activity. 

Irp - The device control argument block. 

Return Value: 



31006| 

31007| NT Status 

31008| 

31009| ~7 

31010| 

31011| { 

31012| #ifdef DEBUG 

31 01 3| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 1 of 2) 
31014| PVOID Daddyl = NULL; 
31015| PVOID Grandpal = NULL; 
31016| RtlGetCallersAddress(&Daddy1, &Grandpa1); 
31017| #endif /* DEBUG*/ 
31018| 

31019| pOT_USER User=NULL; 

31020| NTSTATUS Status=STATUS_SUCCESS; 

31021| 

31022| NOT_REFERENCED(DeviceObject); 

31023| PAGED_CODE(); 

31024| 

31 025| Hint -save -e746 7 

31026| Debug(DEBUG_PROCCALL,("PSManCreateObject Called: 
| PsGetCurrentProcess=%08x " 



31027| 


"PsGetCurrentThread=%08x " 


31028| 


"loGetCurrentProcess=%08x " 


31029| 


"KeGetCurrentThread=%08x " 


31030| 


"User Thread=%08x " 


31031| 


"OFO=%08x\n", 


31032| 


PsGetCurrentProcess(), 


31033| 


PsGetCurrentThread(), 


31034| 


loGetCurrentProcess(), 


31035| 


KeGetCurrentThread(), 


31036| 


lrp->Tail.Overlay.Thread, 


31037| 





| lrp->Tail. Overlay. OriginalFileObject 
31038| )); 
31039| Hint -restore 7 
31040| 

31 041 1 // keep track of who has us open. 
31042| User = 

| I nternalCreate(Jser( PsGetCu rrentProcess() , PsGetCu rrentTh r 

| ead(),lrp->Tail. Overlay. OriginalFileObject); 



31043| 

31044| if (User) { 

31 045| Status = lrp->loStatus.Status = STATUS_SUCCESS; 

31046| }else{ 

31 047| Status = I rp->loStatus. Status = 



| STATUS_INSUFFICIENT_RESOURCES; 
31048| } 

31 049| lrp->loStatus. Information = 0; 



31050 
31051 
31052 
31053 
31054 
31055 



address appears to be corrupted... (part 2 of 2) 



31056 
31057 
31058 
31059 
31060 
31061 
31062 
31063 
31064 
31065 
31066 
31067 
31068 

I- 
31069 
31070 
31071 
31072 
31073 
31074 
31075 
31076 
31077 
31078 
31079 
31080 
31081 
31082 
31083 
31084 
31085 
31086 
31087 
31088 
31089 
31090 
31091 
31092 
31093 
31094 
31095 



loCompleteRequest(lrp, IO_NO_INCREMENT); 
Debug(DEBUG_PROCCALL,("PSManCreateObject Done\n")); 

#ifdef DEBUG 

// Code for hunting down weird bug where return 



PVOID Daddy2 = NULL; 
PVOID Grandpa2 = NULL; 
RtlGetCallersAddress (&Daddy2, &Grandpa2); 
ASSERT(Daddy1 == Daddy2); 
ASSERT(Grandpa1 == Grandpa2); 
#endif /* DEBUG*/ 

return Status; 

} // end PSManCreateObject() 



r 

7 

STATIC NTSTATUS 
PSManCreateDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 



/*++ 

Routine Description: 

This routine services open commands. It establishes 
the driver's existance by returning status success. 

Arguments: 

DeviceObject - Context for the activity. 

Irp - The device control argument block. 

Return Value: 

NT Status 

~7 



{ 

#ifdef DEBUG 

// Code for hunting down weird bug where return 
| address appears to be corrupted... (part 1 of 2) 
31096| PVOID Daddyl = NULL; 



31097| PVOID Grandpal = NULL; 

31 098| RtlGetCallersAddress(&Daddy1 , &Grandpa1 ); 

31099| #endif TDEBUG7 

31100| 

31101| NTSTATUS Status; 

31102| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
31 1 03 1 TRACE( TRACE_CREATE, 
31104| 

| currentlrpStack->Parameters.Read.ByteOffset.HjghPart, 
31105| 

| cu rrent I rpStack-> Parameters . Read . ByteOff set. LowPart, 
31 1 06| currentlrpStack->Parameters. Read. Length, 

31 1 07| currentlrpStack->Parameters. Read. Key, 

31108| ""); 
31109| 

31110| #ifdef DEBUG 

31111| if (Psm Active) { 

31112| Debug(DEBUG_CREATE | 

| DEBUG_PROCCALL,( M PSManCreateDevice Called\n")); 
31113| } 
31114| #endif 

31 1 15| Status = PSManPassThru( DeviceObject, Irp ); 

31116| #ifdef DEBUG 

31117| if(PsmActive) { 

31 1 18| Debug(DEBUG_CREATE | 

| DEBUG_PROCCALL,("PSManCreateDevice Done\n M )); 
31119| } 
31120| #endif 
31121| 

31122| #ifdef DEBUG 

31 123| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 2 of 2) 
31124| PVOID Daddy2 = NULL; 
31125| PVOID Grandpa2 = NULL; 
31 126| RtlGetCallersAddress (&Daddy2, &Grandpa2); 
31 127| ASSERT(Daddy1 == Daddy2); 
31 128| ASSERT(Grandpa1 == Grandpa2); 
31129| #endif TDEBUG7 
31130| return Status; 
31131| 

31132| } // end PSManCreateDevice() 
31133| 

31134| /* 



31135| STATIC NTSTATUS PSManCreateVDisk( 
31 136| IN PDEVICE_OBJECT DeviceObject, 
31137| INPIRPIrp 
31138| ) 
31139| { 



31 140|#ifdef DEBUG 

31 141 1 // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 1 of 2) 
31142| PVOID Daddyl = NULL; 
31 143| PVOID Grandpal = NULL; 
31144| RtlGetCallersAddress(&Daddy1, &Grandpa1); 
31145| #endif TDEBUG7 
31146| 

31 1 47| NTSTATUS Status=STATUS_SUCCESS; 
31148| 

31 1 49| Debug(DEBUG_PROCCALL | 

| DEBUG_CREATE,("PsmanCreateVDisk Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
31 1 50| lrp->loStatus. Information = 0; 
31151| lrp->loStatus.Status = Status; 
31152| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
31153| Debug(DEBUG_PROCCALL | 

| DEBUG_CREATE,("PsmanCreateVDisk Done\n")); 
31154| 

31155| #ifdef DEBUG 

31 1 56| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 2 of 2) 
31 1 57| PVOID Daddy2 = NULL; 
31 1 58| PVOID Grandpa2 = NULL; 
31159| RtlGetCallersAddress (&Daddy2, &Grandpa2); 
31 1 60| ASSERT(Daddy1 == Daddy2); 
31161| ASSERT(Grandpa1 == Grandpa2); 
31162| #endif /* DEBUG*/ 
31163| 

31164| return Status; 

31165| } 

31166| 

31167| 

31168| r 



31169| STATIC NTSTATUS 

31170| PSManCreateFSFilter( 

31 1 71 1 IN PDEVICE_OBJECT DeviceObject, 

31172| INPIRPIrp 

31173| ) 

31174| 

31175| /*++ 

31176| 

31177| Routine Description: 
31178| 

31 1 79| This routine services open commands. It establishes 
31 1 80| the driver's existance by returning status success. 
31181| 

31182| Arguments: 
31183| 



31 1 84| DeviceObject - Context for the activity. 
31185| Irp - The device control argument block. 
31186| 

31187| Return Value: 
31188| 

31189| NT Status 

31190| 

31191| -7 

31192| 

31193| { 

31194| #ifdef DEBUG 

31 195| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 1 of 2) 
31196| PVOID Daddyl = NULL; 
31197| PVOID Grandpal = NULL; 
31 1 98| RtlGetCallersAddress(&Daddy1 , &Grandpa1 ); 
31199| #endif /"DEBUG*/ 
31200| 

31201 1 NTSTATUS Status = SfCreate(DeviceObjectJrp); 
31202| 

31203| #ifdef DEBUG 

31204| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 2 of 2) 
31205| PVOID Daddy2 = NULL; 
31206| PVOID Grandpa2 = NULL; 
31207| RtlGetCallersAddress (&Daddy2, &Grandpa2); 
31208| ASSERT(Daddy1 == Daddy2); 
31209| ASSERT(Grandpa1 == Grandpa2); 
31210| #endif /*DEBUG7 
31211| 

31212| return Status; 

31213| }// end PSManCreateFilter() 

31214| 

31215| /* 



31216| STATIC NTSTATUS PSManCreateFSObject( 
31217| IN PDEVICE_OBJECT DeviceObject, 
31218| INPIRPIrp 
31219| ) 
31220| { 

31221 1 #ifdef DEBUG 

31222| // Code for hunting down weird bug where return 

| address appears to be corrupted... (part 1 of 2) 
31223| PVOID Daddyl = NULL; 
31224| PVOID Grandpal = NULL; 
31225| RtlGetCallersAddress(&Daddy1, &Grandpa1); 
31226| #endif /*DEBUG7 
31227| 

31228| NTSTATUS Status= STATU S_SUCC ESS; 
31229| 



31230| Debug(DEBUG_PROCCALL | 

| DEBUG_CREATE,( M PsmanCreateFSObject Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
31231| lrp->loStatus. Information = FILEOPENED; 
31232| lrp->loStatus. Status = Status; 
31233| loComplete Request (Irp, IO_DISK_INCREMENT) ; 
31234| Debug(DEBUG_PROCCALL | 

| DEBUG_CREATE,( M PsmanCreateFSObject Done\n")); 
31235| 

31236| #ifdef DEBUG 

31237| // Code for hunting down weird bug where return 



address appears to be corrupted... (part 2 of 2) 



31238 
31239 
31240 
31241 
31242 
31243 
31244 
31245 
31246 
31247 
31248 
31249 
31250 
31251 
31252 
31253 
31254 
31255 
31256 
31257 
31258 
31259 
31260 
31261 
31262 
31263 
31264 
31265 
31266 
31267 
31268 
31269 
31270 
31271 
31272 
31273 
31274 
31275 



PVOID Daddy2 = NULL; 
PVOIDGrandpa2 = NULL; 
RtlGetCallersAddress (&Daddy2, &Grandpa2); 
ASSERT(Daddy1 == Daddy2); 
ASSERT(Grandpa1 == Grandpa2); 
#endif TDEBUG7 

return Status; 



File Listing: CREATE. h 

NTSTATUS 
PSManCreate( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManCreateObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManCreateDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS PSManCreateVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManCreateFSObject( 



31276| IN PDEVICE_OBJECT DeviceObject, 
31277| IN PIRP Irp 
31278| ); 
31279| 

31280| STATIC NTSTATUS PSManCreateFSFilter( 

31281 1 IN PDEVICE_OBJECT DeviceObject, 

31282| IN PIRP Irp 

31283| ); 

31284| 

31285| 

31286| pOTJJSER lnternalCreateUser( PEPROCESS Processld, 

| PETHREAD Threadld, PFILE_OBJECT FileObject ); 
31287| 
31288| 
31289| 

31290| File Listing: DCPSM.cpp 
31291| 

31292| #include "precomp.h" 
31293| 

31294| #ifdef ALLOC_PRAGMA_DO_NOT_DO 
31295| #pragma alloc_text(PAGE, SbPrelnit) 
31296| #pragma alloc_text(PAGE, SbOpenPSM) 
31297| #pragma alloc_text(PAGE, SbClosePSM) 
31298| #endif 
31299| 

31300| //STATIC NTSTATUS AddDeviceToList( pkSnapShotEntry 

| *List, pkSnapShotEntry Snapshot); 
31301| NTSTATUS ValidateKernelSnapShotPointer ( PVOID 

| Kernel Pointer ); 
31302| 
31303| 

31304| r 



31305| STATIC void Dump Debug Pointers ( void ) 
31306| { 

31307| Debug(DEBUG_DCPSM ! ("ThreadObjects %p WriterObject 
| %p ThreadsAwake %d NumThreads %d\n", 



31308| ThreadObjects, 

31309| WriteThreadObject, 

31310| ThreadsAwake, 

31311| NumberOfThreads 

31312| )); 
31313| 



31314| //LIST_ENTRY ThreadsWorkToDoQueue={0}; 

31315| //KSPIN_LOCK ThreadsWorkToDoSpinLock={0}; 
31316| 

31317| //LISTENTRY WriteQueue={0}; 

31318| //KSPIN_LOCK WriteSpinLock={0}; 
31319| } 
31320| 



31321| 
31322| 
31323| /* 



31324| /* 

31325| Given a NT device name will return our object 

| associated with it. 
31326| 7 

31327| PDEVICE_OBJECT GetObjectFromName( WCHAR *Name ) 
31328| { 

31329| PDEVICE_OBJECT DevObj ; 
31330| __try{ 

31331 1 DevObj = PSManDriverObject->DeviceObject; 
31332| 

31333| while ( DevObj ) { 
31334| //if a filtered disk 

31335| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31336| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31337| if ( _wcsicmp(DevExt->Name,Name)==0 ) { 

31338| break; 
31339| } 
31340| }// if filtered disk 

31341| 

31342| DevObj = DevObj->NextDevice; 

31343| }//while(DevObj) 
31344| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31345| Debug(DEBUG_DCPSM,("GetObjectForName: Exception 

| %08x",GetExceptionCode())); 
31346| DevObj = NULL; // indicate error to caller - 

| don't want to return wrong DevObj 
31347| } 

31348| return DevObj; 

31349| } 

31350| 

31351 1 PDEVICE_OBJECT GetVdiskObjectForName( WCHAR *Name, 

| ULONG Instance ) 
31352| { 
31353| __try{ 

31354| PVDISK_EXTENSION DevExt; 
31355| PFILTERED_EXTENSION FiltExt; 
31356| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
31357| while ( DevObj ) { 
31358| 

31359| DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(DevObj); 
31360| if( 



I (PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) && 
31361 1 (DevExt->lnstance == Instance ) ) { 

31362| if ( DevExt->PSM Device ) { 

31363| FiltExt = 

| GetFilteredExtension(DevExt->PSMDevice); 
31364| if( 

| _wcsicmp(Name,FiltExt->Name)==0 ) { 
31365| return DevObj; 

31366| } 
31367| } 
31368| } 
31369| 

31370| DevObj = DevObj->NextDevice; 

31371| } 
31372| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31 373| Debug(DEBUG_DCPSM,("GetVdiskObjectForName: 

| Exception %08x",GetExceptionCode())); 
31374| } 

31375| Debug(DEBUG_DCPSM,("GetVdiskObjectForName: Name 

| '%S' notfound\n",Name)); 
31376| return NULL; 
31377| } 
31378| 
31379| 
31380| 
31381| I* 

31382| Given a NT device name will return our object 

| associated with it. 
31383| 7 

31384| PDEVICE_OBJECT GetObjectFromVDiskName( WCHAR *Name ) 
31385| { 

31386| PDEVICE_OBJECT DevObj ; 
31387| _try{ 

31388| DevObj = PSManDriverObject->DeviceObject; 

31389| WCHAR VD[256]={0}; 

31390| 

31391| while ( DevObj ) { 
31392| // if a virtual disk 

31393| if( 

| PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
31394| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
31395| 
31396| 

| swprintf ( VD, L"\\Device\\Psm Devices_%04x\\%s_%d", PSM_LOW_ 
| COMPATIBLE_VERSION,DevExt->Name,DevExt->lnstance); 
31397| 

31398| if ( _wcsicmp(VD,Name)==0 ) { 

31399| break; 



31400| } 

31401| }// if virtual disk 

31402| 

31403| DevObj = DevObj->NextDevice; 

31404| }//while(DevObj) 
31405| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31406| Debug(DEBUG_DCPSM,( M GetObjectFromVDiskName: 

| Exception %08x",GetExceptionCode())); 
31407| } 
31408| 

31409| return DevObj; 

31410| } 

31411| 

31412| /* 

| */ 

31413| r 

31414| Given a Win32 name will return our object 

| associated with it. 
31415| A win 32 name begins with \DosDevices\ or \??\ 
31416| ie: \DosDevices\C:\dir\filename.ext 
31417| 7 

31418| PDEVICE_OBJECT GetObjectFromWin32Name( WCHAR *FileName 
I) 

31419| { 

31420| UNICODE_STRING UniName={0}; 

31421| OBJECT ATTRIBUTES ObjectAttributes={0}; 

31422| NTSTATUS Status=0; 

31423| PDEVICE_OBJECT DevObj=NULL; 

31424| WCHAR Name[256]={0}; 

31425| WCHAR *p=NULL; 

31426| HANDLE Sym Hand le= NULL; 

31427| ULONG Ret=0; 

31428| 

31429| // convert from \DosDevices\C:\dir\filename.ext 

31430| // to \DosDevices\C: 

31 431 1 // find second slash \c:\dir\filename.ext 

31432| p = wcschr(FileName+1,L'\Y); 

31433| if (!p){ 

31434| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: Not 

| valid name '%S'\n",FileName)); 
31435| return NULL; 
31436| } 

31 437| // find third slash \dir\filename.ext 
31438| p = wcschr(p+1,L'\Y); 
31439| if (!p){ 

31440| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: Not 

| valid name '%S'\n",FileName)); 
31441| return NULL; 
31442| } 



31443| 

31444| ASSERT(p-FileName<256); 
31445| 

31 446| // copy and get rid of tail 

31447| wcsncpy(Name,FileName,p-FileName); 

31 448| Name[p-FileName]=0; 

31449| 

31450| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: Looking 

|for'%S'\n'\Name)); 

31451 1 RtllnitUnicodeString( &UniName, Name); 
31452| 

31 453| InitializeObjectAttributes ( &ObjectAttributes, 



31454| &UniName, 

31455| OBJ_CASE_INSENSITIVE, 

31456| NULL, 

31457| NULL); 

31458| 



31459| Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, & Object Attributes); 
31460| if ( NT_SUCCESS(Status) ) { 
31461| 

31462| UniName.Length = 0; 

31463| UniName.MaximumLength = 256; 

31464| Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
31 465| if ( NT_SUCCESS(Status) ) { 
31466| 

31467| Debug(DEBUG_DCPSM,( M GetObjectFromWin32Name: 

| Device Name = '%wZ'\n",&UniName)); 
31468| DevObj = GetObjectFromName(UniName. Buffer); 

31469| if ( !DevObj){ 

31470| 

| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: Unable to 

| find device object\n")); 
31471| } 
31472| 

31473| }else{ 

31474| Debug(DEBUG_DCPSM,( M GetObjectFromWin32Name: 

| Error %08x opening symlink '%S'\n",Status,Name)); 
31475| } 
31476| 

31477| ZwClose(SymHandle); 
31478| SymHandle = NULL; 
31479| }else{ 

31480| Debug(DEBUG_DCPSM, ("Error %08x\n", Status)); 

31481| } 

31482| 

31483| 

31484| #if 0 

31485| // win2k specific way, but the nt 4 way should work 



I also 

31486| // so lets not do this unless we need to. 

31487| InitializeObjectAttributes ( &ObjectAttributes, 

31488| &UniName, 

31 489| OBJ_CASE_INSENSITI VE, 

31490| NULL, 

31491| NULL); 

31492| 

31493| Status = ZwCreateFile( &FileHandle, 
31494| 0, 

| // desired access 
31 495| &ObjectAttributes, 

| // object attributes 
31496| &loStatus, 
31497| NULL, 

| // alloc size 

31498| FILEATTRIBUTENORMAL, 

| // file attributes 
31499| FILE SHARE WRITE | 

| FILE_SHARE_READ, 

| // share access 
31500| FILEOPEN, 

| // create disposition 
31501| 

| FILE_SYNCHRONOUS_IO_NONALERT, 

| // create options 
31502| NULL, // eabuffer 

31503| 0); //ealength 

31504| if ( NT_SUCCESS(Status) ) { 
31505| ULONG CurrentSize = 100; 
31506| PMOUNTDEV_NAME MN; 
31507| 

31508| do{ 
31509| MN = 

| MemANocatePoolWithTag(PagedPool,CurrentSize+sizeof(MOUN 

| TDEV_NAME),TEMPTAG); 
31510| if ( MN ) { 

3151 1 1 Status = ZwDeviceloControlFile( 

31512| 

| FileHandle,NULL,NULL,NULL,&loStatusBlock, 
31513| 

| lOCTL MOUNTDEV QUERY DEVICE NAME, 
31514| 

| NULL,0,MN,CurrentSize+sizeof(MOUNTDEV_NAME) 
31515| ); 
31516| 

31517| if ( Status==STATUS_BUFFER_TOO_SMALL ) 

|{ 

31518| FREE_POINTER(MN); 
31519| CurrentSize*=2; 



31520| } 
31521| }else{ 

31522| Status = STATUS_INSUFFICIENT_RESOURCES; 

31523| } 

31524| } while ( Status==STATUS_BUFFER_TOO_SMALL ); 
31525| 

31526| if ( NT_SUCCESS(Status) ) { 

31527| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: 

| '%s' = VoS^Name,MN->Name)); 
31528| DevObj = GetObjectFromName(MN->Name); 

31529| if(!DevObj){ 
31530| 

| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: Unable to 

| find device objectAn")); 
31531| } 
31532| }else{ 

31533| Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: 

| Error %08x sending ioctl to '%s'\n", Status, Name)); 
31534| } 
31535| 

31536| if(MN){ 

31537| FREE_POINTER(MN); 

31538| } 

31539| ZwClose(FileHandle); 
31540| }else{ 

31 541 1 Debug(DEBUG_DCPSM,("GetObjectFromWin32Name: 

| Error %08x opening '%s^",Status,Name)); 
31542| } 
31543| #endif 
31544| return DevObj; 
31545| } 
31546| 

31547| r 



31548| r 

31549| will return OUR object assiocated with the 

| given drive letter 
31550| 
31551| 7 

31552| PDEVICE_OBJECT GetObjectFromDrivel_etter( WCHAR 

| DriveLetter ) 
31553| { 

31554| WCHAR DriveName[20] = 

| L"\\DosDevices\\C:\\"; 
31555| 

31556| DriveName[1 2] = DriveLetter; 
31557| 

31558| return GetObjectFromWin32Name(DriveName); 

31559| } 

31560| 



31561| I* 



31562| I* 

31 563| Add non physical devices to list of devices to psm. 
31564| 7 

31565| STATIC NTSTATUS FindAndAddVolumesForDevice( 
| PDEVICE_OBJECT Physical Device, PVOID *ObjectTable, 
| ULONG *NumObjects ) 

31566| { 

31567| #if _WIN32_WINNT < 0x0500 
31568| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
31569| NTSTATUS Status=STATUS_SUCCESS; 
31570| 

31571| while ( DevObj ) { 
31572| // if a filtered disk 
31573| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31574| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31575| 

31576| // if this volume is on this device, but is 

| not the physical device itself 
31577| if( 

| (DevExt->PhysicalDevice==PhysicalDevice) && 

| (!DevExt->lsPhysical) ) { 
31578| 

31 579| // okay we now have a logical volume. 

31580| ObjectTable[*NumObjects] = 

| &(DevExt->WriteEvent); 
31 581 1 (*NumObjects)++; 
31582| 

31 583| // say we want event notification. 

31584| 

| lnterlockedlncrement((PLONG)&DevExt->SignalWrite); 
31585| } 
31586| }// if filtered disk 
31587| 

31588| DevObj = DevObj->NextDevice; 
31589| }// while( DevObj) 
31590| return Status; 
31591| #else 

31592| return STATUSJMOTJMPLEMENTED; 

31593| #endif 

31594| 

31595| } 

31596| 

31597| r 



31598| STATIC NTSTATUS MakeVolumel_istToPsm( 



I pOpenTransactionlnlnternal In, PVOID *ObjectTable, 
| ULONG *NumObjects ) 
31599| { 

31600| ULONG i; 

31 601 1 PDEVICE_OBJECT DevObj=NULL; 
31602| PFILTEREDEXTENSION DevExt=NULL; 
31 603| NTSTATUS Status=STATUS_SUCCESS; 
31604| 

31605| Debug(DEBUG_PROCCALL,("MakeVolumeListToPsm\n")); 

31 606| for ( i=0;i<ln->NumberOf Devices;i++ ) { 

31 607| DevObj = (PDEVICE_OBJECT) GetObjectFromName( 

| (WCHAR *)DN_MakePointer(ln,ln->DeviceName[i]) ); 
31608| if (DevObj ){ 

31 609| DevExt = GetFilteredExtension(DevObj); 

31610| 

31 61 1 1 // okay we now have a device. 

31 61 2| ObjectTable[*NumObjects] = 

| &(DevExt->WriteEvent); 
31613| (*NumObjects)++; 
31614| 

31 61 5| // say we want event notification. 

31616| 

| lnterlockedlncrement((PLONG)&DevExt->SignalWrite); 
31617| 

31618| // enable psm on physical device also 

31619| 

31 620| if ( !DevExt->lsPhysical ) { 

31621| #if 0 

31622| // FIXFIXFIX !FIX!FIX!FIX if the physical device is 

| written to, we will 
31623| no longer psm it. this may or may not 

| be a problem, more so on nt4 than 
31624| w2k. 

31 625| PFILTERED EXTENSION PhyExt = 

| GetFilteredExtension(DevExt->PhysicalDevice); 
31626| 

31 627| // only if we havent done it yet. 

31628| // FIXFIXFIX if we allow multiple waits 

| at the same time fix this 
31 629| if ( !PhyExt->Signal Write ) { 

31630| 

31 631 1 ObjectTable[*NumObjects] = 

| &(PhyExt->WriteEvent); 
31 632| (*NumObjects)++; 
31633| 
31634| 

| lnterlockedlncrement(&PhyExt->SignalWrite); 
31635| 

31636| // make sure null, as we dont 

| allocate space on the physical side 



31637| PhyExt->PSMSectors = NULL; 

31638| } 
31639| #endif 
31640| }else{ 

31 641 1 // okay, the user said to do the whole 

| drive, map in all partitions for this device 
31642| Status = 

| FindAndAddVolumesForDevice(DevObj,ObjectTable,NumObjects 

I); 

31 643| if ( !NT_SUCCESS(Status) ) { 

31644| Debug(DEBUG_DCPSM,("PSMan: FAAVFD 

| failed with %08x\n",Status)); 
31645| break; 
31646| } 
31647| } 
31648| }else{ 

31 649| Debug(DEBUG_DCPSM,("PSMan: Unable to find 

| object for device 

[ '%S'\n",DN_MakePointer(ln,ln->DeviceName[i]))); 
31 650| Status = STATUS_NO_SUCH_DEVICE; 

31651| } 
31652| } 
31653| 

31 654| if ( !NT_SUCCESS(Status) ) { 

31 655| // clear memory allocated and flags 

31656| DevObj = PSManDriverObject->DeviceObject; 

31657| while ( DevObj ) { 

31658| // if a filtered disk 

31659| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31660| ULONGk; 

31 661 1 DevExt = GetFilteredExtension(DevObj); 

31662| 

31 663| for ( k=0;k<*NumObjects;k++ ) { 

31 664| if ( &DevExt->WriteEvent == 

| ObjectTablefk] ) { 
31665| 

| lnterlockedDecrement((PLONG)&DevExt->SignalWrite); 
31666| } 
31667| } 
31668| 

31669| }// if filtered disk 

31670| 

31 671 1 DevObj = DevObj->NextDevice; 

31672| }//while( DevObj) 
31673| } 
31674| 

31675| return Status; 

31676| } 

31677| 



31678| /* 



31679| STATIC void FlushVolumel_ist( pOpenTransactionlnlnternal 

I In) 
31680| { 

31681| ULONG i; 
31682| 

31683| for ( i=0;kln->NumberOfDevices;i++ ) { 
31 684| FlushVolume((WCHAR 

| *)DN_MakePointer(ln,ln->DeviceName[i])); 
31685| } 
31686| } 
31687| 

31 688| // Time we went into our wait for no io mode. 
31689| STATIC LARGEJNTEGER CurrentTime={0}; 
31 690| STATIC ULONG SecondsToWait=0; 
31691| 
31692| 

31 693| // make sure the volumes are good 
31 694| // 1 . Check for 512 byte sectors since that is all we 
| support 

31695| /* 



31696| STATIC NTSTATUS VerifyGoodVolumel_ist( 

| pOpenTransactionlnlnternal In ) 
31697| { 

31698| ULONG i; 

31699| PDEVICE_OBJECT DevObj=NULL; 

31 700| NTSTATUS Status = STATUS_SUCCESS; 

31701| PAG E D_CO D E () ; 

31702| 

31703| Debug(DEBUG_PROCCALL,( M VerifyGoodVolumeList\n M )); 

31704| for ( i=0;kln->NumberOfDevices;i++ ) { 

31 705| DevObj = GetObjectFromName((WCHAR 

| *)DN_MakePointer(ln,ln->DeviceName[i])); 
31706| if (DevObj ){ 

31707| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31708| 

31 709 1 if ( DevExt->Not Active ) { 

31 71 0| Debug(DEBUG_DCPSM, ("Error! Device %S is 

| not active!\n",DevExt->Name)); 
31 71 1 1 Status = PSM_ERROR_VOLUME_NOT_ACTIVE; 

31712| break; 
31713| } 
31714| 

31715| if ( DevExt->BytesPerSector!=51 2 ) { 

31 71 6| Debug(DEBUG_DCPSM, ("Error! Device %08x 

| does not have a blocksize of 51 2 !\n", DevObj)); 
31717| Status = STATUS_I N VALI D_PARAM ETER; 



31718| break; 
31719| } 
31720| }else{ 

31 721 1 // well off to a bad start, no device 

31722| Debug(DEBUG_DCPSM, ("Error! Device does not 

| exist!\n")); 

31 723| Status = STATUS_NO_SUCH_DEVICE; 

31724| break; 

31725| } 

31726| } 

31727| 

31 728| #if _WIN32_WINNT < 0x0500 

31 729| // check to see if cache file is on a good volume 

31 730| if ( Status==STATUS_SUCCESS ) { 

31 731 1 // \DosDevices\C:\temp\psm3.tmp 

31732| DevObj = 

| GetObjectFromDriveLetter(ln->CacheFileName[12]); 
31733| if (DevObj ){ 

31734| UNICODE_STRING LookingFor; 

31735| 

31736| 

| RtllnitUnicodeString(&LookingFor,L"\\Driver\\Ftdisk"); 
31737| 

31 738| // make sure ftdisk is NOT above us 

31 739| // check to see if any one is attached to 

| this object 

31 740| // going up the chain, as more than one 

| filter can be 
31741| //installed. 
31742| 

31743| DevObj = DevObj->AttachedDevice; 

31744| while ( DevObj ) { 

31 745| if ( DevObj->DriverObject ) { 

31746| 

31 747| // some one is layered on top of 

| us. 

31748| if( 

| RtlCompareUnicodeString(&DevObj->DriverObject->DriverNam 

| e,&LookingFor,TRUE)==0 ) { 
31749| // hey its ftdisk 

31 750| Status = PSM_ERROR_DEADLOCK; 

31751| break; 
31752| } 

31753| DevObj = DevObj->AttachedDevice; 

31754| }else{ 

31 755| // odd no driver associated with 

| device., oh well. 
31756| break; 
31757| } 
31758| } 



31759| }else{ 

31 760| // no device found for cache file.. 

31 761 1 // probally means sym link check failed 

31762| Status = STATUS_NO_SUCH_DEVICE; 

31763| } 



31764| } 

31765| #endif 

31766| return Status; 

31767| } 

31768| 

31769| NTSTATUS CloseCacheFilesThatAreNotBeingUsed() 
31770| { 

31 771 1 NTSTATUS Status = STATUS_SUCCESS; 
31772| 

31773| _try{ 
31774| 

| Debug(DEBUG_DCPSM,("CloseCacheFilesThatAreNotBeingUsed: 

| Called\n")); 
31 775| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
31776| while ( DevObj ) { 
31777| // if a filtered disk 

31778| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31779| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31780| if( 

| lsListEmpty(&DevExt->Cache.SnapShotHead) ) { 
31781| 

| PersistentDictionary::CloseFilesForVolume(DevObj); 
31782| } 
31783| }// if filtered disk 

31784| 

31785| DevObj = DevObj->NextDevice; 

31786| }//while( DevObj) 

31787| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31788| 

| Debug(DEBUG_DCPSM,("CloseCacheFilesThreadAreNotBeingUsed 

| : Exception %08x",GetExceptionCode())); 
31789| } 
31790| 
31791| 

| Debug(DEBUG_DCPSM,("CloseCacheFilesThatAreNotBeingUsed: 
| Done\n")); 
31792| 

31793| return Status; 

31794| } 

31795| 

31796| NTSTATUS OpenCacheFiles( pOpenTransactionlnlnternal 



I In, PVOID *ObjectTable, ULONG NumObjects, PVOID 
| AbortEvent ) 
31797| { 

31 798| NTSTATUS Status = STATUS_SUCCESS; 
31799| 

31800| __try{ 

31801 1 PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
31802| while ( DevObj ) { 
31803| //if a filtered disk 

31804| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31805| ULONG k; 

31806| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31807| 

31808| for ( k=0;k<NumObjects;k++ ) { 

31 809| if ( &DevExt->WriteEvent == 

| ObjectTablefk] ) { 
31810| // we change the dev ext to be 

| true as we do have it acquired 
31811| // otherwise if the volume 

| needs to be reloaded, we will get a deadlock 
31812| ULONG Save = 

| DevExt->OpenCloseAcquired; 
31813| DevExt->OpenCloseAcquired = 

| TRUE; 

31814| //okay, found a volume that we 

| are snapping 
31815| Status = 

| PersistentDictionary::RebuildSnapShotsForVolume(DevObj,F 

| ALSE,AbortEvent); 
31816| DevExt->OpenCloseAcquired=Save; 
31817| if ( !NT_SUCCESS(Status) ) { 

31818| 

31819| //cleanup objects we 

| already did 

31820| PDEVICE_OBJECT D = 

| PSManDriverObject->DeviceObject; 
31821| while(D){ 
31822| // if a filtered disk 

31823| if( 

| PsmGetObjectType(D)==OBJECT_FILTEREDDISK ) { 
31824| ULONG o; 

31825| PFILTERED_EXTENSION 

| DE = GetFilteredExtension(D); 
31826| for(o=0;o<k;o++) { 

31827| if( 

| &DE->WriteEvent == ObjectTable[o] ) { 
31828| if( 



I DE->Cache.ReferenceCount > 0 ) { 
31829| if( 

| ~DE->Cache.ReferenceCount==0 ) { 
31830| 

| PersistentDictionary::TearDownCacheForVolume(D); 
31831| } 
31832| } 
31833| } 
31834| } 
31835| } 
31836| D = D->NextDevice; 

31837| } 
31838| 

31839| return Status; 

31840| } 

31841| } 

31842| } 

31843| }// if filtered disk 

31844| 

31845| DevObj = DevObj->NextDevice; 

31846| }//while( DevObj) 

31847| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31848| Status = GetExceptionCode(); 

31849| Debug(DEBUG_DCPSM,("OpenCacheFiles: Exception 

| %08x",Status)); 
31850| } 
31851| 

31852| return Status; 

31853| } 

31854| 

31855| 

31856| void CleanupSignals( ULONG NumDrives, PVOID 

| "ObjectTable, BOOLEAN CleanupCache ) 
31857| { 

31858| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
31859| 

31860| while ( DevObj ) { 

31861| Debug(DEBUG_DCPSM,("CleanupSignals: Cleaning 

| up DevObj=%08x\n", DevObj)); 
31862| // if a filtered disk 
31863| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31864| ULONG k; 

31865| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31866| 

31867| for ( k=0;k<NumDrives;k++ ) { 

31868| if ( &DevExt->Write Event == 



I ObjectTablefk] ) { 
31 869| lnterlockedDecrement((PLONG) 

| &DevExt->SignalWrite); 
31870| 

31871| if(CleanupCache) { 

31872| 

| ASSERT(DevExt->Cache.ReferenceCount); 
31873| if( 

| --DevExt->Cache.ReferenceCount==0 ) { 
31874| 

| PersistentDictionary::TearDownCacheForVolume(DevObj); 
31875| } 
31876| } 
31877| } 
31878| } 
31879| }// if filtered disk 
31880| 

31881 1 DevObj = DevObj->NextDevice; 

31882| }//while( DevObj) 

31883| } 

31884| 

31885| 

31886| NTSTATUS CheckForAbortCreatingSnapShots () 
31887| { 

31 888| NTSTATUS Status = STATUS_SUCCESS; 
31889| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
31890| 

31 891 1 while ( DevObj && NT_SUCCESS(Status) ) { 
31892| // if a filtered disk 
31893| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31894| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31895| if ( DevExt->SignalWrite ) { 

31896| GetSnapShotForRead(); 
31897| _try{ 
31898| pkSnapShotEntry p = 

| GetTopSnapShot(&DevExt->SnapShots); 
31899| if ( p ) { 

31900| _try{ 
31 901 1 // There is at least one 

| snapshot on the volume already. 
31902| // We only need to look at 

| one of the snapshots, because they will all say the 

| same thing 

31 903| // when asked about cache 

| usage. 
31904| 

31905| if ( 



I ((pPersistentDictionary)(p->Dictionary))->lsCacheSnapSho 
| tCreationThresholdReached() ) { 
31906| Status = 

| PSMJNSUFFICIENT_CACHE; // will cause outer loop to 
| exit 

31907| } 

31908| } finally { 

31909| DoneWithSnapShot(p); 
31910| } 
31911| } 

31912| } ^finally { 

31913| ReleaseSnapShotForRead(); 

31914| } 

31915| } 

31916| }// if filtered disk 

31917| 

31918| DevObj = DevObj->NextDevice; 

31919| }//while(DevObj) 

31920| 

31921| return Status; 

31922| } 

31923| 

31924| // 

| 

31925| // GetSequenceForNewSnapShot - This function searches 

| the volumes currently 
31926| // pending snapshot creation, finds the maximum 

| sequence number so far, and 
31927| // adds one to get a value guaranteed to be larger 

| than any yet existing on 
31928| // those volumes. This fixes the following problems: 
31929| // 

31930| // 1 . Multi-volume revert at boot not working, 

| because sequence numbers don't match. 
31931| // 

31932| // 2. Multi-volume snapshots getting "de-linked" 

| after volume(s) remount. 
31933| // 

31934| NTSTATUS GetSequenceForNewSnapShot ( ULONG &NewSequence 
I) 

31935| { 

31936| ULONG NumSequencesFound = 0; 

31937| NTSTATUS Status = STATUS_NOT_FOUND; 

31938| 

31939| __try{ 

31 940| NewSequence = 0; 

31941 1 PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
31942| while ( DevObj ) { 
31943| if( 



I PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
31944| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
31945| if ( DevExt->SignalWrite ) { 

31946| if ( DevExt->Cache. Header ) { 

31947| ULONG ThisSequence = 

| DevExt->Cache.Header->HighestSnapNumber; 
31 948| ++NumSequencesFound; 
31949| 

| Debug(DEBUG_DCPSM,("GetSequenceForNewSnapShot: Found 

| sequence %08x in DevExt %08x (found %08x so 

| far)\n",ThisSequence,DevExt,NumSequencesFound)); 
31950| if ( ThisSequence >= 

| NewSequence ) { 
31951 1 NewSequence = 1 + 

| ThisSequence; 
31952| Status = STATUS_SUCCESS; 

31953| } 
31954| } 
31955| } 
31956| } 
31957| 

31958| DevObj = DevObj->NextDevice; 

31959| } 
31960| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
31961 1 Status = GetExceptionCode(); 
31962| Debug(DEBUG_DCPSM, ("!!!! 

| GetSequenceForNewSnapShot: Exception %08x\n", Status)); 
31963| } 
31964| 

31965| Debug(DEBUG_PROCCALL,( M GetSequenceForNewSnapShot 
| returning Status=%08x, 

| NewSequence=%08x\n", Status, NewSequence)); 
31966| ASSERT (NewSequence > 0); 
31967| ASSERT (NumSequencesFound > 0); 
31968| ASSERT (Status == STATUS_SUCCESS); 
31969| return Status; 
31970| } 
31971| 
31972| /* 

31973| This routine will wait for the Quiescent window, and 

| if available will return with the devices being PSMed. 
31974| 7 

31975| /* 

| */ 

31976| NTSTATUS WaitForQuiescentPeriod( pOTJJSER User, 
| tOpenTransactionlnlnternal *Buffer, tkSnapShotMaster 
| **MasterSnapShot, PKEVENT AbortEvent ) 

31977| { 



31978| PKWAIT_BLOCK WaitBlock=NULL; 
31979| PVOID *ObjectTable=NULL; 
31980| ULONG NumDrives=0; 

31981 1 NTSTATUS Status=STATUS_INSUFFICIENT_RESOURCES; 

31982| PFILTERED_EXTENSION DevExt=NULL; 

31983| PDEVICE_OBJECT DevObj=NULL; 

31984| pkSnapShotEntry p=NULL; 

31985| 

31986| Debug(DEBUG_PROCCALL,("Entering 

| WaitForQPeriod\n")); 
31987| CurrentTime.QuadPart=0; 
31988| 

31989| *MasterSnapShot = (tkSnapShotMaster *) 
| MemAllocatePoolWithTag( NonPagedPool, 
| sizeof(tkSnapShotMaster),PSM_MASTER_SNAPSHOT); 

31990| if ( *MasterSnapShot ) { 

31 991 1 RtlZeroMemory( *MasterSnapShot, 
| sizeof (tkSnapShotMaster)); 

31992| 

31993| 

| lnitializeListHead(&(*MasterSnapShot)->SnapShots); 
31 994| (*MasterSnapShot)->ExclusiveProcess = 0; 
31995| (*MasterSnapShot)->DIIPrivatellse = 

| Buffer->DIIPrivateUse; 
31 996| (*MasterSnapShot)->GroupNumber = (ULONG) 

| (Buffer->CallerPrivateUse); 
31 997| (*MasterSnapShot)->NumToKeep = 

| Buffer->NumToKeep; 
31998| (*MasterSnapShot)->Priority = Buffer->Priority; 
31 999| (*MasterSnapShot)->SnapShotFlags= 

| Buffer->SnapShotFlags; 
32000| // UserSnapShotName is set later in 

| SbSetUserName 
32001 1 if ( Buffer->lnternalFlags & 

| PSM_IFLAG_PERSISTENT ) { 
32002| (*MasterSnapShot)->Persistent = TRUE; 

32003| } else { 

32004| (*MasterSnapShot)->Persistent = FALSE; 

32005| } 

32006| 

32007| WaitBlock = (PKWAIT_BLOCK) 

| MemAllocatePoolWithTag( NonPagedPool, 

| MAXIMUM_WAIT_OBJECTS*sizeof(KWAIT_BLOCK),QTAG); 
32008| if ( WaitBlock ) { 
32009| RtlZeroMemory( WaitBlock, 

| MAXIMUM_WAIT_OBJECTS*sizeof(KWAIT_BLOCK)); 
32010| ObjectTable = (PVOID *) 

| MemAllocatePoolWithTag( NonPagedPool, 

| M AXI MU M_WAIT_OB J ECTS*sizeof (PVOID), QTAG) ; 
32011| if ( ObjectTable ) { 



32012| RtlZeroMemory( ObjectTable, 

| M AXI MU M_WAIT_OB J ECTS*sizeof (PVOI D)) ; 
32013| 

32014| // make list of drives to psm 

3201 5| // it fills in ObjectTable for us. 

32016| Status = MakeVolumel_istToPsm( Buffer, 

| ObjectTable, &N urn Drives); 
32017| 

32018| if ( (IStatus) && (NumDrives>0) ) { 

32019| 

| UpdateGlobalStatus(PSM_WAITING_FOR_QUIESCENT_PERIOD); 
32020| Status = 

| OpenCacheFiles(Buffer,ObjectTable,NumDrives,AbortEvent); 
32021 1 if ( NT_SUCCESS(Status) ) { 

32022 1 LA RG E_l NTEGER 

| Timeout,TimeToQuit; 
32023| 
32024| 

| UpdateGlobalStatus(PSM_WAITING_FOR_QUIESCENT_PERIOD); 
32025| 

32026| ObjectTable[Num Drives] = 

| AbortEvent; 
32027| 

32028| Status=STATUS_SUCCESS; 
32029| 

32030| // do a flush before we start 

| looking for our window. 
32031 1 FlushVolumeList(Buffer); 
32032| 

32033| // store for GetProgress 

32034| SecondsToWait = 

| Buffer->QuiescentWait; 
32035| 

32036| Debug(DEBUG_DCPSM,("WaitForQ: 
| Quiescent Wait=%d, 

| ti meout=%d\n" , Buf f er->Qu iescentWait, Buf f er->Qu iescentTi m 
I eout)); 
32037| 

32038| KeQuerySystemTime(&TimeToQuit); 
32039| 

32040 1 // add how many seconds to wait 

| for 

32041 1 TimeToQu it. Quad Part += 

| SECONDS(((signed long)Buffer->QuiescentTimeout)); 

32042| (*MasterSnapShot)->OutOfSeconds 
| = Buff er->Qu iescentWait; 

32043 1 

32044| WaitLoop: 
32045| // do a flush before we start 

| looking for our window. 



32046| FlushVolumeList(Buffer); 
32047| 

32048| // if not waiting for any q 

| time, set status to timeout so it follows 
32049| //the right logic 

32050| // we are not doing a goto 

| because of the try stack frame and i do not know 

32051 1 // if its set up correctly if 

| called into it. 
32052 1 if ( Buffer->QuiescentWait!=0 ) 

|{ 

32053| // get current time 

32054| 

| KeQuerySystemTime(&CurrentTime); 
32055| Timeout.QuadPart = 

| RELATIVE(SECONDS(((signed 

| long)Buffer->QuiescentWait))); 
32056| Status = STATUS_SUCCESS; 

32057| 

32058| // wait while not a 

| timeout, not time to quit yet, and not exit event. 
32059| while ( 

| (Status!=STATUS_TIMEOUT) && 
32060| 

| (CurrentTime.QuadPart<TimeToQuit.QuadPart) && 
32061 | 

| ((ULONG)Status!=NumDrives) ) { 
32062 1 
32063| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (1) before 

| KeWaitForMultipleObjects\n")); 
32064| Status = 

| KeWaitForMultipleObjects( 
32065| 

| AbortEvent ? NumDrives+1 : NumDrives, //IN ULONG Count, 
32066| 

| ObjectTable, //IN PVOID Objectf], 
32067| 

| WaitAny, //IN WAIT_TYPE WaitType, 
32068| 

| Executive, //IN KWAIT_REASON WaitReason, 
32069| 

| (KPROCESSOR_MODE)KernelMode, //IN KPROCESSOR_MODE 
| WaitMode, 
32070| 

| FALSE, //IN BOOLEAN Alertable, 
32071 | 

| &Timeout, //IN PLARGEJNTEGER Timeout OPTIONAL, 
32072 1 

| WaitBlock //IN PKWAIT_BLOCK WaitBlockArray OPTIONAL 



32073| 

I); 

32074| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (1) after 
| KeWaitForMultipleObjects\n M )); 
32075| 

| KeQuerySystemTime(&CurrentTime); 
32076| if ( 

| (Status!=STATUS_TIMEOUT) && 

| ((ULONG)Status!=NumDrives+1) ) { 
32077| NTSTATUS AStatus = 

| CheckForAbortCreatingSnapShots(); 
32078| if ( AStatus!=0 ) { 

32079 1 Status = 

| AStatus; 

32080 1 break; 
32081 1 } 
32082 1 } 
32083| } 
32084| } else { 

32085| Status = STATUS_TIMEOUT; 

32086| } 

32087| 

32088| if ( Status==STATUS_TIMEOUT ) { 

32089| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (1) Got the wait 
| time!\n")); 

32090| // we got the wait time! 

32091 1 // now try to turn on psm 

| before any more ios happen. 
32092 | 

32093| // make sure we flush since 

| writes could still be in memory, 
32094| // but hasnt reached us yet 

| due to NTs lazy writer. 
32095| // no need to do this as 

| the above flush forced the disk to be in sync, 
32096| // and we do not care about 

| writes that havent affect the disk yet. 
32097| // 8-5-99 

32098| // 

| FlushVolumeList(Buffer); 
32099| 

321 00 1 // get the global device to 

| stop read and write requests 
321 01 1 // this is done because a 

| write could have occured by the 
32102| // ti me we got to th is 

| point, and before we can traverse 
321 03 1 // the list of devices to 



I PSM to turn them on. 
321 04| // we do not want 1 volume 

| PSMed at a different time than 
321 05 1 // another, or have a 

| couple extra ios sent to it. 
32106| 

321 07| // get snapshot before 

| global or it causes a deadlock 
32108| 

| //Debug(DEBUG_DC PSM, ("Wait ForQ: Before 

| GetSnapShotForWrite\n",Status)); 
321 09| GetSnapShotForWriteQ; 
32110| 

| //Debug(DEBUG_DCPSM,("WaitForQ: Before 

| GetGlobalDeviceForWrite\n M ,Status)); 
321 1 1 1 GetGlobalDeviceForWrite (); 

32112| 

| //Debug(DEBUG_DCPSM,("WaitForQ: After 
| GetGlobalDeviceForWrite\n",Status)); 
32113| 

32114| __try{ 
321 15| //a zero means just 

| check 

321 1 6| Timeout.QuadPart = 0; 

32117| 

32118| if( 

| Buffer->QuiescentWait!=0 ) { 
32119| // Okay check to 

| see if any writes occured AFTER we got the window 
32120| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (2) before 

| KeWaitForMultipleObjects\n")); 
32121| Status = 

| KeWaitForMultipleObjects( 
32122| 

| NumDrives, //IN ULONG Count, 
32123| 

| ObjectTable, //IN PVOID Object[], 
32124| 

| WaitAny, //IN WAIT_TYPE WaitType, 
32125| 

| Executive, //IN KWAITREASON WaitReason, 
32126| 

| (KPROCESSOR_MODE)KernelMode, //IN KPROCESSOR_MODE 
| WaitMode, 
32127| 

| FALSE, //IN BOOLEAN Alertable, 
32128| 

| &Timeout, //IN PLARGEJNTEGER Timeout OPTIONAL, 
32129| 



I WaitBlock //IN PKWAIT_BLOCK WaitBlockArray OPTIONAL 
32130| 

I); 

32131| 

| //Debug(DEBUG_DCPSM,( M WaitForQ: (2) after 

| KeWaitForMultipleObjects\n")); 
32132| } 
32133| 

32134| if( 

| Status==STATUS_TIMEOUT ) { 
32135| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (2) Got the wait 
| time!\n")); 

32136| PDEVICE_OBJECT 

| CacheFileVolume; 
32137| LARGEJNTEGER 

| PSMTime; 
32138| 

32139| //YES! we got the 

| window! we still have io locked out! 
321 40 1 // go ahead and psm 

| the devices. 
32141| 

32142| // store the time 

| so we can mark the volumes with the same time 
32143| 

| KeQuerySystemTime(&PSMTime); 
32144| 

32145| #if 0 // This code is a relic from single snapshot 

| days, (eg.1 .02?). It's purpose then was to test 

| cachefile growability. 
32146| // It's maybe had a 

| bug since pre-persistence multi-snapshot days (eg 

| 1.10?). Since input param was just ignored after 

| first snapshot had assigned cachefile. 
32147| // Now failing 

| continually (2.00). Because the parameter space is 

| used for something else (Group name) !!! 
32148| 

32149| // BUT.... before 

| removing it, consider if it needs fixing to make 
| temporary multi-snapshot work!!!!!!!! 

32150| 

32151| //get device 

| object cache file resides on 
32152| CacheFileVolume = 

| GetObjectFromWin32Name(Buffer->CacheFileName); 
32153| 

| ASSERT(CacheFileVolume); 
32154| #endif 



32155| 

32156| ULONG 

| NextSnapShotSequence = 0; 
32157| 

| GetSequenceForNewSnapShot (NextSnapShotSequence); 
| //FIXFIXFIX: check for returned error 
32158| 

32159| DevObj = 

| PSManDriverObject->DeviceObject; 
32160| while ( DevObj ) { 

32161| 

| //Debug(DEBUG_DCPSM,("WaitForQ: 

| DevObj=%08x\n", DevObj)); 
32162| //if a 

| filtered disk 
32163| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
32164| DevExt = 

| GetFilteredExtension(DevObj); 
32165| 

32166| if( 

| DevExt->SignalWrite ) { 
32167| // 

| these should be open if we are creating a snapshot 
32168| 

| ASSERT(lsValidHandle(DevExt->Cache.HeaderFile.FileHandle 

I)); 

32169| 

| ASSERT(lsValidHandle(DevExt->Cache.lndexFile.FileHandle) 

I); 

32170| 

| ASSERT(lsValidHandle(DevExt->Cache.CacheFile.FileHandle) 

I); 

32171| 

32172| p = 

| (tkSnapShotEntry *) MemAllocatePoolWithTag( 
| NonPagedPool, 

| sizeof(tkSnapShotEntry),PSM_SNAPSHOT_ENTRY); 
32173| 

| //FIXFIXFIX check and back out if p==null 
32174| 

| ASSERT(p); 
32175| 
32176| 

| RtlZeroMemory (p, sizeof(tkSnapShotEntry)); 
32177| 

| p->DeviceObject = DevObj; 
32178| 

| p->MasterSnapShot = (*MasterSnapShot); 
32179| 



I p->Deleted = FALSE; 
32180| 

| p->Count=0; 
32181| 

| p->PSMSectors = NULL; 
32182| 

| (*MasterSnapShot)->SnapShotTime=PSMTime; 
32183| 

32184| if( 

| Buffer->lnternalFlags & PSM_IFLAG_PERSISTENT ) { 
32185| 

| Debug(DEBUG_DCPSM,("WaitForQ: Before Dictionary: :Open 

| (persistent)\n")); 
32186| 
32187| 

| Status = Dictionary::Open( 
32188| 

| DICT_FLAG_PERSISTENT, 
32189| 

| p->Dictionary ); 
32190| 

32191| if 

| ( Status == STATUS_SUCCESS ) { 
32192| 

| ASSERT(p->Dictionary); 
32193| 

| //Debug(DEBUG_DCPSM,("WaitForQ: Before pd::SetVolume 
| (persistent)\n")); 
32194| 

| ((pPersistentDictionary)p->Dictionary)->SetVolume( 
32195| 

| DevObj, 
32196| 

| *MasterSnapShot, 
32197| 

| NextSnapShotSequence ); 
32198| } 
32199| }else 

|{ 
32200| 

| Debug(DEBUG_DCPSM,("WaitForQ: Before Dictionary: :Open 
| (temporary)\n")); 
32201 1 

| Status = Dictionary::Open( 
32202 1 

| DICT_FLAG_NONPERSISTENT, 
32203 1 

| p->Dictionary ); 
32204| 

32205| if 



I ( Status == STATUS_SUCCESS ) { 
32206| 

| ASSERT(p->Dictionary); 
32207| 

| //Debug(DEBUG_DCPSM,( M WaitForQ: Before pd::SetVolume 
| (temporary)\n")); 
32208| 

| ((pTemporaryDictionary)p->Dictionary)->SetVolume ( 
32209| 

| DevObj, 
32210| 

| *MasterSnapShot, 
32211| 

| NextSnapShotSequence ); 



32212| } 
32213| } 
32214| 

32215| if( 



| Status == STATUS_SUCCESS ) { 
32216| 

| lnterlockedlncrement((PLONG)&(*MasterSnapShot)->Count); 
32217| 
32218| 

| lnterlockedDecrement((PLONG) &DevExt->Signal Write); 
32219| 

| lnterlockedlncrement((PLONG) &DevExt->PSMed); 
32220| 

| lnterlockedlncrement((PLONG) &DevExt->OpenCount); 
32221 | 
32222 | 

| lnsertHeadList(&DevExt->SnapShots,&p->DevExt); 
32223 | 

| lnsertHeadList(&(*MasterSnapShot)->SnapShots,&p->Master) 

I ; 

32224| 

| lnsertHeadList(&User->SnapShots,&p->User); 
32225| 

| //AddDeviceToList(User->SnapShots,p); 
32226| 

| lnterlockedlncrement((PLONG) &User->NumOpenSnapShots); 
32227| 

| Debug(DEBUG_DICT,("Created dictionary %08x for object 
| %08x\n M ,p->Dictionary,DevExt->DeviceObject)); 
32228| } else 

|{ 

32229 | 

| Debug(DEBUG_DCPSM,("WaitForQ: !!! Dictionary creation 

| error; Status=%08x\n", Status)); 
32230 1 } 
32231| } 



32232| } // if 

| filtered disk 
32233| 

32234| DevObj = 

| DevObj->NextDevice; 
32235| }//while(DevObj) 
32236| 

32237| Status = 

| STATUS_SUCCESS; 
32238| } else { 

32239| 

| Debug(DEBUG_DCPSM,("WaitForQ: Write occurred before we 

| could lock out l/0\n M )); 
32240| //damn, a write 

| occured before we could lock out io. 
32241 1 // try again. 

32242| // STATUS_WAIT_0 == 

| STATUS_SUCCESS, so change to something else 
32243 1 Status = 

| STATUS_TIMEOUT; 
32244| } 

32245| } ^finally { 

32246| // make sure this 

| always get released as all IO is hung up at this point 
32247| 

| ReleaseGlobalDeviceForWrite(); 
32248| 

| ReleaseSnapShotForWrite(); 
32249| 

| //Debug(DEBUG_DCPSM,("WaitForQ: After 

| ReleaseGlobalDeviceForWrite and 

| ReleaseSnapShotForWrite\n")); 
32250 1 } 
32251 | 

32252 1 // can not do goto in a 

| try.. finally block. 
32253| if ( Status!=STATUS_SUCCESS 

l){ 
32254| 

| //Debug(DEBUG_DCPSM,("WaitForQ: (1) goto 

| Waitl_oop\n M )); 
32255| goto WaitLoop; 

32256| } 
32257| 

32258| } else { 

32259 1 if ( 

| (int)Status==(int)(STATUS_WAIT_0+NumDrives) ) { 
32260| // our exit event was 

| signaled! this gets convert to ERROR_ACCESS_DENIED 
32261| //who did this 



I conversion chart anyways , sheesh. 
32262| Status = 

| PSM_CANCELED_BY_USER; 
32263| } else { 

32264| // hmm we have been 

| waited the timeout period, return failure 
32265| // STATUS_TIMEOUT is 

| not an error condition. 
32266| 

| Debug(DEBUG_DCPSM, ("Error %08x on wait!!!\n",Status)); 
32267| 

32268| if ( Status != 

| PSM_INSUFFICIENT_CACHE ) { 
32269| if ( Buffer->Flags 

| & PSM_FLAG_FORCE_SNAPSHOT ) { 
32270| Status = 0; 

32271 1 

| (*MasterSnapShot)->Status = PSM_SNAPSHOT_FORCED; 
32272 1 

| Buffer->QuiescentWait = 0; 
32273 1 

| //Debug(DEBUG_DCPSM,("WaitForQ: (2) goto 

| Waitl_oop\n M )); 
32274| goto WaitLoop; 

32275| } 
32276| 

32277| Status = 

| PSM_ERROR_TIMEOUT; 
32278| } 
32279 1 } 
32280 1 } 
32281 1 

32282| if ( !NT_SUCCESS(Status) ) { 

32283| // free signals so we dont 

| accidently use them when called again 
32284| 

32285| // FIXFIXFIX free 

| snapshots! 

32286| // FIXFIXFIX This lassumes! 

| that NO devices 
32287| // were successful, (ie 

| timeout only, not out of memory) 
32288| 

| CleanupSignals(NumDrives,ObjectTable,TRUE); 
32289 1 } 
32290 1 } else { 

32291 1 Debug(DEBUG_DCPSM, ("Error %08x 

| opening files for volumes!! !\n", Status)); 
32292| //ASSERT(FALSE); 
32293 | 



I CleanupSignals(NumDrives,ObjectTable,FALSE); 



32294| } 

32295| } else { 

32296| if ( NumDrives==0 ) { 

32297| Status = STATUS_NO_SUCH_DEVICE; 

32298| } 

32299| } 

32300| FREE_POINTER(ObjectTable); 

32301 1 } 
32302 1 

32303| FREE_POINTER(WaitBlock); 

32304| } 

32305| 

32306| if ( !NT_SUCCESS(Status) ) { 

32307| FREE_POINTER(*MasterSnapShot); 

32308| } 



32309 1 } 

3231 0| CurrentTime.QuadPart = 0; 

3231 1 1 //Debug(DEBUG_DCPSM,("WaitForQ: Before 

| CloseCacheFilesThatAreNotBeingUsedVn")); 
3231 2| CloseCacheFilesThatAreNotBeingUsed(); 
32313| UpdateGlobalStatus(PSMJDLE); 
32314| Debug(DEBUG_DCPSM,("WaitForQ: returning 

| %08x\n",Status)); 
32315| return Status; 
32316| } 
32317| 

32318| r 



32319| NTSTATUS DelDeviceFroml_ist( PLIST_ENTRY List, 

| pkSnapShotEntry Snapshot) 
32320| { 

32321 1 pkSnapShotEntry p; 
32322| PLIST_ENTRY ListEntry; 
32323 1 

32324| #ifdef DEBUG 

32325| if ( !lsSnapShotAcquiredForWrite() ) { 

32326| Debug(DEBUG_DCPSM,("DelDeviceToList: Snapshot 

| resource not acquired!\n")); 
32327| DbgBreakPoint(); 
32328| } 
32329| #endif 
32330 1 

32331 1 if ( IsListEmpty(List) ) 

32332| return STATUS_UNSUCCESSFUL; 

32333 1 

32334| ListEntry = List->Flink; 
32335| 

32336| while ( ListEntry!=List ) { 
32337| Hint -save -e41 3 7 



32338| p = CONTAINING_RECORD( ListEntry, 

| tkSnapShotEntry, User); 

32339| Hint -restore 7 
32340| 

32341 1 if ( p==SnapShot ) { 

32342| RemoveEntryl_ist(&SnapShot->User) 

32343| return STATUS_SUCCESS; 

32344| } 

32345| ListEntry = ListEntry->Flink; 

32346| } 

32347| return STATUSJJNSUCCESSFUL; 
32348| } 
32349| 
32350 1 

32351 1 r 



32352| NTSTATUS FreePSMVolume( pOT_USER User, PDEVICE_OBJECT 

| DeviceObject, tkSnapShotEntry *SnapShot ) 
32353 1 { 

32354| PFILTERED_EXTENSION DevExt=NULL; 
32355| NTSTATUS Status=STATUS_SUCCESS; 
32356| 

32357| Debug(DEBUG_PROCCALL,("FreePSMVolume called 
| user=%08x do=%08x 

| ss=%08x\n",User,DeviceObject,SnapShot)); 
32358| #ifdef DEBUG 

32359| if ( !lsSnapShotAcquiredForWrite() ) { 

32360| Debug(DEBUG_DCPSM,("FreePSMVolume: Snapshot 

| resource not acquired!\n")); 
32361 1 DbgBreakPoint(); 
32362 1 } 

32363 1 if ( ! DeviceObject ) { 

32364| Debug(DEBUG_DCPSM,("FreePSMVolume: 

| DeviceObject==NULL!\n")); 
32365| DbgBreakPoint(); 
32366| } 
32367| #endif 
32368| 
32369 1 

32370 1 _try { 
32371 1 #if 1 

32372| // TESTTEST 
32373 1 if ( DeviceObject ) { 
32374| DevExt = 

| GetFilteredExtension(DeviceObject); 
32375| Debug(DEBUG_DCPSM,("FreePSMVolume: Freeing 

| %S!\n",DevExt->Name)); 
32376| if ( Snapshot ) { 

32377| if ( User ) { 

32378| 



I ASSERT(&SnapShot->User!=&User->SnapShots); 
32379| if ( 

| DelDeviceFromList(&User->SnapShots,SnapShot)==STATUS_SUC 
| CESS ) { 

32380| if ( User->NumOpenSnapShots ) { 

32381 | 

| lnterlockedDecrement((PLONG) &User->NumOpenSnapShots); 
32382 1 } else { 

32383| // FIXFIXFIX can this 

| happen? 
32384| 

| Debug(DEBUG_DCPSM,("FreePSMVolume: Doesnt have psm 
| active for that volume!\n")); 
32385| #ifdef DEBUG 



32386| DbgBreakPoint(); 

32387| #endif 

32388| } 

32389 1 } else { 

32390| // This happens when virtual 



| volumes havent been mapped in yet 
32391| 

| Debug(DEBUG_DCPSM,("FreePSMVolume: Unable to delete 

| from list!\n M )); 
32392| } 
32393| } 
32394| tkSnapShotMaster 

| *Master=SnapShot->MasterSnapShot; 
32395| 
32396| 

| Free Resou rces ForVo lu me( DeviceObject, SnapS hot) ; 
32397| 

32398| // Snapshot "could" be free by the time 

| FreeResourcesForVolume returns. 
32399| Debug(DEBUG_DCPSM,("FreePSMVolume: 

| Freeing resources for volume\n")); 
32400| // volume not in use., free 

32401 1 TdDelDrive(DeviceObject,Master); 
32402 1 } 
32403 1 } 
32404 1 } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
32405| Status = GetExceptionCode(); 

32406| Debug(DEBUG_DCPSM,("FreePsmVolume: Exception 

| %08x\n",Status)); 
32407| } 
32408| 

32409| #endif 

32410| return Status; 

3241 1 1 } 

32412| 



32413|/* 



32414| NTSTATUS lslnUserList( pOTJJSER User, pkSnapShotEntry 

| Snapshot) 
32415| { 

3241 6| pkSnapShotEntry p; 
3241 7| PLIST_ENTRY ListEntry; 
32418| #ifdef DEBUG 

32419| if ( (!lsSnapShotAcquiredForRead()) && 

| (UsSnapShotAcquiredForWriteO) ) { 
32420| Debug(DEBUG_DCPSM,("lslnUserl_ist: Snapshot 

| resource not acquired!\n")); 
32421| DbgBreakPoint(); 
32422| } 
32423| #endif 
32424| 

32425| if ( lsListEmpty(&User->SnapShots) ) 
32426| return STATUSJJNSUCCESSFUL; 
32427| 

32428| ListEntry = User->SnapShots.Flink; 
32429| 

32430| while ( ListEntry!=&User->SnapShots ) { 

32431| Hint -save -e41 3 7 

32432| p = CONTAINING_RECORD( ListEntry, 

| tkSnapShotEntry, User); 
32433| Hint -restore 7 
32434| 

32435| if ( p==SnapShot ) { 

32436| return STATUS_SUCCESS; 

32437| } 

32438| ListEntry = ListEntry->Flink; 
32439 1 } 

32440| return STATUS_UNSUCCESSFUL; 
32441 1 } 

32442 1 /* 



32443| /* 

32444| Frees all volumes for a specific snapshot 
32445| 7 

32446| STATIC NTSTATUS 

| GetRidOfSpecificSnapShotForUser(pOT_USER User, 

| pkSnapShotMaster MasterSnapShot) 
32447| { 

32448| NTSTATUS Status=STATUS_SUCCESS; 
32449 1 pkSnapShotEntry p; 
32450 1 

32451 1 #ifdef DEBUG 

32452| if ( UsSnapShotAcquiredForWriteO ) { 
32453 1 

| Debug(DEBUG_DCPSM,("GetRidOfSpecificSnapShotForUser: 



I Snapshot resource not acquired !\n")); 
32454| DbgBreakPoint(); 
32455| } 
32456| #endif 
32457| 
32458| 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
32459| while ( p ) { 

32460| if ( lslnUserList(User,p)==STATUS_SUCCESS ) { 
32461 1 Status = 

| FreePSMVolume(User,p->DeviceObject,p); 
32462| // Start bak at top since a snapshot has 

| been deleted from this master 
32463| DoneWithSnapShot(p); 
32464| 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
32465| } else { 
32466| 

| Debug(DEBUG_DCPSM,("GetRifOfSpecificSnapShotForUser: 

| Snapshot %08x not in user list for master 

| %08x\n",p,MasterSnapShot)); 
32467| #ifdef DEBUG 
32468| DbgBreakPoint(); 
32469| #endif 
32470 1 

| p=GetNextSnapShotForMaster(&MasterSnapShot->SnapShots,p) 

I ; 

32471 1 } 
32472 1 } 
32473 1 

32474 1 return Status; 

32475| } 

32476| 

32477| /* 



32478| /* 

32479| Frees ALL snapshots the user has open 
32480 1 7 

32481 1 STATIC NTSTATUS FreeVolumesForUser( pOTJJSER User, 

| pkSnapShotMaster MasterSnapShot ) 
32482 1 { 

32483| NTSTATUS Status=STATUS_SUCCESS; 
32484| pkSnapShotEntry p; 
32485| PLIST ENTRY ListEntry; 
32486| 

32487| __try { 

32488| Debug(DEBUG_PROCCALL,("FreeVolumesForUser 

| called\n M )); 
32489| GetSnapShotForWrite(); 
32490| __try { 



32491 1 ListEntry = User->SnapShots.Flink; 

32492| while ( ListEntry!=&User->SnapShots ) { 

32493| Hint -save -e41 3 7 

32494| p = CONTAINING_RECORD( ListEntry, 

| tkSnapShotEntry, User); 
32495| Hint -restore 7 

32496| 

32497| if ( p ) { 

32498| // if a filtered disk 

32499 1 if ( 

| PsmGetObjectType(p->DeviceObject)==OBJECT_FILTEREDDISK 

l){ 

32500| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 
32501| if( 

| lnList(&DevExt->SnapShots,p) ) { 
32502| 

| Debug(DEBUG_DCPSM,("FreeVolumesForUser: Freeing device 

| %08x!\n",p->DeviceObject)); 
32503| Status = 

| FreePSMVolume(User,p->DeviceObject,p); 
32504| // start back at top 

32505| ListEntry = 

| User->SnapShots.Flink; 
32506| } else { 

32507| 

| Debug(DEBUG_DCPSM,("FreeVolumesForUser: device %08x 

| belongs to snapshot %08x but it doesnt think 

| so!\n",p->DeviceObject,p)); 
32508| #ifdef DEBUG 
32509 1 Dbg BreakPoi nt() ; 

32510| #endif 

3251 1 1 ListEntry = 

| ListEntry->Flink; 
32512| } 
32513| }// if filtered disk 

32514| }else{ 
32515| //this shouldnt happen! 

3251 6| Debug(DEBUG_DCPSM,("User has null 

| snapshot!!!!!\n M )); 
32517| #ifdef DEBUG 
3251 8| DbgBreakPoint(); 
32519| #endif 
32520| } 
32521| } 

32522| } ^finally { 

32523| ReleaseSnapShotForWriteO; 
32524| } 
32525| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 



32526| Status = GetExceptionCode(); 

32527| Debug(DEBUG_DCPSM,( M FreeVolumesForUser: 

| Exception %08x, User %08x, 

| Master=%08x\n",Status,User,MasterSnapShot)); 
32528| } 

32529| return Status; 

32530| } 

32531| 

32532| LISTENTRY 

| CreationListHead={&CreationListHead,&CreationListHead}; 
32533| 

32534| NTSTATUS CancelCreationOfSnapShots( ) 
32535| { 

32536| PLIST ENTRY ListEntry; 
32537| ULONG Found=0; 
32538| 

32539| pmAcquireMutex ( &PSMUserMutex, NULL ); 
32540| __try { 

32541 1 ListEntry = CreationListHead. Flink; 
32542| while ( ListEntry!=&CreationListHead ) { 
32543| pAbortEventList 

| Abort=CONTAINING_RECORD(ListEntry,tAbortEventList,ListEn 

I try); 

32544| if ( Abort->AbortEvent ) { 

32545| pmSetEvent(Abort->AbortEvent); 
32546| Found++; 
32547| } 

32548| ListEntry = ListEntry->Flink; 

32549 1 } 
32550| } ^finally { 

32551 1 pmReleaseMutex ( &PSMUserMutex); 
32552 1 } 

32553| return Found ? STATUS_SUCCESS : STATUS_NOT_FOUND; 
32554| } 
32555| 
32556| I* 



32557| void SbOpenPsmThread( pOpenPsmThread Thread ) 
32558| { 

32559| NTSTATUS Status = STATUS_UNSUCCESSFUL; 
32560| PKEVENT Abo rt Eve nt= NULL; 
32561 1 tAbortEventList Abort; 
32562 1 

32563| Debug(DEBUG_PROCCALL,("PSM Open Thread called %08x 
| %08x 

| %08x\n",Thread->User->ProcesslD,Thread->User->ThreadlD,T 
| hread->User->FileObject)); 
32564| 

32565| __try { 

32566| ULONG InternalFlags = 



I ((tOpenTransactionlnlnternal 

| *)Thread->OTI)->lnternalFlags; 
32567| ULONG Persistent Flag = InternalFlags & 

| PSM_IFLAG_PERSISTENT; 
32568| ULONG SaveTempFlag = InternalFlags & 

| PSM_IFLAG_SAVE_TEMP_ON_EXIT; 
32569| 

32570| if ( Persistent Flag || SaveTempFlag ) { 
32571 1 // Getting here means that we want to keep 

| the snapshot after the invoking thread exits. 
32572| pOTJJSER U = 

| FindPSMUser(PsGetCurrentProcess(),(_ETHREAD*)-2); 
32573| if ( !U ) { 

32574| // internal system user hasnt been 

| created, lets create it 
32575| U = 

| lnternalCreateUser(PsGetCurrentProcess(),(_ETHREAD*)-2,N 

I ULL); 
32576| } 
32577| 

32578| AbortEvent = Thread->User->AbortEvent; 

32579| Thread->User->AbortEvent = NULL; 

32580 1 

32581 1 if ( Thread->User->ErrorEvent ) { 

32582| // we dont use this, so get rid of 

| reference 
32583 1 

| ObDereferenceObject(Thread->User->ErrorEvent); 
32584| Thread->User->ErrorEvent = NULL; 

32585| } 

32586| Thread->User = U; 

32587| Thread->User->Persistent = PersistentFlag ? 

| TRUE : FALSE; 
32588| Thread->User->SaveTempOnExit = SaveTempFlag 

| ? TRUE : FALSE; 
32589 1 

32590| if ( AbortEvent ) { 

32591 1 Abort.AbortEvent = AbortEvent; 

32592| pmAcquireMutex ( &PSMUserMutex, NULL 

I); 

32593 1 

| lnsertHeadList(&CreationListHead,&Abort.ListEntry); 
32594| pmReleaseMutex ( &PSMUserMutex); 

32595| } 
32596| } 
32597| 

32598| // copy In structure as it is the same as the 
| out 

32599 1 pOpenTransactionOutlnternal Out = 
| (pOpenTransactionOutlnternal) 



I MemAllocatePoolWithTag(PagedPool,Thread->OTOSize,TEMPTAG 



I); 

32600| if ( !Out ) { 

32601 1 Status = STATUSJNSUFFICIENT_RESOURCES; 

32602| goto Cleanup; 

32603| } 
32604| 

32605| memset(Out,0,Thread->OTOSize); 
32606| 

32607| __try { 
32608| Status = 



| SbOpenPSM(Thread->User,(tOpenTransactionlnlnternal 
| *)Thread->OTI,Thread->OTOSize,Out,AbortEvent); 
32609| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

3261 0| Status = GetExceptionCode(); 

3261 1 1 Debug(DEBUG_DCPSM,("SbOpenPsm generated 

| exception %08x\n",Status)); 
32612| } 

32613| memmove(Thread->OTI,Out,Thread->OTOSize); 

32614| FREE_POINTER(Out); 

32615| Cleanup: 

32616| __try{ 

32617| if ( AbortEvent ) { 

32618| pmAcquireMutex ( &PSMUserMutex, NULL 

I); 

32619| // dont need this any more as its only 

| valid during open 
32620| RemoveEntryList(&Abort.ListEntry); 
32621 1 ObDereferenceObject(AbortEvent); 
32622| AbortEvent = NULL; 

32623| pmReleaseMutex ( &PSMUserMutex); 

32624| } 

32625| } ^finally { 

32626| // make sure Irp is completed 

32627| Thread->lrp->loStatus. Status = Status; 

32628| 

32629| if ( NT_SUCCESS(Status) ) { 

32630| Thread->lrp->loStatus. Information = 

| Thread->OTOSize; 
32631 1 loCompleteRequest (Thread->lrp, 

| IO_DISK_INCREMENT) ; 
32632| } else { 

32633| Thread->lrp->loStatus. Information = 0; 

32634| loCompleteRequest (Thread->lrp, 

| IO_NO_INCREMENT) ; 
32635| } 
32636| 

32637| FREE_POINTER(Thread); 
32638| } 



32639| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

32640| Status = GetExceptionCode(); 

32641 1 Debug(DEBUG_DCPSM,("SbOpenPsmThread Exception 

| %08x\n",Status)); 
32642 1 } 
32643 1 

32644| Debug(DEBUG_DCPSM,("SbOpenPsmThread done 

| %08x\n",Status)); 
32645| PsTerminateSystemThread( 0 ); 
32646| } 
32647| 

32648| r 



32649| NTSTATUS DelnitForExclusive ( pOT_USER User, 

| pkSnapShotMaster Master ) 
32650 1 { 

32651 1 pkSnapShotEntry p; 
32652 1 

32653| NOT_REFERENCED(User); 

32654| #if 1 

32655| // TESTTEST 

32656| NTSTATUS MasterValid = 

| ValidateKernelSnapShotPointer(Master); 
32657| 

32658| if ( MasterValid == STATUS_SUCCESS ) { 
32659 1 GetSnapShotForWrite(); 
32660 1 _try { 
32661 1 

| p=GetTopSnapShotForMaster(&Master->SnapShots); 
32662| while ( p ) { 

32663| if ( p->PSMSectors ) { 

32664| FREE_POINTER(p->PSMSectors); 
32665| } 
32666| 

| p=GetNextSnapShotForMaster(&Master->SnapShots,p); 
32667| }//while(p) 

32668| } ^finally { 

32669| ReleaseSnapShotForWrite(); 
32670 1 } 
32671 | } 
32672| #endif 

32673| return STATUS_SUCCESS; 

32674| } 

32675| 

32676| r 



32677| NTSTATUS lnitForExclusive( pOT_USER User, 

| pkSnapShotMaster Master ) 
32678| { 



32679| ULARGEJNTEGER PL; 
32680| ULONG Remainder; 
32681| ULONG Count; 

32682| PFILTERED EXTENSION DevExt=NULL; 

32683| NTSTATUS Status=STATUS_SUCCESS; 

32684| pkSnapShotEntry p; 

32685| ULONG NumSectors; 

32686| 

32687| #if 1 

32688| // TESTTEST 

32689 1 GetSnapShotForWrite(); 

32690 1 __try { 

32691| p=GetTopSnapShotForMaster(&Master->SnapShots); 
32692| while ( p ) { 

32693| if ( lslnUserList(User,p)==STATUS_SUCCESS ) 

|{ 

32694| DevExt = 

| GetFilteredExtension(p->DeviceObject); 
32695| 

32696| // if psmed, alloc memory for each 

| sector on the disk. 
32697| if ( DevExt->PSMed ) { 

32698| PL.QuadPart = 

| DevExt->Pi.PartitionLength.QuadPart; 
32699| Debug(DEBUG_DCPSM,("Dcpsm: 

| InitForExclusive: Size of disk in bytes is 

| %l64d\n",PL.QuadPart)); 
32700| NumSectors = 

| RtlEnlargedUnsignedDivide ( PL, DevExt->BytesPerSector, 

| &Remainder); 
32701| 

32702| // dword align buffer or 

| RtlSetAIIBits will corrupt past the end of the buffer 
32703| 

32704| Count = ((NumSectors+31) / 32) * 4; 

32705| 

32706| // allocate space for sector list 

| now that we know we have a device to psm. 
32707| p->PSMSectors = (RTL_BITMAP 

| *)MemAllocatePoolWithTag(PagedPool,Count+sizeof(RTL_BITM 

| AP),PSMSECTORBITTAG); 
32708| 

32709| if ( !p->PSMSectors ) { 

3271 0| // out of memory, dang, abort.. 

3271 1 1 Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
32712| DoneWithSnapShot(p); //don't 

| leave reference count too high 
32713| break; 
32714| } 



32715| 

32716| Debug(DEBUG_DCPSM,("Dcpsm: 

| Exclusive: Allocated %d bytes for volume 

| VoSYi",Count,DevExt->Name)); 
32717| 
32718| 

| RtllnitializeBitMap(p->PSMSectors,(PULONG)((char*)(p->PS 

| MSectors)+sizeof(RTL_BITMAP)),Count*NUMBER_OF_BITS_IN_A 

I BYTE); 



32719| // set to PSM everything 

32720| RtlSetAIIBits(p->PSMSectors); 
32721 1 MemCheckPool(p->PSMSectors); 
32722 1 } 

32723 1 } 
32724| 



| p=GetNextSnapShotForMaster(&Master->SnapShots,p); 
32725| } 

32726| } ^finally { 

32727| ReleaseSnapShotForWrite(); 
32728| } 
32729 1 

32730| // free memory since we aborted with error. 

32731 1 if ( !NT_SUCCESS(Status) ) { 

32732| DelnitForExclusive(User,Master); 

32733 1 } 

32734| #endif 

32735| return Status; 

32736| } 

32737| 

32738| /* 



32739| NTSTATUS SbOpenExclusive( pkSnapShotMaster Snapshot ) 
32740 1 { 

32741 1 pOTJJSER User=NULL; 

32742| NTSTATUS Status=STATUS_SUCCESS; 

32743 1 

32744| PAG E DCO D E () ; 
32745| 

32746| if ( SnapShot==NULL ) { 
32747| // we do not allow exclusive to be called with 
| a null pointer. 

32748| Debug(DEBUG_INFO,("PSM Open Exclusive Called 

| with NULL\n M ,PsGetCurrentProcess() , 

| PsGetCurrentThread())); 
32749| return STATUS_I N VALI D PARAM ETER; 
32750 1 } 
32751 1 
32752 1 #if 1 
32753| //TESTTEST 

32754| Debug(DEBUG_INFO,("PSM Open Exclusive Called %08x 



I %08x\n",PsGetCurrentProcess() , PsGetCurrentThread())); 
32755| 

32756| Hint -save -e740 7 

32757| User = FindPSMUser( PsGetCurrentProcess(), 

| PsGetCurrentThread() ); 
32758| Hint -restore 7 
32759| if(!User){ 

32760| Debug(DEBUG_DCPSM,("SbOpenExclusive: PSM can 
| not find user!!!! failing open %08x, 

| %08x\n M ,PsGetCurrentProcess(), PsGetCurrentThread())); 
32761 1 return STATUS_I N VALI D_H AN DLE; 
32762 1 } 
32763 1 

32764| if ( !User->Open ) { 

32765| Debug(DEBUG_DCPSM,("SbOpenExclusive: User does 

| not have psm open!")); 
32766| return STATUS_I N VALI D_H AN DLE ; 
32767| } 
32768| 

32769| if ( SnapShot->ExclusiveProcess!=0 ) { 

32770| Debug(DEBUG_DCPSM,("SbOpenExclusive: Someone 

| else (%08x) already has exclusive 

| access!", SnapShot->ExclusiveProcess)); 
32771 1 return PSM_ERROR_LOCKED_EXCLUSIVE; 
32772 1 } 
32773 1 
32774| #if 0 

32775| // doent make sense any more for multiple snapshots 

| as long as the above test passed 
32776| 

32777| // see if any other processes have psm open as we 

| cant get exclusive if someone else has us open 
32778| // note: another thread in the same process can 

| have opened psm, which is why we do not check the 
32779| // the global psm open flag. We allow this as we 

| assume the "process" knows what it is doing. 
32780 1 

32781 1 pmAcquireMutex ( &PSMUserMutex, NULL ); 
32782| Next=GlobalData->PSMUsers; 
32783| while ( Next ) { 

32784| if ( (Next->ProcesslD != PsGetCurrentProcessQ) 

| && (Next->Open) ) { 
32785| pmReleaseMutex ( &PSMUserMutex ); 

32786| return PSM_ERROR_LOCKED_EXCLUSIVE; 

32787| } 

32788| Next = Next->Next; 
32789 1 } 

32790| pmReleaseMutex ( &PSMUserMutex ); 

32791| #endif 

32792| 



32793| if ( AcquireOpenCloseResource()==STATUS_WAIT_0 ) { 
32794| 

32795| __try { 

32796| // make sure someone else didnt get it 

| first.. 

32797| if ( SnapShot->ExclusiveProcess!=0 ) { 

32798| Debug(DEBUG_DCPSM,("SbOpenExclusive: 

| Someone else (%08x) already has exclusive 

| access!", SnapShot->ExclusiveProcess)); 
32799| try_return (Status = 

| PSM_ERROR_LOCKED_EXCLUSIVE); 
32800| } 
32801| 

32802| Status = lnitForExclusive(User,SnapShot); 

32803| if ( NT_SUCCESS(Status) ) { 

32804| // we can grant exclusive access! 

32805| SnapShot->ExclusiveProcess = 

| PsGetCurrentProcess(); 
32806| } else { 

32807| Debug(DEBUG_DCPSM,("Dcpsm: 

| OpenExclusive: error %08x initing 

| exclusive\n", Status)); 
32808| } 

32809| try_exit: NOTHING; 

32810| } ^finally { 

3281 1 1 ReleaseOpenCloseResource(); 
32812| } 
32813| }else{ 

32814| Status = PSM_CANCELED_BY_USER; 

32815| } 

32816| #endif 

32817| return Status; 

32818| } 

32819| 

32820| /* 



32821 1 NTSTATUS SbCloseExclusive( pkSnapShotMaster Snapshot ) 
32822 1 { 

32823| pOTJJSER User=NULL; 
32824 1 

32825 1 PAG E D_CO D E () ; 
32826| 

32827| if ( SnapShot==NULL ) { 
32828| // we do not allow exclusive to be called with 
| a null pointer. 

32829| Debug(DEBUG_INFO,("PSM Close Exclusive Called 

| with NULL\n",PsGetCurrentProcess() , 

| PsGetCurrentThread())); 
32830| return STATUS_I N VALI D_PARAM ETER; 
32831| } 



32832| 

32833| #if 1 

32834| // TESTTEST 

32835| Debug(DEBUG_INFO,("PSM Close Exclusive Called %08x 

| %08x\n",PsGetCurrentProcess() , PsGetCurrentThread())); 
32836| 

32837| Hint -save -e740 7 

32838| User = FindPSMUser( PsGetCurrentProcess(), 

| PsGetCurrentThread() ); 
32839| Hint -restore 7 
32840 1 if ( !User ) { 

32841 1 Debug(DEBUG_DCPSM,("SbCloseExclusive: PSM can 
| not find user!!!! failing close %08x, 

| %08x\n",PsGetCurrentProcess(), PsGetCurrentThread())); 
32842 1 return STATUS_I N VALI D_H AN DLE ; 
32843 1 } 
32844| 

32845| if ( !User->Open ) { 

32846| Debug(DEBUG_DCPSM,("SbCloseExclusive: User does 

| not have psm open!")); 
32847| return STATUS_I N VALI D_H AN DLE ; 
32848| } 
32849 1 

32850| // cant free if they didnt call.. 
32851 1 if ( 

| SnapShot->ExclusiveProcess!=PsGetCurrentProcess() ) { 
32852| Debug(DEBUG_DCPSM,("SbCloseExclusive: Someone 

| else (%08x) already has exclusive 

| access!", SnapShot->ExclusiveProcess)); 
32853| return PSM_ERROR_LOCKED_EXCLUSIVE; 
32854| } 
32855| 
32856| if ( 

| AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0 ) { 
32857| 

32858| _try { 

32859| DelnitForExclusive(User,SnapShot); 
32860| } ^finally { 

32861 1 SnapShot->ExclusiveProcess = 0; 

32862| ReleaseOpenCloseResource(); 
32863 1 } 
32864| } else { 

32865| return PSM_CANCELED_BY_USER; 
32866| } 
32867| #endif 

32868| return STATUS_SUCCESS; 
32869 1 } 
32870 1 
32871 1 

32872| ULONG NumberOfSnapShotslnGroup ( 



32873| ULONG 

| GroupNumber, 
32874| PDEVICE_OBJECT DevObj ) 

32875| { 

32876| ULONG NumlnGroup = 0; 

32877| PFILTERED_EXTENSION DevExt = NULL; 

32878| pkSnapShotEntry p = NULL; 

32879| 

32880| _try { 

32881| if ( DevObj != NULL ) { 
32882| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
32883| DevExt = GetFilteredExtension(DevObj); 

32884| _try { 

32885| GetSnapShotForRead(); 
32886| _try { 

32887| p = 

| GetTopSnapShot(&DevExt->SnapShots); 
32888| while ( p ) { 

32889| if ( GroupNumber == 

| p->MasterSnapShot->GroupNumber ) { 
32890| NumlnGroup++; 
32891 1 } 
32892 1 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
32893 1 } 

32894| } ^finally { 

32895| ReleaseSnapShotForRead(); 
32896| } 
32897| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

32898| 

| Debug(DEBUG_DCPSM,("NumberOfSnapShotslnGroup: Exception 
| %08x for device %08x\n",GetExceptionCode(), DevObj)); 

32899 1 } 

32900 1 } 

32901 1 } 

32902 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

32903| Debug(DEBUG_DCPSM,("NumberOfSnapShotslnGroup: 

| Exception %08x\n",GetExceptionCode())); 
32904| } 
32905| 

32906| return NumlnGroup; 

32907| } 

32908| 

32909| ULONG NumberOfSnapShotsForVolume (PDEVICE_OBJECT 

| DevObj) 
32910| { 

32911| ULONG Num = 0; 



32912| PFILTERED_EXTENSION DevExt = NULL; 

32913| pkSnapShotEntry p = NULL; 

32914| 

32915| _try{ 

32916| if ( DevObj != NULL ) { 
32917| if( 

| PsmGetObjectType(DevObj)==OBJECT FILTEREDDISK ) { 
32918| DevExt = GetFilteredExtension(DevObj); 

32919| _try{ 
32920| GetSnapShotForRead(); 
32921 1 _try { 

32922 1 p = 

| GetTopSnapShot(&DevExt->SnapShots); 
32923| while ( p ) { 

32924| Num++; 
32925| 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
32926| } 

32927| } ^finally { 

32928| ReleaseSnapShotForRead(); 
32929 1 } 
32930 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

32931 | 

| Debug(DEBUG_DCPSM,("NumberOfSnapShotslnGroup: Exception 
| %08x for device %08x\n",GetExceptionCode(), DevObj)); 

32932 1 } 

32933 1 } 

32934| } 

32935| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

32936| Debug(DEBUG_DCPSM,("NumberOfSnapShotslnGroup: 

| Exception %08x\n",GetExceptionCode())); 
32937| } 
32938| 

32939 1 return Num; 
32940 1 } 
32941 1 

32942| void DeleteOldestSnapShotlnGroup( pOT_USER User, 

| pkSnapShotMaster Master ) 
32943 1 { 

32944| pkSnapShotMaster Oldest=NULL; 

32945| ULONG NumlnGroup=0; 

32946| PDEVICE_OBJECT DevObj=NULL; 

32947| PFILTERED_EXTENSION DevExt=NULL; 

32948| pkSnapShotEntry p; 

32949 1 

32950| if ( Master->NumToKeep==-1 ) { 
32951 1 // nothing to do 
32952| return; 



32953| } 
32954| 
32955| /* 

32956| This function works by looking at the 

| snapshots attached to one volume as opposed 
32957| to looking at all snapshots in the system. 

| We do this as this will guareentee that only 
32958| one master snapshot per snapshot entry is 

| in the list, so we do not need to keep track 
32959| of the fact that we already have counted 

| that snapshot. 
32960| 

32961 1 This assumes that ALL snapshots for this 

| group cover the same volumes. For example, 
32962| If C and D are snapshotted in group 5, then 

| C and D will always be there for group 5. If 
32963| however C and D are applied to group 5, 

| then only C, then only D, this function will fail (and 
32964| find only 2 snapshots for group 5, not 3 as 

| it should be). If this is needed, this function 
32965| needs to be adjusted to take into account 

| that NumlnGroup is incremented based on the number 
32966| of snapshots found not the number of 

| M asterS napShots found. 
32967| 7 
32968| 

32969 1 //start at the top 
32970| DevObj = NULL; 
32971 1 

32972 1 __try { 

32973| // get a volume object that this snapshot 

| applies to 
32974| GetSnapShotForRead(); 
32975| __try { 
32976| 

| p=GetTopSnapShotForMaster(&Master->SnapShots); 
32977 1 DevObj = p->DeviceObject; 

32978| DoneWithSnapShot(p); 

32979| } ^finally { 

32980| ReleaseSnapShotForRead(); 
32981 1 } 
32982 1 

32983| // now go through all snapshots for this volume 
| and count 

32984| // the snapshots along with finding the oldest 
32985| if ( DevObj != NULL ) { 
32986| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
32987| DevExt = GetFilteredExtension(DevObj); 

32988| DoAgain: 



32989| __try { 

32990| GetSnapShotForRead(); 

32991| __try{ 

32992| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
32993| while ( p ) { 

32994| if ( Master->GroupNumber == 

| p->MasterSnapShot->GroupNumber ) { 
32995| // dont count always 

| keeps against group 
32996| if ( 

| p->MasterSnapShot->Priority!=255 ) { 
32997| // count self in 

| this number 
32998| NumlnGroup++; 
32999| 

33000| if ( 

| p->MasterSnapShot!=Master ) { 
33001 1 // not looking 

| at self 

33002 1 if ( Oldest ) { 

33003| if ( 

| p->MasterSnapShot->Priority<Oldest->Priority ) { 
33004| // at a 

| lower priority so grab it, regardless of time 
33005| Oldest 

| = p->MasterSnapShot; 
33006| } else 

33007| if ( 

| p->MasterSnapShot->Priority==Oldest->Priority ) { 
33008| // same 

| priority, compare times 
33009| if ( 

| p->MasterSnapShot->SnapShotTime.QuadPart<Oldest->SnapSho 

| tTime.QuadPart ) { 
33010| // 

| mark this one as the oldest and lowest priority found 

| so far 
33011| 

| Oldest = p->MasterSnapShot; 
33012| } 
33013| } 
33014| }else{ 
33015| //first 

| suitable snapshot found 
33016| Oldest = 

| p->MasterSnapShot; 
33017| } 
33018| } 
33019| } 



33020| } 
33021| 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
33022| } 

33023| } ^finally { 

33024| ReleaseSnapShotForRead(); 
33025| } 
33026| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33027| 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShotlnGroup: 

| Exception %08x for device 

| %08x\n",GetExceptionCode(),DevObj)); 
33028| } 
33029| } 
33030| } 
33031 | 

33032| // only delete if greater than number to keep 
33033| if ( NumlnGroup>Master->NumToKeep ) { 
33034| if ( Oldest ) { 

33035| 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShotlnGroup: 

| Deleting Snapshot %08x\n M ,Oldest)); 
33036| lnternalClosePSM(User,Oldest); 
33037| // loop deleting until number of 

| snapshots in group is below how many to keep 
33038| NumlnGroup=0; 
33039| Oldest=NULL; 
33040| goto DoAgain; 

33041 1 } else { 

33042 1 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShotlnGroup: Oldest 
| is null, most likely, new snapshot is only one\n")); 

33043 1 } 

33044| } else { 

33045| 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShotlnGroup: Only 

| %d snapshots in group, we need 

| %d\n",NumlnGroup,Master->NumToKeep)); 
33046| } 
33047| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33048| 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShotlnGroup: 

| Exception %08x deleting snapshot 

| %08x\n",GetExceptionCode(),Oldest)); 
33049 1 } 
33050| 

33051 1 return; 
33052| } 



33053| 

33054| void LogOpen( tOpenTransactionlnlnternal *Buffer, 

| pkSnapShotMaster MasterSnapShot ) 
33055| { 

33056| __try { 

33057| if ( gLogOpenClose ) { 
33058| ULONG *DumpData; 

33059| WCHAR ErrorStr[12]; 

33060| WCHAR *Strings[1]; 

33061| swprintf(ErrorStr,L"%08x",MasterSnapShot); 
33062| Strings[0] = ErrorStr; 

33063| #define NumDumpltems 10 
33064| ULONG 

| SizeOfDumpData=(NumDumpltems*sizeof(ULONG)); 
33065| 

33066| DumpData = (ULONG *) 

| MemAllocatePoolWithTag(PagedPool,SizeOfDumpData,TEMPTAG) 

I ; 

33067| 

33068| if ( DumpData ) { 

33069| 

33070| DumpData[0] = (ULONG)MasterSnapShot; 

33071| DumpData[1] = 

| Buffer->SizeOfCacheFileMB; 
33072| DumpData[2] = 

| Buffer->MaxSizeOfCacheFileMB; 
33073| DumpData[3] = Buffer->Flags; 

33074| DumpData[4] = Buffer->QuiescentWait; 

33075| DumpData[5] = Buffer->QuiescentTimeout; 

33076| DumpData[6] = MasterSnapShot->lnstance; 

33077| DumpData[7] = 

| MasterSnapShot->SnapShotTime.LowPart; 
33078| DumpData[8] = 

| MasterSnapShot->SnapShotTime.HighPart; 
33079| DumpData[9] = Buffer->NumberOfDevices; 

33080| 

33081 1 } else { 

33082| SizeOfDumpData = 0; 

33083 1 } 

33084| #undef NumDumpltems 
33085| 

33086| Hint -save -e740 7 

33087| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_OPEN 
| ED_INFORMATION,0,DumpData,SizeOfDumpData,Strings,1); 

33088| Hint -restore 7 

33089| if ( DumpData ) { 

33090| FREE_POINTER(DumpData); 

33091| } 

33092| } 



33093| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33094| Debug(DEBUG_DCPSM,("LogOpen: Exception 

| %08x\n M ,GetExceptionCode())); 
33095| } 
33096| } 
33097| 

33098| NTSTATUS GetWin32NameFromNTName( WCHAR *NTName, WCHAR 

| *DriveString, ULONG BufferSize ) 
33099| { 

331 00| // FIXFIXFIX we need to code this function 
331 01 1 return STATUS_NOT_FOUND; 
33102| } 
33103| 

33104| NTSTATUS GetNTNameFromWin32Name( WCHAR *Win32Name, 

| WCHAR *NTName ) 
33105| { 

33106| UNICODE_STRING UniName={0}; 

331 07| OBJECT ATTRIBUTES Object Attributes={0}; 

331 08| NTSTATUS Status=STATUS_SUCCESS; 

33109| HANDLE Sym H and le= NULL; 

33110| WCHAR Name[256]; 

33111| 

331 1 2| wcscpy(Name,Win32Name); 
33113| 

331 1 4| Debug(DEBUG_DCPSM,("GetNTNameFromWin32Name: Looking 

|for'%S'\n M ,Name)); 
331 15| RtllnitUnicodeString( &UniName, Name); 
33116| 

331 1 7| InitializeObjectAttributes ( &ObjectAttributes, 



33118| &UniName, 

331 19| OBJ_CASE_INSENSITIVE, 

33120| NULL, 

33121| NULL); 

33122| 



33123| Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, & Object Attributes); 
33124| if ( NT_SUCCESS(Status) ) { 
33125| ULONG Ret=0; 
33126| 

33127| UniName.Length = 0; 

33128| UniName.MaximumLength = 256; 

33129| Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
33130| if ( NT_SUCCESS(Status) ) { 
33131| 

33132| Debug(DEBUG_DCPSM,("GetNTNameFromWin32Name: 

| Device Name = '%wZ'\n M ,&UniName)); 
33133| wcscpy(NTName,UniName.Buffer); 
33134| }else{ 



33135| Debug(DEBUG_DCPSM,("GetNTNameFromWin32Name: 

| Error %08x opening symlink , %S'\n",Status,Name)); 

33136| } 
33137| 

33138| ZwClose(SymHandle); 

33139| SymHandle = NULL; 

33140| }else{ 

331 41 1 Debug(DEBUG_DCPSM,( M GetNTNameFromWin32Name: 

| Error %08x\n",Status)); 

33142| } 

33143| return Status; 

33144| } 

33145| 

33146| NTSTATUS GetDriveLetterFromNTName( WCHAR *NTName, WCHAR 

| *DriveString, ULONG BufferSize ) 

33147| { 

33148| WCHAR DriveName[20] = L"\\DosDevices\\C:"; 

33149| UNICODE_STRING UniName={0}; 

33150| OBJECT_ATTRIBUTES ObjAttr={0}; 

33151| HANDLE SymH and le= NULL; 

33152| WCHAR SymSpace[256]={0}; 

33153| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

33154| ULONG Ret=0; 

33155| UCHAR DriveLetter=0; 

33156| NTSTATUS RetStatus = STATUS_NOT_FOUND; 

33157| 

33158| PAG E DCOD E () ; 
33159| 

331 60 1 for ( DriveLetter=2;DriveLetter<26;DriveLetter++ ) 

|{ 
33161| 

331 62 1 DriveName[1 2] = DriveLetter+65; 
33163| 

331 64 1 RtllnitUnicodeString( &UniName, DriveName ); 
33165| 

33166| ObjAttr. Length 

| sizeof (ObjAttr); 

33167| ObjAttr. RootDirectory = NULL; 

33168| ObjAttr.Attributes 

| OBJ_CASE_INSENSITIVE; 

33169| ObjAttr.ObjectName = &UniName; 

33170| ObjAttr.SecurityDescriptor = NULL; 

331 71 1 ObjAttr.SecurityQualityOfService = NULL; 
33172| 

331 73 1 Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, &ObjAttr ); 

331 74| if ( NT_SUCCESS(Status) ) { 

331 75 1 UniName.Length = 0; 

331 76| UniName.MaximumLength = 256; 

331 77| UniName. Buffer = SymSpace; 



33178| Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
331 79| if ( NT_SUCCESS(Status) ) { 

331 80| Debug(DEBUG_DCPSM,("Symlink '%S' == 

| , %wZ'\n",DriveName,&UniName)); 
33181| 

33182| if( 

| _wcsnicmp(UniName.Buffer,NTName,wcslen(NTName))==0 ) { 
33183| // \DosDevices\C: 

33184| // 01 23456789-1 2 

33185| DriveString[0] = DriveLetter+65; 

33186| DriveString[1] = 0; 

33187| ZwClose(SymHandle); 
33188| RetStatus= STATUS_SUCCESS; 

33189| break; 
33190| } 
33191| }else{ 

33192| Debug(DEBUG_DCPSM, ("Error 

| %08x\n",Status)); 
33193| } 
33194| 

33195| ZwClose(SymHandle); 
33196| }else{ 

331 97| //Debug(DEBUG_DCPSM,("Error 

| %08x\n",Status)); 
33198| } 
33199| }//for 
33200| 

33201 1 return RetStatus; 
33202 1 } 
33203 1 
33204| 

33205| NTSTATUS MakeVolumeListString( 



33206| pkSnapShotMaster Master, 

33207| WCHAR *String, 

33208| ULONG StringSize 

33209 1 ) 
33210| { 

3321 1 1 NTSTATUS Status=STATUS_SUCCESS; 
33212| 

33213| _try{ 

33214| wcscpy(String,L""); 

33215| 

3321 6| Status = ValidateKernelSnapShotPointer(Master); 

3321 7| if ( NT_SUCCESS(Status) ) { 

33218| WCHAR *Buffer; 

3321 9| ULONG BufferSize=1 28*1 024; 

33220 1 

33221 1 Buffer = 



| (WCHAR*)MemAllocatePoolWithTag(PagedPool,BufferSize,TEMP 



I TAG); 
33222| 
33223| 



if ( Buffer ) { 

Status = SbGetKernelSnapShotVolumes( 



33224| 

| Master, 
33225| 

| Buffer, 
33226| 

| SBufferSize); 
33227| 

33228| if ( IStatus ) { 

33229| WCHAR *p=Buffer; 

33230| WCHARTemp[512]; 
33231 1 

33232| while ( *p ) { 

33233| // use drive letter 

33234| if ( 

| GetDriveLetterFromNTName(p,Temp,sizeof(Temp))!=STATUS_SU 

| CCESS ) { 

33235| // no drive letter, so lets 

| just mark the spot 
33236| // as the packet can not 

| get bigger than 1 50 bytes. 
33237| wcscpy(Temp,L"*"); 
33238| r 
33239 1 

| // use win 32 name 
33240 1 

| if(GetWin32NameFromNTName(p,Temp,sizeof(Temp))!=STATUS_S 

| UCCESS) { 
33241 1 

| // use nt name 
33242 1 

| wcscpy(Temp,p); 
33243 1 



I) 

33244| 7 

33245| } 

33246| if ( NumBytes(Temp)>=StringSize 



l){ 

33247| Status = 



| STATUS_B U F F E R_TOO_S M ALL ; 

33248| break; 

33249 1 } else { 

33250| wcscat(String,Temp); 

33251 1 StringSize-=NumBytes(Temp); 

33252 1 } 
33253 1 

33254| p+=wcslen(p)+1 ; 
33255| 



33256| if ( *p ) { 

33257| // add comma if another 

| volume 

33258| StringSize-=2; 
33259| wcscat(String,l_Y); 
33260| } 
33261 1 } 
33262 1 } 

33263| FREE_POINTER(Buffer); 
33264| Status = STATUS_SUCCESS; 

33265| } else { 

33266| 

| Debug(DEBUG_DCPSM,("MakeVolumeListString: Out of 
| memory\n")); 

33267| Status = STATUS_INSUFFICIENT_RESOURCES; 

33268| } 
33269 1 } else { 

33270| Debug(DEBUG_DCPSM,( M MakeVolumeListString: 

| invalid master snapshot %08x\n", Master)); 
33271 1 } 
33272 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33273 1 Status = GetExceptionCode(); 

33274| Debug(DEBUG_DCPSM,("RemoveUserl_inks: Exception 

| %08x\n M ,Status)); 
33275| } 

33276 1 return Status; 
33277| } 
33278| 
33279 1 

33280| void Logl_inkCreated( pkSnapShotMaster MasterSnapShot ) 



33281 1 { 




33282 1 


_try{ 


33283 1 


if ( gLogOpenClose ) { 


33284| 


WCHAR *Strings[9]; 


33285| 


WCHAR VolList[1 00]; 


33286| 


WCHAR ID[10]; 


33287| 


WCHAR Month[4]; 


33288| 


WCHAR Day[4]; 


33289 1 


WCHAR Year[6]; 


33290 1 


WCHAR Hour[4]; 


33291 1 


WCHAR Minute[4]; 


33292 1 


WCHAR Second[4]; 


33293 1 


TIME_FIELDS tm; 


33294| 


LARGEJNTEGER Local; 


33295| 


ULONG DumpData; 


33296| 




33297| 


wcscpy(VolList,L""); 


33298I 





| MakeVolumeListString(MasterSnapShot,VolList,sizeof(VolLi 



1 st)); 




33299| 


swprintf(ID,L"%08x",MasterSnapShot); 


33300| 




33301| 




| ExSystemTimeToLocalTime(&MasterSnapShot->: 


| ocal); 




33302| 


RtlTimeToTimeFields(&Local,&tm); 


33303| 


swprintf(Month,L"%02d",tm. Month); 


33304| 


swpri ntf ( Day , L"%02d",tm . Day) ; 


33305| 


swpri ntf (Year, L"%4d" ,tm .Year) ; 


33306| 


swprintf(Hour,L"%02d",tm.Hour); 


33307| 


swprintf(Minute,L"%02d",tm. Minute); 


33308| 


swprintf(Second,L"%02d",tm. Second); 


33309| 




33310| 


wcscat(VolList,L M :\V); 


33311| 




33312| 


ULONG LogSize = 



•SnapShotTime,&L 



| ((sizeof(IO_ERROR_LOG_MESSAGE)-sizeof(IO_ERROR_LOG_PACKE 
|T)) + 

33313| ERROR_LOG_MAXIMUM_SIZE) - 

33314| 

| sizeof(IO_ERROR_LOG_MESSAGE) - 
33315| NumBytes(ID)- 
3331 6| NumBytes(Month) - 

33317| NumBytes(Day) - 

33318| NumBytes(Year) - 

33319| NumBytes(Hour) - 

33320| NumBytes(Minute) - 

33321 1 NumBytes(Second) - 

33322 | 

| sizeof(DumpData)-(sizeof(WCHAR) * 8); 
33323 | 

33324| DumpData = (ULONG)MasterSnapShot; 

33325| 

33326| if ( NumBytes(VolList)>=LogSize ) { 

33327| // volume list is too big 

33328| wcscpy(VolList,L"..."); 
33329 1 } 
33330 | 

33331 1 LogSize-=NumBytes(VolList); 
33332 | 

33333 1 if ( 

| _wcsicmp(MasterSnapShot->UserSnapShotName,L m, )==0 ) { 
33334| // just leave blank 

33335| } else { 

33336| if ( 

| NumBytes(MasterSnapShot->UserSnapShotName)<LogSize ) { 
33337| 

| wcscat(VolList,MasterSnapShot->UserSnapShotName); 
33338| } else { 



33339| WCHAR 

| *p=wcsrchr(MasterSnapShot->UserSnapShotName,L'\Y); 
33340| if ( p ) { 

33341 1 p++; 

33342| #define DOT_SIZE (unsigned)(3*sizeof(WCHAR)) 
33343 1 

33344| if ( 

| (NumBytes(p)+DOT_SIZE)<LogSize ) { 
33345| wcscat(Voll_ist,L"..."); 
33346| wcscat(VolList,p); 
33347| } else { 

33348| Trunc: 
33349| wcscat(Voll_ist,L"..."); 
33350| if ( LogSize>DOT_SIZE ) { 

33351 1 p = 

| MasterSnapShot->UserSnapShotName + 

| NumBytes(MasterSnapShot->UserSnapShotName) - LogSize 

1 1; 

33352| 

| p+=(DOT_SIZE/sizeof(WCHAR)); 
33353| wcscat(VolList,p); 
33354| } 
33355| } 
33356| } else { 

33357| goto Trunc; 

33358| } 
33359 1 } 
33360 1 } 
33361 1 

33362| #define NumStrings 8 
33363 1 Stri 

1 112 

33364| Stri 
1 113 

33365| Strings[2] = Month 

| II A 

33366| Strii 

|//5 

33367| Strii 

1 116 

33368| Strii 

|//7 

33369| Strii 

|//8 

33370| Strii 

|//9 
33371 1 

33372| Hint -save -e740 7 

33373 1 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_LINK 



ngs[0] = ID; 
ngs[1] = VolList; 



ngs[3] = Day; 
ngs[4] = Year; 
ngs[5] = Hour; 
ngs[6] = Minute; 
ngs[7] = Second; 



I _CREATED,0,&DumpData,1 ,Strings,NumStrings); 
33374| Tlint -restore 7 

33375| } 
33376| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33377| Debug(DEBUG_DCPSM,("LogLinkCreated: Exception 

| %08x\n",GetExceptionCode())); 
33378| } 
33379 1 } 
33380 1 
33381 1 

33382| extern LARGEJNTEGER TimeOfLastLog Entry; 
33383| 

33384| // 

| 

I- 
33385| 

33386| NTSTATUS GetDeviceExtensionList ( 

33387| tOpenTransactionlnlnternal *ln, 

33388| PFILTERED_EXTENSION *&DevExtArray, 

33389| ULONG SNumDevices ) 

33390| { 

33391 1 NTSTATUS status = STATUSJJNSUCCESSFUL; 
33392| NumDevices = 0; 
33393 1 

33394| _try { 

33395| // We are creating an array of pointers to 

| filtered extensions. 
33396| // The parameter 'DevExtArray' is therefore a 
33397| // reference to a pointer to a pointer to a 

| filtered extension. 
33398| 

33399| DevExtArray = (PFILTERED_EXTENSION *) 

| MemAllocatePoolWithTag( 
33400| PagedPool, 
33401 1 ln->NumberOfDevices * 

| sizeof(PFILTERED EXTENSION), 
33402| TEMPTAG ); 

33403 1 

33404| if ( DevExtArray ) { 

33405| for ( ULONG i=0; i < ln->NumberOfDevices; 

!++'){ 

33406| PDEVICE_OBJECT DevObj = 

| (PDEVICE_OBJECT) GetObjectFromName( (WCHAR 
| *)DN_MakePointer(ln,ln->DeviceName[i]) ); 

33407| if ( DevObj ) { 

33408| DevExtArray[NumDevices++] = 

| GetFilteredExtension (DevObj); 

33409 1 } 

33410| } 



3341 1 1 

33412| status = STATUS_SUCCESS; 

33413| }else{ 

33414| status = STATUS_INSUFFICIENT_RESOURCES; 

33415| } 
33416| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

3341 7| status = GetExceptionCode(); 

33418| Debug(DEBUG_DCPSM,("M! Exception %08x in 

| GetDeviceExtensionList\n",status)); 
33419| } 
33420| 

33421 1 if ( !NT_SUCCESS(status) ) { 

33422 1 Num Devices = 0; 

33423 1 if ( DevExt Array ) { 

33424| FREE_POINTER(DevExtArray); 

33425| } 

33426| } 

33427| 

33428| return status; 
33429 1 } 
33430 1 

33431|// 



33432| // Given a list of volumes that we want to take a 

| snapshot of, the following function 
33433| // determines whether any of the volumes have not 

| completed Part2 (by checking file handles) 
33434| // but have snapshots. If this is the case, the 

| function returns 'false', indicating that 
33435| // we are between parti and part2, and that snapshot 

| creation should be delayed a bit. 
33436| 

33437| STATIC bool ReadyForSnapShotCreation ( 

| tOpenTransactionlnlnternal *ln ) 
33438| { 

33439| bool Is Ready = true; 

33440| PFILTERED_EXTENSION *DevExtArray = NULL; 
33441 1 ULONG NumDevices = 0; 
33442 1 

33443 1 __try { 

33444| NTSTATUS GetListStatus = GetDeviceExtensionList 

| (In, DevExtArray, NumDevices); 
33445| ASSERT(NT_SUCCESS(GetListStatus)); 
33446| if ( NT_SUCCESS(GetListStatus) ) { 
33447| ASSERT (DevExtArray != NULL); 

33448| 

33449| if ( DevExtArray ) { 

33450| for ( ULONG i=0; kNumDevices; ++i ) { 



33451 1 bool AIIHandlesOpen = 

33452 1 

| lsValidHandle(DevExtArray[i]->Cache.CacheFile.FileHandle 
| ) && 
33453 1 

| lsValidHandle(DevExtArray[i]->Cache.lndexFile.FileHandle 
| ) && 
33454| 

| lsValidHandle(DevExtArray[i]->Cache.HeaderFile.FileHandl 

|e); 
33455| 

33456| if ( !AIIHandlesOpen && 

| DevExtArray[i]->PSMed ) { 
33457| IsReady = false; 

33458| break; 
33459| } 
33460 1 } 
33461 1 

33462| FREE_POINTER (DevExtArray); 

33463| } 
33464| } 
33465| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33466| Debug(DEBUG_DCPSM,("!!! Exception %08x in 

| Ready ForSnapShotCreation\n",GetExceptionCode())); 
33467| IsReady = true; // otherwise SbOpenPSM could 

| loop forever! 
33468| } 
33469| 

33470 1 return IsReady; 
33471 1 } 
33472 1 

33473 1 // 

| 

I " 
33474| 

33475| NTSTATUS SbOpenPSM ( 
33476| pOTJJSER User, 
33477| tOpenTransactionlnlnternal *Buffer, 
33478| ULONG OTOSize, 
33479 1 tOpenTransactionOutlnternal *OutBuffer, 
33480| PKEVENT AbortEvent ) 

33481 1 { 

33482| NTSTATUS Status = STATUS_SUCCESS; 
33483| NTSTATUS CountStatus = STATUS_SUCCESS; 
33484| ULONG NumActiveSnapShots = 0; 
33485| 

33486| PAG E D_CO D E () ; 
33487| 

33488| MemTrackPrintStats( "OpenPSM" ); 



33489| MemShowUsage(); 
33490| 

33491 1 Debug(DEBUG_DCPSM, ("Entering SbOpenPSM: User=%08x, 

| AbortEvent=%08x\n",User,AbortEvent)); 
33492 1 

33493 1 // exiting event not yet initialized, so use this 
| function 

33494| // otherwise we corrupt memory and/or bsod 
33495| if ( AcquireOpenCloseResourceOnly(AbortEvent) != 

| STATUS_WAIT_0 ) { 
33496| Debug(DEBUG_DCPSM, ("SbOpenPSM: (1) canceled by 

| AbortEvent\n")); 
33497| return PSM_CANCELED_BY_USER; 
33498| } 
33499 1 

33500| bool OpenCloseAcquired = true; 
33501 1 __try { 

33502| bool ReadyForSnap = false; 
33503| while ( IReadyForSnap ) { 
33504| 

| // 



33505| // It is possible for SbOpenPSM to be 

| called while we are in a revert. 
33506| // Revert will be holding the OpenClose 

| until it is finished. 
33507| // However, we really want to make sure 

| that part2 has run. 
33508| // Instead of just grabbing the resource 

| and running with it, we need to 
33509| // check to see if part2 has finished. If 

| not, release OpenClose, 
3351 0| // delay for a little, and loop back to 

| try again. The idea is that 
3351 1 1 // this gives part2 a chance to grab the 

| resource and complete. 
33512| // This (hopefully) resolves defect #279 

| 'snapshot during revert'. 
33513| 

| // 

| 

3351 4| ReadyForSnap = 

| Ready ForSnapShotCreation(Buffer); 
33515| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Ready ForSnapShotCreation returned 

| %s\n",(ReadyForSnap?"TRUE":"FALSE"))); 
33516| if ( IReadyForSnap ) { 

3351 7| ReleaseOpenCloseResource(); 
33518| OpenCloseAcquired = false; // so 

| we know not to release OpenClose again if exception 



I happens 
33519| 

33520| const int SecondsToWait = 5; 

33521| LARGE INTEGER TimeToWait; 

33522| TimeToWait.QuadPart = 

| RELATIVE(SECONDS(SecondsToWait)); 
33523| KeDelayExecutionThread 

| ((KPROCESSOR_MODE)KernelMode, FALSE, STimeToWait); 
33524| 

33525| if ( 

| AcquireOpenCloseResourceOnly(AbortEvent) != 

| STATUS_WAIT_0 ) { 
33526| Debug(DEBUG_DCPSM,("SbOpenPSM: (2) 

| canceled by AbortEvent\n")); 
33527| return PSM_CANCELED_BY_USER; 

33528| } 
33529| 

33530| OpenCloseAcquired = true; 

33531 | } 
33532 1 } 
33533 1 

33534| #ifdef DEBUG 

33535| Debug(DEBUG_DCPSM,("SbOpenPSM: CacheFileName 

| = '%S'\n",Buffer->CacheFileName)); 
33536| Debug(DEBUG_DCPSM,(" 

| SizeOfCacheFilelnMB = 

| %08x\n",Buffer->SizeOfCacheFileMB)); 
33537| Debug(DEBUG_DCPSM,(" 

| MaxSizeOfCacheFilelnMB = 

| %08x\n",Buffer->MaxSizeOfCacheFileMB)); 
33538| Debug(DEBUG_DCPSM,(" Flags 

| = %08x\n",Buffer->Flags)); 
33539| Debug(DEBUG_DCPSM,(" Q Wait 

| = %08x\n",Buffer->QuiescentWait)); 
33540| Debug(DEBUG_DCPSM,(" Q Time 

| = %08x\n",Buffer->QuiescentTimeout)); 
33541 1 Debug(DEBUG_DCPSM,(" Number Devices 

| = %08x\n",Buffer->NumberOfDevices)); 
33542 1 
33543 1 { 
33544| ULONG i; 

33545| for ( i=0;i<Buffer->NumberOfDevices;i++ ) { 

33546| Debug(DEBUG_DCPSM,(" [%02x] 

l = 

| '%S'\n",i,DN_MakePointer(Buffer,Buffer->DeviceName[i]))) 

I ; 

33547| } 
33548| } 
33549| #endif 
33550 1 



33551 1 #if 0 

33552| // done when the snapshot is used by someone else not 

| during the open of a new one 
33553| if ( (GlobalData->ExclusiveProcess!=0) && 
33554| 

| (GlobalData->ExclusiveProcess!=PsGetCurrentProcess()) ) 
|{ 

33555| Debug(DEBUG_DCPSM,("SbOpenPsm: Someone else 

| (%08x) already has exclusive 

| access!", GlobalData->ExclusiveProcess)); 
33556| 

| try_return(Status=PSM_ERROR_LOCKED_EXCLUSIVE); 
33557| } 
33558| #endif 
33559 1 

33560| // clear last error time so event logs are sent 
33561 1 // based on the new snapshot 
33562| TimeOfLastLogEntry.QuadPart = 0; 
33563 1 

33564| // clear event incase user didnt 

33565| if ( User->ErrorEvent ) { 

33566| pmClearEvent(User->ErrorEvent); 

33567| } 

33568| 

33569 1 r 

33570 1 //OTM fossil: user-specified cache files are 

| now always ignored. 
33571 1 if ( !(Buffer->lnternalFlags & 

| PSM_I FL AG_P E RSI STENT) ) { 
33572 1 Status = 

| SblsADirectory(Buffer->CacheFileName); 
33573| if ( (Status == STATUS_FILE_IS_A_DIRECTORY) 

| || (Status == STATUS_OBJECT_PATH_SYNTAX_BAD) ) { 
33574| try_return(NOTHING); 
33575| } 
33576| } 
33577| 7 
33578| 

33579| // call preinit 

33580| if ( IPSManPSMInited ) { 

33581 | 

| UpdateGlobalStatus(PSM_RESOURCE_ACQUISITION); 
33582| Status = SbPrelnit(User,Buffer,AbortEvent); 

33583 1 } else { 

33584| // check to see if we are in a state where 

| ALL instances need to exit. 
33585| if ( (GlobalData->NumActive) && 

| (LastErrorStatus!=0) ) { 
33586| Status = LastErrorStatus; 

33587| } 



33588| } 
33589| 

33590| if ( NT_SUCCESS(Status) ) { 

33591 1 BOOLEAN WouldCauseMoreSnapShots = FALSE; 

33592 1 

33593| if ( Buffer->NumToKeep == -1 || 

| Buffer->NumToKeep == 0 ) { 
33594| // The user is requesting no limit on 

| how many to keep 
33595| //for this group. Therefore, no old 

| snapshots would be deleted. 
33596| WouldCauseMoreSnapShots = TRUE; 

33597| } else { 

33598 1 // Now we need to figure out whether we 

| are already at the 
33599| // group limit. If so, creating a new 

| snapshot will automatically 
33600| // delete an old one, so there is no 

| problem. 
33601 1 

33602| PDEVICE_OBJECT DevObj = 

| (PDEVICE_OBJECT) GetObjectFromName( 
33603| 

| (WCHAR *)DN_MakePointer(Buffer,Buffer->DeviceName[0]) 

I); 

33604| 

33605| if ( DevObj ) { 

33606| ULONG numlnGroup = 

| NumberOfSnapShotslnGroup ( 
33607| 

| (ULONG) Buffer->CallerPrivateUse, //group number 
33608| 

| DevObj ); 



33609| 

33610| if ( numlnGroup < Buffer->NumToKeep 

l){ 

3361 1 1 WouldCauseMoreSnapShots = TRUE; 

33612| } 
33613| }else{ 

33614| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Could not find DevObj in snapshot limit logic\n")); 
33615| WouldCauseMoreSnapShots = TRUE; 

33616| } 
33617| } 
33618| 

33619| if ( WouldCauseMoreSnapShots ) { 

33620| WCHAR Str1 [1 0] = {0}; 

33621 1 WCHAR *Strings[] = {Str1}; 

33622| const ULONG MaxSnapShots = 



| PersistentDictionary::QueryMaxNumUserSnapShots(); 



33623| 

33624| Debug(DEBUG_DCPSM,("SbOpenPSM: 
| NumActiveSnapshots=%d, MaxSnapShots=%d\n", 

33625| 

| GlobalData->NumActive, 

33626| MaxSnapShots)); 

33627| 

33628| if ( GlobalData->NumActive >= 

| MaxSnapShots ) { 
33629| // We are at the limit of how many 

| user snapshots may exist. 
33630| // Therefore, we need to determine 

| whether creating this 
33631 1 // new snapshot will really 

| increase the number of snapshots. 
33632| // The number won't actually 

| increase if creating this snapshot 
33633| // results in deleting another one 

| due to NumToKeep rules for a group. 
33634| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Maximum number of snapshots reached - trying to delete 

| oldestAn")); 

33635| BOOLEAN OldestSnapShotWas Deleted = 

| DeleteOldestSnapShot(NULL,FALSE); 
33636| if ( OldestSnapShotWasDeleted ) { 

33637| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Snapshot count threshold reached - oldest snapshot was 

| deletedAn")); 
33638| LogError ( 

33639| 

| (PDEVICE_OBJECT)PSManDriverObject, 
33640| NULL, 
33641 | 

| PSM OLDEST SNAPSHOT DELETED, 
33642 1 

| PSM_OLDEST_SNAPSHOT_DELETED, 
33643| NULL, 
33644| 0, 
33645| NULL, 
33646| 0); 
33647| } else { 

33648| swprintf ( Str1 , L"%d", 

| MaxSnapShots ); 
33649| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Rejecting snapshot creation due to reaching 

| limitAn")); 
33650| LogError ( 

33651 | 

| (PDEVICE_OBJECT)PSManDriverObject, 
33652| NULL, 



33653| 

| PSM_MAXIMUM_ALLOWED_SNAPSHOTS_REACHED, 
33654| 

| PSM_MAXIMUM_ALLOWED_SNAPSHOTS_REACHED, 
33655| NULL, 
33656| 0, 
33657| Strings, 
33658| 1); 
33659| try_return (Status = 

| PSM_MAXIMUM_ALLOWED_SNAPSHOTS_REACHED); 
33660| } 
33661 1 } else { 

33662| const ULONG WarningThresholdPercent 

| = 80; //!!! FIXFIXFIX: get from registry 
33663| ULONG WarningThreshold = 

| (MaxSnapShots * WarningThresholdPercent) / 100; 
33664| if ( GlobalData->NumActive >= 

| WarningThreshold ) { 
33665| if ( MaxSnapShots > 0 ) { 

33666| swprintf ( Str1 , L"%d", 

| (100 * GlobalData->NumActive) / MaxSnapShots ); 
33667| } else { 

33668| wcscpy(Str1,L"?"); 

| // should never happen, but don't divide by zero! 
33669 1 } 
33670 1 

33671 1 Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Reached snapshot warning threshold: logging error\n")); 
33672| LogError ( 

33673 1 

| (PDEVICE_OBJECT)PSManDriverObject, 
33674| NULL, 
33675| 

| PSM SNAPSHOT COUNT THRESHOLD REACHED, 
33676| 

| PSM_SNAPSHOT_COUNT_THRESHOLD_REACHED, 
33677| NULL, 
33678| 0, 
33679| Strings, 
33680| 1); 
33681 1 } 
33682 1 } 
33683 1 } 
33684| 

33685| PersistentDictionary::Setlnfo(Buffer); 
33686| r 

33687| //OTM fossil: Always call Setlnfo, 

| whether persistent or temporary snapshot. 
33688| if ( Buffer->lnternalFlags & 

| PSM_IFLAG_PERSISTENT ) { 



33689| PersistentDictionary::Setlnfo(Buffer); 
33690| } 
33691| 7 
33692| 

33693| // try and get the window and turn on PSM 

33694| pkSnapShotMaster MasterSnapShot = NULL; 

33695| Status = WaitForQuiescentPeriod( User, 

| Buffer, &MasterSnapShot, AbortEvent ); 
33696| if ( NT_SUCCESS(Status) ) { 

33697| ASSERT (MasterSnapShot != NULL); 

33698| lnterlockedlncrement((PLONG) 

| &GlobalData->NumActive); 
33699| lnterlockedlncrement((PLONG) 

| &User->Open); 
33700| Debug(DEBUG_DCPSM,("PSM Opened 

| snapshot=%08x; NumActive incremented to %08x, 

| open=%08x\n", 
33701 1 MasterSnapShot, 
33702| GlobalData->NumActive, 
33703| User->Open)); 
33704| 

33705| PsmActive = TRUE; 

33706| LogOpen(Buffer,MasterSnapShot); 

33707| 

33708| 

| UpdateGlobalStatus(PSM_MAPPING_IN_SNAPSHOTS); 
33709| 

3371 0| // map drives and get instance number 

3371 1 1 Status = 

| VDiskMaplnDrives(MasterSnapShot,Buffer,OTOSize,OutBuffer 

I); 

33712| 

33713| if ( !NT_SUCCESS(Status) ) { 

33714| //failed, clean up.. 

33715| 

| Debug(DEBUG_DCPSM,("VdiskMaplnDrives Failed %08x for 
| %08x %08x\n",Status,User,MasterSnapShot)); 
33716| 

| lnternalClosePSM(User,MasterSnapShot); 
33717| 

33718| }else{ 

33719| 

33720| 

| DeleteOldestSnapShotlnGroup(User,MasterSnapShot); 
33721| 

33722| if ( 

| OTOSize>=sizeof(tOpenTransactionOutlnternal) ) { 
33723| // return back pointer to this 

| so they can pass it to use on close 
33724| 



I OutBuffer->KernelSnapShotPointer = MasterSnapShot; 
33725| OutBuffer->SnapShotTime = 

| MasterSnapShot->SnapShotTime; 
33726| OutBuffer->lnstance = 

| MasterSnapShot->lnstance; 
33727| 

33728| GetSnapShotForRead(); 

33729| __try { 

33730| pkSnapShotEntry s = 

| GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
33731 1 if ( s ) { 

33732 1 

| s->Dictionary->GetOutParams(OutBuffer->CacheFileName); 
33733| DoneWithSnapShot(s); 
33734| } 

33735| } finally { 

33736| ReleaseSnapShotForRead(); 
33737| } 
33738| } 
33739| } 
33740| } else { 

33741 1 Debug(DEBUG_DCPSM,("Wait for Q period 

| failed %08x\n'\Status)); 
33742| if ( GlobalData->NumActive==0 ) { 

33743| // only call if we need to deinit 

33744| lnterlockedlncrement((PLONG) 

| &GlobalData->NumActive); 
33745| Debug(DEBUG_DCPSM,("SbOpenPSM: 

| Incremented NumActive to %08x (expecting 

| InternalClosePSM to decrement), open=%08x\n", 
33746| GlobalData->NumActive, 
33747| User->Open)); 
33748| 

33749 1 I nternalC losePS M (User, N U LL) ; 

33750| } 

33751 1 } 

33752 1 } 

33753| try_exit: 

33754| 

33755| if ( !NT_SUCCESS(Status) ) { 
33756| WCHAR MessageStringl [64] = {0}; 

33757| WCHAR *MessageStrings[1 0] = 

| {MessageStringl}; 
33758| 

33759| switch ( Status ) { 

33760| case PSM_ERROR_TIMEOUT: { 

33761 1 swprintf (MessageStringl , 

| L"%d", Buffer->QuiescentTimeout/60); 
33762| Hint -save -e740 7 

33763| 



I LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 
| R_TIMEOUT,PSM_ERROR_TIMEOUT,NULL,0,MessageStrings,1); 

33764| Hint -restore 7 

33765| break; 

33766| } 

33767| 

33768| case STATUSJNSUFFICIENT_RESOURCES: 

33769| case PSM_ERROR_OUT_OF_MEMORY : { 

33770| Hint -save -e740 7 

33771 | 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_OUT_OF_MEMORY,PSM_ERROR_OUT_OF_MEMORY,NULL,0,NULL,0); 

33772| Hint -restore 7 

33773 1 break; 

33774| } 

33775| case STATUS_OBJECT_NAME_NOT_FOUND: 

33776| case PSM_ERROR_NO_SUCH_OBJECT: { 

33777| Hint -save -e740 7 

33778| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

I R_NO_SUCH_OBJECT,PSM_ERROR_NO_SUCH_OBJECT,NULL,0,NULL,0) 

I ; 

33779| Hint -restore 7 

33780| break; 
33781 1 } 

33782| case PSM_ERROR_CANT_CREATE_CACHE_FILE: 

|{ 

33783| Hint -save -e740 7 

33784| 

| Log Error( ( P D EVI CE_OB J ECT) PSMan DriverObject, N U LL, PSM_E RRO 

| R_CANT_CREATE_CACHE_FILE,PSM_ERROR_CANT_CREATE_CACHE_FIL 

| E,NULL,0,NULL,0); 

33785| Hint -restore 7 

33786| break; 

33787| } 

33788| case STATUS_REQUEST_ABORTED : 

33789| case STATUS_PROCESS_IS_TERMINATING : 

33790| case PSM_CANCELED_BY_USER: { 

33791 1 Hint -save -e740 7 

33792 1 

| Log Error(( P D EVI C E_OB J ECT) PSMan DriverObject, N U LL, PSM_C ANC 
| ELED_BY_USER,PSM_CANCELED_BY_USER,NULL,0,NULL,0); 

33793| Hint -restore 7 

33794| break; 

33795| } 

33796| case PSM_EVALUATION_EXPIRED: { 

33797| Hint -save -e740 7 

33798| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_EVAL 
| UATION_EXPIRED,PSM_EVALUATION_EXPIRED,NULL,0,NULL,0); 



33799| Hint -restore 7 

33800| break; 
33801 1 } 

33802| case PSMJNSUFFICIENT_CACHE: { 

33803| Hint -save -e740 7 

33804| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_INSU 
| FFICIENT_CACHE,PSM_INSUFFICIENT_CACHE,NULL,0,NULL,0); 

33805| Hint -restore 7 

33806| break; 

33807| } 

33808| case PSM_ERROR_CACHEFILE_FULL: { 

33809| Hint -save -e740 7 

33810| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_CACHEFILE_FULL,PSM_ERROR_CACHEFILE_FULL,NULL,0,NULL,0) 

I ; 

3381 1 1 Hint -restore 7 

33812| break; 
33813| } 
33814| case 

| PSM_MAXIMUM_ALLOWED_SNAPSHOTS_REACHED : { 
33815| WCHAR ErrorStr[12]; 

33816| WCHAR *Strings[1]; 

33817| 

| swprintf(ErrorStr,L"%d",PersistentDictionary::QueryMaxNu 

| mUserSnapShots()); 
33818| Strings[0] = ErrorStr; 

33819| 

33820| Hint -save -e740 7 

33821 1 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_MAXI 

| MUM_ALLOWED_SNAPSHOTS_REACHED,PSM_MAXIMUM_ALLOWED_SNAPSH 

| OTS_REACHED,NULL,0, Strings, 1); 

33822| Hint -restore 7 

33823 1 break; 

33824| } 

33825| case PSM_ERROR_VOLUME_FULL: 

33826| case STATUS_DISK_FULL : { 

33827| Hint -save -e740 7 

33828| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 
| R_VOLUME_FULL,PSM_ERROR_VOLUME_FULL,NULL,0,NULL,0); 

33829| Hint -restore 7 

33830| break; 

33831 1 } 

33832 1 

33833| default: { 

33834| WCHAR ErrorStr[10]; 

33835| WCHAR *Strings[1]; 



33836| 



| swprintf(ErrorStr,L"%08x",Status); 
33837| Strings[0] = ErrorStr; 

33838| 

33839| Debug(DEBUG_DCPSM,("SbOpenPSM: 



| Logging error %08x\n",Status)); 
33840| /'lint -save -e740 7 

33841 1 



| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_SNAP 
| SHOT_COULD_NOT_BE_CREATED, Status,NULL,0, Strings, 1); 



33846| } 
33847| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

33848| Status = GetExceptionCode(); 

33849| Debug(DEBUG_DCPSM, ("Exception %08x in 

| SbOpenPSM\n",Status)); 
33850 1 } 
33851 1 

33852| UpdateGlobalStatus(PSM_IDLE); 
33853 1 

33854| if ( OpenCloseAcquired ) { 
33855| ReleaseOpenCloseResource(); 
33856| OpenCloseAcquired = false; 
33857| } 
33858| 

33859| return Status; 
33860 1 } 
33861 | 

33862 1 // 



33864| STATIC NTSTATUS lnitVDiskThreads() 
33865| { 

33866| NTSTATUS ntStatus; 
33867| HANDLE TempHandle=NULL; 
33868| KEVENT TempEvent={0}; 
33869 1 
33870 1 

| Reg_GetULONGKey(&gRegistryPath,L"VDisklOHandling",0x0000 
| ,&gVDisklOHandling); 
33871 1 

33872| ntStatus = lnitVDiskWriteCache( 0 ); 
33873| if ( !NT_SLJCCESS(ntStatus) ) { 
33874| Debug(DEBUG_DCPSM, ("Error %08x initing vdisk 
| write cache\n", ntStatus)); 



33842 1 
33843 1 
33844| 
33845| 



Hint -restore */ 
break; 




33875| return ntStatus; 

33876| } 

33877| 

33878| // mutex for thread functions 

33879| ExlnitializeFastMutex(&VDiskThreadMutex); 

33880| 

33881 1 //KelnitializeSemaphore ( &TdromWorkingSemaphore, 

I 1.1 ); 
33882 1 

33883| KelnitializeEvent ( &VDiskExitingEvent, 
33884| NotificationEvent, // 

| type (notification or sync) 
33885| FALSE 

| // signaled 
33886| ); 
33887| 
33888| 

33889| // init read thingys 

33890| KelnitializeSpinLock(&ReadVDiskSpinl_ock ); 

33891 1 lnitializeListHead( &ReadVDiskQueue ); 

33892| KelnitializeSemaphore ( &ReadVDiskSemaphore, 0, 

| MAXLONG ); 
33893 1 

33894| ntStatus = pmStartThread( 
33895| 

| (PKSTART_ROUTINE)ReadVDiskThread, // IN PKSTART_ROUTINE 

| StartRoutine, 
33896| (PVOID)O, 

| // IN PVOID StartContext 
33897| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
33898| ); 
33899 1 

33900| if ( NT_SUCCESS(ntStatus) ) { 

33901 1 // We dont use the handle, so get rid of it 

33902| ZwClose(TempHandle); 

33903| TempHandle = NULL; 

33904| 

33905| // init write thingys 

33906| KelnitializeSpinLock(&WriteVDiskSpinLock ); 

33907| lnitializeListHead( &WriteVDiskQueue ); 

33908| KelnitializeSemaphore ( &WriteVDiskSemaphore, 

| 0, MAXLONG ); 
33909| 

3391 0| KelnitializeEvent ( &TempEvent, 

| NotificationEvent, FALSE ); 
33911| 

33912| ntStatus = pmStartThread( 
33913| 

| (PKSTART_ROUTINE)WriteVDiskThread, // IN 



I PKSTART_ROUTINE StartRoutine, 
33914| (PVOID)&TempEvent, 

| // IN PVOID StartContext 
33915| &TempHandle 

| // OUT PHANDLE Thread Handle, 
33916| ); 
3391 7\ if ( NT_SUCCESS(ntStatus) ) { 
33918| PVOID ObjectTable[3] = { &TempEvent, 

| &VDiskExiting Event, &PSManExitingEvent}; 
33919| 

33920| // We dont use the handle, so get rid of it 

33921 1 ZwClose(TempHandle); 
33922| TempHandle=NULL; 
33923 1 ntStatus = 

| pmWaitForMultipleObjects(ObjectTable,3,NULL); 
33924| 

33925| if ( ntStatus==STATUS_WAIT_0 ) { 

33926| Debug(DEBUG_DCPSM,("Vdisk thread 

| started\n M )); 
33927| 

33928| ntStatus = pmStartThread( 

33929 | 

| (PKSTART_ROUTINE)SendWriteAfterReadThread, // IN 

| P KST A RT RO UTI N E StartRoutine, 
33930| (PVOID)O, 

| // IN PVOID StartContext 
33931 1 &TempHandle 

| // OUT PHANDLE ThreadHandle, 
33932 1 ); 
33933 | 

33934| if ( NT_SUCCESS(ntStatus) ) { 

33935| ZwClose(TempHandle); 

33936| Debug(DEBUG_DCPSM,("AII vdisk 

| threads started\n")); 
33937| } else { 

33938| Debug(DEBUG_DCPSM, ("Error %08x 

| starting WriteAfterRead Completion 

| thread\n",ntStatus)); 
33939 1 } 
33940| } else { 

33941 1 Debug(DEBUG_DCPSM, ("Exiting event 

| recieved\n")); 
33942 1 // exiting event is set 

33943| ntStatus = PSM_CANCELED_BY_USER; 

33944| // wait for event to be set before 

| continueing otherwise the thread will access 
33945| // the event and bsod 

33946| pmWaitForSingleObject(&TempEvent,NULL); 
33947| } 
33948| } 



33949| } 
33950| 

33951 1 if ( !NT_SUCCESS(ntStatus) ) { 
33952| // tell the threads that did init to exit 
33953| pmSetEvent( &VDiskExiting Event ); 
33954| DelnitVDiskWriteCacheO; 
33955| } 
33956| 

33957| return ntStatus; 
33958| } 
33959 1 

33960 1 // 

I 

I- 
33961 | 

33962| NTSTATUS lnitWorkerThreads() 
33963 1 { 

33964| ULONG ThreadCount=0; 

33965| NTSTATUS ntStatus=STATUS_SUCCESS; 

33966| 

33967| ThreadsAwake = 0; 
33968| 

33969| ThreadObjects = (PMY_THREAD) 

| MemAllocatePoolWithTag( 
33970 1 

| PagedPool, 
33971 1 

| MaxThreads * sizeof(tMY_THREAD), 
33972 1 

| THREADTAG 
33973 1 

I); 

33974| 

33975| if ( IThreadObjects ) { 

33976| Debug(DEBUG_DCPSM, ("Error! No memory for thread 
| objects\n")); 

33977| return STATUS_INSUFFICIENT_RESOURCES; 
33978| } 
33979 1 

33980 1 // clear out array 

33981 1 RtlZeroMemory( ThreadObjects, MaxThreads * 

| sizeof(tMY_THREAD) ); 
33982 1 

33983| ASSERT(GlobalThreadCount<=MaxThreads); 
33984| ASSERT(NumberOfThreads<=MaxThreads); 
33985| for ( 

| ThreadCount=0;ThreadCount<NumberOfThreads;ThreadCount++ 
l){ 

33986| HANDLE TempHandle=NULL; 
33987| 



33988| ntStatus = pmStartThread( 
33989| 

| (PKSTART_ROUTINE)SaveOriginalDataThread, // IN 

| PKSTART ROUTINE StartRoutine, 
33990| (PVOID)ThreadCount, 

| // IN PVOID StartContext 
33991 1 &TempHandle 

| // OUT PHANDLE ThreadHandle, 
33992 1 ); 
33993 | 

33994| if ( !NT_SUCCESS(ntStatus) ) { 
33995| break; 
33996| } 
33997| 

33998| ntStatus = ObReferenceObjectByHandle( 
33999| TempHandle, 

| // IN HANDLE Handle, 
34000| 

| THREADALLACCESS, // IN ACCESS_MASK Desired Access, 
34001| NULL, 

| // IN POBJECT_TYPE ObjectType, 

| /* optional 7 
34002| 

| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
34003| 

| &ThreadObjects[ThreadCount].ThreadObject, // OUT PVOID 
| *Object, 

34004| NULL 

| // OUT POBJECTJHANDLEJNFORMATION Handlelnformation 

1 /* optional 7 
34005| ); 

34006| //Debug(DEBUG_DCPSM, ("Thread %d Handle = %08x, 
| Object=%08x, 

| Status=%08x\n",ThreadCount,TempHandle,ThreadObjects[Thre 

| adCou nt] .ThreadObject, ntStatus)) ; 
34007| // Dont need the handle anymore now that we 

| have an object 
34008| ZwClose(TempHandle); 
34009| TempHandle=NULL; 
3401 0| // exit if we dont have an object 
3401 1 1 if ( !NT_SUCCESS(ntStatus) ) { 
34012| break; 
34013| } 
34014| } 
34015| 

34016| if ( !NT_SUCCESS(ntStatus) ) { 
3401 7| goto ThreadsFailed; 
34018| }else{ 

34019| HANDLE TempHandle=NULL; 



34020| 

34021 1 WriteThreadObject.ThreadObject = NULL; 
34022| // start the thread that gets passed the irp.. 
34023 1 ntStatus = pmStartThread( 
34024| 

| (PKSTART_ROUTINE)WriteDispatchThread, // IN 

| PKSTART_ROUTINE StartRoutine, 
34025| (PVOID)O, 

| // IN PVOID StartContext 
34026| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
34027| ); 
34028| 

34029| if ( NT_SUCCESS(ntStatus) ) { 
34030 1 

34031 1 ntStatus = ObReferenceObjectByHandle( 

34032 1 

| TempHandle, // IN HANDLE Handle, 

34033 1 

| THREAD_ALL_ACCESS, // IN ACCESS_MASK Desired Access, 
34034| NULL, 

| // IN POBJECT_TYPE ObjectType, 

1 /* optional 7 
34035| 

| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
34036| 

| &WriteThreadObject.ThreadObject, // OUT PVOID *Object, 
34037| NULL 

| // OUT POBJECTJHANDLEJNFORMATION Handlelnformation 

1 /* optional 7 
34038| ); 

34039| Debug(DEBUG_DCPSM,( M WriteDispatchThread 
| Handle = %08x, Object=%08x, 

| Status=%08x\n M ,TempHandle, WriteThreadObject.ThreadObject 
| , ntStatus)); 

34040| // Dont need the handle anymore now that we 

| have an object 
34041 1 ZwClose(TempHandle) ; 

34042| TempHandle=NULL; 
34043| // exit if we dont have an object 

34044| } 
34045| } 
34046| 

34047| if ( !NT_SUCCESS(ntStatus) ) { 

34048| if ( WriteThreadObject.ThreadObject ) { 

34049 1 

| ObDereferenceObject( WriteThreadObject.ThreadObject); 
34050| WriteThreadObject.ThreadObject = NULL; 

34051 1 } 



34052| ThreadsFailed: 

34053| Debug(DEBUG_DCPSM, ("Error! Unable to create 

| threads\n")); 
34054| 

34055| // close all objects to threads we created, so 

| NT can destory 
34056| // the objects, Make sure to grab resource in 

| case threads are running 
34057| 

34058| pmSetEvent( &VDiskExitingEvent ); 
34059| 

34060| pmAcquireMutex ( &WorkerThreadMutex, NULL ); 
34061 1 ASSERT(GlobalThreadCount<=MaxThreads); 
34062| ASSERT(NumberOfThreads<=MaxThreads); 
34063| for ( 

| ThreadCount=0;ThreadCount<NumberOfThreads;ThreadCount++ 
l){ 

34064| if ( 

| ThreadObjects[ThreadCount].ThreadObject ) { 
34065| 

| ObDereferenceObject(ThreadObjects[ThreadCount].ThreadObj 
I ect); 

34066| ThreadObjects[ThreadCount].ThreadObject 

| = NULL; 
34067| } 
34068| } 
34069 1 

34070| FREE_POINTER(ThreadObjects); 
34071 1 pmReleaseMutex ( &WorkerThreadMutex ); 
34072 1 } 
34073 1 

34074| return ntStatus; 

34075| } 

34076| 

34077| // 

| 

I- 
34078| 

34079| NTSTATUS SbPreDelnit() 
34080 1 { 

34081| PsmActive = 0; 
34082| 

34083| // tell the threads that did init to exit 
34084| pmSetEvent( &VDiskExitingEvent ); 
34085| pmSetEvent( &PSManExitingEvent ); 
34086| 

34087| // if any threads still running, wait for them to 
| exit first 

34088| // most likely another request came in before the 
| first 



34089| // had a chance to finish 

34090| if ( GlobalThreadCount ) { 

34091 1 LARGEJNTEGER TimeToWait={0}; 

34092 1 

34093| Debug(DEBUG_DCPSM,("SbPreDelnit: Waiting for 

| worker threads to exit before continueing\n")); 
34094| TimeToWait.QuadPart = RELATIVE(SECONDS(1)); 
34095| 

34096| // wait for threads to exit 

34097| while ( GlobalThreadCount ) { 

34098| Debug(DEBUG_DCPSM,("SbPreDelnit: Waiting; 

| GlobalThreadCount=%08x\n",GlobalThreadCount)); 
34099| KeDelayExecutionThread( 
34100| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 
| WaitMode, 

34101| FALSE, //IN 

| BOOLEAN Alertable, 
34102| STimeToWait // IN 

| PLARGEJNTEGER Interval 
34103| ); 
34104| } 
34105| 

341 06| Debug(DEBUG_DCPSM,("SbPreDelnit: Worker threads 

| have all exitedAn")); 
34107| } 
34108| 
34109| 

341 1 0| if ( PSManPSMInited ) { 
341 1 1 1 DelnitVDiskWriteCache(); 
34112| 

34113| IrpDelnitO; 
34114| 

341 15| PersistentDictionary::DeinitClass(); 
34116| 

341 1 7| PSManPSMInited = 0; 

34118| } 

34119| return 0; 

34120| } 

34121| 

34122| // 

| 

I-- 
34123| 

34124| NTSTATUS 

34125| SbPrelnit( 

34126| pOTJJSER User, 

34127| tOpenTransactionlnlnternal *Buffer, 

34128| PKEVENT AbortEvent 

34129| ) 



34130| { 

34131 1 NTSTATUS ntStatus=STATUS_SUCCESS; 
34132| ULONG SectorCount=0; 
34133| ULONG MaxSectorCount=0; 
34134| 

34135| PAG E DCOD E () ; 

34136| Debug(DEBUG_INFO,("PSM Preinit Called\n")); 
34137| 

341 38| SbGetRegistrySettings( &gRegistryPath ); 
34139| 

34140| #ifndef NOPSM 
34141| 

34142| if ( Buffer ) { 

34143| // Params are in MB, convert to number of 
| sectors 

341 44 1 SectorCount = Buffer->SizeOfCacheFileMB*2048; 

| // FIXFIXFIX short cut this is actually 
341 45| // S = MB * 1 024 *1 024 / 51 2 
341 46| MaxSectorCount = 

| Buffer->MaxSizeOfCacheFileMB*2048; 
34147| 

34148| /* 

34149| // OTM Fossil 

34150| if ( !(Buffer->lnternalFlags & 

| PSM_IFLAG_PERSISTENT) ) { 
341 51 1 // make sure the cache file is at least 1 0 

| megs big 

341 52 1 // and that the max is greater than the 

| current 

34153| if ( (SectorCount<(10*1024*1024)/512) || 

| (MaxSectorCount<SectorCount) ) { 
34154| Debug(DEBUG_DCPSM, ("Error! Invalid 

| cache file size\n")); 
34155| return STATUS_I N VAL I D_PARAM ETE R; 

34156| } 
34157| } 
34158| 7 
34159| } 
34160| 

34161 1 // if already open just say ok... 
34162| if ( PsmActive ) { 

341 63 1 Debug(DEBUG_DCPSM,("PSM already open\n")); 
34164| goto PsmOpened; 
34165| } 
34166| 

34167| // if already inited, just say ok... 
34168| if ( PSManPSM Inited ) { 

341 69 1 Debug(DEBUG_DCPSM,("PSM already inited\n")); 
34170| goto PsmOpened; 
34171| } 



34172| 

341 73 1 // if any threads still running, wait for them to 
| exit first 

341 74| // most likely another request came in before the 
| first 

341 75| // had a chance to finish 

341 76| if ( GlobalThreadCount ) { 

341 77| LARGEJNTEGER TimeToWait={0}; 

34178| 

34179| Debug(DEBUG_DCPSM,( M SbPrelnit: Waiting for 

| worker threads to exit before continueing\n")); 
34180| TimeToWait.QuadPart = RELATIVE(SECONDS(1)); 
34181| 

341 82 1 // wait for threads to exit 

341 83 1 while ( GlobalThreadCount ) { 

34184| Debug(DEBUG_DCPSM,("SbPrelnit: Waiting; 

| GlobalThreadCount=%08x\n M ,GlobalThreadCount)); 
341 85| KeDelayExecutionThread( 
34186| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 
| WaitMode, 

34187| FALSE, //IN 

| BOOLEAN Alertable, 
34188| &TimeToWait //IN 

| PLARGEJNTEGER Interval 
34189| ); 
34190| } 
34191| 

34192| Debug(DEBUG_DCPSM,("SbPrelnit: Worker threads 

| have all exitedAn")); 
34193| } 
34194| 
34195| 

34196| MaxWriteQueueDepth = 0; 
341 97| WriteQueueDepth = 0; 
341 98| LastErrorStatus = 0; 
34199| 

34200| if ( Buffer ) { 

34201 1 PSManPSMFIags = Buffer->Flags; 
34202 1 } 
34203 1 
34204| 

34205| // InitAIITrees ( PSManDriverObject ); 
34206| 

34207| KelnitializeSemaphore ( &ThreadSemaphore, 0, 

| MAXLONG ); 
34208| 

34209| KelnitializeEvent ( &WorkerThreadEvent, 

| NotificationEvent, FALSE ); 
34210| 



3421 1 1 KelnitializeEvent ( &ThreadOlnited, 

| Notification Event, FALSE ); 
34212| 

34213| // mutex for Worker thread 

34214| ExlnitializeFastMutex(&WorkerThreadMutex); 

34215| 

3421 6| // Cache threshold mutex 

34217| ExlnitializeFastMutex(&CacheThresholdMutex); 

34218| 

34219| KelnitializeSemaphore ( &WriteSemaphore, 0, MAXLONG 

I); 

34220| KelnitializeSemaphore ( &WriteAfterReadSemaphore, 

| 0, MAXLONG ); 
34221| 

34222| KelnitializeEvent ( &PSManExitingEvent, 

| Notification Event, FALSE ); 
34223| 

34224| KelnitializeSpinLock(&ThreadsWorkToDoSpinLock ); 
34225| lnitializeListHead( &Th reads Wo rkToDoQueue ); 
34226| 

34227| KelnitializeSpinLock(&WriteAfterReadSpinLock); 
34228| lnitializeListHead( &WriteAfterReadQueue ); 
34229| 

34230| KelnitializeSpinLock(&WriteSpinLock ); 
34231 1 lnitializeListHead( &WriteQueue ); 
34232| lnitializeListHead( &ProcessingQueue ); 
34233 | 

34234| lrplnit(); 
34235| 

34236| if ( Buffer ) { 

34237| ntStatus = VerifyGoodVolumeList(Buffer); 
34238| } else { 

34239| ntStatus = STATUS_SUCCESS; 
34240 1 } 

34241 1 if ( NT_SUCCESS(ntStatus) ) { 

34242| ntStatus = PersistentDictionary::lnitClass ( 

34243 1 

| PSM_NORMAL_STAGE, 
34244| 

| Buffer, 
34245| 

| AbortEvent ); 
34246| 

34247| if ( NT_SUCCESS(ntStatus) ) { 
34248| // now that we got the cache file start up 

| vdisk 

34249| ntStatus = InitWorkerThreadsQ; 

34250 1 

34251 1 if ( NT_SUCCESS( ntStatus ) ) { 

34252 1 



34253| ntStatus = lnitVDiskThreads(); 

34254| if ( NT_SUCCESS(ntStatus) ) { 

34255| // PSM is completely inited 

34256| DumpDebugPointers (); 

34257| PsmOpened: 

34258| Debug(DEBUG_INFO,("PSM Preinit 

| done\n")); 

34259| PSManPSMInited = TRUE; 

34260| return STATUS_SUCCESS; 

34261 1 } else { 

34262| Debug(DEBUG_DCPSM, ("Error %08x 

| initing vdisk threads\n",ntStatus)); 
34263 1 } 

34264| pmSetEvent( &VDiskExitingEvent ); 

34265| 

34266| DelnitVDiskWriteCache(); 
34267| } else { 

34268| Debug(DEBUG_DCPSM, ("Error! unable to 

| start worker threads\n")); 
34269 1 ntStatus = 

| STATUS_INSUFFICIENT_RESOURCES; 
34270 1 } 

34271 1 // tell the threads that did init to exit 

34272| pmSetEvent( &PSManExitingEvent ); 

34273 1 } else { 

34274| Debug(DEBUG_DCPSM, ("Error! InitClass failed 

| %08x\n",ntStatus)); 
34275| } 
34276| } else { 

34277| Debug(DEBUG_DCPSM, ("Error! VerifyGoodVolumeList 

| failed %08x\n",ntStatus)); 
34278| } 
34279 1 

34280| pmSetEvent( &PSManExitingEvent ); 
34281| lrpDelnit(); 
34282| #endif 
34283| 

34284| return ntStatus; 

34285| } 

34286| 

34287| // 

| 

I- 
34288| 

34289| void PsmOff() 
34290| { 
34291| __try{ 

34292| PDEVICE_OBJECT DevObj=NULL; 
34293| PFILTERED_EXTENSION DevExt=NULL; 
34294| 



34295| Debug(DEBUG_PROCCALL,("PsmOff called\n")); 
34296| // no need to get global resource as any writes 

| that occur before we turn it 
34297| // off will be handled when the threads are 

| told to exit. 

34298| DevObj = PSManDriverObject->DeviceObject; 
34299| while ( DevObj ) { 
34300| //if a filtered disk 

34301| if( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
34302| DevExt = GetFilteredExtension(DevObj); 

34303| if ( DevExt->PSMed ) { 

34304| // we shouldnt be called with 

| active unless something bad happened 
34305| ASS E RT( F ALS E) ; 

34306| DevExt->PSMed = 0; 

34307| DevExt->SignalRead = 0; 

34308| DevExt->SignalWrite = 0; 

34309| DevExt->OpenCount = 0; 

34310| } 
34311| }// if filtered disk 

34312| 

34313| DevObj = DevObj->NextDevice; 

34314| }//while(DevObj) 
34315| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
34316| Debug(DEBUG_DCPSM,("PsmOff: Exception 

| %08x\n",GetExceptionCode())); 
34317| } 
34318| 

34319| PsmActive = FALSE; 

34320| return; 

34321| } 

34322| 

34323| 

34324| // 

| 

I- 

34325| // clean up all sym links our dll didnt (because it 

| was killed) 
34326| 

34327| void CleanupSymLinks( ) 
34328| { 

34329| WCHAR DriveName[20] = L"\\DosDevices\\C: M ; 

34330| UNICODE_STRING UniName={0}; 

34331 1 OBJECT_ATTRIBUTES ObjAttr={0}; 

34332| HANDLE SymHandle=NULL; 

34333 1 WC H AR Sy mSpace[256]= {0} ; 

34334| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

34335| ULONG Ret=0; 



34336| UCHAR DriveLetter=0; 
34337| 

34338| PAG E D_CO D E () ; 
34339| 

34340| Debug(DEBUG_PROCCALL|DEBUG_DCPSM,("CleanupSymlinks 

| Called\n")); 
34341 | 

34342| // get rid of virtual drive letters 

34343| for ( DriveLetter=2;DriveLetter<26;DriveLetter++ ) 

|{ 
34344| 

34345| DriveName[12] = DriveLetter+65; 
34346| 

34347| RtllnitUnicodeString( &UniName, DriveName ); 
34348| 

34349 1 ObjAttr. Length 

| sizeof (ObjAttr); 
34350| ObjAttr. RootDirectory = NULL; 

34351 1 ObjAttr.Attributes 

| OBJ_CASE_INSENSITIVE; 
34352| ObjAttr.ObjectName = &UniName; 

34353| ObjAttr.SecurityDescriptor = NULL; 
34354| ObjAttr.SecurityQualityOfService = NULL; 
34355| 

34356| Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, &ObjAttr ); 
34357| if ( NT_SUCCESS(Status) ) { 
34358| WCHAR PsmDirName[35]={0}; 

34359 1 
34360 1 

| swprintf(PsmDirName,L M \\Device\\PsmDevices_%04x\V,PSM_L 
| OW_COMPATIBLE_VERSION); 
34361 1 

34362| UniName.Length = 0; 

34363| UniName.MaximumLength = 256; 

34364| UniName.Buffer = SymSpace; 

34365| Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
34366| if ( NT_SUCCESS(Status) ) { 

34367| Debug(DEBUG_DCPSM,("Symlink '%S' == 

| '%wZ'\n",DriveName,&UniName)); 
34368| 

34369 1 if ( 

| _wcsnicmp(UniName. Buffer, PsmDirName,wcslen(PsmDirName))= 
l=0){ 

34370| Debug(DEBUG_DCPSM, ("Cleaning up 

| Symlink '%wZ'\n M ,&UniName)); 
34371| //we found one! 

34372| // Free it 

34373| ZwClose(SymHandle); 



34374| SymHandle=NULL; 
34375| RtllnitUnicodeString (&UniName, 

| DriveName); 

34376| loDeleteSymbolicLink (&UniName); 

34377| continue; 
34378| } 
34379| } else { 

34380| Debug(DEBUG_DCPSM, ("Error 

| %08x\n",Status)); 
34381 1 } 
34382| 

34383| ZwClose(SymHandle); 
34384| SymHandle = NULL; 

34385| } else { 

34386| //Debug(DEBUG_DCPSM, ("Error 

| %08x\n",Status)); 
34387| } 
34388| } // for 
34389| 

34390| // TODO FIXFIXFIX !FIX!FIX!FIX Remove volumes that do 

| not have a drive letter. 
34391| 

34392| return; 
34393| } 
34394| 

34395| // 

| 

I- 

34396| // clean up all sym links our dll didnt (because it 

| was killed) 
34397| 

34398| void CleanupSymLinksForDevice( WCHAR *NTDeviceName ) 
34399| { 

34400| WCHAR DriveName[20] = L"\\DosDevices\\C:"; 

34401 1 UNICODE_STRING UniName={0}; 

34402| OBJECT_ATTRIBUTES ObjAttr={0}; 

34403| HANDLE SymHandle=NULL; 

34404| WCHAR SymSpace[256]={0}; 

34405| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

34406| ULONG Ret=0; 

34407| WCHAR 

| DriveMap[]=L"0123456789-^!#$%*)-_+[]{}'ABDEFGHIJKLMNOPQR 

| STUVWXYZ"; // C is skipped!! 
34408| WCHAR *Drivelndex=DriveMap; 
34409 1 

34410| PAG E D_CO D E () ; 
3441 1 1 

34412| Debug(DEBUG_PROCCALL|DEBUG_DCPSM,("CleanupSymlinks 

| Called\n")); 
34413| 



34414| // get rid of virtual drive letters 
34415| for ( ;*Drivelndex;Drivelndex++ ) { 
34416| 

3441 7| DriveName[1 2] = *Drivelndex; 
34418| 

34419| RtllnitUnicodeString( &UniName, DriveName ); 
34420| 

34421| ObjAttr. Length 

| sizeof (ObjAttr); 
34422| ObjAttr. RootDirectory = NULL; 

34423| ObjAttr. Attributes 

| OBJ_CASE_INSENSITIVE; 
34424| ObjAttr.ObjectName = &UniName; 

34425| ObjAttr.SecurityDescriptor = NULL; 
34426| ObjAttr.SecurityQualityOfService = NULL; 
34427| 

34428| Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, &ObjAttr ); 
34429| if ( NT_SUCCESS(Status) ) { 
34430| UniName.Length = 0; 

34431 1 UniName.MaximumLength = 256; 

34432| UniName.Buffer = SymSpace; 

34433 1 Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
34434| if ( NT_SUCCESS(Status) ) { 

34435| ULONG DidOnce=0; 

34436| 

34437| DoCheck: 

34438| Debug(DEBUG_DCPSM,("Symlink '%S' == 

| , %wZ\n M ,DriveName,&UniName)); 
34439 1 

34440 1 if ( 

| _wcsnicmp(UniName.Buffer,NTDeviceName,wcslen(NTDeviceNam 
I e))==0 ) { 

34441 1 Debug(DEBUG_DCPSM, ("Cleaning up 

| Symlink '%wZ'\n M ,&UniName)); 
34442| // we found one! 

34443| // Free it 

34444 1 ZwC lose (Sy m H and le) ; 

34445| SymHandle=NULL; 
34446| RtllnitUnicodeString (&UniName, 

| DriveName); 

34447| loDeleteSymbolicLink (&UniName); 

34448| continue; 
34449 1 } else { 

34450| // see if the link is a sym link 

34451 1 // ie, 1 : == \??\Volume{00..00} 

34452| if ( IDidOnce ) { 

34453| DidOnce=1; 

34454| if ( GetNTNameFromWin32Name( 



I UniName. Buffer, UniName. Buffer )==0 ) { 



34455| goto DoCheck; 

34456| } 
34457| } 
34458| } 
34459| } else { 

34460| Debug(DEBUG_DCPSM, ("Error 

| %08x\n",Status)); 
34461 | } 
34462 1 

34463| ZwClose(SymHandle); 
34464| SymHandle = NULL; 

34465| } else { 

34466| //Debug(DEBUG_DCPSM,("Error 

| %08x\n",Status)); 
34467| } 



34468| } // for 
34469 1 

34470| // TODO FIXFIXFIX IFIXIFIXIFIX Remove volumes that do 

| not have a drive letter. 
34471 | 

34472 1 return; 
34473 1 } 
34474| 

34475| // 

I 

I- 

34476| // Free all snapshots in system 
34477| // 

34478| void FreeSnapShotResources() 
34479 1 { 

34480| PDEVICE_OBJECT DevObj=NULL; 
34481 1 PFILTERED_EXTENSION DevExt=NULL; 
34482| pkSnapShotEntry p; 
34483 1 

34484| // start at the top 

34485| DevObj = PSManDriverObject->DeviceObject; 
34486| 

34487| while ( DevObj != NULL ) { 
34488| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
34489| DevExt = GetFilteredExtension(DevObj); 

34490 1 

34491 1 _try { 

34492 1 GetSnapShotForWrite(); 

34493 1 _try { 

34494| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
34495| while ( p ) { 

34496| 



I FreeResourcesForVolume(DevObj,p); 



34497| DoneWithSnapShot(p); 
34498| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
34499| } 

34500| } ^finally { 

34501 1 ReleaseSnapShotForWriteQ; 
34502 1 } 
34503 1 } 



| except(ExceptionFilter(GetExceptionlnformation())) { 

34504| 

| Debug(DEBUG_DCPSM,("FreeSnapShotResources: Exception 
| %08x for device %08x\n",GetExceptionCode(),DevObj)); 

34505| } 

34506| } 

34507| DevObj = DevObj->NextDevice; 
34508| } 

34509| // FIXFIXFIX Free snapshots in user structures 

| !FIX!FIX 
34510| } 
3451 1 | 

34512| // 

I 

I- 
34513| 

34514| void MarkAIISnapShotsWithError( pkSnapShotEntry 

| Snapshot, NTSTATUS Error ) 
34515| { 

34516| PDEVICE_OBJECT DevObj=NULL; 
34517| PFILTERED_EXTENSION DevExt=NULL; 
3451 8| pkSnapShotEntry p = NULL; 
34519| 

34520| // start at the top 

34521 1 DevObj = PSManDriverObject->DeviceObject; 
34522 1 

34523 1 _try { 

34524| while ( DevObj != NULL ) { 
34525| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
34526| DevExt = GetFilteredExtension(DevObj); 

34527| 

34528| if ( Snapshot ) { 

34529| // snapshot resource is should 

| already be acquired. 
34530 1 

| p=GetTopSnapShot(&DevExt->SnapShots); 
34531 1 while ( p ) { 

34532| p->MasterSnapShot->Status = 

| Error; 
34533| 



I p=GetNextSnapShot(&DevExt->SnapShots,p); 
34534| } 
34535| } else { 

34536| // snapshot resource is not 

| acquired. 

34537| GetSnapShotForRead(); 

34538| _try { 

34539| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
34540| while ( p ) { 

34541 1 p->MasterSnapShot->Status = 

| Error; 
34542 1 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
34543 1 } 

34544| } ^finally { 

34545| ReleaseSnapShotForRead(); 

34546| } 

34547| 

34548| } 
34549 1 } 

34550| DevObj = DevObj->NextDevice; 

34551 | } 
34552 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

34553| Debug(DEBUG_DCPSM,("MarkAII: Exception %08x for 

| device %08x\n",GetExceptionCode(), DevObj)); 
34554| } 
34555| } 
34556| 

34557| // 

| 

I- 
34558| 

34559| void MarkAIISnapShotsWithErrorForVolume( 
| pkSnapShotEntry Snapshot, NTSTATUS Error ) 
34560 1 { 

34561| PDEVICE_OBJECT DevObj=NULL; 
34562| PFILTERED_EXTENSION DevExt=NULL; 
34563| pkSnapShotEntry p; 
34564| 

34565| ASSERT(SnapShot); 
34566| 

34567| // start at the top 

34568| DevObj = SnapShot->DeviceObject; 

34569| 

34570| _try { 

34571 1 if ( DevObj != NULL ) { 
34572| ASSERT ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ); 



34573| 

34574| DevExt = GetFilteredExtension(DevObj); 

34575| 

34576| // snapshot resource should already be 

| acquired. 

34577| p=GetTopSnapShot(&DevExt->SnapShots); 
34578| while ( p ) { 

34579| p->MasterSnapShot->Status = Error; 

34580| 

34581 1 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
34582 1 } 
34583 1 } 
34584| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

34585| Debug(DEBUG_DCPSM,("MarkAII: Exception %08x for 

| device %08x\n",GetExceptionCode(),DevObj)); 
34586| } 
34587| } 
34588| 

34589 1 // 



34591 1 void LogClose( pkSnapShotMaster MasterSnapShot) 
34592 1 { 

34593| ULONG LogSize; 
34594| 

34595| _try { 

34596| if ( MasterSnapShot ) { 
34597| if ( MasterSnapShot->lnstance < 

| MAX_NUMBER_OF_SNAPSHOTS ) { 



34598| 


if ( gLogOpenClose ) { 


34599 1 


ULONG *DumpData; 


34600 1 


WCHAR *Strings[9]; 


34601 | 


WCHAR VolList[100]; 


34602 | 


WCHAR ID[10]; 


34603 | 


WCHAR Month[4]; 


34604| 


WCHAR Day[4]; 


34605| 


WCHAR Year[6]; 


34606| 


WCHAR Hour[4]; 


34607| 


WCHAR Minute[4]; 


34608| 


WCHAR Second[4]; 


34609 1 


TIME_FIELDS tm; 


34610| 


LARGEJNTEGER Local; 


3461 1 | 




34612| 


wcscpy(VolList,L""); 


34613| 





| MakeVolumeListString(MasterSnapShot,VolList,sizeof(VolLi 
I st)); 



34614| 

| swprintf(ID,L M %08x",MasterSnapShot); 
34615| 
34616| 

| ExSystemTimeToLocalTime(&MasterSnapShot->SnapShotTime,&L 
| ocal); 

3461 7| RtlTimeToTimeFields(&Local,&tm); 
34618| swprintf(Month,L M %02d M ,tm. Month); 

34619| swprintf(Day,L M %02d M ,tm.Day); 
34620| swprintf(Year,L"%4d",tm.Year); 
34621 1 swprintf(Hour,L"%02d",tm.Hour); 
34622| swprintf(Minute,L M %02d",tm. Minute); 

34623| swprintf(Second,L"%02d",tm. Second); 

34624| 

34625| wcscat(VolList,L M :\V); 
34626| 

34627| #define NumDumpltems 7 
34628| ULONG 

| SizeOfDumpData=NumDumpltems*sizeof(ULONG); 
34629 1 

34630| LogSize = 

| ((sizeof(IO_ERROR_LOG_MESSAGE)-sizeof(IO_ERROR_LOG_PACKE 
|T)) + 

34631 1 ERROR_LOG_MAXIMUM_SIZE) 

I- 
34632 1 

| sizeof(IO_ERROR_LOG_MESSAGE) - 



34633 1 


NumBytes(ID) - 


34634| 


NumBytes(Month) - 


34635| 


NumBytes(Day) - 


34636| 


NumBytes(Year) - 


34637| 


NumBytes(Hour) - 


34638| 


NumBytes(Minute) - 


34639 1 


NumBytes(Second) - 


34640| 


SizeOfDumpData- 



| (sizeof(WCHAR) * 8); 
34641 | 

34642| if ( NumBytes(VolList)>=LogSize ) { 

34643| // volume list is too big 

34644| wcscpy(Voll_ist,L"..."); 
34645| } 
34646| 

34647| LogSize-=NumBytes(VolList); 
34648| 

34649| if ( 

| _wcsicmp(MasterSnapShot->UserSnapShotName,L"")==0 ) { 
34650| // just leave blank 

34651 1 } else { 

34652 1 if ( 

| NumBytes(MasterSnapShot->UserSnapShotName)<LogSize ) { 



34653| 

| wcscat(VolList,MasterSnapShot->UserSnapShotName); 
34654| } else { 

34655| WCHAR 

| *p=wcsrchr(MasterSnapShot->UserSnapShotName,L'\Y); 
34656| if ( p ) { 

34657| p++; 

34658| #define DOT_SIZE (unsigned)(3*sizeof(WCHAR)) 
34659| 

34660| if ( 

| (NumBytes(p)+DOT_SIZE)<LogSize ) { 
34661 | 

| wcscat(VolList,L"..."); 
34662| wcscat(Voll_ist,p); 
34663| } else { 

34664| Trunc: 
34665| 

| wcscat(VolList,L"..."); 
34666| if ( 

| LogSize>DOT_SIZE ) { 
34667| p = 

| MasterSnapShot->UserSnapShotName + 

| NumBytes(MasterSnapShot->UserSnapShotName) - LogSize 

1 1; 

34668| 

| p+=(DOT_SIZE/sizeof(WCHAR)); 
34669| 

| wcscat(VolList,p); 
34670 1 } 
34671 | } 
34672 1 } else { 

34673| goto Trunc; 

34674| } 
34675| } 
34676| } 
34677| 

34678| #define NumStrings 8 
34679| Strings[0] = ID; 

|//2 

34680| Strings[1] = VolList; 

|//3 

34681 1 Strings[2] = Month; 

|//4 

34682| Strings[3] = Day; 

|//5 

34683| Strings[4] = Year; 

|//6 

34684| Strings[5] = Hour; 

|//7 

34685| Strings[6] = Minute; 



|//8 

34686| Strings[7] = Second; 

|//9 
34687| 

34688| DumpData = (ULONG *) 

| MemAllocatePoolWithTag(PagedPool,SizeOfDumpData,TEMPTAG) 

I ; 

34689| 

34690| if ( DumpData ) { 

34691 1 ULONG PerAt=0, PerHigh=0, 

| PerUsed=0; 
34692 1 
34693 1 // 

| PersistentDictionary::GetVolumeSpaceUsed(PerAt,PerHigh,P 
| erUsed); 
34694| 

34695| DumpData[0] = 

| (ULONG)MasterSnapShot; 
34696| DumpData[1] = PerUsed; 

34697| DumpData[2] = PerAt; 

34698| DumpData[3] = PerHigh; 

34699| 

34700| DumpData[4] = 

| MaxWriteQueueDepth; 
34701 1 DumpData[5] = LastErrorStatus; 

34702| DumpData[6] = NumberOfThreads; 

34703 1 } else { 

34704| SizeOf DumpData = 0; 

34705| } 
34706| #undef NumDumpltems 
34707| 

34708| Hint -save -e740 7 

34709 1 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_CLOS 
| ED_INFORMATION,0,DumpData,SizeOfDumpData,Strings,NumStri 

I ngs); 

34710| Hint -restore 7 

3471 1 | 

34712| if ( DumpData ) { 

34713| FREE_POINTER(DumpData); 

34714| } 

34715| } 

34716| } 

34717| } 

34718| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

34719| Debug(DEBUG_DCPSM,("LogClose: Exception 

| %08x\n",GetExceptionCode())); 
34720| } 
34721 | } 



34722| 

34723| typedef struct sCloseCallBack { 

34724| pOTJJSER User; 

34725| pkSnapShotMaster MasterSnapShot; 

34726| NTSTATUS Status; 

34727| } tCloseCallBack, *pCloseCallBack; 

34728| 

34729| void CloseCallBack( pCloseCallBack CallBack ) 
34730| { 

34731 1 CallBack->Status = 

| lnternalClosePSM(CallBack->User,CallBack->MasterSnapShot 

I); 

34732| PsTerminateSystemThread( 0 ); 

34733 1 } 

34734| 

34735| // 

| 

I- 

34736| // must be called with AcquireOpenCloseResourceQ; 
34737| NTSTATUS lnternalClosePSM( pOT_USER User, 

| tkSnapShotMaster *MasterSnapShot ) 
34738| { 

34739| ULONG ThreadCount=0; 

34740| NTSTATUS Status = STATUS_SUCCESS; 

34741 1 NTSTATUS CountStatus = STATUS_SUCCESS; 

34742| ULONG NumActiveSnapShots = 0; 

34743 1 

34744 1 PAG E D_CO D E () ; 

34745| if ( GlobalSystemProcessId != PsGetCurrentProcessQ 
l){ 

34746| // in a different process id, lets spawn off a 
| thread 

34747| // and call us back in the system process. 
| This is 

34748| // so we can access our virtual memory 
34749| HANDLE TempHandle; 
34750| tCloseCallBack CallBack; 
34751 | 

34752| CallBack.User=User; 

34753| CallBack.MasterSnapShot = MasterSnapShot; 
34754| pmStartThread( 

34755| (PKSTART_ROUTINE)CloseCallBack, 

| // IN P KST A RT_RO UTI N E StartRoutine, 
34756| (PVOI D)&CallBack, 

| // IN PVOID StartContext 
34757| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
34758| ); 

34759| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
34760| ZwClose(TempHandle); 



34761 1 return CallBack.Status; 
34762 1 } 
34763 1 

34764| ASSERT(User != NULL); 
34765| 

34766| _try { 

34767| Debug(DEBUG_DCPSM,("lnternalClosePSM: 
| User=%08x, 

| MasterSnapShot=%08x\n",User,MasterSnapShot)); 
34768| 

34769| #ifdef DEBUG 
34770 1 if ( 

| pmExamineSemaphore(&PSMOpenCloseSemaphore)>0 ) { 
34771 1 // event not acquired! 

34772| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| OpenClose resource not acquired!\n")); 
34773| DbgBreakPoint(); 
34774| } 
34775| #endif 
34776| 

34777| if(!MasterSnapShot) { 

34778| if ( User ) { 

34779 1 if ( User->Open ) { 

34780| // remove last snapshot since they 

| didnt specify 
34781 1 PLIST_ENTRY ListEntry = 

| User->SnapShots.Flink; 
34782| if ( ListEntry!=&User->SnapShots ) 

|{ 

34783| Hint -save -e41 3 7 

34784| pkSnapShotEntry p = 

| CONTAINING_RECORD( ListEntry, tkSnapShotEntry, User); 
34785| Hint -restore 7 

34786| 

| MasterSnapShot=p->MasterSnapShot; 
34787| 

| Debug(DEBUG_INFO,("lnternalClosePSM: MasterSnapShot is 

| null, using %08x\n", MasterSnapShot)); 
34788| } else { 

34789| ASSERT(FALSE); 
34790 1 } 
34791 1 } else { 

34792 1 

| Debug(DEBUG_INFO,("lnternalClosePSM: MasterSnapShot is 

| null, but User->Open is zeroAn")); 
34793 1 } 
34794| } else { 

34795| Debug(DEBUG_INFO,("lnternalClosePSM: 

| MasterSnapShot is null, but User is null tooAn")); 
34796| } 



34797| } 
34798| 

34799| //ASSERT(MasterSnapShot); 
34800| 

34801 1 if ( GlobalData->NumActive>0 ) { 
34802 1 I nterlocked Decrements P LON G) 

| &GlobalData->NumActive); 
34803| Debug(DEBUG_DCPSM,( M lnternalClosePSM: 

| Decremented Num Active to 

| %08x\n'\GlobalData->NumActive)); 
34804| } else { 

34805| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| NumActive == 0!\n")); 
34806| } 
34807| 

34808| if ( User ) { 

34809 1 if ( User->Open ) { 

3481 0| lnterlockedDecrement((PLONG) 

| &L)ser->Open); 
3481 1 1 } else { 

34812| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| User doesnt have us open!\n")); 
34813| // can happen if open failed 

| (sbopenpsm) 
34814| } 
34815| 

3481 6| if ( User->ErrorEvent ) { 

3481 7| // dont need this any more. 

3481 8| ObDereferenceObject(User->ErrorEvent); 

34819| User->ErrorEvent = NULL; 

34820| } 

34821| 

34822| if ( User->Open ) { 

34823| // still has active opens. 

34824| Debug(DEBUG_INFO,("lnternalClosePSM: 

| User still has active opens %08x\n",User->Open)); 
34825| // get rid of this snapshot 

34826| RemoveUserLinks(MasterSnapShot); 
34827| LogClose(MasterSnapShot); 
34828| GetSnapShotForWrite(); 
34829| __try { 

34830| 

| GetRidOf Specif icSnapShotForUser(User,MasterSnapShot); 
34831| 

| ASSERT(lsListEmpty(&MasterSnapShot->SnapShots)); 



34832| } finally { 

34833| ReleaseSnapShotForWrite(); 

34834| } 

34835| VDiskUnMaplnDrives(MasterSnapShot); 

34836| FREE_POINTER(MasterSnapShot); 



34837| // ASSERT(User->NumOpenSnapShots>0); 

34838| try_return(Status = STATUS_SUCCESS); 

34839| } 
34840| 

34841 1 // delete the drives 

34842 1 if ( MasterSnapShot ) { 

34843| RemoveUserLinks(MasterSnapShot); 

34844| LogClose(MasterSnapShot); 

34845| Debug(DEBUG_DCPSM,("lnternalClosePSM: 



| Freeing all volumes for user %08x Snapshot 
| %08x!\n",User,MasterSnapShot)); 
34846| 

| FreeVolumesForUser(User,MasterSnapShot); 
34847| 

34848| VDiskUnMaplnDrives(MasterSnapShot); 
34849| // incase they didnt call 

| CloseExclusive 
34850 1 

| Del nitForExclusive(User, MasterSnapShot); 
34851 1 FREE_POINTER(MasterSnapShot); 
34852 1 } 
34853 1 

34854| ASSERT(User->NumOpenSnapShots==0); 
34855| User->NumOpenSnapShots = 0; 

34856| } else { 

34857| // no user specified, just try and clean up 

34858| Debug(DEBUG_DCPSM,( M lnternalClosePSM: No 

| user specif ied\n")); 
34859 1 } 
34860 1 

34861 1 // only close if all people are gone. 

34862| if ( GlobalData->NumActive>0 ) { 

34863| Debug(DEBUG_INFO,( M lnternalClosePSM: Still 

| active psm users\n")); 
34864| try_return(Status = STATUS_SUCCESS); 

34865| } 
34866| 

34867| // At this point NO more users are using Psm. 
34868| // lets deinit and free resources 
34869 1 

34870| #ifdef DEBUG 
34871 1 DumpAIIDisksO; 
34872| #endif 
34873 1 
34874| #if 1 

34875| // TESTTEST 

34876| Debug(DEBUG_DCPSM,("lnternalClosePSM: No users 

| left, removing volumes!\n")); 
34877| // disable drives before turning off psm. 
34878| VDiskUnMaplnAIIDrivesO; 



34879| 

34880| PsmOff(); 
34881 | 

34882| if ( IPSManPSMInited ) { 

34883| Debug(DEBUG_DCPSM,("lnternalClosePsm: Psm 

| not initialized, nothing to cleanup!\n")); 
34884| try_return(Status=STATUS_SUCCESS); 
34885| } 
34886| 

34887| PSManPSMInited = FALSE; 
34888| 

34889 1 Debug(DEBUG_INFO,("PSM Statistics An")); 
34890 1 { 

34891 1 ULONG PerAt=0, PerHigh=0, PerUsed=0; 

34892 1 

34893 1 // 

| PersistentDictionary: :GetVolumeSpaceUsed( PerAt, PerHigh, P 

| erUsed); 
34894| 

34895| Debug(DEBUG_INFO,(" Cache File Size = 

| %d/%d (%d)\n",PerUsed,PerAt,PerHigh)); 
34896| } 

34897| Debug(DEBUG_INFO,(" Max Depth Queue = 

| %d\n",MaxWriteQueueDepth)); 
34898| Debug(DEBUG_INFO,(" Last Error = 

| %08x\n",LastErrorStatus)); 
34899 1 

34900| // free any snapshots that may still be hanging 
| around 

34901| FreeSnapShotResources(); 
34902| 

34903| // wait for system to quiesce 
34904| while ( OutstandingRequests ) { 
34905| LARGE INTEGER TimeToWait={0}; 

34906| 

34907| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| Waiting for ssystem to quiesce\n")); 
34908| TimeToWait.QuadPart = RELATIVE(SECONDS(1 )); 

34909 1 

34910| while ( OutstandingRequests ) { 

3491 1 1 KeDelayExecutionThread( 

| (KPROCESSOR_MODE)KernelMode, FALSE, STimeToWait ); 
34912| } 
34913| } 
34914| 

3491 5| // have tdrom threads exit. 

34916| pmSetEvent( &VDiskExitingEvent ); 

34917| 

3491 8| // tell worker threads to exit 

34919| pmSetEvent( &PSManExitingEvent ); 



34920| 

34921 1 #ifndef NOPSM 
34922 1 

34923| // if any threads to cleanup after... 

34924| if ( GlobalThreadCount ) { 

34925| LARGEJNTEGER TimeToWait={0}; 

34926| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| Waiting for worker threads to exit\n")); 
34927| TimeToWait.QuadPart = RELATIVE(SECONDS(1)); 

34928| 

34929| // wait for threads to exit 

34930| while ( GlobalThreadCount ) { 

34931 1 KeDelayExecutionThread( 
34932 | 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 

| WaitMode, 
34933| FALSE, 

| // IN BOOLEAN Alertable, 
34934| &TimeToWait // 

| IN PLARGEJNTEGER Interval 
34935| ); 
34936| } 
34937| } 
34938| 

34939| if ( VDiskNumberOfThreads ) { 
34940| LARGEJNTEGER TimeToWait={0}; 

34941 1 

34942| Debug(DEBUG_DCPSM,( M lnternalClosePSM: 

| Waiting for vdisk threads to exit\n")); 
34943| TimeToWait.QuadPart = RELATIVE(SECONDS(1)); 

34944| 

34945| // wait for threads to exit 

34946| while ( VDiskNumberOfThreads ) { 

34947| KeDelayExecutionThread( 
34948| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 

| WaitMode, 
34949| FALSE, 

| // IN BOOLEAN Alertable, 
34950 1 &TimeToWait // 

| IN PLARGEJNTEGER Interval 
34951| ); 
34952| } 
34953| } 
34954| 

34955| // free any reads to the volume that may have 
| occured 

34956| while ( !lsListEmpty(&ReadVDiskQueue) ) { 
34957| PLIST_ENTRY ListEntry=NULL; 

34958| tReadRequest *ReadRequest=NULL; 



34959| PIRP lrp=NULL; 

34960| KIRQL oldlrql; 

34961 1 

34962| Debug(DEBUG_DCPSM,( M Cleaning up read on 

| vdiskqueue\n")); 
34963| ListEntry = ExInterlockedRemoveHeadList ( 

34964| 

| &ReadVDiskQueue, // List Head 
34965| 

| &ReadVDiskSpinLock // Lock 
34966| ); 
34967| Hint -save -e41 3 7 

34968| ReadRequest = CONTAIN ING_RECORD( ListEntry, 

| tReadRequest, ListEntry ); 
34969| Hint -restore 7 

34970 1 

34971| Irp = ReadRequest->lrp; 

34972| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 

34973| 

| RemoveEntryList(&(ReadRequest->ProcessingEntry)); 
34974| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 
34975| FREEPOINTER(ReadRequest); 
34976| 

34977| lrp->loStatus.Status = 

| STATUS_NO_MEDIA_IN_DEVICE; 
34978| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

34979| } 
34980| 

34981 1 // free any writes to the volume 

34982| while ( !lsListEmpty(&WriteVDiskQueue) ) { 

34983| PLIST_ENTRY ListEntry; 

34984| tWriteRequest *WriteRequest; 

34985| KIRQL oldlrql; 

34986| PIRP Irp; 

34987| 

34988| Debug(DEBUG_DCPSM,("Cleaning up write on 

| vdiskqueue\n")); 
34989| ListEntry = ExInterlockedRemoveHeadList ( 

34990 1 

| &WriteVDiskQueue, // List Head 
34991| 

| &WriteVDiskSpinLock // Lock 



34992| ); 

34993| /*lint-save-e413 7 

34994| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 

34995| Hint -restore 7 
34996| 

34997| Irp = WriteRequest->lrp; 

34998| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 



34999| 

| RemoveEntryList(&(WriteRequest->ProcessingEntry)); 
35000 1 pm ReleaseSpi nl_ock(& WriteSpinl_ock,old I rql) ; 

35001 1 FREE_POINTER(WriteRequest); 
35002 1 

35003| lrp->loStatus.Status = 

| STATUS_NO_MEDIA_IN_DEVICE; 
35004| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

35005| } 
35006| 

35007| DelnitVDiskWriteCache(); 
35008| 

35009| // if anything on the queue, empty it, as no 

| threads are running to do it 
35010| while ( !lsListEmpty(&ThreadsWorkToDoQueue) ) { 
3501 1 1 PIRP Nlrp = SbGetWorkltem(); 

35012| 

35013| if (Nlrp) { 

35014| Debug(DEBUG_DCPSM,("lnternalClosePSM: 

| Cleaning up write on threads queue\n")); 
35015| 

35016| __try{ 

3501 7| PIO_STACK_LOCATION CurrentStackLoc 

| = loGetCurrentlrpStackl_ocation( Nlrp ); 
35018| 
35019| 

35020| // free buffer that we allocated 

35021| Hint -save -e61 3 7 

35022 1 

| FREE_POINTER((PVOID)(CurrentStackLoc->Parameters.Others. 

| Argumentl)); 
35023| Hint -restore 7 

35024| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35025| Status = GetExceptionCode(); 

35026| Debug(DEBUG_INFO, ("Exception %08x 

| trying to free pointer\n", Status)); 
35027| } 
35028| 

35029| //free irp we allocated 

35030| IrpFreelrp(Nlrp); 
35031| } 
35032| } 
35033| 

35034| // complete writes that may have been sent to 

| our writer thread 
35035| if ( !lsListEmpty(&WriteQueue) ) { 
35036| Debug(DEBUG_DCPSM,("lntemalClosePSM: 

| Cleaning up writes on write queue\n")); 
35037| SbCompleteWritesOnQueueQ; 



35038| } 
35039| 

35040| if ( WriteThreadObject.ThreadObject ) { 
35041 1 

| ObDereferenceObject(WriteThreadObject.ThreadObject) ; 
35042| WriteThreadObject.ThreadObject = NULL; 

35043 1 } 

35044| if ( ThreadObjects ) { 

35045| // close all objects to threads we created, 

| so NT can destory 
35046| // the objects 

35047| ASSERT(GlobalThreadCount<=MaxThreads); 
35048| ASSERT(NumberOfThreads<=MaxThreads); 
35049| for ( 

| ThreadCount=0;ThreadCount<NumberOfThreads;ThreadCount++ 

l){ 

35050 1 if ( 

| ThreadObjects[ThreadCount].ThreadObject ) { 
35051 1 

| ObDereferenceObject(ThreadObjects[ThreadCount].ThreadObj 
I ect); 
35052 1 

| ThreadObjects[ThreadCount].ThreadObject = NULL; 
35053 1 } 
35054| } 
35055| 

35056| FREE_POINTER( ThreadObjects ); 

35057| } 

35058| 

35059| PersistentDictionary::DeinitClass(); 
35060 1 

35061 1 PSManPSMFIags = 0; 
35062 1 

35063| #if TRACK CONTENTIONS 
35064| pmDumpStatistics(); 
35065| #endif 
35066| 

35067| lrpDelnit(); 

35068| CleanupSymLinks(); 

35069| #endif 

35070 1 

35071 1 #if 1 

35072| Debug(DEBUG_DCPSM,("lnternalClosePSM: Zeroing 

| out structures used during PSM\n")); 
35073| // Clean out stuff so if we access them again, 

| we will fault. 
35074| // 

| RtlZeroMemory(&VDiskExitingEvent,sizeof(VDiskExitingEven 
It)); 
35075| 



I RtlZeroMemory(&ReadVDiskSpinLock,sizeof(ReadVDiskSpinLoc 
|k)); 
35076| 

| RtlZeroMemory(&ReadVDiskQueue,sizeof(ReadVDiskQueue)); 
35077| 

| RtlZeroMemory(&ReadVDiskSemaphore,sizeof(ReadVDiskSemaph 
I ore)); 
35078| 

| RtlZeroMemory(&WriteVDiskSpinLock,sizeof(WriteVDiskSpinL 
I ock)); 
35079| 

| RtlZeroMemory(&WriteVDiskQueue,sizeof(WriteVDiskQueue)); 
35080| 

| RtlZeroMemory(&WriteVDiskSemaphore,sizeof(WriteVDiskSema 
I phore)); 
35081 1 

| RtlZeroMemory(&ThreadSemaphore,sizeof(ThreadSemaphore)); 
35082 1 

| RtlZeroMemory(&WorkerThreadEvent,sizeof(WorkerThreadEven 
It)); 
35083 1 

| RtlZeroMemory(&ThreadOlnited,sizeof(ThreadOlnited)); 
35084| 

| RtlZeroMemory(&WorkerThreadMutex,sizeof(WorkerThreadMute 

|x)); 
35085| 

| RtlZeroMemory(&CacheThresholdMutex,sizeof(CacheThreshold 
| Mutex)); 
35086| 

| RtlZeroMemory(&WriteSemaphore,sizeof(WriteSemaphore)); 
35087| 

| RtlZeroMemory(&WriteAfterReadSemaphore,sizeof(WriteAfter 
| ReadSemaphore)); 
35088| // 

| RtlZeroMemory(&PSManExitingEvent,sizeof(PSManExitingEven 
It)); 
35089| 

| RtlZeroMemory(&ThreadsWorkToDoSpinLock,sizeof(ThreadsWor 
| kToDoSpinLock)); 
35090| 

| RtlZeroMemory(&ThreadsWorkToDoQueue,sizeof(ThreadsWorkTo 
| DoQueue)); 
35091| 

| RtlZeroMemory(&WriteAfterReadSpinLock,sizeof(WriteAfterR 
| eadSpinLock)); 
35092| 

| RtlZeroMemory(&WriteAfterReadQueue,sizeof(WriteAfterRead 
| Queue)); 
35093| 

| RtlZeroMemory(&WriteSpinLock,sizeof(WriteSpinLock)); 



35094| RtlZeroMemory(&WriteQueue,sizeof(WriteQueue)); 
35095| 

| RtlZeroMemory(&ProcessingQueue,sizeof(ProcessingQueue)); 
35096| #endif 
35097| 

35098| #endif 

35099| try_exit: NOTHING; 
35100| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

351 01 1 Status = GetExceptionCode(); 

351 02| Debug(DEBUG_INFO,(" Exception %08x in 

| lnternalClosePSM\n",Status)); 
35103| } 
35104| 

351 05| MemTrackPrintStats( "ClosePSM" ); 

35106| MemShowUsage(); 

35107| return Status; 

35108| } 

35109| 

35110| // 

| 

I- 
351 1 1 1 

35112| NTSTATUS ValidateKernelSnapShotPointer ( PVOID 

| Kernel Pointer ) 
35113| { 

351 1 4| NTSTATUS status = STATUS_SUCCESS; 
35115| 

351 1 6| Debug(DEBUG_DCPSM, ("Entering 

| ValidateKernelSnapShotPointer(%p)\n",KernelPointer)); 
35117| 

351 1 8| tPSM_GetPersistentSnapShotsOut *list = 
35119| (tPSM_GetPersistentSnapShotsOut 

| *)MemAllocatePoolWithTag ( 
35120| 

| Paged Poo I, 
35121| 

| sizeof(tPSM_GetPersistentSnapShotsOut), 
35122| 

| TEMPTAG ); 
35123| 

35124| if ( list ) { 

35125| status = SbGetPersistentSnapShots (list); 
35126| if ( NT_SUCCESS(status) ) { 
351 27| BOOLEAN foundit = FALSE; 

351 28| for ( int i=0; i<MAX_NUMBER_OF_SNAPSHOTS && 

| list->KernelPointers[i]; ++i ) { 
351 29| if ( KernelPointer == 

| list->KernelPointers[i] ) { 
35130| foundit = TRUE; 



35131| 

| Debug(DEBUG_DCPSM,("ValidateKernelSnapShotPointer: 

| found at list[%d]\n",i)); 
35132| break; 
35133| } 
35134| } 
35135| 

35136| if ( Ifoundit ) { 

35137| status = STATUSJNVALIDJHANDLE; 

35138| 

| Debug(DEBUG_DCPSM,("ValidateKernelSnapShotPointer: did 
| not find %p in list\n",KernelPointer)); 
35139| }else{ 

351 40| // check to make sure it is a valid 

| handle 
35141| _try{ 
35142| if( 

| MmlsAddressValid(KernelPointer) ) { 
35143| ULONG Test = 

| ((pkSnapShotMaster)KernelPointer)->lnstance; 
35144| }else{ 

35145| status = STATUSJNVALIDJHANDLE; 

35146| } 
35147| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35148| 

| Debug(DEBUGJDCPSM,("ValidateKernelSnapShotPointer: 
| Exception %08x for Snapshot pointer %08x is not 
| valid\n",GetExceptionCode(),KernelPointer)); 

35149| status = STATUSJNVALIDJHANDLE; 

35150| } 

35151| } 

35152| } 

35153| FREE_POINTER(list); 
35154| }else{ 

35155| Debug(DEBUGJNFO,("Cannot allocate snapshot 

| list in ValidateKernelSnapShotPointer\n")); 
351 56| status = STATUSJNSUFFICIENTJHESOURCES; 
35157| } 
35158| 

35159| return status; 

35160| } 

35161| 

35162| // 



I- 
35163| 

35164| NTSTATUS 

35165| SbClosePSM( tClosePSMInternal *Buffer ) 
35166| { 



35167| pOTJJSER User=NULL; 
35168| NTSTATUS Status=0; 
35169| 

35170| PAGED_CODE(); 
35171| 

35172| Debug(DEBUG_INFO,("PSM Close Called %08x 

| %08x\n",PsGetCurrentProcess() , PsGetCurrentThread())); 
35173| 

351 74| Status = ValidateKernelSnapShotPointer ( 

| Buffer->KernelSnapShotPointer ); 
35175| 

35176| if ( Status ){ 
35177| return Status; 
35178| } 
35179| 

35180| User = 

| FindPSMUserBySnapShot((pkSnapShotMaster)Buffer->KernelSn 

| apShotPointer); 
35181| if(!User){ 
35182| Hint -save -e740 7 

35183| User = FindPSMUser( PsGetCurrentProcess(), 

| PsGetCurrentThread() ); 
35184| Hint -restore 7 
35185| if(!User){ 

35186| Debug(DEBUG_DCPSM,("PSM can not find 

| user!!!! failing close %08x, 

| %08x\n",PsGetCurrentProcess(), PsGetCurrentThread())); 
35187| return STATUS_INVALID_HANDLE; 

35188| } 
35189| } 
35190| 

35191| if ( !User->Open ) { 

35192| Debug(DEBUG_DCPSM,("SbClosePsm: User does not 

| have psm open!")); 
35193| return STATUS_I N VALI D_H AN DLE ; 
35194| } 
35195| 

351 96| UpdateGlobalStatus(PSM_DESTROYING_SNAPSHOT); 

35197| 

35198| if( 

| AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0 ) { 
35199| _try{ 

35200| if ( !Buffer->KernelSnapShotPointer ) { 

35201 1 // must be old client! so dec num users 

35202| ASSERT(GlobalData->NumActive); 
35203| lnterlockedDecrement((PLONG) 

| &GlobalData->Num Active); 
35204 1 I nte rlocked Decrement ( P LO NG) 

| &User->Open); 
35205| 



35206| Debug(DEBUG_DCPSM,("SbClosePSM: 

| Decremented NumActive to %08x 

| open=%08x\n",GlobalData->NumActive,User->Open)); 
35207| } 
35208| 

| lnternalClosePSM(User,(pkSnapShotMaster)Buffer->KernelSn 

| apShotPointer); 

35209| } ^finally { 

3521 0| ReleaseOpenCloseResource(); 
3521 1 | } 
35212| }else{ 

35213| Status = PSM_CANCELED_BY_USER; 

35214| } 

35215| 

3521 6| UpdateGlobalStatus(PSMJDLE); 
35217| 

35218| Debug(DEBUG_INFO,("SbClosePSM returning 

| %08x\n",Status)); 
35219| //Debug (DEBUG_PROCCALL,("PSManDeviceControlObject 

| Done\n")) ; 
35220| return Status; 
35221 | } 
35222 1 

35223 1 // 

| 

I- 
35224| 

35225| NTSTATUS SblnternalRevertBuffer ( 
35226| PDEVICE_OBJECT 

| DeviceObject, 
35227| PVDISK_EXTENSION 

| VDiskExt, 

35228| ULARGEJNTEGER 
| Sector, 

35229 1 ULONG 
| Count, 

35230 1 ULONG 

| r Delete*/, 
35231 1 char 

| "Buffer, 

35232 1 ULONG 

| *SectorsChanged ) 
35233 1 { 

35234| ULONG CountDid=0; 

35235| ULARGEJNTEGER DS; 

35236| DS.QuadPart = (unsigned int64)Count * 

| VDiskExt->BPS; 
35237| // Debug(DEBUG_DICT,("Reverting %08x:%08x for 

| %08x\n",VDiskExt->SnapShot->Dictionary,Sector,Count)); 
35238| ASSERT(SectorsChanged != NULL); 



35239| *SectorsChanged = 0; 
35240| 

35241 1 NTSTATUS Status = 

| VDiskExt->SnapShot->Dictionary->searchMultiple ( 

35242| GetFilteredExtension(VDiskExt->PSMDevice), 

35243 1 Sector, 

35244| Count, 

35245| CountDid, 

35246| NULL, 

35247| DS, 

35248| Buffer, 

35249| gVDiskDoVirtuallO ? DICT_FLAG_VIRTUAL_IO : 0); 
35250 1 

35251 1 if ( Status==STATUS_NOT_FOUND ) { 

35252| Status = STATUS_SUCCESS; 

35253| *SectorsChanged = 0; 

35254| } else 

35255| if ( Status==STATUS_SUCCESS ) { 

35256| *SectorsChanged = CountDid; 

35257| } 

35258 1 return Status; 
35259 1 } 
35260 1 

35261 1 // 

| 



35263| NTSTATUS FreeResourcesForVolume ( 
35264 1 P D E V I C E_OB J ECT 

| DeviceBeingPSMed, 
35265| pkSnapShotEntry 

| Snapshot ) 
35266| { 

35267| PFILTERED EXTENSION DevExt = 
| GetFilteredExtension(DeviceBeingPSMed); 
35268| pkSnapShotMaster Master = NULL; 
35269 1 

35270| Debug(DEBUG_PROCCALL, ("FreeResourcesForVolume 

| called\n")); 
35271 1 #ifdef DEBUG 

35272| if ( NsSnapShotAcquiredForWriteO ) { 

35273| Debug(DEBUG_DCPSM, ("FreeResourcesForVolume: 

| Snapshot resource not acquired !\n")); 
35274| DbgBreakPoint(); 
35275| } 
35276| #endif 
35277| 

35278| // get snapshot to use 
35279| if ( ISnapShot ) { 

35280| Snapshot = GetTopSnapShot(&DevExt->SnapShots); 



35281 1 if ( !SnapShot ) { 

35282| Debug(DEBUG_DCPSM,( M Volume not 

| snapshot\n")); 
35283| return STATUS_NO_SUCH_DEVICE; 

35284| } 

35285| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: No 

| snapshap passed in, using %08x\n M , Snapshot)); 
35286| DoneWithSnapShot(SnapShot) ; 
35287| } 
35288| #if 1 
35289|//TESTTEST 
35290 1 
35291| /* 

35292| Question: Should we move most of this to 

| DoneWithSnapShot since most of this 
35293| is related to cleaning 

| up after a snapshot when it is finished being used. 
35294| We could do the same 

| thing since it is "reference" counted. 
35295| 7 
35296| 

35297| Master = SnapShot->MasterSnapShot; 

35298| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: 

| SnapShot=%08x, master=%08x, Count=%08x, 

| mc=%08x\n",SnapShot,Master,SnapShot->Count,Master->Count 

I)); 

35299| 

35300| SnapShot->Deleted = TRUE; 
35301| 

35302| RemoveEntryl_ist(&SnapShot->DevExt); 
35303| lnitializeListHead(&SnapShot->DevExt); 
35304| RemoveEntryList(&SnapShot->Master); 
35305| lnitializeListHead(&SnapShot->Master); 
35306| 

35307| lnterlockedDecrement((PLONG) &Master->Count); 
35308| 

35309| // this happens when mapping in hasnt run yet. 
3531 0| if(SnapShot->Count==0) { 

3531 1 1 // bump up the reference count and decrement it 
| again 

3531 2 1 // so the lower level code notices the count 
| went to 0 

3531 3| // and cleans up this snapshot 

35314| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: 
| Deleting snapshots as mapping in hasnt occurred 
I yetAn")); 

35315| UseSnapShot(SnapShot); 
3531 6| DoneWithSnapShot(SnapShot); 
35317| } 
35318| 



35319| if ( DevExt->PSMed ) { 

35320| lnterlockedDecrement((PLONG) &DevExt->PSMed); 
35321| }else{ 

35322| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: 

| Error volume not referenced (psmed)!\n")); 
35323| } 

35324| if ( DevExt->OpenCount ) { 
35325| lnterlockedDecrement((PLONG) 

| &DevExt->OpenCount); 
35326| } else { 

35327| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: 

| Error volume not referenced !\n")); 
35328| } 
35329| 

35330| #ifdef DEBUG 

35331 1 if ( lsListEmpty(&DevExt->SnapShots) ) { 

35332| Debug(DEBUG_DCPSM,("FreeResourcesForVolume: 

| Volume %08x has no more 

| snapshots !\n", DeviceBeingPSMed)) ; 
35333 1 } 
35334| 

35335| #endif 
35336| #endif 

35337| return STATUS_SUCCESS; 
35338| } 
35339| 
35340 1 

35341 1 // 

| 



35343| NTSTATUS SbFreeVolume( pPSM_FreeVolume Volume ) 
35344| { 

35345| NTSTATUS Status=STATUS_SUCCESS; 
35346| PDEVICE_OBJECT DevObj=NULL; 
35347| PVDISK_EXTENSION DevExt=NULL; 
35348| pOT_USER User=NULL; 
35349| pkSnapShotEntry SavedSnapShot=NULL; 
35350 1 

35351 1 Debug(DEBUG_PROCCALL,("SbFree Volume called\n")); 
35352| if ( AcquireOpenCloseResource()==STATUS_WAIT_0 ) { 

35353 1 ^try { 

35354| Hint -save -e740 7 

35355| User = FindPSMUser( PsGetCurrentProcess(), 

| PsGetCurrentThread() ); 
35356| Hint -restore 7 

35357| if ( !User ) { 

35358| Debug(DEBUG_DCPSM,("SbFreeVolume: PSM 

| can not find user!!!! failing close %08x, 
| %08x\n",PsGetCurrentProcess(), PsGetCurrentThread())); 



35359| return STATUSJNVALIDJHANDLE; 

35360| } 
35361 1 

35362| if ( !User->Open ) { 

35363| Debug(DEBUG_DCPSM,("SbFreeVolume: User 

| does not have psm open!")); 
35364| return STATUSJNVALIDJHANDLE; 

35365| } 
35366| 

35367| DevObj = GetObjectFromVDiskName( 

| Volume->VolumeName ); 
35368| if ( DevObj ) { 

35369| DevExt = GetVDiskExtension(DevObj); 

35370 1 

35371 1 // look for right snapshot on this 

| device 
35372 1 _try { 

35373 1 GetSnapShotForWrite(); 
35374| SavedSnapShot=NULL; 
35375| _try { 

35376| // we save this pointer as when 

| FreePSMVolume is done DevExt->SnapShot will be NULL 

35377| SavedSnapShot = 

| DevExt->SnapShot; 

35378| UseSnapShot(SavedSnapShot); 

35379 1 

| Debug(DEBUG_DCPSM,("SbFreeVolume: Freeing %08x %08x, 
| '%S'\n",User, 

| Volume->KernelSnapShotPointer,Volume->VolumeName)); 
35380 1 

| FreePSMVolume(User,DevExt->PSMDevice,SavedSnapShot); 
35381| }_finally { 

35382| if ( SavedSnapShot ) { 

35383| 

| DoneWithSnapShot(SavedSnapShot); 
35384| } 

35385| ReleaseSnapShotForWriteO; 
35386| } 
35387| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35388| Debug(DEBUG_DCPSM,("SbFreeVolume: 

| Exception %08x for device 

| %08x\n",GetExceptionCode(), DevObj)); 
35389| } 
35390| } else { 

35391 1 Debug(DEBUG_DCPSM,("SbFreeVolume: 

| Unable to find object for '%S'\n",Volume->VolumeName)); 
35392 1 } 

35393| } ^finally { 

35394| ReleaseOpenCloseResource(); 



35395| } 
35396| } else { 

35397| Status = PSM_CANCELED_BY_USER; 

35398| } 

35399| 

35400| return Status; 
35401 1 } 
35402 1 

35403| // 



35405| NTSTATUS SbFreeRanges( pPSM_FreeRanges Ranges ) 
35406| { 

35407| PDEVICE_OBJECT DevObj=NULL; 

35408| PVDISK_EXTENSION DevExt=NULL; 

35409| ULONG Count; 

35410| ULONG i,j; 

3541 1 1 ULARGEJNTEGER UL; 

35412| pkSnapShotMaster 

| Master=(pkSnapShotMaster)(Ranges->KernelSnapShotPointer) 

I ; 

35413| NTSTATUS Err = ValidateKernelSnapShotPointer 

| (Master); 
35414| 

3541 5| if ( NT_SUCCESS(Err) ) { 

35416| // Debug(DEBUG_PROCCALL,("SbFreeRanges 

| called %08x\n", Ranges)); 
35417| 

35418| if ( (Master->ExclusiveProcess!=0) && 
35419| 

| (Master->ExclusiveProcess!=PsGetCurrentProcess()) ) { 
35420| Debug(DEBUG_DCPSM,("SbOpenPsm: Someone else 

| (%08x) already has exclusive 

| access!", Master->ExclusiveProcess)); 
35421 1 return PSM_ERROR_LOCKED_EXCLUSIVE; 

35422 1 } 

35423| if ( Master->ExclusiveProcess==0 ) { 

35424| Debug(DEBUG_DCPSM,("Need exclusive!")); 

35425| return PSM_ERROR_EX_LOCK_NEEDED; 

35426| } 

35427| 

35428| DevObj = 

| GetObjectFromVDiskName(Ranges->VolumeName); 
35429 1 if ( DevObj ) { 

35430| DevExt = GetVDiskExtension(DevObj); 

35431 | 

35432 1 _try { 

35433| for ( i=0;i<Ranges->NumberOfRanges;i++ 

l){ 



35434| 
35435| 

| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
35436| 

35437| Count = Ranges->Rangel_ist[i]. Count; 

35438| 

35439| GetSnapShotForRead(); 
35440| _try { 

35441 1 if ( DevExt->SnapShot ) { 

35442 1 

| UseSnapShot(DevExt->SnapShot); 
35443 1 

35444| _try { 

35445| for ( j=0;j<Count;j++ ) 

|{ 

35446| UL.QuadPart = 

| Ranges-> Rangel_ist[i] .Off set. Qu ad Part+j ; 
35447| // FIXFIXFIX is the 

| above in bytes or sectors or granules???????? 
35448| 

35449| // this routine 

| needs it in sectors 
35450 1 
35451 | 

| DevExt->SnapShot->Dictionary->searchAndDeleteSingle ( 
35452 1 

| GetFilteredExtension(DevExt->PSMDevice), 
35453| UL ); 

35454| 

35455| //FIXFIXFIX need 

| to add physical scanning here !FIX!FIX!FIX 
35456| 

35457 1 // free sector so 

| it isnt psmed again, regardless of it being in our 
| cache file 

35458| if ( 

| DevExt->SnapShot->PSMSectors ) { 

35459| 

| PsmBitPositionValidate (DevExt->SnapShot->PSMSectors, 
| UL.LowPart); 
35460 1 

| RtlClearBits(DevExt->SnapShot->PSMSectors,UL.LowPart,1 ); 
35461 | } 
35462| } //for j 

35463| } ^finally { 

35464| 

| DoneWithSnapShot(DevExt->SnapShot); 
35465| } 
35466| Err = 0; 

35467| } else { 



35468| 

| Debug(DEBUG_DCPSM,("FreeRanges: Snapshot has been 

| deleted while waiting or not psmed\n")); 
35469| Err = 

| STATUS_NO_MEDIA_IN_DEVICE; 
35470| } 

35471 1 } ^finally { 

35472| ReleaseSnapShotForRead(); 
35473 1 } 
35474| } // for i 

35475| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35476| Err = GetExceptionCode(); 

35477| Debug(DEBUG_DCPSM,("FreeRanges: 

| Exception %08x for device %08x\n",Err,DevObj)); 
35478| } 
35479 1 } else { 

35480| Err = STATUS_INVALID_PARAMETER; 

35481 1 } 
35482 1 } 

35483| #ifdef DEBUG 
35484| if ( Err ) { 

35485| Debug(DEBUG_DCPSM,("FreeRanges: Error %08x 

| trying to free range\n",Err)); 
35486| } 
35487| #endif 
35488| return Err; 
35489 1 } 
35490 1 

35491 1 // 

| 

I- 
35492 1 

35493| NTSTATUS SbGetProgress( pkSnapShotMaster 

| MasterSnapShot, tPSM_GetProgressOut *Progress ) 
35494| { 

35495| NTSTATUS status = STATUS__SUCCESS; 
35496| ULONG PerAt=0, PerHigh=0, PerUsed=0; 
35497| LARGEJNTEGER CT = {0}; 
35498| 

35499| Progress->OutOfSeconds = SecondsToWait; 
35500 1 

35501 1 if ( MasterSnapShot ) { 

35502| status = ValidateKernelSnapShotPointer 

| (MasterSnapShot); 
35503| if ( NT_SUCCESS(status) ) { 
35504| Progress->OutOfSeconds = 

| MasterSnapShot->OutOfSeconds; 
35505| } 
35506| } 



35507| 

35508| if ( NT_SUCCESS(status) ) { 
35509| KeQuerySystemTime(&CT); 
35510| 

3551 1 1 if ( CurrentTime.QuadPart!=0 ) { 
35512| Progress->OnSecond = 

| (ULONG)(CT.QuadPart-CurrentTime.QuadPart) / 1000 / 1000 

|/10; 
35513| }else{ 

35514| Progress->OnSecond = 0; 

35515| } 

35516| 

35517| 

35518| // 

| PersistentDictionary::GetVolumeSpaceUsed(PerAt,PerHigh,P 
| erUsed); 
35519| 

35520| Progress->CurrentCacheFileSize = PerUsed; 
35521 1 Progress->CacheFileSize = PerAt; 
35522 1 } 
35523 1 

35524| return status; 

35525| } 

35526| 

35527| // 

I 

I- 
35528| 

35529| NTSTATUS SbGetPersistentSnapShots ( 

| tPSM_GetPersistentSnapShotsOut *Out ) 
35530 1 { 

35531| PDEVICE_OBJECT DevObj=NULL; 

35532| PFILTERED_EXTENSION DevExt=NULL; 

35533| pkSnapShotEntry p; 

35534| NTSTATUS Status=STATUS_SUCCESS; 

35535| ULONG NumFound=0; 

35536| 

35537| // start at the top 

35538| DevObj = PSManDriverObject->DeviceObject; 
35539| 

35540| _try { 

35541 1 RtlZeroMemory(Out,sizeof(*Out)); 
35542 1 

35543| while ( DevObj != NULL ) { 
35544| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
35545| DevExt = GetFilteredExtension(DevObj); 

35546| 

35547| GetSnapShotForRead(); 
35548| _try { 



35549| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
35550| while ( p ) { 

35551 1 // only store for each unique 

| snapshot 

35552| ULONG FoundMatch=FALSE; 

35553 1 ULONG i; 

35554| for ( i=0;i<NumFound;i++ ) { 

35555| if ( 

| p->MasterSnapShot==Out->KernelPointers[i] ) { 
35556| FoundMatch = TRUE; 

35557| break; 
35558| } 
35559 1 } 
35560| if ( FoundMatch ) { 

35561 | 

| Out->KernelPointers[NumFound++] = p->MasterSnapShot; 
35562 1 } 
35563 1 
35564| 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
35565| } 

35566| } ^finally { 

35567| ReleaseSnapShotForRead(); 
35568| } 
35569 1 } 

35570| DevObj = DevObj->NextDevice; 

35571 | } 
35572 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35573 1 Status = GetExceptionCode(); 

35574| Debug(DEBUG_DCPSM,("SbGetPersistentSnapShots: 

| Exception %08x\n",Status)); 
35575| } 
35576| 

35577| return Status; 
35578| } 
35579 1 

35580| // 

| 

I- 
35581 1 

35582| NTSTATUS SbGetKernelSnapShotlnfo( pkSnapShotMaster 

| Master, tPSM_GetKernelSnapShotlnfoOut *Out ) 
35583 1 { 

35584| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
35585| _try { 

35586| Status = ValidateKernelSnapShotPointer 
| (Master); 

35587| if ( NT_SUCCESS(Status) ) { 



35588| Out->lnstance = Master-> Instance; 

35589| Out->SnapShotTime = Master->SnapShotTime; 

35590| Out->Status = Master->Status; 

35591 1 Out->DIIPrivateUse = Master->DIIPrivateUse; 

35592 1 Out->CallerPrivateUse = 

| (PVOID)(Master->GroupNumber); 
35593| Out->NumToKeep = Master->NumToKeep; 

35594| Out->Priority = Master->Priority; 

35595| Out->SnapShotFlags = Master->SnapShotFlags; 

35596| Out->Persistent = Master->Persistent; 

35597| 

| wcscpy(Out->UserSnapShotName,Master->UserSnapShotName); 
35598| } 
35599 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35600| Status = GetExceptionCode(); 

35601| Debug(DEBUG_DCPSM,("SbGetKernelSnapShotlnfo: 

| Exception %08x\n M ,Status)); 
35602| } 

35603| return Status; 

35604| } 

35605| 

35606| // 



35608| void RemoveCallBack( pCloseCallBack CallBack ) 
35609| { 

35610| __try{ 

3561 1 1 CallBack->Status = 

| SbRemoveVirtualWrites(CallBack->MasterSnapShot); 
35612| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

3561 3| Debug(DEBUG_DCPSM,("RemoveCallBack: Exception 

| %08x\n M ,GetExceptionCode())); 
35614| } 

35615| PsTerminateSystemThread( 0 ); 

35616| } 

35617| 

35618| NTSTATUS SbRemoveVirtualWrites( pkSnapShotMaster Master 
I) 

35619| { 

35620| if ( GlobalSystemProcessId != PsGetCurrentProcessQ 
l){ 

35621 1 // in a different process id, lets spawn off a 
| thread 

35622| // and call us back in the system process. 
| This is 

35623| // so we can access our virtual memory and do 
| disk io 



35624| HANDLE TempHandle; 
35625| tCloseCallBack CallBack; 
35626| 

35627| CallBack.User=NULL; 

35628| CallBack.MasterSnapShot = Master; 

35629| pmStartThread( 

35630| ( PKSTA RT_ROUTI N E) RemoveCall Back, 

| // IN PKSTART_ROUTINE StartRoutine, 
35631 1 (PVOID)&CallBack, 

| // IN PVOID StartContext 
35632| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
35633 1 ); 

35634| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
35635| ZwClose(TempHandle); 
35636| return CallBack.Status; 



35637| } 
35638| 

35639| NTSTATUS Status = STATUS_SUCCESS; 
35640 1 WCHAR Buffer [256]; 
35641 | 

35642 1 GetSnapShotForRead(); 
35643 1 EnableWritesTo NewFi les () ; 
35644| __try { 

35645| // loop though and remove virtual writes for 

| all volumes 
35646| // this snapshot is of 
35647| pkSnapShotEntry s = 

| GetTopSnapShotForMaster(&Master->SnapShots); 
35648| if ( s ) { 
35649| while ( s ) { 

35650 1 Status = 

| ((pPersistentDictionary)s->Dictionary)->RemoveVirtualWri 

I tes(); 

35651 1 if ( Status == STATUS_SUCCESS ) { 

35652| // Delete nested snapshots 

| directories from virtual disk... 
35653| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(s->DeviceObject); 
35654| PDEVICE_OBJECT Virtual = 

| GetVdiskObjectForName(DevExt->Name,Master->lnstance); 
35655| // if virtual device exists 

| (because part2 has run), cleanup nested snapshots. 
35656| if(Virtual) { 

35657| PVDISK_EXTENSION VDisk = 

| GetVDiskExtension(Virtual); 
35658| 
35659 1 

| swprintf (Buffer, U'WDeviceWPsm Devices_%04x\\%s_%d\\%s", 
35660| 



I PSM_LOW_COMPATIBLE_VERSION, 
35661 1 VDisk->Name, 
35662| VDisk->lnstance, 
35663| gSnapShotDirName ); 

35664| 

35665| SbSnapShotCleanup (Buffer); 

35666| } 

35667| } else { 

35668| DoneWithSnapShot(s); 

35669| break; 

35670 1 } 

35671 | 

| s=GetNextSnapShotForMaster(&Master->SnapShots,s); 
35672 1 } 
35673 1 } else { 

35674| Status = STATUS_NOT_FOUND; 

35675| } 

35676| } ^finally { 

35677| DisableWritesToNewFiles(); 
35678| ReleaseSnapShotForRead(); 
35679 1 } 

35680| return Status; 

35681 | } 

35682| 

35683 1 // 

I 

I- 
35684| 

35685| void MakeVirutalWritesPersistentCallBack( 

| pCloseCallBack CallBack ) 
35686| { 

35687| CallBack->Status = 

| SbMakeVirtualWritesPersistent(CallBack->MasterSnapShot); 
35688| PsTerminateSystemThread( 0 ); 
35689 1 } 
35690| 

35691 1 // 

| 

I- 
35692| 

35693| NTSTATUS SbMakeVirtualWritesPersistent ( 

| pkSnapShotMaster Master ) 
35694| { 

35695| if ( GlobalSystemProcessId != PsGetCurrentProcess() 
l){ 

35696| // in a different process id, lets spawn off a 
| thread 

35697| // and call us back in the system process. 
| This is 

35698| // so we can access our virtual memory and do 



I disk io 

35699| HANDLE TempHandle; 
35700| tCloseCallBack CallBack; 
35701| 

35702| CallBack.User=NULL; 

35703| CallBack.MasterSnapShot = Master; 

35704| pmStartThread( 

35705| 

| (PKSTART_ROUTINE)MakeVirutalWritesPersistentCallBack, 
35706| (PVOID)&CallBack, 
35707| &TempHandle ); 

35708| 

35709| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 

3571 0| ZwClose(TempHandle); 

3571 1 1 return CallBack.Status; 

35712| } 

35713| 

35714| NTSTATUS Status = STATUS_SUCCESS; 
35715| GetSnapShotForRead(); 
35716| __try{ 

3571 7| // loop though and remove virtual writes for 

| all volumes 
3571 8| // this snapshot is of 
3571 9| pkSnapShotEntry s = 

| GetTopSnapShotForMaster(&Master->SnapShots); 
35720| if ( s ) { 
35721| while ( s) { 

35722| Status = 

| ((pPersistentDictionary)s->Dictionary)->MakeVirtualWrite 

| sPersistent(); 
35723| if ( !NT_SUCCESS(Status) ) { 

35724| DoneWithSnapShot(s); 
35725| break; 
35726| } 



| s=GetNextSnapShotForMaster(&Master->SnapShots,s); 



35731 1 } 

35732| } ^finally { 

35733| ReleaseSnapShotForRead(); 
35734| } 

35735 1 return Status; 

35736| } 

35737| 

35738| // 



35727| 



35728| 
35729 1 
35730 1 



} else { 

Status = STATUS_NOT_FOUND; 




35740| ULONG SnapShotFlagsAreValid ( CHAR SnapShotFlags ) 
35741 1 { 

35742| ULONG Valid = TRUE; 
35743 1 

35744| if ( PSM_SS_lsPersistent(SnapShotFlags) ) { 
35745| if ( SnapShotFlags & 

| PSM_SS_BIT_SAVE_TEMP_ON_EXIT ) { 
35746| Valid = FALSE; // Save-Temp-On-Exit 

| applies to temporary snapshots only 
35747| } 
35748| 

35749| if ( PSM_SS_lsReadOnly(SnapShotFlags) ) { 
35750| if ( SnapShotFlags & 

| PSM_SS_BIT_VIRTUAL_WRITES_PERSISTENT ) { 
35751 1 Valid = FALSE; // Persistent virtual 

| writes are valid only for persistent read-write 

| snapshots. 
35752 1 } 
35753 1 } 
35754| } else { 
35755| if ( SnapShotFlags & 

| PSM_SS_BIT_VIRTUAL_WRITES_PERSISTENT ) { 
35756| Valid = FALSE; // Persistent virtual 

| writes are valid only for persistent read-write 

| snapshots. 
35757| } 
35758| } 
35759 1 

35760| return Valid; 

35761 1 } 

35762| 

35763 1 // 



35765| NTSTATUS SbSetKernelSnapShotlnfo( pkSnapShotMaster 

| Master, tPSM_SetKernelSnapShotlnfo *lnfo ) 
35766| { 

35767| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
35768| _try { 

35769| Status = ValidateKernelSnapShotPointer 
| (Master); 

35770| if ( NT_SUCCESS(Status) ) { 
35771 1 Master->GroupNumber = 

| (ULONG)(lnfo->CallerPrivateUse); 
35772| Master->NumToKeep = lnfo->NumToKeep; 

35773| Master->Priority = lnfo->Priority; 

35774| 

35775| CHAR OldSnapShotFlags = 

| Master->SnapShotFlags; 



35776| CHAR NewSnapShotFlags = 

| lnfo->SnapShotFlags; 
35777| 

35778| // Verify that the flags are defined 

| validly. 
35779| ASSERT ( 

| SnapShotFlagsAreValid(OldSnapShotFlags) ); 
35780| if ( 

| !SnapShotFlagsAreValid(NewSnapShotFlags) ) { 
35781 1 Status = STATUS_I N VALI D_PARAM ETER; 

35782 1 

| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: Invalid 
| snapshot flags = %02x\n", NewSnapShotFlags)); 
35783 1 } else { 

35784| // Also, don't allow persistent to 

| change to temporary, or vice versa. 
35785| // We might allow this in the future, 

| but it would open a few cans of worms... 
35786| // For one thing, we use two different 

| C++ classes to represent each. 
35787| if ( 

| PSM_SSJsPersistent(OldSnapShotFlags) ) { 
35788| if ( 

| PSM_SS_lsTemporary(NewSnapShotFlags) ) { 
35789 1 Status = 

| STATUS_I N VALI D_PARAM ETER; 
35790 1 

| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: Attempt 
| to change persistent snapshot to temporary!\n")); 

35791| } 

35792| } else if ( 

| PSM_SSJsTemporary(OldSnapShotFlags) ) { 

35793| Status = STATUS_INVALID_PARAMETER; 

35794| 

| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: Attempt 

| to modify temporary snapshot flags !\n")); 
35795| } 
35796| 

35797| if ( NT_SUCCESS(Status) ) { 

35798| Master->SnapShotFlags = 

| NewSnapShotFlags; 
35799| 

35800| // update persistent dictionary 

| database 
35801| 

| PersistentDictionary::BeginUpdate(); 
35802| __try { 

35803| GetSnapShotForRead(); 
35804| __try { 

35805| pkSnapShotEntry s = 



I GetTopSnapShotForMaster(&Master->SnapShots); 
35806| if ( s ) { 

35807| while ( s ) { 

35808| Status = 

| ((pPersistentDictionary)s->Dictionary)->SetSnapShotlnfo( 

| Master); 

35809| if ( Status == 

| STATUS_SUCCESS ) { 
35810| s = 

| GetNextSnapShotForMaster(&Master->SnapShots,s); 
3581 1 1 } else { 

35812| 

| DoneWithSnapShot(s); 
35813| break; 
35814| } 
35815| } 
35816| }else{ 
35817| Status = 

| STATUS_NOT_FOUND; 
35818| 

| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: No 
| snapshot entries found in master=%08x\n", Master)); 

35819| } 

35820| } finally { 

35821 1 ReleaseSnapShotForReadQ; 

35822 1 } 

35823| } ^finally { 

35824| 

| PersistentDictionary::EndUpdate(); 
35825| } 
35826| 

35827| if ( NT_SUCCESS(Status) ) { 

35828| 

| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: 
| OldFlags=%02x, 

| NewFlags=%02x\n",OldSnapShotFlags,NewSnapShotFlags)); 
35829 1 

35830| //NOTE: We cannot get here 

| unless this is a persistent snapshot. 
35831 1 // No need to check again. 

35832 1 if ( 

| PSM_SSJsReadWrite(OldSnapShotFlags) && 

| PSM_SS_lsReadOnly(NewSnapShotFlags) ) { 
35833 1 

| Debug(DEBUG_DCPSM,("Snapshot changing from writeable to 

| read-only; undoing virtual writes\n")); 
35834| Status = 

| SbRemoveVirtualWrites (Master); 
35835| } else if ( 

| PSM_SS_lsReadOnly(OldSnapShotFlags) && 



I PSM_SS_lsReadWrite(NewSnapShotFlags) ) { 
35836| 

| Debug(DEBUG_DCPSM,("Snapshot changing to read-write 

| persistent; making existing virtual writes 

| persistent\n")); 
35837| Status = 

| SbMakeVirtualWritesPersistent (Master); 
35838| } 
35839| } 
35840| } 
35841 1 } 
35842 1 } 
35843 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35844| Status = GetExceptionCode(); 

35845| Debug(DEBUG_DCPSM,("SbSetKernelSnapShotlnfo: 

| Exception %08x\n",Status)); 
35846| } 

35847| return Status; 

35848| } 

35849| 

35850 1 // 



35851 | 

35852| NTSTATUS SbGetKernelSnapShotVolumes ( 



35856| { 

35857| NTSTATUS Status = STATUS_SUCCESS; 

35858| pkSnapShotEntry p = 0; 

35859| ULONG BufferSize = *Return; 

35860| ULONG Count=0; 

35861 1 *Return = 0; 

35862 1 

35863 1 _try { 

35864| Status = ValidateKernelSnapShotPointer 
| (Master); 

35865| if ( NT_SUCCESS(Status) ) { 

35866| GetSnapShotForRead(); 

35867| _try { 

35868| p = 

| GetTopSnapShotForMaster(&Master->SnapShots); 

35869| ULONG BufferBytesLeft = BufferSize; 

35870| while ( p ) { 

35871 1 PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 

35872| ULONG LenChars = 



35853 1 
| Master, 



pkSnapShotMaster 



35854| 
35855| 



WCHAR *Buffer, 
ULONG 'Return ) 



I wcslen(DevExt->Name) + 1 ; 
35873| ULONG LenBytes = sizeof(WCHAR) * 

| LenChars; 
35874| 

35875| if ( LenBytes > BufferBytesLeft ) { 

35876 1 Status = 

| STATU S_B U F F E R_0 V E R F LOW ; 
35877| DoneWithSnapShot(p); //don't 

| leave reference count too high 
35878| break; 
35879 1 } 

35880| wcscpy ( Buffer, DevExt->Name ); 

35881 1 BufferBytesLeft -= LenBytes; 

35882| Buffer += LenChars; 

35883| Count += LenBytes; 

35884| p = 

| GetNextSnapShotForMaster(&Master->SnapShots,p); 
35885| } 
35886| 

35887| if ( NT_SUCCESS(Status) ) { 

35888| if ( BufferBytesLeft >= 

| sizeof(WCHAR) ) { 
35889| // double null terminate 

35890| *Buffer = 0; 

35891 1 Count += sizeof(WCHAR); 

35892 1 } else { 

35893| // not enough room to null 

| terminate 
35894 1 Status = 

| STATU S_B U F F E R_0 V E R F LOW ; 
35895| } 
35896| } 
35897| 

35898| *Return = Count; 

35899| } finally { 

35900| ReleaseSnapShotForRead(); 
35901| } 
35902| } 
35903| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35904| Status = GetExceptionCode(); 

35905| Debug(DEBUG_DCPSM,("SbGetKernelSnapShotVolumes 

| Exception %08x\n M , Status)); 
35906| } 
35907| 

35908| return Status; 

35909| } 

35910| 

35911| // 



I- 

35912| 

35913| NTSTATUS SbSetUserName( 

3591 4| pkSnapShotMaster Master, 

35915| WCHAR *Buffer, 

3591 6| ULONG BufferSize ) 

35917| { 

35918| NTSTATUS Status; 
35919| 

35920| // Buffer could be invalid 
35921| __try{ 
35922| if ( 

| AcquireOpenCloseResourceOnly(NULL)==STATUS_WAIT_0 ) { 
35923| __try { 

35924| Status = 

| ValidateKernelSnapShotPointer(Master); 
35925| if ( NT_SUCCESS(Status) ) { 

35926| ULONG 

| Amt=min(255*sizeof(WCHAR), BufferSize); 
35927| ULONG Num Bytes In Buffer = 

| NumBytes(Buffer); 
35928| ULONG Count = 

| min(NumByteslnBuffer,Amt); 
35929| 

35930| if ( Count==255*sizeof(WCHAR) ) { 

35931 1 // hmm, data is larger than we 

| have a buffer for 
35932 1 Status = 

| STATUS_I N VALI D_PARAM ETER; 
35933 1 } else { 

35934| Status = STATUS_SUCCESS; 

35935| 

| wcsncpy(Master->UserSnapShotName,Buffer,Count); 
35936| // null terminate 

35937| 

| Master->UserSnapShotName[Count]=L'\0'; 
35938| 
35939| 

| Debug(DEBUG_DCPSM,("SbSetUserName: Master=%08x (%s), 

| Name= ,0 /oS'\n M , 
35940| Master, 
35941 1 (Master->Persistent ? 

| "persistent" : "temporary"), 
35942| Master->UserSnapShotName)); 
35943 1 

35944| // save that the snapshot has 

| been updated 
35945| // we need to apply to all 

| volumes 
35946| 



I PersistentDictionary::BeginUpdate(); 
35947| _try { 

35948| GetSnapShotForRead(); 
35949| _try { 

35950| pkSnapShotEntry s = 

| GetTopSnapShotForMaster(&Master->SnapShots); 
35951 1 if ( s ) { 

35952 1 

| pPersistentDictionary Diet = 

| (pPersistentDictionary)s->Dictionary; 
35953| while ( s ) { 

35954| 

| ((pPersistentDictionary)s->Dictionary)->SetSnapShotlnfo( 
| Master); 
35955| 

| s=GetNextSnapShotForMaster(&Master->SnapShots,s); 
35956| } 
35957| } 

35958| } ^finally { 

35959| 

| ReleaseSnapShotForRead(); 
35960| } 

35961 1 } ^finally { 

35962| 

| PersistentDictionary::EndUpdate(); 
35963 1 } 

35964| LogLinkCreated(Master); 
35965| } 
35966| } 

35967| } ^finally { 

35968 1 ReleaseOpenC lose Reso u rce() ; 

35969 1 } 
35970 1 } else { 

35971 1 Status = PSM_CANCELED_BY_USER; 

35972 1 } 
35973 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

35974| Status = GetExceptionCode(); 

35975| Debug(DEBUG_DCPSM,("SbSetUserName: Exception 

| %08x\n",Status)); 
35976| } 

35977| return Status; 

35978| } 

35979| 

35980 1 // 

I 

I- 
35981 1 

35982| NTSTATUS SbGetUserName( 

35983 1 pkSnapShotMaster Master, 



35984| WCHAR *Buffer, 

35985| ULONG BufferSize ) 
35986| { 

35987| NTSTATUS Status; 
35988| 

35989| // Buffer could be invalid 

35990| _try { 

35991 1 Status = ValidateKernelSnapShotPointer(Master); 

35992| if ( NT_SUCCESS(Status) ) { 

35993| if ( BufferSize>sizeof(WCHAR) ) { 

35994| ULONG NumByteslnUserSnapShotName = 

| NumBytes(Master->UserSnapShotName); 

35995| ULONG Count = 

| min(NumByteslnUserSnapShotName,BufferSize-sizeof(WCHAR)) 



35997| if ( Count==BufferSize ) { 

35998| // hmm, we have more data than they 

| gave us a buffer for 
35999| Status = STATUS_BUFFER_OVERFLOW; 

36000| } else { 

36001 1 Status = STATUS_SUCCESS; 

36002 1 

| wcsncpy(Buffer,Master->UserSnapShotName,Count); 
36003| // null terminate 

36004| Buffer[Count]=L'\0'; 
36005| } 
36006| } else { 

36007| Status = STATUS_BUFFER_OVERFLOW; 

36008| } 
36009| } 
36010| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

3601 1 1 Status = GetExceptionCode(); 

36012| Debug(DEBUG_DCPSM,("SbGetUserName: Exception 

| %08x\n",Status)); 
36013| } 

36014| return Status; 

36015| } 

36016| 

36017| // 

| 

I- 
36018| 

36019| NTSTATUS RemoveUserLinks ( pkSnapShotMaster Master ) 
36020| { 

36021 1 NTSTATUS Status=STATUS_SUCCESS; 
36022| Debug(DEBUG_DCPSM, ("RemoveUserLinks: 

| Master=%08x\n",Master)); 
36023 1 



36024| __try { 

36025| Status = ValidateKernelSnapShotPointer(Master); 
36026| if ( NT_SUCCESS(Status) ) { 
36027| ULONG BufferSize=1 28*1 024; 

36028| WCHAR *Buffer = 

| (WCHAR*)MemAllocatePoolWithTag(PagedPool,BufferSize,TEMP 

I TAG); 
36029 1 if ( Buffer) { 

36030| Status = SbGetKernelSnapShotVolumes 

| (Master, Buffer, &BufferSize); 
36031 1 Debug(DEBUG_DCPSM,("RemoveUserLinks: 

| SbGetKernelSnapShotVolumes returned Status=%08x, 

| BufferSize=%08x\n M ,Status,BufferSize)); 
36032| if ( IStatus ) { 

36033| WCHAR *p=Buffer; 

36034| WCHAR Temp[512]; 

36035| 

36036| while ( *p ) { 

36037| // remove junction point 

| directories for each snapshot. 
36038| wcscpy(Temp,p); 
36039| wcscat(Temp,L"\V); 
36040 1 if ( 

| Master->UserSnapShotName[0]!=0 ) { 
36041 1 

| wcscat(Temp,Master->UserSnapShotName); 
36042 1 

| Debug(DEBUG_DCPSM,("RemoveUserLinks: About to call 

| SbDeleteMountPoint on '%S'\n",Temp)); 
36043| SbDeleteMountPoint(Temp); 
36044| } 
36045| 

36046| PDEVICE_OBJECT VD = 

| GetVdiskObjectForName( p, Master->lnstance); 
36047| 

36048| if ( VD ) { 

36049| PVDISK_EXTENSION VDE = 

| GetVDiskExtension(VD); 
36050| 

| swprintf (Temp,L M \\Device\\PsmDevices_%04x\\%s_%d M , PSM_LO 
| W_COMPATIBLE_VERSION,VDE->Name,VDE->lnstance); 
36051 1 

36052| // remove any drive letters 

| that may have been allocated. 
36053 1 

| Debug(DEBUG_DCPSM,("RemoveUserLinks: About to call 
| CleanupSymLinksForDevice on '%S'\n",Temp)); 
36054| CleanupSyml_inksForDevice( 
I Temp ); 

36055| Sblo_DismountVolume(Temp); 



36056| } else { 

36057| Debug(DEBUG_DEVSUP,("Error 

| getting vdisk object for '%S' instance 

| %d\n",p,Master->lnstance)); 
36058| } 
36059| 

36060| p+=wcslen(p)+1 ; 

36061 1 } 
36062 1 } 

36063| FREE_POINTER(Buffer); 
36064| } else { 

36065| Debug(DEBUG_DCPSM,("RemoveUserLinks: 

| Out of memory\n")); 
36066| Status = STATUS_INSUFFICIENT_RESOURCES; 

36067| } 
36068| } else { 

36069| Debug(DEBUG_DCPSM,("RemoveUserLinks: 

| invalid master snapshot %08x\n", Master)); 
36070| } 
36071 | } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

36072 1 Status = GetExceptionCode(); 

36073| Debug(DEBUG_DCPSM,("RemoveUserLinks: Exception 

| %08x\n",Status)); 
36074| } 

36075| return Status; 

36076| } 

36077| 

36078| // 

| 

I- 
36079 1 

36080| NTSTATUS SbGetVolumeCachelnfo( WCHAR *VolumeName, 

| pPSM_GetVolumeCachelnfoOut Out ) 
36081 1 { 

36082| NTSTATUS Status=STATUS_NOT_FOUND; 

36083| PDEVICE_OBJECT DevObj; 

36084| 

36085| 

36086| // \device\harddiskvolume1 

36087| DevObj = GetObjectFromName(VolumeName); 

36088| GetStats: 

36089 1 if ( DevObj ) { 

36090| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
36091 1 // Fix for Granule Size - csd 3/1 5/01 
36092| ULONG SectorSize = DevExt->BytesPerSector; 
36093| ULONG ulTmp = 0; 
36094| 

36095| ulTmp=DevExt->Cache.PSManBitMapSize; 



36096| ulTmp=(((SECTORS_PER_GRANULE*ulTmp)/1 024)/2); 
| //MB 

36097| Out->lnitialCacheFileSize = ulTmp; 
36098| 

36099| ulTmp=DevExt->Cache.PSManBitMapMaxSize; 
361 00| ulTmp=(((SECTORS_PER_GRANULE*ulTmp)/1 024)/2); 
| // MB 

361 01 1 Out->MaximumCacheFileSize = ulTmp; 
36102| 

361 03| ulTmp=DevExt->Cache.CurrentCacheFileSize; 

361 04| ulTmp=(((SECTORS_PER_GRANULE*ulTmp))/2); // KB 

36105| Out->CurrentCacheFileSize = ulTmp; 

361 06| Status = STATUS_SUCCESS; 

36107| }else{ 

36108| // 

| \device\PsmDevices_0200\_device_harddiskvolume1 
36109| DevObj = GetObjectFromVDiskName(VolumeName); 
36110| if ( DevObj ){ 
361 1 1 1 PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
36112| DevObj=DevExt->PSMDevice; 
36113| if ( DevObj ){ 

36114| goto GetStats; 

36115| } 
36116| } 
36117| } 

36118| return Status; 

36119| } 

36120| 

36121| // 

| 

I- 
36122| 

36123| void GetCacheSizes( PFILTERED EXTENSION DevExt, ULONG 

| SlnitialSize, ULONG SMaxSize ); 
36124| 

36125| // 

| 

I- 
36126| 

36127| NTSTATUS PsmCreateFiles( tOpenTransactionlnlnternal 

| *ln, PKEVENT AbortEvent ) 
36128| { 

36129| ULONG i; 

36130| NTSTATUS Status=STATUS_SUCCESS; 
36131| PDEVICE_OBJECT DevObj; 
36132| 
36133| if( 

| AcquireOpenCloseResourceOnly(AbortEvent)==STATUS_WAIT_0 
l){ 



36134| __try{ 

361 35| // verify all the volumes first 

36136| for ( i=0;i<ln->NumberOfDevices;i++ ) { 

36137| Debug(DEBUG_DCPSM,(" [%02x] 

| = , %S , \n",i,DN_MakePointer(ln,ln->DeviceName[i]))); 
36138| 

36139| DevObj = (PDEVICE_OBJECT) 

| GetObjectFromName( (WCHAR 

| *)DN_MakePointer(ln,ln->DeviceName[i]) ); 
36140| if (DevObj ){ 

36141| if( 

| PsmGetObjectType(DevObj)!=OBJECT_FILTEREDDISK ) { 
36142| Status = 

| STATU S_0 B J ECT TY P E M I S M ATC H ; 
36143| break; 
36144| } 
36145| }else{ 
36146| Status = 

| STATUS_OBJECT_NAME_NOT_FOUND; 
36147| break; 
36148| } 
36149| } 
36150| 

36151 1 if ( NT_SUCCESS(Status) ) { 

361 52| // all verified, now go through and 

| create files on each 
36153| for ( i=0;kln->NumberOfDevices;i++ ) { 

36154| DevObj = (PDEVICE_OBJECT) 

| GetObjectFromName( (WCHAR 

| *)DN_MakePointer(ln,ln->DeviceName[i]) ); 
36155| if (DevObj ){ 

361 56| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
36157| if( 

| lsListEmpty(&DevExt->Cache.SnapShotHead) ) { 
361 58| // no snapshots, safe to 

| change size of files 
36159| Status = 

| PersistentDictionary::GetStateForVolume(DevObj); 
36160| 

361 61 1 if ( NT_SUCCESS(Status) ) { 

36162| Status = 

| PersistentDictionary::OpenFilesForVolume(DevObj); 
361 63 1 if ( NT_SUCCESS(Status) 

l){ 

36164| // nothing to do, 

| as the files are the right size 
36165| 

| PersistentDictionary::CloseFilesForVolume(DevObj); 
36166| } else if ( (Status == 



STATUS_OBJECT_NAME_NOT_FOUND) || (Status == 
STATUS_OBJECT_PATH_NOT_FOUND) ) { 
36167| //this is a new 

one 

36168| // Params are in 

MB, convert to number of granules 
36169| ULONG ISC=0; 

36170| ULONG MSC=0; 

36171| 

36172| GetCacheSizes( 

DevExt, ISC, MSC ); 
36173| 
36174| 

DevExt->Cache.PSManBitMapSize = 
ISC*((1 024*1 024)/GRANULE_SIZE); 
36175| 

DevExt->Cache.PSManBitMapMaxSize = 
MSC*((1 024*1 024)/GRANULE_SIZE); 
36176| 

36177| // no need to do 

directio since no files exist. 
361 78| DevExt->DoDirectlO 
= FALSE; 

36179| Status = 

PersistentDictionary::CreateFilesForVolume(DevObj,AbortE 
vent); 

36180| if( 

!NT_SUCCESS(Status) ) { 
36181| 

Debug(DEBUG_DCPSM,("CreateFiles: Error %08x creating 
files for %08x\n M ,Status,DevObj)); 
36182| } 
36183| }else{ 
36184| 

Debug(DEBUG_DCPSM,("CreateFiles: Error %08x opening 
files for %08x\n M ,Status,DevObj)); 
36185| } 
36186| }else{ 
36187| 

Debug(DEBUG_DCPSM,("CreateFiles: Error %08x getting 
state for %08x\n M ,Status,DevObj)); 
36188| } 
36189| }else{ 
361 90| // cant do anything with 

| cache sizes if snapshots are active 
361 91 1 // go on to next volume 

36192| Status = 0; 

36193| } 
36194| }else{//dev 
361 95| // odd, since we passed the 



I first test 

36196| ASSERT(FALSE); 
36197| Status = 

| STATUS_OBJECT_NAME_NOT_FOUND; 
36198| } 
36199| 

36200| if ( !NT_SUCCESS(Status) ) { 

36201| break; 
36202| } 
36203| }//for 
36204| } else { 

36205| // one or more of the passed in objects 

| is wrong 
36206| } 

36207| } ^finally { 

36208| ReleaseOpenCloseResource(); 
36209| } 
36210| }else{ 

3621 1 1 Status = PSMCANCELEDBYUSER; 

36212| } 

36213| 

36214| UpdateGlobalStatus (PSMJDLE); // 

| pd::CreateFilesForVolume sets to PSM_CREATING_FILES; 
| this sets it back. 

36215| return Status; 

36216| } 

36217| 

36218| // 

| 

I- 
36219| 

36220| /*— end of file dcpsm.cpp —7 

36221| 

36222| 

36223| 

36224| File Listing: DCPSM.h 
36225| 

36226| //PDEVICE_OBJECT GetObjectFrom Drive And Part ( ULONG 

| DiskNum, ULONG PartNum ); 
36227| //PDEVICE_OBJECT GetObject Fro mVirtualDriveAnd Part ( 

| ULONG DiskNum, ULONG PartNum ); 
36228| PDEVICE_OBJECT GetObjectFromName ( WCHAR *Name ); 
36229| PDEVICE_OBJECT GetObjectFromVDiskName( WCHAR *Name ); 
36230| PDEVICE_OBJECT GetObjectFromWin32Name( WCHAR *Name ); 
36231| 

36232| #if _WIN32_WINNT < 0x0500 

36233| PDEVICE_OBJECT GetObjectFromVolumeNumber( ULONG 

| VolumeNumber ); 
36234| PDEVICE_OBJECT GetObjectFrom DriveLetter( WCHAR 

| DriveLetter ); 



36235| #endif 
36236| 

36237| NTSTATUS SbRunlnRingO( PUSER_MODE_ROUTINE UserRoutine, 

| PVOID UserContext ); 
36238| 

36239| NTSTATUS SbOpenPSM( pOTJJSER User, 

| tOpenTransactionlnlnternal *Buffer, ULONG OTOSize, 
| tOpenTransactionOutlnternal *OutBuffer, PKEVENT 
| AbortEvent=NULL); 

36240| 

36241 1 NTSTATUS 

36242| SbPrelnit( 

36243| pOTJJSER User, 

36244| tOpenTransactionlnlnternal *Buffer, 

36245| PKEVENT AbortEvent = NULL 

36246| ); 

36247| 

36248| // called from unload/shutdown, etc... 
36249| NTSTATUS lnternalClosePSM( pOT_USER 

| User,pkSnapShotMaster Snapshot ); 
36250 1 

36251 1 NTSTATUS 

36252| SbClosePSM(tClosePSMInternal *Buffer); 
36253 1 

36254| NTSTATUS 

36255| SblnternalRevertBuffer( 

36256| PDEVICE_OBJECT DeviceObject, 

36257| PVDISK_EXTENSION VDiskExt, 

36258| ULARGE_INTEGER Sector, 

36259| ULONG Count, 

36260| ULONG Delete, 

36261 1 char *Buffer, 

36262| ULONG *SectorsChanged ); 

36263 1 

36264| void PsmOff(void); 

36265| void SbOpenPsmThread( pOpenPsmThread Thread ); 
36266| NTSTATUS SbOpenExclusive(pkSnapShotMaster Snapshot); 
36267| NTSTATUS SbCloseExclusive(pkSnapShotMaster Snapshot); 
36268| 

36269| NTSTATUS SbFreeVolume( pPSM_FreeVolume Volume ); 
36270| NTSTATUS SbFreeRanges( pPSM_FreeRanges Ranges ); 
36271 1 NTSTATUS SbGetProgress( pkSnapShotMaster 

| M asterS napShot, tPSM_GetProgressOut *Progress ); 
36272| //int GetLastDeviceNum(void); 

36273| NTSTATUS FreeAIISnapShotsForVolume ( PDEVICE_OBJECT 

| DeviceObject ); 
36274| void MarkAIISnapShotsWithError( pkSnapShotEntry 

| Snapshot, NTSTATUS Error ); 
36275| void MarkAIISnapShotsWithErrorForVolume( 

| pkSnapShotEntry Snapshot, NTSTATUS Error ); 



36276| NTSTATUS lslnUserList( pOTJJSER User, pkSnapShotEntry 

| Snapshot); 
36277| 

36278| NTSTATUS SbGetPersistentSnapShots ( 

| tPSM_GetPersistentSnapShotsOut *Out ); 
36279| NTSTATUS SbGetKernelSnapShotlnfo( pkSnapShotMaster 

| Master, tPSM_GetKernelSnapShotlnfoOut *Out ); 
36280| PDEVICE_OBJECT GetVolumeObjectFromVolumeld( ULONG 

| Volumeld ); 
36281| NTSTATUS SbPreDelnit(void); 

36282| NTSTATUS SbGetKernelSnapShotVolumes( pkSnapShotMaster 

| Master, WCHAR *Buffer, ULONG *Return ); 
36283| NTSTATUS SbGetUserName( 
36284| pkSnapShotMaster Master, 
36285| WCHAR *Buffer, 
36286| ULONG BufferSize ); 
36287| NTSTATUS SbSetUserName( 
36288| pkSnapShotMaster Master, 
36289| WCHAR *Buffer, 
36290| ULONG BufferSize ); 
36291 1 NTSTATUS RemoveUserLinks( 
36292| pkSnapShotMaster Master 
36293 1 ); 

36294| PDEVICE_OBJECT GetVdiskObjectForName( WCHAR *Name, 

| ULONG Instance ); 
36295| 

36296| NTSTATUS SbSetKernelSnapShotlnfo( pkSnapShotMaster 

| Master, tPSM_SetKernelSnapShotlnfo *lnfo ); 
36297| NTSTATUS SbMakeVirtualWritesPersistent ( 

| pkSnapShotMaster Master ); 
36298| NTSTATUS SbRemoveVirtualWrites( pkSnapShotMaster Master 

I); 

36299 1 NTSTATUS SbRevertToSnapShot (pkSnapShotMaster Master); 
36300| 

36301| NTSTATUS WaitForQuiescentPeriod ( 
36302| pOTJJSER User, 
36303| tOpenTransactionlnlnternal *Buffer, 
36304| tkSnapShotMaster **MasterSnapShot, 
36305| PKEVENT AbortEvent 

| NULL); 
36306| 

36307| void LogOpen( 

36308| tOpenTransactionlnlnternal *Buffer, 

36309| pkSnapShotMaster MasterSnapShot ); 

36310| 

36311| void LogClose( 

36312| pkSnapShotMaster MasterSnapShot ); 
36313| 

36314| NTSTATUS FreePSMVolume( pOTJJSER User, PDEVICE_OBJECT 
| DeviceObject, tkSnapShotEntry *SnapShot ); 



36315| typedef struct sAbortEventList { 
3631 6| LIST_ENTRY ListEntry; 
3631 7| PKEVENT AbortEvent; 
36318| } tAbortEventList,*pAbortEventl_ist; 
36319| 

36320| extern LIST_ENTRY CreationListHead; 

36321| NTSTATUS CancelCreationOfSnapShots( ); 

36322| NTSTATUS SbGetVolumeCachelnfo( WCHAR *VolumeName, 

| pPSM_GetVolumeCachelnfoOut Out ); 
36323| NTSTATUS FreeResourcesForVolume ( PDEVICE_OBJECT 

| DeviceBeingPSMed,tkSnapShotEntry *SnapShot ); 
36324| NTSTATUS Del Device Froml_ist( PLIST_ENTRY List, 

| pkSnapShotEntry Snapshot); 
36325| ULONG NumberOfSnapShotsForVolume (PDEVICE_OBJECT 

| DevObj); 

36326| ULONG GetSequenceForNewSnapShot(); 

36327| 

36328| 

36329| 

36330| File Listing: DEVCON.cpp 
36331| 

36332| #include "precomp.h" 
36333| 

36334| #ifdef ALLOC_PRAGMA_DO_NOT_DO 

36335| #pragma alloc_text(PAGE, PSManDeviceControlObject) 

36336| #endif 

36337| 

36338| 

36339| 

36340| 

36341 1 /* 



36342| NTSTATUS 

36343| PSManDeviceControl( 

36344| PDEVICE_OBJECT DeviceObject, 

36345| PIRP Irp 

36346| ) 

36347| 

36348| /*++ 

36349 1 

36350 1 Routine Description: 
36351 | 

36352 1 If request is for device it is passed to device 

| handler, otherwise 
36353| it must be for sbpsman object 
36354| 

36355| Arguments: 
36356| 

36357| DeviceObject - Context for the activity. 
36358| Irp - The device control argument block. 



36359| 

36360| Return Value: 
36361 1 

36362 1 Status is returned. 

36363 1 

36364| -7 

36365| 

36366| { 

36367| NTSTATUS Status; 
36368| PAGED_CODE(); 
36369 1 

36370| switch ( PsmGetObjectType(DeviceObject) ) { 
36371 1 case OBJECTJNTERNAL 
36372 1 Status = 

| PSManDeviceControlObject(DeviceObject, Irp); 
36373 1 break; 

36374| case OBJECT FILTEREDDISK : 
36375 1 Status = 

| PSManDeviceControlDevice(DeviceObject, Irp); 
36376| break; 

36377| caseOBJECT_VIRTUALDISK : 
36378 1 Status = 

| PSManDeviceControlVDisk(DeviceObject, Irp); 
36379 1 break; 

36380| caseOBJECT_FS_OBJECT : 
36381 1 Status = 

| PSManDeviceControlFSObject(DeviceObject, Irp); 
36382 1 break; 
36383| case OBJECT_FS_FILTER : 
36384 1 Status = 

| PSManDeviceControlFSFilter(DeviceObject, Irp); 
36385| break; 
36386| default: 

36387| lrp->loStatus.Status = Status = 

| STATUS_NO_SUCH_DEVICE; 
36388| lrp->loStatus. Information = 0 ; 

36389| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

36390| break; 
36391| } 

36392| return Status; 

36393| } 

36394| 

36395| NTSTATUS lnitiatePart20fRebuild() 
36396| { 

36397| NTSTATUS Status=STATUS_SUCCESS; 
36398| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
36399| 

36400| Debug(DEBUG_DEVCON,( M lnitiatePart20fRebuild: System 
| ready!\n")); 



36401 1 while ( DevObj ) { 
36402 1 // if a filtered disk 
36403 1 if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
36404| if ( PersistentDictionary::QueryResetPsm() 

l){ 

36405| NTSTATUS StateReloadStatus = 

| PersistentDictionary::GetStateForVolume (DevObj); 

36406| ASSERT (StateReloadStatus == 

| STATUS_SUCCESS); 

36407| 

| Debug(DEBUG_DICT,("lnitiatePart20fRebuild: ResetPsm -> 
| calling DeletePsmFiles()\n")); 
36408| 

| PersistentDictionary::lnitializeFileNamesForVolume 
I (DevObj); 

36409| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension (DevObj); 
36410| DeletePsmFilesOnVolume (DevExt); 

3641 1 1 Rebuild_DeleteJunctionsOnVolume 

| (DevObj); 
36412| } 
36413| 

36414| HANDLE TempHandle = I N VALI D_H AN DLEVALU E; 

36415| 

| pmStartThread( PersistentDictionary : :Part20f Rebui Id ForVo I 
| ume,DevObj,&TempHandle); 
36416| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
3641 7| ZwClose(TempHandle); // dont need the 

| handle anymore. 
36418| }// if filtered disk 
36419| 

36420| DevObj = DevObj->NextDevice; 
36421 1 } // while(DevObj) 
36422 1 

36423| PersistentDictionary::DisableResetPsm(); 
36424| PersistentDictionary::DisableNoPsm(); 
36425| 

36426| return Status; 

36427| } 

36428| 

36429| NTSTATUS ExtendAFile(); 
36430 1 

36431 1 void DoLink ( void *Arg ) 
36432 1 { 

36433| pPSM_SetWin32Link Link=(pPSM_SetWin32Link)Arg; 
36434| NTSTATUS Status; 

36435| UNICODE_STRING deviceNameUnicodeString={0}; 
36436| UNICODE_STRING deviceLinkUnicodeString={0}; 



36437| 

36438| if(Link->Operation==LINK_SetLink) { 
36439 1 Rtl I n it U n icodeStri ng ( 

| &deviceLinkUnicodeString,Link->Win32Link ); 
36440 1 RtllnitUn icodeStri ng ( 

| &deviceNameUnicodeString,Link->NTDeviceName ); 
36441 | 

36442| Status = loCreateSymbolicLink 

| (&deviceLinkUnicodeString, &deviceNameUnicodeString); 
36443 1 } else 

36444| if(Link->Operation==LINK_DeleteLink) { 
36445| RtllnitUnicodeString ( 

| &deviceLinkUnicodeString, Link->Win32Link ); 
36446| loDeleteSymbolicLink ( &deviceLinkUnicodeString 

I); 

36447| Status = STATUS_SUCCESS; 
36448| } else { 

36449| Status = STATUS_INVALID_PARAMETER; 
36450 1 } 

36451 1 Link->Operation = (ULONG)Status; 
36452 1 return; 
36453 1 } 
36454| 

36455| LISTENTRY 

| PSMEventListHead={&PSMEventListHead,&PSMEventListHead}; 
36456| LIST_ENTRY 

| PSMNoWaitersListHead={&PSMNoWaitersListHead,&PSMNoWaiter 

| sListHead}; 
36457| 
36458| 

36459| NTSTATUS NotifyUserModeOfVolumeOnlineEvent( 

| PFILTERED_EXTENSION FiltExt ) 
36460 1 { 

36461 1 PLIST_ENTRY ListEntry; 

36462| ULONG Err; 

36463| pPSM_GetPSMEventEntry Entry; 

36464| 

36465| PAG E D_CO D E () ; 

36466| Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfVolumeOnlineEvent 

| %08x\n",FiltExt->DeviceObject)); 
36467| 

36468| pmAcquireMutex ( &PSMUserMutex, NULL ); 
36469 | 

36470| ListEntry = RemoveHeadList(&PSMEventListHead); 
36471 1 

36472| if(ListEntry!=&PSMEventListHead) { 
36473| Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfVolumeOnlineEvent: Got event 

| entry\n")); 



36474| // we have a waiter, lets give it to him 
36475| pPSM_GetPSMEventEntry 

| Entry=CONTAINING_RECORD(ListEntry,tPSM_GetPSMEventEntry, 

| ListEntry); 
36476| 

36477| Entry->lrp->loStatus.Status = STATUS_SUCCESS; 
36478| Entry->lrp->loStatus. Information = 

| sizeof(tPSM_GetPSM Event); 
36479| Entry->Event->KernelSnapShotPointer = NULL; 
36480| Entry->Event->Event = PSM_EVENT_VOLUME_ONLINE; 
36481 | 

| wcscpy(Entry->Event->VolumeGuid,FiltExt->VolumeGuid); 
36482 1 

| wcscpy(Entry->Event->Uniqueld,FiltExt->Uniqueld); 
36483| wcscpy(Entry->Event->NTName,FiltExt->Name ); 
36484| 

36485| loSetCancelRoutine(Entry->lrp,NULL); 

36486| loCompleteRequest(Entry->lrp,IO_NO_INCREMENT); 

36487| MemFreePool(Entry); 

36488| 

36489| Err = STATUS_SUCCESS; 
36490 1 } else { 

36491 1 Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfVolumeOnlineEvent: no waiters\n")); 
36492| // no waiters, lets queue it up 
36493 1 

| Entry=(pPSM_GetPSMEventEntry)MemAllocatePoolWithTag(Page 
| dPool,sizeof(tPSM_GetPSMEventEntry),PSM_EVENT_ENTRY_TAG) 

I ; 

36494| if(Entry) { 
36495| Entry->Event = 

| (pPSM_GetPSMEvent)MemAllocatePoolWithTag(PagedPool,sizeo 

| f(tPSM_GetPSMEvent),PSM_EVENT_TAG); 
36496| if(Entry->Event) { 

36497| Entry->Event->KernelSnapShotPointer = 

| NULL; 

36498| Entry->Event->Event = 

| PSM_EVENT_VOLUME_ONLINE; 
36499 1 

| wcscpy(Entry->Event->VolumeGuid,FiltExt->VolumeGuid); 
36500 1 

| wcscpy(Entry->Event->Uniqueld,FiltExt->Uniqueld); 
36501| 

| wcscpy(Entry->Event->NTName,FiltExt->Name ); 
36502| 
36503| 

| lnsertTailList(&PSMNoWaitersListHead,&Entry->ListEntry); 
36504| Err = STATUS_SUCCESS; 

36505| } else { 

36506| MemFreePool(Entry); 



36507| Err = STATUS_INSUFFICIENT_RESOURCES; 

36508| } 
36509| } else { 

36510| Err = STATUSJNSUFFICIENT_RESOURCES; 

3651 1 1 } 
36512| } 

36513| pmReleaseMutex ( &PSMUserMutex); 

36514| return Err; 

36515| } 

36516| 

36517| 

36518| NTSTATUS NotifyUserModeOfRegChangeEvent( 

| PFILTERED_EXTENSION FiltExt ) 
36519| { 

36520| PLIST_ENTRY ListEntry; 

36521| ULONG Err; 

36522| pPSM_GetPSMEventEntry Entry; 

36523| 

36524| PAG E DCO D E () ; 

36525| Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfRegChangeEvent 

| %08x\n M ,FiltExt->DeviceObject)); 
36526| 

36527| pmAcquireMutex ( &PSMUserMutex, NULL ); 
36528| 

36529| ListEntry = RemoveHeadList(&PSMEventListHead); 
36530| 

36531 1 if(ListEntry!=&PSMEventListHead) { 
36532| Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfRegChangeEvent: Got Event entry \n M )); 
36533| // we have a waiter, lets give it to him 
36534| 

| Entry=CONTAINING_RECORD(ListEntry,tPSM_GetPSMEventEntry, 
| ListEntry); 
36535| 

36536| Entry->lrp->loStatus.Status = STATUS_SUCCESS; 
36537| Entry->lrp->loStatus. Information = 

| sizeof(tPSM_GetPSM Event); 
36538| Entry->Event->KernelSnapShotPointer = NULL; 
36539| Entry->Event->Event = 

| PSM_EVENT_CLEAN_CLUSTER_REGISTRY; 
36540 1 

| wcscpy(Entry->Event->VolumeGuid, FiltExt- >VolumeGuid); 
36541 | 

| wcscpy(Entry->Event->Uniqueld,FiltExt->Uniqueld); 
36542| wcscpy(Entry->Event->NTName,FiltExt->Name ); 
36543 1 

36544| loSetCancelRoutine(Entry->lrp,NULL); 

36545| loCompleteRequest(Entry->lrp,IO_NO_INCREMENT); 

36546| MemFreePool(Entry); 



36547| 

36548| Err = STATUS_SUCCESS; 
36549| } else { 

36550| Debug(DEBUG_DEVCON,("DEVCON: 

| NotifyUserModeOfRegChangeEvent: No waiters\n")); 
36551 1 // no waiters, lets queue it up 
36552 1 

| Entry=(pPSM_GetPSMEventEntry)MemAllocatePoolWithTag(Page 
| dPool,sizeof(tPSM_GetPSMEventEntry),PSM_EVENT_ENTRY_TAG) 

I ; 

36553| if(Entry) { 
36554| Entry->Event = 

| (pPSM_GetPSMEvent)MemAllocatePoolWithTag(PagedPool,sizeo 

| f(tPSM_GetPSMEvent),PSM_EVENT_TAG); 
36555| if(Entry->Event) { 

36556| Entry->Event->KernelSnapShotPointer = 

| NULL; 

36557| Entry->Event->Event = 

| PSM EVENT CLEAN CLUSTER REGISTRY; 
36558| 

| wcscpy(Entry->Event->VolumeGuid,FiltExt->VolumeGuid); 
36559 1 

| wcscpy(Entry->Event->Uniqueld,FiltExt->Uniqueld); 
36560 1 

| wcscpy(Entry->Event->NTName,FiltExt->Name ); 
36561 1 
36562 | 

| lnsertTailList(&PSMNoWaitersListHead,&Entry->ListEntry); 



36563| Err = STATUS_SUCCESS; 

36564| } else { 

36565| MemFreePool(Entry); 

36566| Err = STATUSJNSUFFICIENT_RESOURCES; 

36567| } 

36568| } else { 

36569| Err = STATUS_INSUFFICIENT_RESOURCES; 

36570 1 } 



36571 1 } 

36572| pmReleaseMutex ( &PSMUserMutex); 

36573 1 return Err; 

36574| } 

36575| 

36576| VOID 

36577| EventCancelRoutine( 

36578| IN PDEVICE_OBJECT DeviceObject, 

36579| IN PIRP Irp 

36580 1 ) 

36581 1 { 

36582| PLIST_ENTRY ListEntry; 

36583| BOOLEAN Found=FALSE; 
36584| 



36585| Debug(DEBUG_DEVCON,("DEVCON: Cancel: 

| lrql=%08x\n",KeGetCurrentlrql())); 
36586| // This routine runs at D I S P ATC H_L E V E L 
36587| 

36588| // We do not the cancel spinlock because we do not 
| use 

36589| // the start io method of syncing 

36590| loReleaseCancelSpinLock(lrp->Cancellrql); 

36591| 

36592| Debug(DEBUG_DEVCON,("DEVCON: Cancel2: 

| lrql=%08x\n",KeGetCurrentlrql())); 
36593| 

36594| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
36595| 

36596| pmAcquireMutex ( &PSMUserMutex, NULL ); 
36597| ListEntry = PSMEventListHead.Flink; 
36598| while(ListEntry!=&PSMEventListHead) { 
36599| pPSM_GetPSMEventEntry 

| Entry=CONTAINING_RECORD(ListEntry,tPSM_GetPSMEventEntry, 

| ListEntry); 
36600| if(Entry->lrp == Irp) { 
36601 1 RemoveEntryList(&Entry->ListEntry); 
36602| Found = TRUE; 

36603 1 break; 
36604| } 

36605| ListEntry=ListEntry->Flink; 
36606| } 

36607| pmReleaseMutex ( &PSMUserMutex); 
36608| 

36609 1 if (Found) { 

3661 0| loSetCancelRoutine(lrp,NULL); 

3661 1 1 lrp->loStatus. Status = STATUS_CANCELLED; 

36612| lrp->loStatus. Information = 0; 

36613| loCompleteRequest(lrp,IO_NO_INCREMENT); 

36614| } 

36615| } 

36616| 

36617| STATIC NTSTATUS 

36618| PSManDeviceControlObject( 

36619| PDEVICE_OBJECT DeviceObject, 

36620| PIRP Irp 

36621| ) 

36622| /*++ 

36623| 

36624| Routine Description: 
36625| 

36626| This function handles the DeviceloControl IRP's 
36627| that we will be receiving from the executive to 
| control our 

36628| device. We will be handing 3 different custom 



I private 
36629| lOCTL's. 

36630| IOCTL_HOLD_REQUEST - To put a request in the queue 

| for later 
36631 1 release. 

36632| IOCTL_RELEASE_REQUEST - To release a request in the 
| queue. 

36633| IOCTL_DO_NOTHING - Just to show that we are async. 
36634| 

36635| Arguments: 
36636| 

36637| DriverObject - Pointer to device object for this 

| operation 
36638| Irp - IRP to work on. 
36639 1 

36640| Return Value: 
36641 | 

36642| NT Status 
36643 | 
36644| -7 
36645| { 

36646| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
36647| NTSTATUS ntStatus = 0; 
36648| BOOLEAN CompleteRequest=TRUE; 
36649 | 

36650| NOTREFERENCED(DeviceObject); 
36651 | 

36652| Debug (DEBUG_PROCCALL,("PSManDeviceControlObject 

| CalledXn")) ; 
36653 1 

36654| __try { 

36655| lrp->loStatus. Information = 0 ; 
36656| switch ( 

| plrpStack->Parameters.DeviceloControl.loControlCode ) { 
36657| #ifdef DEBUG 

36658| case IOCTL_TEST_FUNCTION : { 

36659 1 #if 0 

36660| lrp->loStatus.Status = ExtendAFile(); 

36661 1 #else 

36662 1 typedef struct sTest { 

36663| PDEVICE_OBJECT Volume; 

36664| ULONG Action; 

36665| } tTest,*pTest; 

36666| pTest 

| Test= (pTest) I rp->Associated I rp . System Buff er; 
36667| HANDLE TempHandle = 

| INVALID_HANDLE_VALUE; 
36668| switch(Test->Action) { 

36669| case 0 : 



36670| lrp->loStatus.Status = 

| PersistentDictionary::LoadSnapShotsForVolume(Test->Volum 

| e,TRUE,NULL); 
36671 1 break; 
36672 1 case 1 : 

36673| lrp->loStatus.Status = 

| PersistentDictionary::LoadSnapShotsForVolume(Test->Volum 

| e,FALSE,NULL); 
36674| break; 
36675| case 2 : 

36676| lrp->loStatus.Status = 

| PersistentDictionary::UnloadSnapShotsForVolume(Test->Vol 

| ume,FALSE); 
36677| break; 
36678| case 3 : 

36679| lrp->loStatus.Status = 

| PersistentDictionary::MiniUnloadSnapShotsForVolume(Test- 

| >Volume,FALSE); 
36680 1 break; 
36681 1 case 4 : 

36682| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
36683 1 

| pmStartThread(PersistentDictionary::Part20fRebuildForVol 
| ume,Test->Volume,&TempHandle); 
36684| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
36685| ZwClose(TempHandle); 
36686| break; 
36687| 

36688 1 case 5 : { 

36689| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
36690| 

| pmStartThread(TestVirginMap,Test->Volume,&TempHandle); 
36691| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
36692| ZwClose(TempHandle); 
36693| } break; 

36694| 

36695| case 6 : { 

36696| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
36697| 

| pmStartThread(DumpProfilelnfo_Thread,NULL,&TempHandle); 
36698| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
36699| ZwClose(TempHandle); 
36700| } break; 

36701| 



36702| default : 

36703| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
36704| } 
36705| #endif /"DEBUG*/ 
36706| break; 
36707| } 

36708| case IOCTL_BUG_CHECK : { 

36709| // force system to bug check, so it 

| can make a memory. dmp file. 
36710| 

| KeBugCheckEx((ULONG)0xe100ffff,(ULONG)PSManDriverObject, 

| (ULONG)PsmActive,(ULONG)LastErrorStatus,(ULONG)PSManDevi 

| ceControlObject); 
3671 1 1 //if we should ever return... 

36712| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
36713| break; 
36714| } 
36715| #endif 
36716| #if MEMDBG 

3671 7| case I OCTL_G ET M E MO R Y_U SAG E : { 

3671 8| tGetMemoryUsageOut *Buffer=NULL; 

36719| 
36720| 

| Debug(DEBUG_PROCCALL,("PSManDeviceControlObject: 

| GetMemUsage\n")); 
36721 1 // METHOD_BUFFERED 

36722| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36723 1 

36724| if ( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| < sizeof(tGetMemoryUsageOut) ) { 
36725| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
36726| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36727| break; 
36728| } 
36729 1 

36730| Buffer = (pGetMemoryUsageOut) 

| I rp-> Associated I rp. System Buff er; 
36731 | 

36732| Buffer->MemTotalNonpagedAlloced = 

| MemTotalNonpagedAlloced; 
36733 1 Buff er->MemTotal Paged Al loced = 

| MemTotal Paged Al loced; 
36734| Buffer->MemMaxNonpagedAlloced = 

| MemMaxNonpagedAlloced; 



36735| Buffer->MemMaxPagedAlloced 

| MemMaxPagedAlloced; 
36736| 

36737| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
36738| lrp->loStatus. Information = 

| sizeof(tGetMemoryUsageOut); 
36739| break; 
36740| } 
36741 1 #endif 

36742| case IOCTL_INFORM_SYSTEM_READY : { 

36743 1 

| PersistentDictionary::SetSystemReady(); 
36744| lrp->loStatus. Status = 

| lnitiatePart20fRebuild(); 
36745| break; 
36746| } 

36747| case I OCTL_C R E ATE_F I L ES : { 

36748| tOpenTransactionlnlnternal 

| *Buffer=NULL; 
36749| // METHOD_BUFFERED 

36750| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36751 | 
36752 | 

| Debug(DEBUG_PROCCALL,("PSManDeviceControlObject: 
| CreateFiles\n M )); 
36753 1 

36754| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof (tOpenTransactionlnlnternal) ) { 
36755| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
36756| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36757| break; 
36758| } 
36759 1 Buffer = 

| (tOpenTransactionlnlnternal *) 

| I rp-> Associated I rp . System Buff er; 
36760 1 

36761| if ((!Buffer) || 

| (Buffer->Size!=sizeof(tOpenTransactionlnlnternal)) ) { 
36762| Debug(DEBUG_DEVCON, ("Error! 

| Buffer is NULL or not right size\n")); 
36763| lrp->loStatus.Status = 

| STATUS_I N VALI D PARAM ETER; 
36764| break; 
36765| } 
36766| 



36767| PKEVENT AbortEvent=NULL; 

36768| 

36769| if ( 

| lsValidHandle(Buffer->AbortEvent) ) { 
36770| // get system wide object from 

| process specific handle 
36771 1 ntStatus = 

| ObReferenceObjectByHandle( 
36772 1 

| Buffer->AbortEvent, //IN HANDLE Handle, 
36773 1 

| EVENT_QUERY_STATE, //IN ACCESS_MASK DesiredAccess, 
36774| 

| *ExEventObjectType, //IN POBJECT_TYPE ObjectType 
| OPTIONAL, 
36775| 

| lrp->RequestorMode, //IN KPROCESSOR_MODE AccessMode, 
36776| 

| (PVOID *) &AbortEvent, //OUT PVOID *Object, 
36777| 

| NULL //OUT POBJECTJHANDLEJNFORMATION Handlelnformation 
| OPTIONAL 
36778| 

I); 

36779 1 

36780| if ( !NT_SUCCESS(ntStatus) ) { 

36781 1 Debug(DEBUG_DEVCON, ("Error 

| %08x getting object for abort event 

| %08x\n",ntStatus,Buffer->AbortEvent)); 
36782 1 } 
36783 1 } 
36784| 

36785| lrp->loStatus. Status = 

| PsmCreateFiles(Buffer,AbortEvent); 
36786| 

36787| ObDereferenceObject(AbortEvent); 
36788| break; 
36789 1 } 

36790| case IOCTL_GET_PSM_EVENT: { 

36791 1 if ( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| >= sizeof(tPSM_GetPSMEvent) ) { 
36792 1 pPSM_GetPSM Event 

| Event=(pPSM_GetPSMEvent)lrp->Associatedlrp.SystemBuffer; 
36793| pPSM_GetPSMEventEntry Entry; 

36794| PLIST_ENTRY ListEntry; 

36795| 

36796| pmAcquireMutex ( SPSMUserMutex, 

| NULL ); 
36797| ListEntry = 



I RemoveHeadList(&PSMNoWaitersListHead); 
36798| 
36799| 

| if(ListEntry!=&PSMNoWaitersListHead) { 
36800| Debug(DEBUG_DEVCON,("DEVCON: 

| IOCTL_GET_PSM_EVENT: Got queud event\n M )); 
36801 1 // we had an event happen when 

| we were not around, lets handle it 
36802 1 

| Entry=CONTAINING_RECORD(ListEntry,tPSM_GetPSMEventEntry, 
| List Entry); 
36803 1 

| RtlCopyMemory(Event,Entry->Event,sizeof(tPSM_GetPSMEvent 

I)); 

36804| MemFreePool(Entry->Event); 
36805| MemFreePool(Entry); 
36806| lrp->loStatus.Status=0; 
36807| 

| lrp->loStatus.lnformation=sizeof(tPSM_GetPSMEvent); 
36808| } else { 

36809| Debug(DEBUG_DEVCON,("DEVCON: 

| IOCTL_GET_PSM_EVENT: Adding waiter\n M )); 
3681 0| // none on the queue, queue it 

I up 
3681 1 | 

| Entry=(pPSM_GetPSMEventEntry)MemAllocatePoolWithTag(Page 
| dPool,sizeof(tPSM_GetPSMEventEntry),PSM_EVENT_ENTRY_TAG) 



36812| if (Entry) { 

36813| Entry->Event = Event; 

36814| Entry->lrp = Irp; 

36815| lrp->loStatus.Status = 



| STATUS_PENDING; 
36816| 

| lnsertTailList(&PSMEventListHead,&Entry->ListEntry); 
36817| 

| loSetCancel Routine( I rp, EventCancel Routine) ; 



36818| loMarklrpPending(lrp); 
36819| CompleteRequest = FALSE; 

36820| } else { 

36821 1 lrp->loStatus.Status = 

| STATUSJNSUFFICIENT_RESOURCES; 
36822 1 } 
36823 1 } 

36824| pmReleaseMutex ( &PSMUserMutex); 

36825| } else { 

36826| Debug(DEBUG_DEVCON, ("Error! IOCTL 

| buffer not big enough\n")); 
36827| lrp->loStatus. Status = 



| STATUS_INVALID_BUFFER_SIZE; 



36828| } 
36829| 

36830| break; 
36831| } 

36832| case IOCTL_GET_VOLUME_CACHE_INFO: { 

36833| pPSM_GetVolumeCachelnfoln In = 

| (pPSM_GetVolumeCachelnfoln)lrp->Associatedlrp.SystemBuff 

I er; 

36834| pPSM_GetVolumeCachelnfoOut Out = 

| (pPSM_GetVolumeCachelnfoOut)lrp->Associatedlrp.SystemBuf 
I fer; 

36835| 

36836| lrp->loStatus. Status = 

| SbGetVolumeCachelnfo(ln->VolumeName,Out); 
36837| 

36838| if ( 

| NT_SUCCESS(lrp->loStatus.Status) ) { 
36839| lrp->loStatus. Information = 

| sizeof(*Out); 
36840| } 
36841 | 

36842| break; 
36843 1 } 

36844| case IOCTL_LOG_EVENT : { 

36845 1 p PSM_Log Event 

| Log= (p PSM_Log Eve nt) I rp->Associ ated I rp . System Buff er; 
36846| 

36847| Hint -save -e740 7 

36848| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,Log->Eve 

| ntld,Log->Status,NULL,0,Log->NumStrings ? Log->Strings 

| : NULL,Log->NumStrings); 
36849| Hint -restore 7 

36850| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
36851 1 break; 
36852 1 } 

36853| case IOCTL_GET_PERSISTENT_SNAPSHOTS : { 

36854| tPSM_GetPersistentSnapShotsOut 

| *Buffer=NULL; 
36855| // METHOD_BUFFERED 

36856| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36857| 

36858| if ( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| < sizeof(tPSM_GetPersistentSnapShotsOut) ) { 
36859| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
36860| lrp->loStatus.Status = 



I STATUS_INVALID_BUFFER_SIZE; 
36861 1 break; 
36862 1 } 
36863| 

36864| Buffer = 

| (tPSM_GetPersistentSnapShotsOut *) 

| I rp-> Associated I rp. System Buff er; 
36865| 

36866| lrp->loStatus. Status = 

| SbGetPersistentSnapShots(Buffer); 
36867| if ( 

| NT_SUCCESS(lrp->loStatus.Status) ) { 
36868| lrp->loStatus. Information = 

| sizeof(tPSM_GetPersistentSnapShotsOut); 
36869 1 } 
36870 1 break; 
36871 1 } 

36872| case IOCTL_GET_KERNEL_SNAPSHOT_INFO : { 

36873| tPSM_GetKernelSnapShotlnfoln 
| *ln=NULL; 

36874| tPSM_GetKernelSnapShotlnfoOut 

| *Out=NULL; 
36875| // METHOD_BUFFERED 

36876| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36877| 

36878| if ( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| < sizeof(tPSM_GetKernelSnapShotlnfoOut) ) { 
36879| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL output buffer not big enough\n")); 
36880| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36881 1 break; 
36882| } 
36883| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSM_GetKernelSnapShotlnfoln) ) { 
36884| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL input buffer not big enough\n")); 
36885| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36886| break; 
36887| } 
36888| 

36889| In = (tPSM_GetKernelSnapShotlnfoln 

| *) lrp->Associatedlrp.SystemBuffer; 
36890 1 Out = 

| (tPSM_GetKernelSnapShotlnfoOut *) 

| I rp-> Associated I rp . System Buff er; 



36891| 

36892| lrp->loStatus. Status = 

| SbGetKernelSnapShotlnfo((pkSnapShotMaster)ln->KernelSnap 

| ShotPointer,Out); 
36893| if ( 

| NT_SUCCESS(lrp->loStatus.Status) ) { 
36894| lrp->loStatus. Information = 

| sizeof(tPSM_GetKernelSnapShotlnfoOut); 
36895| } 
36896| break; 
36897| } 

36898| case IOCTL_SET_KERNEL_SNAPSHOT_INFO : { 

36899| tPSM_SetKernelSnapShotlnfoln 

| *lnfo=NULL; 
36900| // METHOD_BUFFERED 

36901 1 // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36902 1 

36903 1 if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSM_SetKernelSnapShotlnfo) ) { 
36904| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL input buffer not big enough\n")); 
36905| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36906| break; 
36907| } 
36908| 

36909 1 Info = 

| (tPSM_SetKernelSnapShotlnfoln *) 

| I rp-> Associated I rp . System Buff er; 
36910| 

3691 1 1 lrp->loStatus. Status = 

| SbSetKernelSnapShotlnfo((pkSnapShotMaster)lnfo->KernelSn 

| apShotPointer,&lnfo->lnfo); 
36912| break; 
36913| } 

36914| case IOCTL_GET_KERNEL_SNAPSHOT_VOLUMES :{ 

36915| tPSM_GetKernelSnapShotlnfoln 

| *ln=NULL; 
3691 6| WCHAR *Out=NULL; 

36917| ULONG Return = 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

I ; 

36918| 

36919| // METHOD_BUFFERED 

36920| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36921| 

36922| if ( 



I plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSM_GetKernelSnapShotlnfoln) ) { 
36923| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL input buffer not big enough\n")); 
36924| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36925| break; 
36926| } 
36927| 

36928| In = (tPSM_GetKernelSnapShotlnfoln 

| *) lrp->Associatedlrp.SystemBuffer; 
36929| Out = (WCHAR*) 

| I rp-> Associated I rp . System Buff er; 
36930| 

36931 1 lrp->loStatus. Status = 

| SbGetKernelSnapShotVolumes((pkSnapShotMaster)ln->KernelS 

| napShotPointer,Out,&Return); 
36932 1 if ( 

| NT_SUCCESS(lrp->loStatus.Status) ) { 
36933| lrp->loStatus. Information = 

| Return; 
36934| } 
36935| break; 
36936| } 

36937| case IOCTL_REVERT_TO_PRISTINE: { 

36938| // METHOD_BUFFERED 

36939| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36940| tPSM_SnapShotPointer *KernelPointer 

| = (tPSM_SnapShotPointer 

| *) I rp-> Associated I rp. System Buff er; 
36941 1 lrp->loStatus. Status = 

| SbRemoveVirtualWrites((tkSnapShotMaster 

| *)KernelPointer->KernelSnapShotPointer); 
36942 1 break; 
36943 1 } 

36944| case IOCTL_REVERT_TO_SNAPSHOT: { 

36945| pPSM_RevertToSnapShotln In = 

| (pPSM_RevertToSnapShotln)lrp->Associatedlrp.SystemBuffer 

I ; 

36946| ULONG revertUndoSequence = 0; 

36947| lrp->loStatus. Status = 

| SbRevertToSnapShot_SeparateThread ( 
36948| (tkSnapShotMaster *) 

| (ln->KernelSnapShotPointer), 
36949| NULL, 

| //volumeDeviceObject==NULL means "revert all volumes in 

| snapshot" 
36950| ln->RevertFlags, 
36951 1 revertUndoSequence ); 



36952| break; 
36953| } 

36954| case IOCTL_GET_USER_NAME: { 

36955| // METHOD BUFFERED 

36956| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36957| WCHAR *Buffer = 

| (WC H A R*) I rp->Associated I rp . System Buff er; 
36958| tPSM_SnapShotPointer *KernelPointer 

| = (tPSM_SnapShotPointer 

| *) I rp-> Associated I rp. System Buff er; 
36959| lrp->loStatus. Status = 

| SbGetUserName((tkSnapShotMaster 

| *)KernelPointer->KernelSnapShotPointer,Buffer,plrpStack- 

| >Parameters.DeviceloControl.OutputBufferLength); 
36960| if ( lrp->loStatus.Status==0 ) { 

36961 1 lrp->loStatus. Information = 

| NumBytes(Buffer)+sizeof(WCHAR); 
36962 1 } 
36963 1 break; 
36964| } 

36965| case lOCTL SET USER NAME: { 

36966| // METHOD_BUFFERED 

36967| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
36968| tPSM_SetUserNameln *Buffer = 

| (tPSM_SetUserNameln*)lrp->Associatedlrp.SystemBuffer; 
36969 1 if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength> 

| =sizeof(tPSM_SetUserNameln ) ) { 
36970| lrp->loStatus.Status = 

| SbSetUserName((pkSnapShotMaster)Buffer->KernelSnapShotPo 

| inter, Buffer->Name,sizeof(Buffer->Name)); 
36971 1 } else { 

36972| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL input buffer not big enough\n")); 
36973| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36974| } 
36975 1 break; 
36976| } 
36977| 

36978| case IOCTL_SET_FLUSH_ROUTINE : { 

36979| pSetFlushRoutine Buffer=NULL; 

36980 | 
36981 | 

| Debug(DEBUG_PROCCALL,("PSManDeviceControlObject: 

| SetFlushRoutine\n")); 
36982| // METHOD_BUFFERED 

36983| // lrp->Associatedlrp.SystemBuffer 



I = Input/Output buffer 
36984| 

36985| lrp->loStatus. Information = 0; 

36986| 

36987| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tSet Flush Routine) ) { 
36988| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
36989| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
36990| break; 
36991| } 
36992| 

36993| Buffer = (tSetFlushRoutine *) 

| I rp-> Associated I rp. System Buff er; 
36994| if ( Buffer->ZwFlushBuffersFile ) { 

36995| lrp->loStatus.Status = 

| SetFlushRoutine(Buffer->ZwFlushBuffersFile); 
36996| } else { 

36997| lrp->loStatus.Status = 

| STATUS_I N VALI D PARAM ETER; 
36998| } 
36999| 

37000| break; 
37001| } 

37002| case IOCTL_OPEN_EX : { 

37003| tkSnapShotMaster *Master=NULL; 

37004| // METHOD_BUFFERED 

37005| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37006| 

37007| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >= sizeof(PVOID) ) { 
37008| Master = 

| *((pkSnapShotMaster*)(lrp->Associatedlrp.SystemBuffer)); 
37009| } 
37010| 
37011| 

| Debug(DEBUG_PROCCALL,("PSManDeviceControlObject: 
| OpenExclusive %08x\n", Master)); 
37012| 

37013| lrp->loStatus. Status = 

| SbOpenExclusive(Master); 
37014| break; 
37015| } 

3701 6| case IOCTL_CLOSE_EX : { 

3701 7| tkSnapShotMaster *Master=NULL; 

37018| // METHOD_BUFFERED 



37019| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37020| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >= sizeof(PVOID) ) { 
37021 1 Master = 

| *((pkSnapShotMaster*)(lrp->Associatedlrp.SystemBuffer)); 
37022 1 } 
37023| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 
| CloseExclusive %08x\n",Master)); 
37024| 

37025| lrp->loStatus. Status = 

| SbCloseExclusive(Master); 
37026| break; 
37027| } 

37028| case IOCTL_GET_PROGRESS : { 

37029| tPSM_GetProgressOut *Buffer=NULL; 

37030| tkSnapShotMaster *Master=NULL; 

37031 1 // METHOD_BUFFERED 

37032| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37033 1 
37034| 

37035| if ( 

| pi rpStack->Parameters. DeviceloControl. I nputBufferLength 

| >= sizeof(PVOID) ) { 
37036| Master = 

| *((pkSnapShotMaster*)(lrp->Associatedlrp.SystemBuffer)); 
37037| } 
37038| 
37039| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 
| GetProgress %08x\n", Master)); 
37040 1 

37041 1 if ( 

| plrpStack->Parameters. DeviceloControl. OutputBufferLength 

| < sizeof(tPSM_GetProgressOut) ) { 
37042| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37043| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37044| break; 
37045| } 
37046| 

37047| Buffer = (tPSM_GetProgressOut *) 

| I rp->Associated I rp. System Buff er; 
37048| 

37049| lrp->loStatus. Status = 

| SbGetProgress(Master, Buffer); 



37050| if ( 

| NT_SUCCESS(lrp->loStatus.Status) ) { 
37051 1 lrp->loStatus. Information = 

| sizeof(tPSM_GetProgressOut); 
37052 1 } 
37053| break; 
37054| } 

37055| case IOCTL_FREE_VOLUME : { 

37056| tPSM_Free Volume *Buffer=NULL; 

37057| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| FreeVolumes\n M )); 
37058| // METHOD_BUFFERED 

37059| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37060| 

37061 1 if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSM_Free Volume) ) { 
37062| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37063| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37064| break; 
37065| } 
37066| 

37067| Buffer = (struct sPSM_FreeVolume *) 

| I rp-> Associated I rp . System Buff er ; 
37068| 

37069| lrp->loStatus. Status = 

| SbFreeVolume(Buffer); 
37070| break; 
37071 1 } 

37072 1 case IOCTL_GET_VOLUME_STATS : { 

37073| WCHAR *VolumeName = (WCHAR 

| *) I rp-> Associ ated I rp . System Buff er; 
37074| tPSM_GetStatsRecord *Stats = 

| (tPSM_GetStatsRecord *) 

| I rp-> Associated I rp. System Buff er; 
37075| PDEVICE_OBJECT DevObj; 

37076| 
37077| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| GetVolumeStatsVn")); 
37078| // METHOD BUFFERED 

37079| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37080 1 

37081 1 if ( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 



I < sizeof(tPSM_GetStatsRecord) ) { 
37082| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37083| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37084| break; 
37085| } 
37086| 

37087| DevObj = 

| GetObjectFromName(VolumeName); 
37088| if ( DevObj ) { 

37089| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
37090| 

37091 1 // FIXFIXFIX shortcut for 

| converting to kilobytes 
37092 1 Stats->Nu m berOfWrites . Quad Part 

| = DevExt->NumberOfWriteRequests; 
37093| 

| Stats->KilobytesWritten.QuadPart 

| DevExt->SectorsWritten /2; 
37094| Stats->NumberOfReads.QuadPart 

| = DevExt->NumberOfReadRequests; 
37095| Stats->KilobytesRead.QuadPart 

| = DevExt->SectorsRead /2; 
37096| 

| Stats->KilobytesSentToCacheFile.QuadPart= 
| DevExt->CacheWrites; 
37097| 

37098| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
37099| lrp->loStatus. Information = 

| sizeof(tPSM_GetStatsRecord); 
37100| }else{ 
37101| DevObj = 

| GetObjectFromVDiskName(VolumeName); 
37102| 

37103| if (DevObj ){ 

371 04| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
37105| 
37106| 

| ASSERT(PsmGetObjectType(DevObj) == OBJECT_VIRTUALDISK); 
37107| 

| Stats->NumberOfWrites.QuadPart 
| DevExt->NumberOfWriteRequests; 
37108| 

| Stats->KilobytesWritten.QuadPart 
| DevExt->SectorsWritten /2; 
37109| 



I Stats->NumberOfReads.QuadPart 
| DevExt->NumberOfReadRequests; 
37110| 

| Stats->KilobytesRead.QuadPart 
| DevExt->SectorsRead / 2; 
37111| 

| Stats->KilobytesSentToCacheFile.QuadPart= 
| DevExt->CacheWrites; 
37112| 

371 13| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
371 14| lrp->loStatus. Information = 

| sizeof(tPSM_GetStatsRecord); 
37115| }else{ 
371 1 6| lrp->loStatus.Status = 

| STATUS_I N VALI D_PARAM ETER; 
37117| } 
37118| } 
37119| 

37120| break; 
37121| } 

37122| case IOCTL FREE RANGES : { 

37123| tPSM_FreeRanges *Buffer=NULL; 

37124| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| FreeRanges\n")); 
37125| // METHOD BUFFERED 

37126| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37127| 

37128| if( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSM_FreeRanges) ) { 
37129| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37130| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37131| break; 
37132| } 
37133| 

371 34| Buffer = (tPSM_FreeRangesW *) 

| I rp->Associated I rp. System Buff er; 
37135| 

37136| if( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

l< 

| (Buffer->NumberOfRanges*sizeof(tPSM_RangeList))+sizeof(t 
| PSM_FreeRanges) ) { 
37137| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 



37138| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37139| break; 
37140| } 
37141| 

37142| lrp->loStatus. Status = 

| Sb Free Ranges (Buffer); 
37143| break; 
37144| } 

37145| case IOCTL_GET_VOLUME_INFO: { 

371 46| tPSMVolumelnfoOut *Out=NULL; 

37147| tPSMVolumelnfoln *ln=NULL; 

37148| PDEVICE_OBJECT DevObj; 

37149| 

37150| // METHOD_BUFFERED 

37151 1 // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37152| 
37153| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| TurnOnPsm\n")); 
37154| if( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tPSMVolumelnfoln) ) { 
37155| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37156| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37157| break; 
37158| } 

37159| In = (tPSMVolumelnfoln *) 

| I rp-> Associated I rp. System Buff er; 
37160| Out = (tPSMVolumelnfoOut *) 

| I rp-> Associated I rp. System Buff er; 
37161| 

37162| if ( (!ln) || 

| (ln->Size!=sizeof(tPSMVolumelnfoln)) ) { 
37163| Debug(DEBUG_DEVCON, ("Error! 

| Buffer is NULL or not right size\n")); 
371 64| lrp->loStatus.Status = 

| STATUS_I N VALI D_PARAM ETER; 
37165| break; 
37166| } 
37167| 

37168| if( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| < sizeof(tPSMVolumelnfoOut) ) { 
37169| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
371 70| lrp->loStatus.Status = 



I STATUS_INVALID_BUFFER_SIZE; 
37171| break; 
37172| } 
37173| 

37174| DevObj = 

| GetObjectFromVDiskName(ln->VolumeName); 
37175| if(DevObj){ 
371 76| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
371 77| Out->ClusterOOffset = 

| DevExt->ClusterOOffset; 
371 78| lrp->loStatus.Status = 0; 

37179| lrp->loStatus. Information = 

| sizeof(tPSMVolumelnfoOut); 
37180| }else{ 
371 81 1 lrp->loStatus.Status = 

| STATUS_I N VALI D PARAM ETER; 
37182| } 
37183| 

37184| break; 
37185| } 

37186| case IOCTL_TURNON_PSM :{ 

371 87| tOpenTransactionlnlnternal 

| *Buffer=NULL; 
37188| tOpenPsmThread *Thread=NULL; 

37189| // METHOD_BUFFERED 

37190| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37191| 
37192| 

| Debug(DEBUG_PROCCALL,("PSManDeviceControlObject: 

| TurnOnPsm\n")); 
37193| if( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tOpenTransactionlnlnternal) ) { 
37194| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37195| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37196| break; 
37197| } 
37198| Buffer = 

| (tOpenTransactionlnlnternal *) 

| I rp-> Associated I rp. System Buff er; 
37199| 

37200| if ((IBuffer) || 

| (Buffer->Size!=sizeof(tOpenTransactionlnlnternal)) ) { 
37201 1 Debug(DEBUG_DEVCON, ("Error! 

| Buffer is NULL or not right size\n")); 
37202| lrp->loStatus.Status = 



I STATUS_I N VALI D_PARAM ETER; 



37203| break; 
37204| } 
37205| 

37206| if ( (Buffer->lnternalFlags & 



| PSM_IFLAG_NEW_SNAPSHOT) && 
37207| 

| (plrpStack->Parameters.DeviceloControl.OutputBufferLengt 

| h < sizeof(tOpenTransactionOutlnternal)) ) { 
37208| Debug(DEBUG_DEVCON, ("Error! 

| IOCTL buffer not big enough\n")); 
37209| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37210| break; 
37211| } 
37212| 
37213| 

37214| Debug(DEBUG_INFO,("PSMan: 

| PsGetCurrentProcess=%08x " 
37215| 

| "PsGetCurrentThread=%08x " 
37216| 

| "loGetCurrentProcess=%08x " 
37217| 

| "KeGetCurrentThread=%08x " 
37218| "User 

| Thread=%08x\n", 
37219| 

| PsGetCurrentProcess(), 
37220| 

| PsGetCurrentThread(), 
37221 | 

| loGetCurrentProcess(), 
37222 | 

| KeGetCurrentThread(), 
37223 1 

| lrp->Tail. Overlay. Thread 
37224| )); 
37225| 

37226| // we are going to do this async 

37227| Thread = (tOpenPsmThread *) 

| MemAllocatePoolWithTag(PagedPool,sizeof(tOpenPsmThread), 

| OPENTHREADTAG); 
37228| if ( Thread ) { 

37229| Thread->lrp = Irp; 

37230| Thread->OTI = Buffer; 

37231 1 Thread->OTOSize = 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

I; 

37232| Thread->OTISize = 



I plrpStack->Parameters.DeviceloControl.lnputBufferLength; 
37233| Hint -save -e740 7 

37234| Thread->User = FindPSMUser( 

| PsGetCurrentProcess() , PsGetCurrentThread() ); 
37235| Hint -restore 7 

37236| if ( Thread->User ) { 

37237| HANDLE TempHandle=NULL; 

37238| 

37239| #if _WIN32_WINNT < 0x0500 

37240| #define EVENT_QUERY_STATE 0x0001 

37241 1 #define EVENT_MODIFY_STATE 0x0002 // winnt 

37242 1 #define EVENT_ALL_ACCESS 

| (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|0x3) //winnt 
37243| #endif 
37244| 

37245| if ( 

| lsValidHandle(Buffer->ErrorEvent) ) { 
37246 1 // get system wide 

| object from process specific handle 
37247| ntStatus = 

| ObReferenceObjectByHandle( 
37248| 

| Buffer->ErrorEvent, //IN HANDLE Handle, 
37249 1 

| EVENT_MODIFY_STATE, //IN ACCESS_MASK Desired Access, 
37250 | 

| *ExEventObjectType, //IN POBJECT_TYPE ObjectType 
| OPTIONAL, 
37251 | 

| lrp->RequestorMode, //IN KPROCESSOR_MODE AccessMode, 
37252 1 

| (PVOID *) &Thread->User->ErrorEvent, //OUT PVOID 
| *Object, 
37253 1 

| NULL //OUT POBJECTJHANDLEJNFORMATION Handlelnformation 
| OPTIONAL 

37254| 

I); 

37255| 

37256| if ( 

| !NT_SUCCESS(ntStatus) ) { 
37257| 

| Debug(DEBUG_DEVCON, ("Error %08x getting object for 
| error event %08x\n", ntStatus, Buffer->ErrorEvent)); 
37258| 

| Thread->User->ErrorEvent=NULL; 
37259 1 } 
37260 1 } 
37261 1 if ( 

| lsValidHandle(Buffer->AbortEvent) ) { 



37262 1 // get system wide 

| object from process specific handle 
37263| ntStatus = 

| ObReferenceObjectByHandle( 
37264| 

| Buffer->AbortEvent, //IN HANDLE Handle, 
37265| 

| EVENT_QUERY_STATE, //IN ACCESS_MASK Desired Access, 
37266| 

| *ExEventObjectType, //IN POBJECT_TYPE ObjectType 
| OPTIONAL, 
37267| 

| lrp->RequestorMode, //IN KPROCESSOR_MODE AccessMode, 
37268| 

| (PVOID *) &Thread->User->AbortEvent, //OUT PVOID 
| *Object, 
37269| 

| NULL //OUT POBJECTJHANDLEJNFORMATION Handle Information 
| OPTIONAL 
37270| 

I); 

37271 1 

37272 1 if ( 

| !NT_SUCCESS(ntStatus) ) { 
37273 1 

| Debug(DEBUG_DEVCON, ("Error %08x getting object for 
| abort event %08x\n",ntStatus,Buffer->AbortEvent)); 
37274| 

| Thread->User->AbortEvent=NULL; 
37275| } 
37276| } 
37277| 

37278| // its pending so do not 

| complete the request 
37279| lrp->loStatus.Status = 

| STATUS_PENDING; 
37280| loMarklrpPending(lrp); 
37281 | 

37282 1 ntStatus = pmStartThread( 

37283 1 

| (PKSTART_ROUTINE)SbOpenPsmThread, // IN 
| P KST A RT RO UTI N E StartRoutine, 
37284| 

| (PVOID)Thread, // IN PVOID 

| StartContext 
37285| 

| &TempHandle // OUT PHANDLE 

| ThreadHandle, 
37286| ); 
37287| if ( NT_SUCCESS(ntStatus) ) 



I{ 

37288| // dont need the handle 

| anymore. 

37289| ZwClose(TempHandle); 
37290| TempHandle=NULL; 
37291| 

I try_return(CompleteRequest = FALSE); 
37292| } else { 

37293| 

| Debug(DEBUG_DCPSM,("Error%08x creating 

| thread\n",ntStatus)); 
37294| lrp->loStatus. Status = 

| ntStatus; 
37295| if ( 

| Thread->User->AbortEvent ) { 
37296| 

| ObDereferenceObject(Thread->User->AbortEvent); 
37297| } 
37298| if ( 

| Thread->User->ErrorEvent ) { 
37299| 

| ObDereferenceObject(Thread->User->ErrorEvent); 
37300| } 
37301| 

| Thread->User->AbortEvent = NULL; 
37302| 

| Thread->User->ErrorEvent = NULL; 
37303| FREE_POINTER(Thread); 
37304| } 
37305| } else { 

37306| Debug(DEBUG_DCPSM,("PSM can 

| not find user!!!! failing open %08x 

| %08x\n M ,PsGetCurrentProcess() , PsGetCurrentThread())); 
37307| lrp->loStatus.Status = 

| STATUSJNVALIDJHANDLE; 
37308| FREE_POINTER(Thread); 
37309| } 
37310| }else{ 

3731 1 1 Debug(DEBUG_DCPSM,("Out of 

| memory for new thread struct")); 
37312| lrp->loStatus.Status = 

| STATUSJNSUFFICIENT_RESOURCES; 
37313| } 
37314| break; 
37315| } 

37316| case IOCTL_TURNOFF_PSM : { 

37317| tClosePSMInternal *Buffer=NULL; 

37318| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 
| TurnOffPsm\n")); 



37319| // METHOD_BUFFERED 

37320| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37321| 

37322| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tClosePSMInternal) ) { 
37323| lrp->loStatus.Status = 

| SbClosePSM(NULL); 
37324| } else { 

37325| Buffer = (tClosePSM Internal *) 

| I rp-> Associated I rp. System Buff er; 
37326| lrp->loStatus.Status = 

| SbClosePSM(Buffer); 
37327| } 
37328| break; 
37329| } 

37330| case IOCTL_GET_VERSION : { 

37331 1 tPSM_Versionlnfo *Buffer=NULL; 

37332 | 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| GetVersion\n")); 
37333| // METHOD_BUFFERED 

37334| // lrp->Associatedlrp.SystemBuffer 

| = Input/Output buffer 
37335| 

37336| if ( 

| pi rpStack->Parameters. DeviceloControl. I nputBufferLength 

| < sizeof(DWORD) ) { 
37337| Debug(DEBUG_DEVCON, ("Error! 

| Input IOCTL buffer not big enough\n")); 
37338| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37339 1 break; 
37340 1 } 
37341 | 

37342 1 if ( 

| pi rpStack->Parameters. DeviceloControl. OutputBufferLength 

| < sizeof(tPSM_Versionlnfo2) ) { 
37343| Debug(DEBUG_DEVCON, ("Error! 

| Output IOCTL buffer not big enough\n")); 
37344| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37345| break; 
37346| } 
37347| 

37348| Buffer = (struct _sPSM_Versionlnfo2 

| *) lrp->Associatedlrp.SystemBuffer; 
37349 1 

37350| if ( !Buffer ) { 



37351 1 Debug(DEBUG_DEVCON, ("Error! 

| Buffer is NULL\n")); 
37352| lrp->loStatus.Status = 

| STATUS_I N VALI D PARAM ETER; 
37353 1 break; 
37354| } 
37355| 

37356| // inbound is a DWORD size 

37357| // we are doing this on the fact 

| that the input and output buffers 
37358| // are the same and that Size is 

| the first argument of the output. 
37359 1 

37360| #include "buildnum.h" 
37361 1 

37362| if ( 

| (Buffer->Size==sizeof(tPSM_Versionlnfo1)) || 

| (Buffer->Size==sizeof(tPSM_Versionlnfo2)) ) { 
37363| Buffer->Version 

| (_BuildNumber_« 16) | PSM_CURRENT_VERSION; 
37364| Buffer->LoVersion 

| PSM_LOW_COMPATIBLE_VERSION; 
37365| Buffer->OSType 

| PSM_OS_WIN_NT_SERVER; // FIXFIXFIX 
37366| Buffer->OSVersion 

| 0x04000565; // FIXFIXFIX (nt 4.0 build 1381) 
37367| Buffer->CommunicationMethods = 

|0; 
37368| 

37369| lrp->loStatus.Status 
|0; 

37370| lrp->loStatus. Information = 

| sizeof(tPSM_Versionlnfo); 
37371 1 } else { 

37372| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37373 1 } 
37374| break; 
37375| } 

37376| case I OCTL_G ET_E R RO R : { 

37377| tPSM_GetErrorOut *Buffer=NULL; 

37378| tkSnapShotMaster *Master=NULL; 

37379 1 

37380| // METHOD_OUT_DIRECT 

37381 1 // lrp->MdlAddress = Output buffer 

37382| // lrp->Associatedlrp.SystemBuffer 

| = Input buffer 
37383| 

37384| if ( 

| plrpStack->Parameters.DeviceloControl.lnputBufferLength 



I >= sizeof(PVOID) ) { 
37385| Master = 

| *((pkSnapShotMaster*)(lrp->Associatedlrp.SystemBuffer)); 
37386| } 
37387| 
37388| 

| Debug(DEBUG_PROCCALL,( M PSManDeviceControlObject: 

| Get Error %08x\n", Master)); 
37389| 
37390| 

37391| if( 

| plrpStack->Parameters.DeviceloControl.OutputBufferLength 

| < sizeof(tPSM_GetErrorOut) ) { 
37392| Debug(DEBUG_DEVCON, ("Error! 

| Output IOCTL buffer not big enough\n")); 
37393| lrp->loStatus.Status = 

| STATUS_INVALID_BUFFER_SIZE; 
37394| break; 
37395| } 
37396| 

37397| Hint -save -e641 7 

37398| #if _WIN32_WINNT >= 0x0500 

37399| Buffer = (tPSM_GetErrorOut *) 

| MmGetSystemAddressForMdlSafe( lrp->MdlAddress, 

| NormalPagePriority ); 
37400 1 #else 

37401 1 Buffer = (tPSM_GetErrorOut *) 

| MmGetSystemAddressForMdl( lrp->MdlAddress ); 
37402| #endif 

37403| Hint -restore 7 

37404| 

37405| if ( !Buffer ) { 

37406| Debug(DEBUG_DEVCON, ("Error! 

| Buffer is NULLVn")); 
37407| lrp->loStatus.Status = 

| STATUS_I N VALI D_PARAM ETER; 
37408| break; 
37409 1 } 
37410| 

3741 1 1 if ( (Master) && 

| (Master->Status!=0) ) { 
3741 2| // reason snapshot failed 

3741 3| Buffer->ErrorCode = 

| Master->Status; 
37414| }else{ 
37415| // reason psm failed 

3741 6| Buffer->ErrorCode = 

| LastErrorStatus; 
37417| } 
37418| 



37419| // same here, except it will get 

| converted to the Win32 error code 
37420| // by the io manager for us. this 

| is the reason we use METHOD OUT DIRECT 
37421 1 // is so we can return a error 

| code, otherwise, when buffering, the buffer 
37422| // will not be copied into the user 

| buffer. 

37423| lrp->loStatus. Status 

| Buffer->ErrorCode; 
37424| lrp->loStatus. Information = 

| sizeof(tPSM_GetErrorOut); 
37425| break; 
37426| } 

37427| case IOCTL_SET_WIN32_LINK : { 

37428| pPSM_SetWin32Link 

| Link=(pPSM_SetWin32Link)lrp->Associatedlrp.SystemBuffer; 
37429| NTSTATUS 

| Status=STATUS_INVALID_BUFFER_SIZE; 
37430| HANDLE TempHandle; 

37431| 

37432| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >= sizeof(tPSM_SetWin32Link)) { 
37433| // launch thread in system process 

37434| 

| PsCreateSystemThread(&TempHandle,THREAD_ALL_ACCESS,NULL, 

| NULL,NULL,DoLink,Link); 
37435| // and wait for it to finish 

37436| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
37437| ZwClose(TempHandle); 
37438| Status = (NTSTATUS)Link->Operation; 

37439| } 
37440| 

37441| lrp->loStatus.Status = Status; 

37442| lrp->loStatus. Information = 0; 

37443| break; 
37444| } 
37445| 

37446| default: 

37447| Debug(DEBUG_ERROR, ("Error! Unknown 

| IOCTL received\n")) ; 
37448| lrp->loStatus.Status = 

| STATUS_NOT_IMPLEMENTED ; 
37449| break; 
37450| } 

37451 1 try_exit: NOTHING; 

37452 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 



37453| lrp->loStatus. Status = GetExceptionCode(); 

37454| Debug(DEBUG_THREAD,("PSManDeviceControlObject: 

| Error! Exception %08x\n", lrp->loStatus.Status)); 
37455| } 
37456| 

37457| ntStatus = lrp->loStatus. Status; 
37458| if ( CompleteRequest ) { 

37459| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
37460| } 
37461 1 

37462| //Debug (DEBUG_PROCCALL,( M PSManDeviceControlObject 

| Done\n")) ; 
37463| return ntStatus; 
37464| } //end PSManDeviceControlObject() 
37465| 
37466| 
37467| 

37468| /* 



37469 1 STATIC NTSTATUS 
37470| PSManDiskGetGeometry( 

37471 1 IN PDEVICE_OBJECT DeviceObject, 

37472| IN PIRP Irp, 

37473| IN PVOID /*Context7 

37474| ) 

37475| 

37476| /*++ 

37477| 

37478| Routine Description: 
37479 1 

37480| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
37481 | 

37482| Called at <=DISPATCH_LEVEL 

37483| Arguments: 

37484| 

37485| DeviceObject - Pointer to device object to being 

| shutdown by system. 
37486| Irp - IRP involved. 
37487| Context - NULL 
37488| 

37489| Return Value: 
37490 1 

37491| NTSTATUS 

37492| 

37493| -7 

37494| 

37495| { 

37496| //NOT_REFERENCED(Context); 
37497| PFILTERED_EXTENSION DevExt = 



I GetFilteredExtension(DeviceObject); 
37498| 

37499| // if removable, adjust what we know about the 
| device 

37500| if ( lrp->loStatus.Status==0 ) { 
37501 1 PDISK_GEOMETRY Geometry = 

| (PDISK_GEOMETRY)lrp->Associatedlrp.SystemBuffer; 
37502 1 

37503 1 if ( Geometry ) { 

37504| PSBPSMAN_EXTENSION SbotExt = 

| (PSBPSMAN_EXTENSION) GetDeviceExtension(PSManObject); 
37505| 

| ASSERT(SbotExt->ObjectType==OBJECT_INTERNAL); 
37506| 

37507| // get the disk geometry 

37508| DevExt->Cylinders 

| Geometry->Cylinders; 
37509| DevExt->MediaType 

| Geometry->MediaType; 
37510| DevExt->TracksPerCylinder 

| Geometry->TracksPerCylinder; 
37511| DevExt->SectorsPerTrack 

| Geo metry->SectorsPerT rack; 
37512| DevExt->BytesPerSector 

| Geometry->BytesPerSector; 
37513| 

37514| // save largest BPS request 

37515| if ( DevExt->BytesPerSector > 

| SbotExt->LargestBPS ) { 
3751 6| SbotExt->LargestBPS = 

| DevExt->BytesPerSector; 
37517| } 
37518| 
37519| 

37520| Debug (D EBUG_D E VCON , (" DevCo n : GetGeomtry: 

| Device=%p, Cyls=%l64d, Heads=%d, SPT=%d, BPS=%d\n", 
37521 1 DevExt->DeviceObject, 
37522| Geometry->Cylinders, 
37523 | 

| Geometry->TracksPerCylinder, 
37524| 

| Geo metry->SectorsPerT rack, 
37525| 

| Geometry->BytesPerSector 



37526| )); 
37527| 

37528| } else { 

37529| Debug(DEBUG_DEVCON, ("Error! buffer 



| NULL\n")); 
37530| } 



37531 | } 
37532 1 

37533| if ( lrp->PendingReturned ) { 

37534| // Debug(DEBUG_DEVCON, ("Marking Irp as 

| pending\n")); 
37535| loMarklrpPending(lrp); 
37536| } 
37537| 

37538| // Debug(DEBUG_PROCCALL,("PSManDiskGetGeometry 

| Done\n")); 
37539| return STATUS_SUCCESS; 
37540 1 } 
37541 1 

37542| #ifdef DEBUG 
37543 1 

37544| r 



37545| STATIC NTSTATUS 
37546| PSManDiskGetDrivel_ayout( 

37547| IN PDEVICE_OBJECT DeviceObject, 

37548| IN PIRP Irp, 

37549| IN PVOID /'Context*/ 

37550 1 ) 

37551 | 

37552| /*++ 

37553 1 

37554| Routine Description: 
37555| 

37556| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
37557| 

37558| Called at <=DISPATCH_LEVEL 
37559| Arguments: 
37560 1 

37561 1 DeviceObject - Pointer to device object to being 

| shutdown by system. 
37562| Irp - IRP involved. 
37563| Context - NULL 
37564| 

37565| Return Value: 
37566| 

37567| NTSTATUS 

37568| 

37569 1 --*/ 

37570 1 

37571 | { 

37572| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
37573| ULONG partNumber; 
37574| 



37575| //NOT_REFERENCED(Context); 
37576| 

37577| // if removable, adjust what we know about the 
| device 

37578| if ( lrp->loStatus.Status==0 ) { 

37579| PDRIVE_LAYOUT_INFORMATION partition I nfo= 

| (PDRIVE_LAYOUT_INFORMATION)lrp->Associatedlrp.SystemBuff 
I er; 

37580| 

37581| if ( partitionlnfo ) { 

37582| Debug(DEBUG_DEVCON,("%d partitions 

| found\n",partitionlnfo->PartitionCount)); 
37583| for ( partNumber = 0; partNumber < 

| partitionlnfo->PartitionCount; partNumber++ ) { 
37584| Debug(DEBUG_DEVCON,( M %2d,%2d: 

| Offset=%08x%08x, Length=%08x%08x, Hidden=%08x, 

| Type=%02x\n", 
37585| DevExt->DiskNumber, 
37586| partNumber, 
37587| 

| partitionlnfo->PartitionEntry[partNumber].StartingOffset 
| .HighPart, 
37588| 

| partitionlnfo->PartitionEntry[partNumber].StartingOffset 
| .LowPart, 
37589| 

| partitionl nfo->Partition Entry[partNu mber] . PartitionLengt 
| h. HighPart, 
37590| 

| partitionlnfo->PartitionEntry[partNumber]. PartitionLengt 
| h. LowPart, 
37591| 

| partition I nfo-> Partition Entry[partNu mber] . H iddenSectors, 
37592| 

| partitionl nfo->Partition Entry[partNu mber] . PartitionType 



37593| )); 
37594| 

37595| } 
37596| 

37597| } else { 

37598| Debug(DEBUG_DEVCON, ("Error! buffer 



| NULL\n")); 
37599| } 
37600| } 
37601| 

37602| if ( lrp->PendingReturned ) { 

37603| // Debug(DEBUG_DEVCON,("Marking Irp as 

| pending\n")); 
37604| loMarklrpPending(lrp); 
37605| } 



37606| 

37607| // Debug(DEBUG_PROCCALL,("PSManDiskGetDriveLayout 

| Done\n")); 
37608| return STATUS_SUCCESS; 
37609| } 
37610| #endif 
3761 1 1 

37612| #if _WIN32_WINNT>=0x0500 

37613| /* 



37614| STATIC NTSTATUS 

37615| PSManDiskGetDeviceNumber( 

37616| IN PDEVICE_OBJECT DeviceObject, 

37617| IN PIRP Irp, 

37618| IN PVOID /*Context7 

37619| ) 

37620| 

37621| /*++ 

37622| 

37623| Routine Description: 
37624| 

37625| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
37626| 

37627| Called at <=DISPATCH_LEVEL 

37628| Arguments: 

37629| 

37630| DeviceObject - Pointer to device object to being 

| shutdown by system. 
37631 1 Irp - IRP involved. 
37632| Context - NULL 
37633 | 

37634| Return Value: 
37635| 

37636| NTSTATUS 

37637| 

37638| -7 

37639 1 

37640 1 { 

37641| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
37642| 

37643| if ( lrp->loStatus.Status==0 ) { 
37644| PSTORAGE_DEVICE_NUMBER 

| DevNum=(PSTORAGE_DEVICE_NUMBER)lrp->Associatedlrp. System 

| Buffer; 

37645| Debug(DEBUG_DEVCON, ("Device %X is DT %X device 
| %d partition %d 

| (%S)\n M , DeviceObject, DevNum->DeviceType,DevNum->DeviceNu 
| mber,DevNum->PartitionNumber,DevExt->Name)); 



37646| } else { 

37647| Debug(DEBUG_DEVCON,( M GetDeviceNumber: Error 

| %08x\n",lrp->loStatus. Status)); 
37648| } 
37649| 

37650| if ( lrp->PendingReturned ) { 
37651 1 loMarklrpPending(lrp); 
37652 1 } 
37653 | 

37654| return STATUS_SUCCESS; 

37655| } 

37656| 

37657| /* 



37658| STATIC NTSTATUS 

37659| PSManDiskGetVolumeNumber( 

37660| IN PDEVICE_OBJECT DeviceObject, 

37661| IN PIRP Irp, 

37662| IN PVOID /*Context7 

37663| ) 

37664| 

37665| /*++ 

37666| 

37667| Routine Description: 
37668| 

37669| This is the completion routine for 

| IOCTLDISKGETGEOMETRY. 
37670| 

37671 1 Called at <=DISPATCH_LEVEL 
37672| Arguments: 
37673 1 

37674| DeviceObject - Pointer to device object to being 

| shutdown by system. 
37675| Irp - IRP involved. 
37676| Context - NULL 
37677| 

37678| Return Value: 
37679 1 

37680 1 NTSTATUS 
37681 | 
37682 1 -7 
37683 1 
37684| { 

37685| PFILTERED_EXTENSION DevExt = GetFilteredExtension 

| (DeviceObject); 
37686| 

37687| if ( lrp->loStatus.Status==0 ) { 
37688| PVOLUME_NUMBER 

| VolNum=(PVOLUME_NUMBER)lrp->Associatedlrp.SystemBuffer; 
37689| Debug(DEBUG_DEVCON, ("Volume %X is number %d on 



I Vo-8.8s\n M ,DeviceObject,VolNum->VolumeNumber,VolNum->Vo 
| lumeManagerName)); 
37690| } else { 

37691 1 Debug(DEBUG_DEVCON,( M GetVolumeNumber: Error 

| %08x\n",lrp->loStatus. Status)); 
37692 1 } 
37693 | 

37694| if ( lrp->PendingReturned ) { 
37695| loMarklrpPending(lrp); 
37696| } 
37697| 

37698| return STATUS_SUCCESS; 

37699 1 } 

37700| 

37701| /* 



37702| STATIC NTSTATUS 
37703| PSManDiskGetDiskExtents( 

37704| IN PDEVICE_OBJECT DeviceObject, 

37705| IN PIRP Irp, 

37706| IN PVOID /*Context7 

37707| ) 

37708| 

37709| /*++ 

37710| 

37711| Routine Description: 
37712| 

37713| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
37714| 

37715| Called at <=DISPATCH_LEVEL 

37716| Arguments: 

37717| 

37718| DeviceObject - Pointer to device object to being 

| shutdown by system. 
37719| Irp - IRP involved. 
37720| Context - NULL 
37721 | 

37722| Return Value: 
37723 1 

37724| NTSTATUS 

37725| 

37726| -7 

37727| 

37728| { 

37729| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
37730 1 

37731 1 if ( lrp->loStatus.Status==0 ) { 
37732| PVOLUME_DISK_EXTENTS 



I DE=(PVOLUME_DISK_EXTENTS)lrp->Associatedlrp.SystemBuffer 

I ; 

37733| Debug(DEBUG_DEVCON, ("Device %X has %d 
| extents\n",DeviceObject,DE->NumberOfDiskExtents)); 

37734| // FIXFIXFIX !FIX!FIX! need to keep what 
| extents there are 

37735| for ( ULONG i=0;i<DE->NumberOfDiskExtents;i++ ) 
|{ 

37736| Debug(DEBUG_DEVCON,(" %08x: %l64x 

| %l64x\n",DE->Extents[i].DiskNumber,DE->Extents[i].Starti 
| ngOffset,DE->Extents[i].ExtentLength)); 

37737| } 

37738| } else { 

37739| Debug(DEBUG_DEVCON,("GetDiskExtents: Error 

| %08x\n",lrp->loStatus.Status)); 
37740| } 
37741 1 

37742| if ( lrp->PendingRetumed ) { 
37743| loMarklrpPending(lrp); 
37744| } 
37745| 

37746| return STATUS_SIICCESS; 
37747| } 
37748| 
37749 1 

37750| typedef struct s12 { 
37751 1 ULONG Datal ; 
37752| ULONG Data2; 
37753| ULONG Data3; 
37754| }t12,*p12; 
37755| 

37756| r 



37757| STATIC NTSTATUS 
37758| PSManDiskQueryUniqueld( 

37759 1 IN PDEVICE_OBJECT DeviceObject, 

37760| IN PIRP Irp, 

37761| IN PVOID /"Context*/ 

37762| ) 

37763| 

37764| /*++ 

37765| 

37766| Routine Description: 
37767| 

37768| This is the completion routine 
37769| 

37770| Called at <=DISPATCH_LEVEL 
37771 1 Arguments: 
37772 1 

37773| DeviceObject - Pointer to device object 



37774| Irp - IRP involved. 
37775| Context - NULL 
37776| 

37777| Return Value: 
37778| 

37779| NTSTATUS 

37780| 

37781 1 -7 

37782 1 

37783 1 { 

37784| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
37785| 

37786| if ( lrp->loStatus.Status==0 ) { 

37787| PMOUNTDEVJJNIQUEJD Uniqueld = 

| (PMOUNTDEV_UNIQUE_ID)lrp->Associatedlrp.SystemBuffer; 
37788| ULONG Len = LENGTH OF UNIQUE; 
37789| p12 p=(p12)&Uniqueld->Uniqueld; 
37790| 

37791 1 BufferToHexWChar( p, Uniqueld->UniqueldLength, 

| DevExt->Uniqueld, &Len); 
37792 1 

37793| Debug(DEBUG_DEVCON,("%08x: Uniqueld Len=%d, 
| %08x %08x %08x 

| (%S)\n",DeviceObject,Uniqueld->UniqueldLength, 
| p->Data1 ,p->Data2,p->Data3,DevExt->Uniqueld)); 
37794| } else { 

37795| Debug(DEBUG_DEVCON,("Uniqueld error 

| %08x\n",lrp->loStatus.Status)); 
37796| } 
37797| 

37798| if ( lrp->PendingReturned ) { 
37799| loMarklrpPending(lrp); 
37800 1 } 
37801 1 

37802| return STATUS_SUCCESS; 

37803 1 } 

37804| 

37805| r 

| ./ 

37806| STATIC NTSTATUS 

37807| PSManDiskUniqueldChangeNotify( 

37808| IN PDEVICE_OBJECT 

| DeviceObject, 
37809| IN PIRP Irp, 

37810| IN PVOID 

| /'Context*/ 
3781 1 1 ) 
37812| 
37813| /*++ 



37814 
37815 
37816 
37817 
37818 
37819 
37820 
37821 
37822 
37823 
37824 
37825 
37826 
37827 
37828 
37829 
37830 
37831 
37832 
37833 



Routine Description: 

This is the completion routine 

Called at <=DISPATCH_LEVEL 
Arguments: 

DeviceObject - Pointer to device object 
Irp - IRP involved. 
Context - NULL 

Return Value: 

NTSTATUS 

-7 
{ 



PFILTERED_EXTENSION DevExt = 
| GetFilteredExtension(DeviceObject); 
37834| 

37835| _try { 

37836| if ( lrp->loStatus.Status==0 ) { 

37837| PMOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY_OUTPUT 
| Uniqueld = 

| (PMOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY_OUTPUT)lrp->Associate 

| dlrp.SystemBuffer; 
37838| PCHAR B=(PCHAR) 

| I rp-> Associated I rp. System Buff er; 
37839| ULONG Len = LENGTH_OF_UNIQUE; 

37840| p12 

| old=(p12)(B+Uniqueld->OldUniqueldOffset); 
37841| p12 

| newid=(p1 2)(B+Uniqueld->NewUniqueldOffset); 
37842 1 

37843| BufferToHexWChar( newid, 

| Uniqueld->NewUniqueldLength, DevExt->Uniqueld, &Len); 
37844| Debug(DEBUG_DEVCON, ("Uniqueld Size=%d, 

| OldLen=%d, %08x %08x 

| %08x\n",Uniqueld->Size,Uniqueld->OldUniqueldLength,old-> 
| Data1,old->Data2,old->Data3)); 
37845| Debug(DEBUG_DEVCON,(" 
| NewLen=%d, %08x %08x %08x 

| (%S)\n",Uniqueld->NewUniqueldLength,newid->Data1 ,newid-> 
| Data2,newid->Data3,DevExt->Uniqueld)); 
37846| } else { 

37847| Debug(DEBUG_DEVCON, ("Uniqueld Change error 

| %08x\n",lrp->loStatus. Status)); 
37848| } 



37849| } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
37850| Debug(DEBUG_THREAD,("Uniqueld: Error! Exception 

| %08x\n M , GetExceptionCode())); 
37851 1 } 
37852 | 

37853| if ( lrp->PendingReturned ) { 
37854| loMarklrpPending(lrp); 
37855| } 
37856| 

37857| return STATUS_SUCCESS; 
37858| } 
37859 1 

37860| /* 



37861| STATIC NTSTATUS 

37862| PSManDiskQuerySuggestedLinkName( 

37863| IN PDEVICE_OBJECT 

| DeviceObject, 
37864| IN PIRP Irp, 

37865| IN PVOID 

| /"Context*/ 
37866| ) 
37867| 
37868| /*++ 
37869| 

37870| Routine Description: 
37871 | 

37872| This is the completion routine 
37873 1 

37874| Called at <=DISPATCH_LEVEL 

37875| Arguments: 

37876| 

37877| DeviceObject - Pointer to device object 
37878| Irp - IRP involved. 
37879| Context - NULL 
37880 1 

37881| Return Value: 
37882| 

37883| NTSTATUS 

37884| 

37885| -7 

37886| 

37887| { 

37888| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
37889| 

37890| if ( lrp->loStatus.Status==0 ) { 

37891 1 PMOUNTDEV_SUGGESTED_LINK_NAME Link= 

| (PMOUNTDEV_SUGGESTED_LINK_NAME)lrp->Associated Irp. System 



I Buffer; 

37892| Debug(DEBUG_DEVCON,("SuggestedLinkName: %d, %d: 
| '%-*.*ws'\n",Link->UseOnlylfThereAreNoOtherLinks,Link->N 
| ameLength,Link->NameLength/2,Link->NameLength/2,Link->Na 
I me)); 



37893 
37894 
37895 
37896 
37897 
37898 
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37900 
37901 
37902 

I- 
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37905 
37906 
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37923 
37924 
37925 
37926 
37927 
37928 
37929 
37930 



} 



if ( lrp->PendingReturned ) { 
loMarklrpPending(lrp); 

} 

return STATUS_SIICCESS;; 



• 7 

STATIC NTSTATUS 
PSManDiskQueryDeviceName( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp, 

IN PVOID /'Context*/ 

) 

/*++ 

Routine Description: 

This is the completion routine 

Called at <=DISPATCH_LEVEL 
Arguments: 

DeviceObject - Pointer to device object 
Irp - IRP involved. 
Context - NULL 

Return Value: 

NTSTATUS 



{ 



PFILTERED_EXTENSION DevExt = 
| GetFilteredExtension(DeviceObject); 
37931 | 

37932| if ( lrp->loStatus.Status==0 ) { 
37933| PMOUNTDEV_NAME Name= 

| (PMOUNTDEV_NAME)lrp->Associatedlrp.SystemBuffer; 
37934| Debug(DEBUG_DEVCON,("DeviceName %08x: 



I %-*.*ws\n",DeviceObject,Name->NameLength/2,Name->NameLen 

| gth/2,Name->Name)); 
37935| // update what we know about the name incase it 

| changed 
37936| 

| wcsncpy(DevExt->Name,Name->Name,Name->NameLength/sizeof( 
| WCHAR)); 
37937| 

| DevExt->Name[Name->NameLength/sizeof(WCHAR)]=L'\0'; 
37938| } 
37939| 

37940| if ( lrp->PendingReturned ) { 
37941| loMarklrpPending(lrp); 
37942| } 
37943| 

37944| return STATUS_SUCCESS; 
37945| } 
37946| #endif 
37947| 

37948| r 



37949| STATIC NTSTATUS 
37950| PSManDiskReserve( 



37951 1 IN PDEVICE_OBJECT DeviceObject, 

37952| IN PIRP Irp, 

37953 1 IN PVOID Context 

37954| ) 

37955| 



37956| { 

37957| Debug(DEBUG_DEVCON,("IOCTL_DISK_RESERVE %08x status 

| = %08x\n",DeviceObject,lrp->loStatus. Status)); 
37958| 

37959| if ( lrp->PendingReturned ) { 
37960| loMarklrpPending(lrp); 
37961 1 } 
37962 1 

37963| return STATUS_SUCCESS; 

37964| } 

37965| 

37966| r 



37967| STATIC NTSTATUS 
37968| PSManDiskRelease( 



37969| IN PDEVICE_OBJECT DeviceObject, 

37970| IN PIRP Irp, 

37971| IN PVOID Context 

37972| ) 

37973| 



37974| { 

37975| Debug(DEBUG_DEVCON,("IOCTL_DISK_RELEASE %08x status 



I = %08x\n",DeviceObject,lrp->loStatus. Status)); 
37976| 

37977| if ( lrp->PendingReturned ) { 
37978| loMarklrpPending(lrp); 
37979| } 
37980| 

37981 1 return STATUS_SUCCESS; 

37982 1 } 

37983| 

37984| 

37985| /* 



37986| STATIC NTSTATUS 

37987| PSManDiskGetPartitionlnfo( 

37988| IN PDEVICE_OBJECT 

| DeviceObject, 
37989| IN PIRP Irp, 

37990| IN PVOID /*Context7 

37991| ) 
37992| 
37993| /*++ 
37994| 

37995| Routine Description: 
37996| 

37997| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
37998| 

37999| Called at <=DISPATCH_LEVEL 

38000| Arguments: 

38001| 

38002| DeviceObject - Pointer to device object to being 

| shutdown by system. 
38003| Irp - IRP involved. 
38004| Context - NULL 
38005| 

38006| Return Value: 
38007| 

38008| NTSTATUS 

38009| 

38010| -7 

38011| 

38012| { 

38013| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
38014| 

38015| // if removable, adjust what we know about the 
| device 

38016| if ( lrp->loStatus.Status==0 ) { 

38017| PPARTITIONJNFORMATION partitionlnfo= 

| (PPARTITION_INFORMATION)lrp->Associatedlrp.SystemBuffer; 



38018| 

38019| if ( partitionlnfo ) { 

38020| DebugpEBUGJDEVCOI^rVoS': Offset=%08x%08x, 

| Length=%08x%08x, Hidden=%08x, Type=%02x\n", 
38021 1 DevExt->Name, 
38022 1 

| partitionlnfo->StartingOffset.HighPart, 
38023 1 

| partitionlnfo->StartingOffset.LowPart, 
38024| 

| partition I nfo-> PartitionLength . High Part, 
38025| 

| partition I nfo-> PartitionLength . LowPart, 
38026| 

| partitionlnfo->HiddenSectors, 
38027| 

| partitionlnfo->PartitionType 
38028| )); 
38029 1 

38030| Debug(DEBUG_DEVCON,(" 

| %08x%08x, Length=%08x%08x, Hidden=%08x, Type=%02x\n", 
38031 | 

| DevExt->Pi.StartingOffset.HighPart, 
38032 1 

| DevExt->Pi.StartingOffset.LowPart, 
38033 1 

| DevExt->Pi. PartitionLength. HighPart, 
38034| 

| DevExt->Pi . PartitionLength . LowPart, 
38035| 

| DevExt->Pi.HiddenSectors, 
38036| 

| DevExt->Pi.PartitionType 
38037| )); 
38038| 

38039| Debug(DEBUG_DEVCON,(" Bl=%08x, RP=%08x, 

| RW=%08x, PN=%08x\n", 
38040 1 

| partitionlnfo->Bootlndicator, 
38041 1 

| partitionlnfo->RecognizedPartition, 
38042 1 

| partitionlnfo->RewritePartition, 
38043 1 

| partitionlnfo->PartitionNumber 
38044| )); 
38045| 
38046| 

38047| // keep in sync with GET_PARTITION_INFO_EX 

38048| if(DevExt->Pi.PartitionLength.QuadPart < 



I partitionlnfo->PartitionLength.QuadPart) { 
38049| LARGEJNTEGER New; 

38050| 

38051 1 New.QuadPart = 

| partitionlnfo->PartitionLength.QuadPart; 
38052| // need it in the number of sectors 

38053| New.QuadPart /= 512; 

38054| 

38055| // Extend the bitmap 

38056| NTSTATUS Status = 

| ExtendFreeSpaceBitmaps( DeviceObject, New ); 
38057| if(NT_SUCCESS(Status)) { 

38058| Debug(DEBUG_DEVCON,("Success 

| extending bitmaps\n")); 
38059 1 } else { 

38060| Debug(DEBUG_DEVCON, ("Error %08x 

| extending bitmaps\n", Status)); 
38061 | } 
38062 1 } 
38063 1 

38064| // reupdate ourselves as it may have 

| changed.... (ftdisk, removable) 
38065| DevExt->Pi = *partitionlnfo; 

38066| } else { 

38067| Debug(DEBUG_DEVCON, ("Error! buffer 

| NULL\n")); 
38068| } 
38069 1 } 
38070 1 
38071 1 #if 0 

38072| if ( lrp->PendingReturned ) { 

38073| // Debug(DEBUG_DEVCON, ("Marking Irp as 

| pending\n")); 
38074| loMarklrpPending(lrp); 
38075| } 
38076| #endif 
38077| 

38078| // Debug(DEBUG_PROCCALL,("PSManDiskGetDriveLayout 

| Done\n")); 
38079| return STATUS_SUCCESS; 
38080 1 } 
38081 1 

38082| r 



38083 1 STATIC NTSTATUS 

38084| PSManDiskGetPartitionlnfoEx( 

38085| IN PDEVICE_OBJECT 

| DeviceObject, 
38086| IN PIRP Irp, 

38087| IN PVOID /'Context*/ 



38088| ) 
38089| 
38090| /*++ 
38091 | 

38092| Routine Description: 
38093 1 

38094| This is the completion routine for 

| IOCTL_DISK_GET_GEOMETRY. 
38095| 

38096| Called at <=DISPATCH_LEVEL 

38097| Arguments: 

38098| 

38099| DeviceObject - Pointer to device object to being 

| shutdown by system. 
38100| Irp - IRP involved. 
38101| Context -NULL 
38102| 

38103| Return Value: 
38104| 

38105| NTSTATUS 

38106| 

38107| --*/ 

38108| 

38109| { 

38110| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
381 1 1 1 

38112| if(lrp->loStatus.Status==0) { 

38113| PPARTITION_INFORMATION_EX partitionlnfo= 

| (PPARTITION_INFORMATION_EX)lrp->Associatedlrp.SystemBuff 
I er; 

38114| 

38115| if (partitionlnfo) { 
38116| #ifdef DEBUG 

381 1 7| Debug(D EBUG_DEVCON, ("'%S' : Ps=%08x, 

| So=%l64x, L=%l64x, pn=%d, rp=%d\n", 



38118| 


DevExt->Name, 


38119| 


partitionlnfo->PartitionStyle, 


38120| 


partitionlnfo->StartingOffset, 


38121| 


partitionlnfo->PartitionLength, 


38122| 


partitionlnfo->PartitionNumber, 


38123| 


partitionlnfo->RewritePartition 


38124| 


)); 


38125| 





| if(partitionlnfo->PartitionStyle==PARTITION_STYLE_MBR) 
|{ 

38126| Debug(DEBUG_DEVCON,(" Pt=%02x, bi=%d, 

| rp=%d, hidden=%08x\n", 
38127| partitionlnfo->Mbr.PartitionType, 
38128| partitionlnfo->Mbr.Bootlndicator, 



38129| 

| partitionlnfo->Mbr.RecognizedPartition, 
38130| partitionlnfo->Mbr.HiddenSectors 
38131| )); 
38132| }else 
38133| 

| if(partitionlnfo->PartitionStyle==PARTITION_STYLE_GPT) 
|{ 

38134| UNICODE_STRING PT; 

38135| UNICODE_STRING ID; 

38136| 

| RtlStringFromGUID(partitionlnfo->Gpt.PartitionType,&PT); 
38137| 

| RtlStringFromGUID(partitionlnfo->Gpt.Partitionld,&ID); 
38138| 

38139| Debug(DEBUG_DEVCON,(" Pt=%wZ, ld=%wZ, 

| A=%l64x, Name='%S'\n", 
38140| &PT, 
38141| &ID, 

381 42| partitionlnfo->Gpt.Attributes, 
38143| partitionlnfo->Gpt.Name 
38144| )); 

381 45| RtlFreeUnicodeString(&PT); 
38146| RtlFreeUnicodeString(&ID); 
38147| }else{ 
38148| ASSERT(FALSE); 

38149| Debug(DEBUG_DEVCON, ("Unknown partition 

I type\n")); 
38150| } 
38151| #endif 

381 52| // reupdate ourselves as it may have 

| changed.... (ftdisk, removable) 
38153| 

38154| DevExt->Pi.StartingOffset = 

| partitionlnfo->StartingOffset; 
38155| 

381 56| // keep in sync with GET PARTITION INFO 

38157| if(DevExt->Pi.PartitionLength.QuadPart < 

| partitionlnfo->Partitionl_ength.QuadPart) { 
38158| LARGEJNTEGER New; 

38159| 

38160| New.QuadPart = 

| partitionlnfo->Partitionl_ength.QuadPart; 
381 61 1 // need it in the number of sectors 

38162| New.QuadPart /= 512; 

38163| 

381 64| // Extend the bitmap 

381 65| NTSTATUS Status = 

| ExtendFreeSpaceBitmaps( DeviceObject, New ); 
38166| if(NT_SUCCESS(Status)) { 



381 67| Debug(DEBUG_DEVCON,("Success 

| extending bitmaps\n")); 
38168| }else{ 

381 69 1 Debug(DEBUG_DEVCON, ("Error %08x 

| extending bitmaps\n", Status)); 
38170| } 
38171| } 
38172| 

381 73| DevExt->Pi. PartitionLength = 



| partitionlnfo->PartitionLength; 
38174| 

| DevExt->Pi.PartitionNumber=partitionlnfo->PartitionNumbe 
|r; 
38175| 

| DevExt->Pi.RewritePartition=partitionlnfo->RewritePartit 

I ion; 
38176| 
38177| 

| if(partitionlnfo->PartitionStyle==PARTITION_STYLE_MBR) 
|{ 

381 78| // Specific to MBR partition onlys 

38179| 

| DevExt->Pi.HiddenSectors=partitionlnfo->Mbr.HiddenSector 
Is; 
38180| 

| DevExt->Pi.PartitionType=partitionlnfo->Mbr.PartitionTyp 
|e; 
38181| 

| DevExt->Pi.Bootlndicator=partitionlnfo->Mbr.Bootlndicato 
|r; 
38182| 

| DevExt->Pi.RecognizedPartition=partitionlnfo->Mbr.Recogn 

| izedPartition; 
38183| }else 
38184| 

| if(partitionlnfo->PartitionStyle==PARTITION_STYLE_GPT) 
|{ 

381 85| // we dont support this now 

38186| ASSERT(FALSE); 

38187| DevExt->Pi.HiddenSectors=0; 

38188| DevExt->Pi.PartitionType=0; 

38 1 89 1 Dev Ext-> Pi . Boot I nd icato r=0 ; 

38190| DevExt->Pi.RecognizedPartition=0; 

38191| }else{ 

38192| ASSERT(FALSE); 

38193| } 

38194| }else{ 

38195| Debug(DEBUG_DEVCON, ("Error! buffer 

| NULL\n")); 
38196| } 



38197| } 
38198| 
38199| #if 0 

38200| if (lrp->PendingReturned) { 

38201 1 // Debug(DEBUG_DEVCON, ("Marking Irp as 

I pending\n")); 
38202| loMarklrpPending(lrp); 
38203 1 } 
38204| #endif 
38205| 

38206| // Debug(DEBUG_PROCCALL,("OtManDiskGetDriveLayout 

| Done\n")); 
38207| return STATUS_SUCCESS; 
38208| } 
38209| 
38210| 

3821 1 1 r 



38212| STATIC NTSTATUS 

38213| PSManDeviceControlDevice( 

38214| PDEVICE_OBJECT DeviceObject, 

38215| PIRP Irp 

38216| ) 

38217| 

38218| /*++ 

38219| 

38220| Routine Description: 
38221 | 

38222| This device control dispatcher handles only the 

| disk performance 
38223| device control. All others are passed down to the 

| disk drivers. 

38224| The disk performane device control returns a 

| current snapshot of 
38225| the performance data. 
38226| 

38227| Arguments: 
38228| 

38229 1 DeviceObject - Context for the activity. 
38230| Irp - The device control argument block. 
38231 | 

38232| Return Value: 
38233 1 

38234| Status is returned. 

38235| 

38236| --*/ 

38237| 

38238| { 

38239| PFILTERED_EXTENSION DevExt = 
| GetFilteredExtension(DeviceObject); 



38240|// KIRQL currentlrql; 

38241 1 // PIO_STACK_LOCATION nextlrpStack = 

| lo Get Next I rpStackLocatio n ( I rp) ; 
38242| PIO_STACK_LOCATION currentlrpStack = 

| lo GetCu rrent I rpStackLocatio n ( I rp) ; 
38243| NTSTATUS Status; 
38244 1 

38245| TRACE( TRACEJOCTL, 
38246| 

| currentlrpStack->Parameters.Read.ByteOffset.HighPart, 
38247| 

| cu rrent I rpStack-> Parameters . Read . ByteOff set. LowPart, 
38248| currentlrpStack->Parameters. Read. Length, 

38249 1 cu rrent I rpStack->Parameters . Read . Key, 

38250 1 ""); 
38251 | 

38252| #ifdef DEBUG 
38253| if ( 1 ) { 
38254| 
38255| 

| switch(currentlrpStack->Parameters.DeviceloControl.loCon 
| trolCode) { 

38256| case I OCTL_STO RAG E_R ES E R V E : 

38257| case IOCTL_DISK_RESERVE : 

38258| case IOCTL_STORAGE_RELEASE : 

38259| case IOCTL_DISK_RELEASE : 

38260| case IOCTL_DISK_CHECK_VERIFY : 

38261 1 // dont display stuff on these ioctls as 

| there are a lot of them 
38262 1 break; 
38263| default: 

38264| Debug(DEBUG_DEVCON | 

| DEBUG_PROCCALL,("PSManDeviceControlDevice Device = %p, 

| Irp = %p, Flags=%08x\n", 
38265| 

| DeviceObject, Irp, lrp->Flags)); 
38266| 

38267| Debug(DEBUG_DEVCON | DEBUG_PROCCALL,(" %s 

| Major=%d, Minor=%d, Flgs=%08x, Ctrl=%08x\n", 
38268| 

| File_GetMajorFunctionName(currentlrpStack->MajorFunction 

I), 
38269 1 

| currentlrpStack->MajorFunction, 
38270 1 

| currentlrpStack->MinorFunction, 
38271 1 

| currentlrpStack->Flags, 
38272 1 

| currentlrpStack->Control 



38273| )); 
38274| 

38275| Debug(DEBUG_DEVCON,(" Outputl_en=%d, 

| lnputLen=%d, Control=%08lx (%s), Type3=%p\n", 
38276| 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 
38277| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 
38278| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38279| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 
| Control. loControlCode), 
38280| 

| currentlrpStack->Parameters.DeviceloControl.Type3lnputBu 

|ffer) 
38281| ); 
38282| break; 
38283| } 
38284| 
38285| } 
38286| #endif 
38287| 

38288| // say an io is happening, we need this for ioctls 

| because the disk partitions may change. 
38289| GetGlobalDeviceForRead(); 
38290| 

38291 1 // catch certain ioctls so we can do pre/post 

| processing. 
38292 1 switch ( 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 

|e){ 

38293| case IOCTL_DISK_SET_PARTITION_INFO_EX: { 
38294| PSET_PARTITION_INFORMATION_EX Partlnfo 

l = 

| (PSET_PARTITION_INFORMATION_EX)lrp->Associatedlrp.System 
| Buffer; 
38295| 

| if(Partlnfo->PartitionStyle==PARTITION_STYLE_MBR) { 
38296| Debug(DEBUG_DEVCON,("Devcon: 
| Partition changed to %02x from 

| %02x\n",Partlnfo->Mbr.PartitionType,DevExt->Pi. Partition 
I Type)); 

38297| DevExt->Pi.PartitionType = 

| Parti nfo->Mbr.PartitionType; 
38298| } else 

38299| 



I if(Partlnfo->PartitionStyle==PARTITION_STYLE_GPT) { 
38300| // we dont support this right now 

3830 1 1 ASS E RT( F ALS E) ; 

38302 1 } else { 

38303 1 ASS E RT( FALSE) ; 

38304| } 

38305| // continue with passthru 

38306| break; 
38307| } 

38308| // changes partition type, usually after a 
| format. 

38309| case IOCTL_DISK_SET_PARTITION_INFO: { 
3831 0| PSET_PARTITION_INFORMATION Partlnfo = 

| (PSET_PARTITION_INFORMATION)lrp->Associatedlrp.SystemBuf 

|fer; 

3831 1 1 Debug(DEBUG_DEVCON,("Devcon: Partition 

| changed to %02x from 

| %02x\n",Partlnfo->PartitionType,DevExt->Pi.PartitionType 

I)); 

38312| DevExt->Pi.PartitionType = 

| Parti nfo->PartitionType; 
3831 3| // continue with passthru 

38314| break; 
38315| } 

3831 6| // a new partition has been added or an 

| existing one deleted. 
3831 7\ case IOCTL_DISK_SET_DRIVE_LAYOUT: { 
38318| CCHAR 

| boost=IO_NO_INCREMENT; 
38319| 

38320| lrp->loStatus.Status = Status = 

| PSMan Forwardl rpSynchronous( DeviceObject, I rp) ; 
38321| 

38322| if ( NT_SUCCESS(Status) ) { 

38323| 

38324| // 

38325| // Process the new partition table. 

| The work for the 
38326| // set drive layout was done 

| synchronously because this 
38327| // routine performs synchronous 

| activities. 
38328| // 

38329| Debug(DEBUG_DEVCON,("Devcon: 

| Success setting drive layout\n")); 
38330| 

38331 1 #if _WIN32_WINNT <0x0500 

38332| // Add/remove called for pnp 

| devices 
38333| 



I PSManMakePartitionObjects(DevExt->Physical Device, FALSE); 
38334| #endif 

38335| boost = IO_DISK_INCREMENT; 

38336| } else { 

38337| boost = IO_NO_INCREMENT; 

38338| Debug(DEBUG_DEVCON,("Devcon: Error 

| %08x setting drive layout\n",Status)); 
38339| } 
38340| 

38341 1 ReleaseGlobalDeviceForRead(); 
38342| loCompleteRequest(lrp, boost); 

38343 1 return Status; 

38344| 

38345| } 
38346| 

38347| case IOCTL_STORAGE_FIND_NEW_DEVICES: 
38348| case IOCTL_DISK_FIND_NEW_DEVICES: { 
38349| CCHAR 

| boost=IO_NO_INCREMENT; 
38350| ULONG Save = 

| loGetConfigurationlnformation()->DiskCount; 
38351 | 

38352| Debug(DEBUG_DEVCON,("DevCon: 
| Find_new_devices: Old disk count=%d\n", Save)); 

38353| lrp->loStatus.Status = Status = 

| PSMan Forward I rpSy nchronous( DeviceObject, I rp) ; 

38354| 

38355| if ( NT_SUCCESS(Status) ) { 

38356| Debug(DEBUG_DEVCON,("DevCon: 
| Find_new_devices: New disk 

| count=%d\n",loGetConfigurationlnformation()->DiskCount)) 

I ; 

38357| #if _WIN32_WINNT <0x0500 

38358| // what to do for win2k?? FIXFIXFIX 

38359 1 

| PSMan lnitialize(DeviceObject->DriverObject, 
| (PVOID)Save, 0); 
38360| #endif 

38361 1 boost = IO_DISK_INCREMENT; 

38362 1 } 
38363 1 

38364| // Call target driver. 

38365| ReleaseGlobalDeviceForRead(); 

38366| loCompleteRequest(lrp, boost); 

38367 1 return Status; 

38368| } 

38369| #ifdef DEBUG 

38370| case IOCTL_SCSI_PASS_THROUGH_DIRECT: { 
38371 1 // dump what command is being sent to 

| lower driver. 



38372| PSCSI_PASS_THROUGH_DIRECT sptd = 

| ( PSCS l_P ASS_TH ROU G H_D I R ECT) I rp->Associ ated I rp . System Buff 
I er; 

38373| Debug(DEBUG_DEVCON,("SPTD: %d: Cdb = 

| %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x 
| %02x\n",sptd->CdbLength, 

38374| 

| sptd->Cdb[0],sptd->Cdb[1 ],sptd->Cdb[2],sptd->Cdb[3],sptd 
| ->Cdb[4],sptd->Cdb[5], 
38375| 

| sptd->Cdb[6],sptd->Cdb[7],sptd->Cdb[8],sptd->Cdb[9],sptd 

| ->Cdb[10],sptd->Cdb[11] 
38376| )); 
38377| 

38378| break; 
38379 1 } 

38380| case IOCTL_SCSI_PASS_THROUGH: { 
38381 1 // dump what command is being sent to 

| lower driver. 
38382| PSCSI_PASS_THROUGH spt = 

| (PSCSI_PASS_THROUGH)lrp->Associatedlrp.SystemBuffer; 
38383| Debug(DEBUG_DEVCON,("SPT: %d: Cdb = 

| %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x %02x 

| %02x\n",spt->CdbLength, 
38384| 

| spt->Cdb[0],spt->Cdb[1 ],spt->Cdb[2],spt->Cdb[3],spt->Cdb 
| [4],spt->Cdb[5], 
38385| 

| spt->Cdb[6],spt->Cdb[7],spt->Cdb[8],spt->Cdb[9],spt->Cdb 

| [10],spt->Cdb[11] 
38386| )); 
38387| 

38388| break; 
38389| } 

38390| case I OCT L_D I S K_G ET_D R I V E_L A YO U T : { 
38391 1 // Copy current stack to next stack. 

38392 | 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38393 | 

38394| // Ask to be called back during request 

| completion. 
38395| loSetCompletionRoutine(lrp, 
38396| 

| PSManDiskGetDriveLayout, 
38397| NULL, 
38398| TRUE, 
38399| TRUE, 
38400| TRUE); 
38401| 

38402| // Call target driver. 



38403| ReleaseGlobalDeviceForRead(); 
38404| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38405| } 
38406| #endif 

38407| case CTL_CODE(IOCTL_DISK_BASE, 0x0012, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 
38408| case IOCTL_DISK_GET_PARTITION_INFO_EX : { 
38409 1 #if 0 

3841 0| // Copy current stack to next stack. 

3841 1 1 loCopyCurrentlrpStackLocationToNext(lrp); 

38412| 

38413| // Ask to be called back during request 

| completion. 
38414| loSetCompletionRoutine(lrp, 
38415| 

| PSManDiskGetPartitionlnfoEx, 
38416| NULL, 
38417| TRUE, 
38418| TRUE, 
38419| TRUE); 
38420| 

38421 1 // Call target driver. 

38422| ReleaseGlobalDeviceForReadQ; 

38423 1 return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38424| #else 

38425| lrp->loStatus.Status = Status = 

| PSMan Forwardl rpSynchronous(DeviceObject, I rp) ; 
38426| 

38427| if ( NT_SUCCESS(Status) ) { 

38428| Debug(DEBUG_DEVCON,("Devcon: 

| Success getting part info ex\n")); 
38429 1 Status = 

| PSManDiskGetPartitionlnfoEx(DeviceObject,lrp,NULL); 
38430| if ( NT_SUCCESS(Status) ) { 

38431 1 Debug(DEBUG_DEVCON,("Devcon: 

| Success processing part info ex\n")); 
38432 1 } else { 

38433| Debug(DEBUG_DEVCON,("Devcon: 

| Error %08x processing part info ex\n", Status)); 
38434| } 
38435| } else { 

38436| Debug(DEBUG_DEVCON,("Devcon: Error 

| %08x getting part info\n M ,Status)); 
38437| } 
38438| 

38439| ReleaseGlobalDeviceForRead(); 
38440 1 I o Co m plete Req uest( I rp, 

I IO_DISK_INCREMENT); 



38441| return Status; 

38442| #endif 
38443| } 

38444| case IOCTL_DISK_GET_PARTITION_INFO: { 
38445| #if 0 

38446| // Copy current stack to next stack. 

38447| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38448| 

38449| // Ask to be called back during request 

| completion. 
38450| loSetCompletionRoutine(lrp, 
38451 | 

| PSManDiskGetPartitionlnfo, 
38452| NULL, 
38453| TRUE, 
38454| TRUE, 
38455| TRUE); 
38456| 

38457| // Call target driver. 

38458| ReleaseGlobalDeviceForRead(); 

38459 1 return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38460 1 #else 

38461 1 lrp->loStatus.Status = Status = 

| PSMan Forward I rpSy nchronous( DeviceObject, I rp) ; 
38462 1 

38463| if ( NT_SUCCESS(Status) ) { 

38464| Debug(DEBUG_DEVCON,("Devcon: 

| Success getting part info\n")); 
38465 1 Status = 

| PSMan DiskGet Partition I nfo( DeviceObject, I rp, N U LL) ; 
38466| if ( NT_SUCCESS(Status) ) { 

38467| Debug(DEBUG_DEVCON,("Devcon: 

| Success processing part info\n")); 
38468| } else { 

38469| Debug(DEBUG_DEVCON,("Devcon: 

| Error %08x processing part info\n M , Status)); 
38470 1 } 
38471 1 } else { 

38472| Debug(DEBUG_DEVCON,("Devcon: Error 

| %08x getting part info\n",Status)); 
38473 1 } 
38474| 

38475| ReleaseGlobalDeviceForRead(); 
38476| loCompleteRequest(lrp, 

I IO_DISK_INCREMENT); 
38477 1 return Status; 

38478| 

38479| #endif 



38480| 

38481 1 } 

38482| #if _WIN32_WINNT>=0x0500 

38483| case IOCTL_MOUNTDEV_QUERY_DEVICE_NAME: { 

38484| // Copy current stack to next stack. 

38485| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38486| 

38487| // Ask to be called back during request 

| completion. 
38488| loSetCompletionRoutine(lrp, 
38489 1 

| PSManDiskQueryDeviceName, 
38490 1 NULL, 
38491| TRUE, 
38492| TRUE, 
38493| TRUE); 
38494| 

38495| // Call target driver. 

38496| ReleaseGlobalDeviceForRead(); 

38497| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38498| } 

38499| case IOCTL_MOUNTDEV_QUERY_UNIQUE_ID: { 

38500| // Copy current stack to next stack. 

38501| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38502| 

38503| // Ask to be called back during request 

| completion. 
38504| loSetCompletionRoutine(lrp, 
38505| 

| PSManDiskQueryUniqueld, 
38506| NULL, 
38507| TRUE, 
38508| TRUE, 
38509| TRUE); 
38510| 

38511| // Call target driver. 

38512| ReleaseGlobalDeviceForRead(); 

38513| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38514| } 

38515| case IOCTL_MOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY: { 

3851 6| // Copy current stack to next stack. 

38517| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38518| 

38519| // Ask to be called back during request 

| completion. 



38520| loSetCompletionRoutine(lrp, 
38521 | 

| PSManDiskUniqueldChangeNotify, 
38522 1 NULL, 
38523 1 TRUE, 
38524| TRUE, 
38525| TRUE); 
38526| 

38527| // Call target driver. 

38528| ReleaseGlobalDeviceForRead(); 

38529 1 return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38530 1 } 

38531| case IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME: 
|{ 

38532| // Copy current stack to next stack. 

38533| 

| loCopyCu rrentl rpStackLocationToNext( I rp) ; 
38534| 

38535| // Ask to be called back during request 

| completion. 
38536| loSetCompletionRoutine(lrp, 
38537| 

| PSManDiskQuerySuggestedLinkName, 
38538| NULL, 
38539| TRUE, 
38540| TRUE, 
38541| TRUE); 
38542| 

38543| // Call target driver. 

38544| ReleaseGlobalDeviceForRead(); 

38545| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38546| } 

38547| case IOCTL_MOUNTDEV_LINK_CREATED: { 
38548| PMOUNTDEV_NAME Link= 

| (PMOUNTDEV_NAME)lrp->Associatedlrp.SystemBuffer; 
38549| Debug(DEBUG_DEVCON,("Link created: 

| %08x: 

| '%-*.*ws'\n",DeviceObject,Link->NameLength/2,Link->NameL 
| ength/2,Link->Name)); 
38550| 

38551 1 #define MY_MOUNTMGR_IS_VOLUME_NAME(s) ( 

|\ 

38552| ((s)->NameLength==96|| 

| ((s)->NameLength == 98 && (s)->Name[48] == \\')) && \ 

38553 1 (s)->Name[0] == 'W && 

|\ 

38554| ((s)->Name[1] == '?' || (s)->Name[1] 

| == '\Y) && \ 



38555| (s)->Name[2] == •?• && 

|\ 

38556| (s)->Name[3] == 'W && 

|\ 

38557| (s)->Name[4] == 'V && 

|\ 

38558| (s)->Name[5] == 'o' && 

|\ 

38559| (s)->Name[6] == T && 

|\ 

38560| (s)->Name[7] == 'u' && 
|\ 

38561 1 (s)->Name[8] == 'm' && 
|\ 

38562 1 (s)->Name[9] == "e" && 

|\ 

38563| (s)->Name[1 0] == '{' && 

|\ 

38564| (s)->Name[19] =='-'&& 
|\ 

38565| (s)->Name[24] == '-' && 

|\ 

38566| (s)->Name[29] == '-' && 

|\ 

38567| (s)->Name[34] == '-' && 
|\ 

38568| (s)->Name[47] == '}' 

|\ 

38569| ) 
38570 1 

38571| // 96: 

| \??\Volume{c8e56d0c-93c5-1 1 d4-991 0-806d61 72696f}' 

38572| // 28: '\DosDevices\C:' 

38573| // 96: 

| \??\Volume{c8e56d0d-93c5-1 1 d4-991 0-806d61 72696f}' 

38574| // 

| 01 23456789-1 23456789-1 23456789-1 23456789-1 2345678 

38575| // 

| 01 23456789-1 23456789-1 23456789-1 234567 
38576| 
38577| 

38578| if(DevExt->Volumeld==0) { 

38579 1 if ( 

| MY_MOUNTMGR_IS_VOLUME_NAME(Link) ) { 

38580| WCHAR *p=l_ink->Name+1 1 ; 

3858 1 1 Rtl Copy Memo ry ( 

| DevExt->VolumeGuid, p, 36*sizeof(WCHAR) ); 

38582| DevExt->VolumeGuid[36] = 0; 
38583 1 

38584| // is a mount manager point 



38585| DevExt->Volumeld = 

| WAsciiTolnt(&p,16); 
38586| Debug(DEBUG_DEVCON, ("Mount 

| manager, storing volume guid 

| %08x\n",DevExt->Volumeld)); 
38587| } 
38588| } else { 

38589| Debug(DEBUG_DEVCON, ("Mount manager, 

| already have volume guid '%S'\n",DevExt->VolumeGuid)); 
38590 1 } 
38591 1 break; 
38592 1 } 

38593| case IOCTL_MOUNTDEV_LINK_DELETED: { 
38594| PMOUNTDEV NAME Link= 

| (PMOUNTDEV_NAME)lrp->Associatedlrp.SystemBuffer; 
38595| Debug(DEBUG_DEVCON,("Link deleted: 

| %08x: 

| '%-*.*ws'\n",DeviceObject,Link->NameLength/2,Link->NameL 
| ength/2,Link->Name)); 
38596| if ( MY_MOUNTMGR_IS_VOLUME_NAME(Link) ) 

|{ 

38597| WCHAR *p=Link->Name+1 1 ; 

38598| ULONG Id = WAsciiTolnt(&p,16); 

38599 1 

38600| // told to delete the one we are 

| using.. 

38601 1 // FIXFIXFIX what to do if they 

| never set the link again 
38602 1 // maybe because we got several 

| link creates before this delete 
38603 1 //occurred 
38604| if(ld==DevExt->Volumeld) { 

38605| DevExt->Volumeld = 0; 

38606| 

| wcscpy(DevExt->VolumeGuid,L"_GUID_Deleted_"); 
38607| } 
38608| } 
38609| break; 
38610| } 

3861 1 1 case IOCTL_VOLUME_ONLINE : { 
38612| lrp->loStatus.Status = Status = 

| PSMan Forward I rpSy nchronous( DeviceObject, I rp) ; 
38613| Debug(DEBUG_DEVCON,("DevCon: 

| VolumeOnline status=%08x, phy=%d, 

| directio=%d\n",Status,DevExt->lsPhysical,DevExt->DoDirec 

I tlO)); 
38614| #if 0 

3861 5| if (DevExt->lsPhysical) { 

38616| 

| PersistentDictionary::RetrieveDirectlOMaps(DeviceObject) 



I ; 

38617| if(DevExt->Cache.HeaderFile. Direct) 

|{ 

38618| Debug ( D EB U G_D E VC ON , (" DevCo n : 

| VolumeOnline directio=%d, setting to 

| true\n",DevExt->DoDirectlO)); 
38619| DevExt->DoDirectlO = TRUE; 

38620| Status = 

| PersistentDictionary::LoadSnapShotsForVolume 

| (DeviceObject,TRUE,NULL ); 
38621 1 Debug(DEBUG_DEVCON,("DevCon: 

| load snapshots returned %08x\n M , Status)); 
38622| Status=STATUS_SUCCESS; 
38623 1 } 
38624| } 
38625| #endif 

38626| ReleaseGlobalDeviceForRead(); 
38627| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
38628 1 return Status; 

38629| } 

38630| case IOCTL_VOLUME_OFFLINE : { 
38631 1 lrp->loStatus.Status = Status = 

| PSMan Forward I rpSy nchronous( DeviceObject, I rp) ; 
38632 1 

38633| Debug(DEBUG_DEVCON,("DevCon: 

| VolumeOffline status=%08x\n", Status)); 
38634| ReleaseGlobalDeviceForRead(); 
38635| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
38636| return Status; 

38637| } 

38638| case I OCT L_STO RAG E_R E S E R V E : 
38639| case IOCTL_DISK_RESERVE : { 
38640| // Copy current stack to next stack. 

38641 | 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38642 1 

38643| // Ask to be called back during request 

| completion. 
38644| loSetCompletionRoutine(lrp, 
38645| 

| PSMan DiskReserve, 
38646| NULL, 
38647| TRUE, 
38648| TRUE, 
38649 1 TRUE); 
38650 1 

38651 1 // Call target driver. 

38652| ReleaseGlobalDeviceForRead(); 



38653| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38654| } 

38655| case IOCTL STORAG E RELEASE : 
38656| case IOCTL_DISK_RELEASE : { 
38657| // Copy current stack to next stack. 

38658| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38659| 

38660| // Ask to be called back during request 

| completion. 
38661 1 loSetCompletionRoutine(lrp, 
38662 1 

| PSManDiskRelease, 
38663| NULL, 
38664| TRUE, 
38665| TRUE, 
38666| TRUE); 
38667| 

38668| // Call target driver. 

38669| ReleaseGlobalDeviceForRead(); 

38670 1 return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38671 1 } 
38672 1 

38673| case I OCTL_STO RAG E_G ET_D E VI C E_N UMBER: { 

38674| // Copy current stack to next stack. 

38675| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38676| 

38677| // Ask to be called back during request 

| completion. 
38678| loSetCompletionRoutine(lrp, 
38679 1 

| PSManDiskGetDeviceNumber, 
38680| NULL, 
38681| TRUE, 
38682| TRUE, 
38683| TRUE); 
38684| 

38685| // Call target driver. 

38686| ReleaseGlobalDeviceForRead(); 

38687| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38688| } 

38689| case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS: { 

38690| // Copy current stack to next stack. 

38691| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38692| 



38693| // Ask to be called back during request 

| completion. 
38694| loSetCompletionRoutine(lrp, 
38695| 

| PSManDiskGetDiskExtents, 
38696| NULL, 
38697| TRUE, 
38698| TRUE, 
38699| TRUE); 
38700| 

38701 1 // Call target driver. 

38702| ReleaseGlobalDeviceForRead(); 

38703 1 return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38704| } 

38705| case IOCTL_VOLUME_QUERY_VOLUME_NUMBER: { 

38706| // Copy current stack to next stack. 

38707| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38708| 

38709| // Ask to be called back during request 

| completion. 
3871 0| loSetCompletionRoutine(lrp, 
3871 1 1 

| PSManDiskGetVolumeNumber, 
38712| NULL, 
38713| TRUE, 
38714| TRUE, 
38715| TRUE); 
38716| 

3871 7| // Call target driver. 

38718| ReleaseGlobalDeviceForRead(); 

38719| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38720| } 
38721| #endif 

38722| case I OCTL STO RAG E G ET M E D I A TY PES: 
38723| case IOCTL_DISK_GET_MEDIA_TYPES: 
38724| case IOCTL_DISK_GET_DRIVE_GEOMETRY: { 
38725| // Copy current stack to next stack. 

38726| 

| loCopyCurrentlrpStackLocationToNext(lrp); 
38727| 

38728| // Ask to be called back during request 

| completion. 
38729| loSetCompletionRoutine(lrp, 
38730| 

| PSManDiskGetGeometry, 
38731| NULL, 
38732| TRUE, 



38733| TRUE, 
38734| TRUE); 
38735| 

38736| // Call target driver. 

38737| ReleaseGlobalDeviceForRead(); 

38738| return 

| loCallDriver(DevExt->TargetDeviceObject, Irp); 
38739| } 

38740| // only called if removable device 

38741 1 case IOCTL_STORAGE_CHECK_VERIFY : 
38742| case IOCTL_DISK_CHECK_VERIFY : { 
38743| ULONG 

| *ChangeCount=(ULONG*)lrp->Associatedlrp.SystemBuffer; 
38744| 

38745| lrp->loStatus.Status = Status = 

| PSMan Forwardl rpSynchronous(DeviceObject, I rp) ; 

38746| if ( NT_SUCCESS(Status) ) { 

38747| if ( ChangeCount ) { 

38748| if ( 

| (*ChangeCount)!=DevExt->ChangeCount ) { 

38749| 

| Debug(DEBUG_DEVCON,("Devcon: DiskCheck: Device = %08x, 
| Status = %08x, ChangeCount=%08x 

| %08x\n",DeviceObject,Status,*ChangeCount,DevExt->ChangeC 
I ount)); 

38750| if ( DevExt->PSMed ) { 

38751 1 // psm is open, stop it 

| since this device is being psmed, and 
38752 1 //it has just 

| (possibly) been changed on us. 
38753| // FIXFIXFIX what to do 

| when this happens? 
38754| // 

| FailRequest(NULL,STATUS_MEDIA_CHANGED); 
38755| } 
38756| // update what we know 

| since it may have changed. 
38757| #if _WIN32_WINNT <0x0500 
38758 1 // add/remove called for 

| pnp devices 
38759 1 

| PSManMakePartitionObjects(DevExt->PhysicalDevice,FALSE); 
38760| #endif 

38761 1 DevExt->ChangeCount = 

| (*ChangeCount); 
38762 1 } 
38763 1 } else { 

38764| // no change count mech 

38765| if ( DevExt->ChangeCount ) { 

38766| #if _WIN32_WINNT <0x0500 



38767| // add/remove called for 

| pnp devices 
38768| 

| PSManMakePartitionObjects(DevExt->PhysicalDevice, FALSE); 
38769| #endif 
38770| } 

38771 1 DevExt->ChangeCount=0; 

38772 1 } 

38773 1 } else { 

38774| if ( DevExt->PSMed ) { 

38775| Debug(DEBUG_DEVCON,("DevCon: 

| DiskCheck: Psm is on but device has changed %08x 

| %08x\n",Status,*ChangeCount)); 
38776| // psm is open, stop it since 

| this device is being psmed, and 
38777| // it has just (possibly) been 

| changed on us. 
38778| // FIXFIXFIX what to do when 

| this happens? 
38779 1 

| //FailRequest(NULL,STATUS_MEDIA_CHANGED); 
38780 1 } 

38781 1 // cant be ++ as we may stay in 

| sync with the disk driver ;( 
38782| // we also cant make 0 or when 

| there is no counter we wont check, 
38783 1 // 1 is what the disk manage starts 

| out at, we start 0, so this should force a 
38784| // relook of the disk 

38785| DevExt->ChangeCount=1 ; 

38786| } 

38787| ReleaseGlobalDeviceForRead(); 
38788| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
38789 1 return Status; 

38790 1 } 
38791| default: 
38792| // nothing to do.. 

38793| break; 
38794| } 
38795| 

38796| // okay, its an ioctl we do not need (or care) to 

| look at, 
38797| // so pass it on thru. 
38798| 

38799| ReleaseGlobalDeviceForRead(); 

38800| Status = PSManPassThru( DeviceObject, Irp ); 

38801 1 #ifdef DEBUG 

38802| if ( 1 ) { 

38803| Debug(DEBUG_DEVCON | 



I DEBUG_PROCCALL,("PSManDeviceControlDevice Done 
| Device=%p, Status=%08x\n",DeviceObject, Status)); 

38804| } 

38805| #endif 

38806| return Status; 

38807| 

38808| } //end PSManDeviceControlDeviceQ 
38809| 

38810| /* 



38811| STATIC NTSTATUS PSManDeviceControlVDisk( 
38812| PDEVICE_OBJECT 

| DeviceObject, 
38813| PIRP Irp 

38814| ) 
38815| { 

38816| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DeviceObject); 
38817| PIO_STACK_LOCATION current I rpStack = 

| loGetCurrentlrpStackl_ocation( Irp ); 
38818| NTSTATUS Status = 

| STATUSJNVALID_DEVICE_REQUEST; 
38819| CHAR lolncrement=IO_NO_INCREMENT; 
38820| BOOLEAN Complete Request = TRUE; 

38821| 

38822| #if DO_ALL_IO 
38823| if ( 

| (currentlrpStack->Parameters.DeviceloControl.loControlCo 
| de!=IOCTL_DISK_CHECK_VERIFY) && 
38824| 

| (currentlrpStack->Parameters.DeviceloControl.loControlCo 

| de!=IOCTL_STORAGE_CHECK_VERIFY) ) { 
38825| Debug(DEBUG_DEVCON | 

| DEBUG_PROCCALL,("PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n M , 
38826| 

| DeviceObject, 
38827| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38828| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 
| Control. loControlCode))); 
38829| } 

38830| #endif /*D0_ALL_I07 
38831| 

38832| lrp->loStatus. Information = 0; 
38833| lolncrement = IO_NO_INCREMENT; 
38834| 

38835| AcquireVDiskResourceQ; 



38836| __try { 

38837| __try { 

38838| switch ( 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 

|e){ 

38839| case I OCTL_STO RAG E_E J ECT_M E D I A : 

38840| case IOCTL_DISK_EJECT_MEDIA : { 

38841 1 #if DO_ALL_IO 
38842 1 



| Debug(DEBUG_DEVCON,( M PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n M , 
38843 1 

| DeviceObject, 
38844| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38845| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 
| Control. loControlCode))); 



38846| #endif /*D0_ALL_I07 

38847| DevExt->DriveNotReady = TRUE; 

38848| DevExt->LockCount=0; 

38849| lrp->loStatus.Status = 

| STATUS_SUCCESS; 

38850| break; 

38851 1 } 

38852| case IOCTL STORAGE LOAD MEDIA : 

38853| case IOCTL_DISK_LOAD_MEDIA : { 

38854| #if DO_ALL_IO 
38855| 



| Debug(DEBUG_DEVCON,( M PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n", 
38856| 

| DeviceObject, 
38857| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38858| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 
| Control. loControlCode))); 



38859| #endif /*D0_ALL_I07 

38860| DevExt->DriveNotReady = FALSE; 

38861 1 DevExt->LockCount=0; 

38862| lrp->loStatus.Status = 

| STATUS_SUCCESS; 

38863 1 break; 

38864| } 

38865| case IOCTL_STORAGE_RESERVE : 

38866| case IOCTL_DISK_RESERVE : { 

38867| #if DO_ALL_IO 



38868| 

| Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n M , 
38869| 

| DeviceObject, 
38870| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e 5 
38871 1 

| Fi le_Get I OCTLStri ng (cu rrent I rpStack-> Parameters . Device lo 
| Control. loControlCode))); 



38872 1 #endif /*D0_ALL_I07 

38873| lrp->loStatus.Status = 

| STATUS_SUCCESS; 

38874| break; 

38875| } 

38876| case IOCTL_STORAGE_RELEASE : 

38877| case IOCTL_DISK_RELEASE : { 

38878| #if DO_ALL_IO 
38879| 



| Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: Dev=%, 

| loctl=%08x - %s\n M , 
38880 1 

| DeviceObject, 
38881 | 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 

|e, 
38882 1 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 

| Control. loControlCode))); 
38883| #endif /*D0_ALL_I07 

38884| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
38885| break; 
38886| } 

38887| // for removable media.. 

38888| case I OCTL STO RAG E C H EC K VE R I FY : 

38889| case IOCTL_DISK_CHECK_VERIFY : { 

38890 1 

38891 1 // If a buffer for a media 

| change count was provided, make sure it's 
38892| // big enough to hold the 

| result 
38893 1 #if 0 
38894| 

| Debug(DEBUG_DEVCON,( M PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n", 
38895| 

| DeviceObject, 
38896| 



I currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38897| 

| Fi le_Get I OCTLStri ng(cu rrentl rpStack->Parameters . Devicelo 

| Control. loControlCode))); 
38898| #endif 
38899| 

38900| if ( 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length ) { 

38901 1 ULONG *outputBuffer=NULL; 

38902 | 

38903 1 // If the buffer is too 

| small to hold the media change count 
38904| // then return an error to 

| the caller 
38905| 

38906| if ( 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 

| Length < sizeof(ULONG) ) { 
38907| lrp->loStatus. Status = 

| STATU S_B U F F E R_TOO_S M A LL ; 
38908| break; 
38909 1 } 
38910| 

3891 1 1 lrp->loStatus.Status = 

| CheckMediaLoaded(DeviceObjectJrp); 
38912| // The caller has provided 

| a valid buffer. 
38913| output Buffer = 

| (ULONG*)lrp->Associatedlrp.SystemBuffer; 
38914| *outputBuffer = 

| DevExt->DiskChangeCount; 
38915| }else{ 
3891 6| lrp->loStatus.Status = 

| CheckMediaLoaded(DeviceObjectJrp); 
38917| } 
38918| 

38919| break; 
38920| } 

38921 1 case IOCTL_STORAGE_MEDIA_REMOVAL : 

38922| case IOCTL DISK MEDIA REMOVAL: { 

38923| PPREVENT_MEDIA_REMOVAL Pmr = 

| (PPREVENT_MEDIA_REMOVAL)lrp->Associatedlrp.SystemBuffer; 
38924| #if DO_ALL_IO 

38925| 

| Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: Dev=%p, 
| loctl=%08x - %s\n M , 
38926| 

| DeviceObject, 



38927| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
38928| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 

| Control. loControlCode))); 
38929| #endif /*D0_ALL_I07 

38930| if ( 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 

| ength < sizeof( PREVENT_MEDIA_REMOVAL ) ) { 
38931 1 lrp->loStatus.Status = 

| STATU S_B U F F E R_TOO_S MALL; 
38932 1 } else { 

38933 1 

38934| if ( 

| Pmr->PreventMediaRemoval ) { 
38935| // Prevent Removal 

38936| 

| lnterlockedlncrement((PLONG) &DevExt->LockCount); 
38937| 

| Debug(DEBUG_DEVCON,("VDisk: Prevent Removal 

| %08x\n", DevExt->LockCou nt)) ; 
38938| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
38939 1 } else { 

38940| // Allow Removal 

38941 1 if ( DevExt->LockCount 

l){ 
38942| 

| lnterlockedDecrement((PLONG) &DevExt->LockCount); 
38943 1 } 
38944| 

| Debug(DEBUG_DEVCON,("VDisk: Allow Removal 

| %08x\n", DevExt->LockCou nt)) ; 
38945| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
38946| } 
38947| } 
38948| break; 
38949| } 

38950| case IOCTL_DISK_IS_WRITABLE: { 

38951 1 if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
38952| if ( gAllowWrites ) { 

38953| 

| Debug(DEBUG_DEVCON,("VDisk: Not write protected\n")); 
38954| lrp->loStatus. Status = 

| STATUS_SUCCESS; 
38955| } else { 

38956 1 // now see if we made 



I the device read only (ie a fat drive) 
38957| if ( 

| DevExt->DeviceObject->Characteristics & 

| FILE READ ONLY DEVICE ) { 
38958| 

| Debug(DEBUG_DEVCON,("VDisk: Write ProtectedVn")); 
38959| 

| lrp->loStatus.Status = STATUS_MEDIA_WRITE_PROTECTED; 
38960| } else { 

38961 1 

| Debug(DEBUG_DEVCON,("VDisk: Not write protected\n")); 
38962 1 

| lrp->loStatus.Status = STATUS_SUCCESS; 



38963 1 } 
38964| } 
38965| } 
38966| break; 
38967| } 

38968| case lOCTL STORAGE GET MEDIA TYPES: 

38969| case IOCTL_DISK_GET_MEDIA_TYPES: 

38970| case IOCTL_DISK_GET_DRIVE_GEOMETRY: { 

38971 1 

38972 1 // Return the drive geometry 

| for the specified drive. 
38973 1 #if DO_ALL_IO 

38974| 



| Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n M , 
38975| 

| DeviceObject, 
38976| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 

|e, 
38977| 

| Fi le_Getl OCTLStri ng(cu rrentl rpStack->Parameters . Devicelo 

| Control. loControlCode))); 
38978| #endif /*D0_ALL_I07 

38979 1 if ( 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 

| Length < sizeof( DISK_GEOMETRY ) ) { 
38980| lrp->loStatus.Status = 

| STATUS_BUFFER_TOO_SMALL; 
38981 1 } else { 

38982 1 P D I SK_G E OM ET R Y 

| outputBuffer; 
38983 1 

38984| outputBuffer = 

| (PDISK_GEOMETRY)lrp->Associatedlrp.SystemBuffer; 
38985| outputBuffer->MediaType = 

| RemovableMedia; 



38986| 

38987| outputBuffer->Cylinders = 

| DevExt->Cylinders; 
38988| 

| outputBuffer->TracksPerCylinder = DevExt->Heads; 
38989| 

| outputBuffer->SectorsPerTrack = DevExt->SPT; 
38990| 

| outputBuffer->BytesPerSector = DevExt->BPS; 
38991| 

38992| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
38993| lrp->loStatus. Information = 

| sizeof( DISK GEOMETRY ); 
38994| } 
38995| 

38996| break; 
38997| } 

38998| case IOCTL_DISK_GET_DRIVE_LAYOUT: { 

38999| PIRP newlrp=NULL; 

39000| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39001| KEVENT Event={0}; 

39002| PDRIVELAYOUTIN FORMATION 

| partitionlnfo= 

| (PDRIVE_LAYOUT_INFORMATION)lrp->Associatedlrp.SystemBuff 
I er; 
39003| 

39004| if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39005| 

39006| // 

39007| // Perform the get 

| partition info synchronously. Set both 
39008| // the input and output 

| buffers as the buffer passed. 
39009| // 
39010| 

3901 1 1 KelnitializeEvent(&Event, 

| Notification Event, FALSE); 
39012| 

39013| PFILTEREDEXTENSION 

| FilteredExt = GetFilteredExtension(DevExt->PSMDevice); 
39014| 

39015| newlrp = 

| loBuildDeviceloControlRequest ( 
39016| 

| IOCTL_DISK_GET_DRIVE_LAYOUT, 
39017| 

| Filtered Ext->TargetDeviceObject, 



39018| partitionlnfo, 
39019| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 

39020| partitionlnfo, 
39021| 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 

39022| FALSE, 
39023| & Event, 

39024| &ioStatusBlock); 
39025| 

39026| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39027| 

39028| if ( Status == 

| STATUS_PENDING ) { 
39029| 

| pmWaitForSingleObject(&Event,NULL); 
39030| Status = 

| ioStatusBlock.Status; 
39031| } 
39032| 

39033| if ( NT_SUCCESS(Status) ) { 

39034| ULONG partNumber; 

39035| 

39036| lrp->loStatus = 

| ioStatusBlock; 
39037| 

| Debug(DEBUG_DEVCON,("VD: %d partitions 

| found\n",partitionlnfo->PartitionCount)); 
39038| for ( partNumber = 0; 

| partNumber < partitionlnfo->PartitionCount; 

| partNumber++ ) { 
39039| 

| Debug(DEBUG_DEVCON,("VD: '%S' %2d: Offset=%08x%08x, 

| Length=%08x%08x, Hidden=%08x, Type=%02x\n M , 
39040| 

| DevExt->Name, 
39041 | 

| partNumber, 
39042 1 

| partitionlnfo->PartitionEntry[partNumber].StartingOffset 
| .HighPart, 
39043 1 

| partitionlnfo->PartitionEntry[partNumber].StartingOffset 
| .LowPart, 
39044| 

| partition I nfo-> Partition Entry[partNu mber] . PartitionLengt 
| h. HighPart, 



39045| 

| partitionlnfo->PartitionEntry[partNumber].PartitionLengt 
| h.LowPart, 
39046| 

| partition I nfo-> Partition Entry[partNu mber] . HiddenSectors, 
39047| 

| partitionlnfo->PartitionEntry[partNumber].PartitionType 
39048| 

I)); 

39049| // since we filter 

| on top of ftdisk, change the codes. 
39050| if ( 

| partition I nfo-> Partition Entry[partNu mber] . PartitionType= 

| =0x86 ) { 
39051 1 

| partition I nfo-> Partition Entry[partNu mber] . PartitionType 

| = 0x06; 
39052 1 } 
39053 1 if ( 

| partition I nfo-> Partition EntryfpartNu mber] . PartitionType= 

| =0x87 ) { 
39054| 

| partition I nfo-> Partition EntryfpartNu mber] . PartitionType 

| = 0x07; 
39055| } 
39056| } 
39057| 

39058| lolncrement = 

I IO_DISK_INCREMENT; 
39059 1 } else { 

39060| 

| lrp->loStatus. Information = 0; 
39061 1 lrp->loStatus. Status = 

| Status; 
39062 1 

| Debug(DEBUG_DEVCON,("VD: %08x getting disk partition 

| info for layout=n",Status)); 
39063 1 } 
39064| } 
39065| break; 
39066| } 

39067| case IOCTL_DISK_GET_PARTITION_INFO: { 

39068| PIRP newlrp=NULL; 

39069| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39070| KEVENT event={0}; 

39071 1 PPARTITIONJNFORMATION 

| partitionlnfo= 

| (PPARTITION_INFORMATION)lrp->Associatedlrp.SystemBuffer; 
39072 1 



39073| if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39074| // 
39075| // Perform the get 

| partition info synchronously. Set both 
39076| // the input and output 

| buffers as the buffer passed. 
39077| // 
39078| 

39079| KelnitializeEvent(&event, 

| Notification Event, FALSE); 
39080| 

39081 1 PFILTERED_EXTENSION 

| FilteredExt = Get Filtered Extension (DevExt->PSMDevice); 
39082 1 

39083| newlrp = 

| loBuildDeviceloControlRequest(IOCTL_DISK_GET_PARTITION_l 

I NFO, 
39084| 

| Filtered Ext->TargetDeviceObject, 
39085| 

| partitioning, 
39086| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 

I ength, 
39087| 

| partitioning, 
39088| 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 

I Length, 
39089 1 

| FALSE, 
39090| 

| &event, 
39091| 

| &ioStatusBlock); 
39092| 

39093| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39094| 

39095| if ( Status == 

| STATUS_PENDING ) { 
39096| 

| pmWaitForSingleObject(&event,NULL); 
39097| Status = 

| ioStatusBlock.Status; 
39098| } 
39099| 

391 00| if ( NT_SUCCESS(Status) ) { 

39101| 



39102| lrp->loStatus = 

| ioStatusBlock; 
39103| 
39104| 

| Debug(DEBUG_DEVCON,("VD: '%S': Offset=%08x%08x, 
| Length=%08x%08x, Hidden=%08x, Type=%02x\n" 
39105| 

| Bl=%08x, RP=%08x, RW=%08x, PN=%08x\n", 
39106| 

| DevExt->Name, 
39107| 

| partition I nfo->StartingOff set . H ig h Part, 
39108| 

| partitionlnfo->StartingOffset.LowPart, 
39109| 

| partitionlnfo->PartitionLength.HighPart, 
39110| 

| partitionlnfo->PartitionLength.LowPart, 
39111| 

| partitionlnfo->HiddenSectors, 
39112| 

| partitionlnfo->PartitionType, 
39113| 

| partitionlnfo->Bootlndicator, 
39114| 

| partitionlnfo->RecognizedPartition, 
39115| 

| partitionlnfo->RewritePartition, 
39116| 

| partitionlnfo->PartitionNumber 
39117| )); 
39118| 

391 19| // since we filter on 

| top of ftdisk, change the codes. 
39120| if( 

| partitionlnfo->PartitionType==0x86 ) { 
39121| 

| partitionlnfo->PartitionType = 0x06; 
39122| } 
39123| if( 

| partitionlnfo->PartitionType==0x87 ) { 
39124| 

| partitionlnfo->PartitionType = 0x07; 
39125| } 
39126| 

39127| lolncrement = 

I IO_DISK_INCREMENT; 
39128| }else{ 
39129| 

| lrp->loStatus. Information = 0; 



39130| lrp->loStatus. Status = 

| Status; 
39131| 

| Debug(DEBUG_DEVCON,("VD: %08x getting disk partition 

| info\n",Status)); 
39132| } 
39133| } 
39134| break; 
39135| } 

39136| case IOCTL_DISK_INTERNAL_SET_VERIFY: { 

39137| // If the caller is kernel 

| mode, set the verify bit. 
39138| 

39139| if( 

| (KPROCESSOR_MODE)lrp->RequestorMode == 

| (KPROCESSOR_MODE)KernelMode ) { 
39140| DeviceObject->Flags |= 

| DO_VERIFY_VOLUME; 
39141| } 
39142| lrp->loStatus.Status = 

| STATUS_SUCCESS; 
39143| break; 
39144| } 

39145| case lOCTL DISK INTERNAL CLEAR VERIFY: 

|{ 

39146| // If the caller is kernel 

| mode, clear the verify bit. 
39147| 

39148| if( 

| (KPROCESSOR_MODE)lrp->RequestorMode == 

| (KPROCESSOR_MODE)KernelMode ) { 
39149| DeviceObject->Flags &= 

| ~DO_VERIFY_VOLUME; 
39150| } 
391 51 1 lrp->loStatus.Status = 

| STATUS_SUCCESS; 
39152| break; 
39153| } 
39154| 

39155| //this if for fixed media., i dont 

| think i need it.. 
39156| case IOCTL_DISK_VERIFY: { 

39157| PVERIFYJNFORMATION 

| verifylnformation; 
39158| // 

391 59 1 // Move parameters from the 

| Verifylnformation structure to 
391 60| // the READ parameters area, so 

| that we'll find them when 
391 61 1 // we try to treat this like a 



I READ. 
39162| // 
39163| 

39164| #if DO_ALL_IO 

39165| 

| Debug(DEBUG_DEVCON,( M PSManDeviceControlVDjsk: Dev=%p, 

| loctl=%08x - %s\n M , 
39166| 

| DeviceObject, 
39167| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39168| 

| Fi le_Getl OCTLStri ng(cu rrentl rpStack->Parameters . Devicelo 

| Control. loControlCode))); 
39169| #endif /*D0_ALL_I07 

391 70| verifylnformation = 

| (_VERIFY_INFORMATION *) 

| I rp-> Associated I rp. System Buff er; 
39171| 
39172| 

| currentlrpStack->Parameters.Read.ByteOffset.LowPart = 
| verifylnformation->StartingOffset.LowPart; 
39173| 

| currentlrpStack->Parameters.Read.ByteOffset.HighPart = 
| verifylnformation->StartingOffset.HighPart; 
39174| 

| currentlrpStack->Parameters. Read. Length = 
| verifylnformation->Length; 
39175| 

39176| // 

391 77| // A VERIFY is identical to a 

| READ, except for the fact that no 
39178| // data gets transferred. So 

| follow the READ code path. 
39179| // 
39180| 

391 81 1 ReleaseVDiskResource(); 
391 82 1 Status = PS Man Read ( 

| DeviceObject, Irp ); 
39183| // so the finally wont 

| crash.. 

39184| AcquireVDiskResource(); 
39185| // the Irp has been completed 

| already 

39186| try_return(CompleteRequest = 

| FALSE); 
39187| } 

39188| // VDisk Only device lOCTL's!!!! 

39189| case IOCTL_UNWRITE_PROTECT : { 



39190| #if DO_ALL_IO 

39191| 

| Debug(DEBUG_DEVCON,( M PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n", 
39192| 

| DeviceObject, 
39193| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39194| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 

| Control. loControlCode))); 
39195| #endif /*D0_ALL_I07 

39196| if ( IgAllowWrites ) { 

39197| 

| DevExt->KeepWritelnMemory=1 ; 
39198| 

| DeviceObject->Characteristics &= 

| ~FILE_READ_ONLY_DEVICE; 
39199| //tell the os that it 

| something changed... 
39200| if ( 

| (DevExt->DeviceObject->Vpb) && ( 

| DevExt->DeviceObject->Vpb->Flags & VPB MOUNTED ) ) { 
39201| 

| DevExt->DeviceObject->Flags |= DO_VERIFY_VOLUME; 



39202| } 

39203| } 
39204| 

39205| lrp->loStatus.Status = 

| STATUS_SUCCESS; 

39206| break; 

39207| } 

39208| // VDisk Only device lOCTL's!!!! 

39209| case IOCTL_IS_PSM_VOLUME : { 

39210| // return success instead of 
| failure.. 

3921 1 1 lrp->loStatus.Status = 

| STATUS_SUCCESS; 

39212| break; 

39213| } 

39214| case IOCTL_WRITE_PROTECT : { 

39215| #if DO_ALL_IO 

39216| 



| Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: Dev=%p, 

| loctl=%08x - %s\n M , 
39217| 

| DeviceObject, 
39218| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 



|e, 
39219| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 

| Control. loControlCode))); 
39220| #endif /*D0_ALL_I07 

39221 1 if ( SgAllowWrites ) { 

39222 | 

| DevExt->KeepWritelnMemory=0; 
39223 1 if ( 

| DevExt->OriginalWriteProtected ) { 
39224| 

| DeviceObject->Characteristics |= FILE_READ_ONLY_DEVICE; 
39225| // tell the os that it 

| something changed... 
39226| if ( 

| (DevExt->DeviceObject->Vpb) && ( 

| DevExt->DeviceObject->Vpb->Flags & VPB MOUNTED ) ) { 
39227| 

| DevExt->DeviceObject->Flags |= DO_VERIFY_VOLUME; 



39228| } 

39229 1 } 

39230| } 

39231 1 lrp->loStatus.Status = 

| STATUS_SUCCESS; 
39232 1 break; 
39233| } 



39234| #if _WIN32_WINNT >= 0x0500 

39235| #ifndef PBYTE 

39236| #define PBYTE unsigned char * 

39237| #endif 

39238| 

39239| case CTL_CODE(IOCTL_DISK_BASE, 0x001 2, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 

39240| case IOCTL_DISK_GET_PARTITION_INFO_EX 

I :{ 

39241| PIRP newlrp=NULL; 

39242| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39243| KEVENT event={0}; 

39244| PPARTITION_INFORMATION_EX 

| lnfo=(PPARTITION_INFORMATION_EX)lrp->Associatedlrp.Syste 

| mBuffer; 
39245| 

39246| if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39247| // 
39248| // Perform the get 

| partition info synchronously. Set both 
39249| // the input and output 

| buffers as the buffer passed. 



39250| // 
39251 1 

39252| KelnitializeEvent(&event, 

| Notification Event, FALSE); 
39253 1 

39254| PFILTEREDEXTENSION 

| FilteredExt = Get Filtered Extension (DevExt->PSM Device); 
39255| 

39256| newlrp = 

| loBuildDeviceloControlRequest ( 
39257| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39258| 

| Filtered Ext->TargetDeviceObject, 
39259 1 

| I rp-> Associated I rp. System Buff er, 
39260 1 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 
39261 1 

| I rp-> Associated I rp. System Buff er, 
39262 1 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 

39263| FALSE, 
39264| &event, 
39265| &ioStatusBlock ); 

39266| 

39267| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39268| 

39269| if ( Status == 

| STATUS_PENDING ) { 
39270| 

| pmWaitForSingleObject(&event,NULL); 
39271 1 Status = 

| ioStatusBlock.Status; 
39272 1 } 
39273 1 

39274| if ( NT_SUCCESS(Status) ) { 

39275| 

| Debug(DEBUG_DEVCON,("VD: Success sending ioctl\n M )); 
39276| lrp->loStatus = 

| ioStatusBlock; 
39277| lolncrement = 

I IO_DISK_INCREMENT; 
39278| 
39279 1 

| Debug(DEBUG_DEVCON,("VD: GetPart: Ps=%08x, So=%l64x, 



I L=%l64x, pn=%d, rp=%d\n", 
39280| 

| lnfo->PartitionStyle, 
39281 1 

| lnfo->StartingOffset, 
39282 1 

| lnfo->PartitionLength, 
39283 1 

| lnfo->PartitionNumber, 
39284| 

| lnfo->RewritePartition 
39285| )); 
39286| if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_MBR ) { 
39287| 

| Debug(DEBUG_DEVCON,("VD: : Pt=%02x, bi=%d, 

| rp=%d, hidden=%08x\n", 
39288| 

| lnfo->Mbr.PartitionType, 
39289 1 

| lnfo->Mbr.Bootlndicator, 
39290 1 

| lnfo->Mbr.RecognizedPartition, 
39291 1 

| lnfo->Mbr.HiddenSectors 
39292 1 

I)); 

39293 1 } else 

39294| if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_GPT) { 
39295| UNICODE_STRING PT; 

39296| UNICODE_STRING ID; 

39297| 

| RtlStringFromGUID(lnfo->Gpt.PartitionType,&PT); 
39298| 

| RtlStringFromGUID(lnfo->Gpt.Partitionld,&ID); 
39299 1 
39300| 

| Debug(DEBUG_DEVCON,("VD: : Pt=%wZ, ld=%wZ, 

| A=%l64x, Name='%S , \n", 
39301 1 

I &PT, 
39302 1 

l&ID, 
39303 1 

| lnfo->Gpt.Attributes, 
39304| 

| lnfo->Gpt.Name 
39305| 

I)); 



39306| 

| RtlFreeUnicodeString(&PT); 
39307| 

| RtlFreeUnicodeString(&ID); 
39308| } else { 

39309| 

| Debug(DEBUG_DEVCON,("VD: Unknown partition type\n M )); 
39310| } 
39311| }else{ 
39312| 

| lrp->loStatus. Information = 0; 
39313| lrp->loStatus. Status = 

| Status; 
39314| 

| Debug(DEBUG_DEVCON,("VD: %08x sending 

| ioctl\n",Status)); 
39315| } 
39316| } 
39317| break; 
39318| } 

39319| case CTL_CODE(IOCTL_DISK_BASE, 0x0014, 

| METHOD BUFFERED, FILE_READ_ACCESS): 
39320| case IOCTL_DISK_GET_DRIVE_LAYOUT_EX : { 

39321| PIRP newlrp=NULL; 

39322| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39323| KEVENT event={0}; 

39324| PDRIVE_LAYOUT_INFORMATION_EX 

| lnfo=(PDRIVE_LAYOUT_INFORMATION_EX)lrp->Associatedlrp.Sy 

| stem Buffer; 
39325| 

39326| if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39327| // 
39328| // Perform the get 

| partition info synchronously. Set both 
39329| // the input and output 

| buffers as the buffer passed. 
39330| // 
39331 | 

39332| KelnitializeEvent(&event, 

| Notification Event, FALSE); 
39333 | 

39334| PFILTERED_EXTENSION 

| FilteredExt = GetFiltered Extension (DevExt->PSMDevice); 
39335| 

39336| newlrp = 

| loBuildDeviceloControlRequest( 
39337| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 



|e, 
39338| 

| Filtered Ext->TargetDeviceObject, 
39339| 

| I rp-> Associated I rp . System Buff er, 
39340| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 
39341 | 

| I rp-> Associated I rp . System Buff er, 
39342 1 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 

39343| FALSE, 
39344| &event, 
39345| &ioStatusBlock); 
39346| 

39347| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39348| 

39349 1 if ( Status == 

| STATUS_PENDING ) { 
39350 1 

| pmWaitForSingleObject(&event,NULL); 
39351 1 Status = 

| ioStatusBlock.Status; 
39352 1 } 
39353 1 

39354| if ( NT_SUCCESS(Status) ) { 

39355| 

| Debug(DEBUG_DEVCON,("VD: Success sending ioctl\n M )); 
39356| lrp->loStatus = 

| ioStatusBlock; 
39357| lolncrement = 

I IO_DISK_INCREMENT; 
39358| 
39359 1 

| Debug(DEBUG_DEVCON,("Vd: GetDriveLayout: PS=%08x, 

| pc=%08x\n",lnfo->PartitionStyle, 

| lnfo->PartitionCount)); 
39360 1 if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_MBR) { 
39361 1 

| Debug(DEBUG_DEVCON,("Vd: MBR: 

| Sig=%08x\n",lnfo->Mbr.Signature)); 
39362| } else 

39363 1 if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_GPT) { 
39364| UNICODE_STRING GS; 

39365| 



I RtlStringFromGUID(lnfo->Gpt.Diskld,&GS); 
39366| 
39367| 

| Debug(DEBUG_DEVCON,("Vd: MBR: Guid=%08x, so=%l64x, 
| I=%l64x, 

| count=%08x\n",&GS,lnfo->Gpt.StartingUsableOffset,lnfo->G 

| pt.UsableLength,lnfo->Gpt.MaxPartitionCount)); 
39368| 
39369| 

| RtlFreeUnicodeString(&GS); 
39370| } else { 

39371 1 

| Debug(DEBUG_DEVCON,("VD: GetDriveLayout: Unknown 

| %08x\n",lnfo->PartitionStyle)); 
39372 1 } 
39373 1 

39374| for ( ULONG 

| i=0;i<lnfo->PartitionCount;i++ ) { 
39375| 

| Debug(DEBUG_DEVCON,("VD: Part[%2d]: Ps=%08x, So=%l64x, 
| L=%l64x, pn=%d, rp=%d\n", 
39376| 

M. 
39377| 

| I nfo-> Partition Entry[i] . PartitionStyle, 
39378| 

| I nfo-> Partition Entry[i] . StartingOff set, 
39379 1 

| I nfo-> Partition Entry[i] . Partition Length, 
39380 1 

| lnfo->PartitionEntry[i].PartitionNumber, 
39381 1 

| I nfo-> Partition Entry[i] . RewritePartitio n 
39382 1 

I)); 

39383| if ( 

| lnfo->PartitionEntry[i].PartitionStyle==PARTITION_STYLE_ 

| MBR ) { 
39384| 

| Debug(DEBUG_DEVCON,("VD: : Pt=%02x, bi=%d, 
| rp=%d, hidden=%08x\n", 
39385| 

| I nfo-> Partition Entry[i] . Mbr. PartitionType, 
39386| 

| lnfo->PartitionEntry[i].Mbr.Bootlndicator, 
39387| 

| I nfo-> Partition Entry[i] .Mbr. Recogn ized Partition, 
39388| 

| I nfo-> Partition Entryfi] . Mbr. HiddenSectors 
39389 1 



I)); 

39390| 
39391 | 



} else 
if ( 



| lnfo->PartitionEntry[i].PartitionStyle==PARTITION_STYLE 
| GPT ) { 



I ID; 
39394| 

| RtlStringFromGUID(lnfo->PartitionEntry[i].Gpt.PartitionT 
| ype,&PT); 
39395| 

| RtlStringFromGUID(lnfo->PartitionEntry[i].Gpt.Partitionl 
|d,&ID); 



| Debug(DEBUG_DEVCON,("VD: : Pt=%wZ, ld=%wZ, 

| A=%l64x, Name= , %S , \n", 
39398| 

I &PT, 
39399 1 

l&ID, 
39400 1 

| I nfo-> Partition Entry[i] . Gpt. Attributes, 
39401 1 

| lnfo->PartitionEntry[i]. Gpt. Name 
39402 1 

I)); 

39403 1 

| RtlFreeUnicodeString(&PT); 
39404| 

| RtlFreeUnicodeString(&ID); 
39405| } else { 

39406| 

| Debug(DEBUG_DEVCON,("VD: Unknown partition type\n")); 
39407| } 
39408| } 
39409 1 } else { 

39410| 

| lrp->loStatus. Information = 0; 
3941 1 1 lrp->loStatus. Status = 

| Status; 
39412| 

| Debug(DEBUG_DEVCON,("VD: %08x sending 

| ioctl\n",Status)); 
39413| } 
39414| } 
39415| break; 
39416| } 



39392| 
I PT; 
39393| 



UNICODE_STRING 



UNICODE_STRING 



39396| 
39397| 



39417| case IOCTL_DISK_GET_LENGTH_INFO : { 

39418| PIRP newlrp=NULL; 

39419| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39420| KEVENT event={0}; 

39421 1 PGET_LENGTH_INFORMATION 

| Len=(PGET_LENGTH_INFORMATION)lrp->Associatedlrp.SystemBu 

Iffer; 
39422 1 

39423 1 if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39424| // 
39425| // Perform the get 

| partition info synchronously. Set both 
39426| // the input and output 

| buffers as the buffer passed. 
39427| // 
39428| 

39429| KelnitializeEvent(&event, 

| NotificationEvent, FALSE); 
39430 1 

39431 1 PFILTEREDEXTENSION 

| FilteredExt = GetFiltered Extension (DevExt->PSM Device); 
39432 1 

39433| newlrp = 

| loBuildDeviceloControlRequest ( 
39434| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39435| 

| Filtered Ext->TargetDeviceObject, 
39436| 

| I rp-> Associated I rp . System Buff er, 
39437| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 
39438| 

| I rp-> Associated I rp . System Buff er, 
39439| 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 

39440| FALSE, 
39441 1 &event, 
39442| &ioStatusBlock); 
39443 1 

39444| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39445| 

39446| if ( Status == 

| STATUS_PENDING ) { 



39447| 

| pmWaitForSingleObject(&event,NULL); 
39448| Status = 

| ioStatusBlock. Status; 
39449| } 
39450| 

39451 1 if ( NT_SUCCESS(Status) ) { 

39452 1 

| Debug(DEBUG_DEVCON,("VD: Success sending ioctl\n M )); 
39453 1 lrp->loStatus = 

| ioStatusBlock; 
39454| lolncrement = 

I IO_DISK_INCREMENT; 
39455| 
39456| 

| Debug(DEBUG_DEVCON,("Vd: GetLength: 

| Length=%l64x\n M ,Len->Length)); 
39457| } else { 

39458| 

| lrp->loStatus. Information = 0; 
39459| lrp->loStatus. Status = 

| Status; 
39460 1 

| Debug(DEBUG_DEVCON,("VD: %08x sending 

| ioctl\n M ,Status)); 
39461 1 } 
39462 1 } 
39463| break; 
39464| } 

39465| case CTL_CODE(IOCTL_DISK_BASE, 0x0028, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 

39466| case lOCTL DISK GET DRIVE GEOMETRY EX : 

|{ 

39467| PIRP newlrp=NULL; 

39468| IO_STATUS_BLOCK 

| ioStatusBlock={0}; 
39469| KEVENT event={0}; 

39470| PDISK_GEOMETRY_EX 

| Geo=(PDISK_GEOMETRY_EX)lrp->Associatedlrp.SystemBuffer; 
39471 | 

39472 1 if ( 

| CheckMediaLoaded(DeviceObject,lrp)==STATUS_SUCCESS ) { 
39473 1 // 
39474| // Perform the get 

| partition info synchronously. Set both 
39475| // the input and output 

| buffers as the buffer passed. 
39476| // 
39477| 

39478| KelnitializeEvent(&event, 



I Notification Event, FALSE); 
39479| 

39480| PFILTERED_EXTENSION 

| FilteredExt = Get Filtered Extension (DevExt->PSM Device); 
39481 | 

39482 1 newlrp = 

| loBuildDeviceloControlRequest ( 
39483 1 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39484| 

| Filtered Ext->TargetDeviceObject, 
39485| 

| I rp-> Associated I rp. System Buff er, 
39486| 

| currentlrpStack->Parameters.DeviceloControl.lnputBufferL 
I ength, 
39487| 

| I rp-> Associated I rp. System Buff er, 
39488| 

| currentlrpStack->Parameters.DeviceloControl.OutputBuffer 
I Length, 

39489| FALSE, 
39490 1 &event, 
39491| &ioStatusBlock); 
39492| 

39493| Status = loCallDriver 

| (FilteredExt->TargetDeviceObject, newlrp); 
39494| 

39495| if ( Status == 

| STATUS_PENDING ) { 
39496| 

| pm WaitForSi ngleObject(&event, NULL); 
39497| Status = 

| ioStatusBlock. Status; 
39498| } 
39499| 

39500| if ( NT_SUCCESS(Status) ) { 

39501 1 PDISK_PARTITION_INFO 
| Info; 

39502| PDISK_DETECTION_INFO 

| Detect; 
39503 1 
39504| 

| Debug(DEBUG_DEVCON,("VD: Success sending ioctl\n")); 
39505| lrp->loStatus = 

| ioStatusBlock; 
39506| lolncrement = 

I IO_DISK_INCREMENT; 
39507| 



39508| 

| Debug ( D EB U G_D E VCON , (" V D : Geometry: Cyls=%l64d, MT=%08x, 
| TPC=%d, SPT=%d, BPS=%d\n", 
39509| 

| Geo->Geometry.Cylinders, 
39510| 

| Geo->Geometry.MediaType, 
3951 1 | 

| Geo->Geometry.TracksPerCylinder, 
39512| 

| Geo->Geometry.SectorsPerTrack, 
39513| 

| Geo ->Geo metry. Bytes Pe rSector)) ; 
39514| 
39515| 

| lnfo=DiskGeometryGetPartition(Geo); 
39516| 

| Detect= DiskGeometryGetDetect(Geo) ; 
39517| 

39518| if( 

| lnfo->PartitionStyle==PARTITION_STYLE_MBR ) { 
39519| 

| Debug(DEBUG_DEVCON,("VD: Info: PS=%08x (MBR), Sig=%08x, 
| Checksum=%08x\n", 
39520| 

| lnfo->PartitionStyle, 

| lnfo->Mbr.Signature,lnfo->Mbr.CheckSum)); 
39521 1 } else 

39522 1 if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_GPT) { 
39523| UNICODE_STRING GS; 

39524| 

| RtlStringFromGUID(lnfo->Gpt.Diskld,&GS); 
39525| 
39526| 

| Debug(DEBUG_DEVCON,("VD: Info: PS=%08x (GPT), 
| Guid=%wZ\n", 
39527| 

| lnfo->PartitionStyle, &GS)); 
39528| 
39529 1 

| RtlFreeUnicodeString(&GS); 
39530 1 } else 

39531 1 if ( 

| lnfo->PartitionStyle==PARTITION_STYLE_RAW ) { 
39532 1 

| Debug(DEBUG_DEVCON,("VD: Info: PS=%08x (RAW)\n", 
39533 1 

| lnfo->PartitionStyle)); 
39534| } else { 



39535| 

| Debug(DEBUG_DEVCON,("VD: Info: PS=%08x (Unknown)\n", 
39536| 

| lnfo->PartitionStyle)); 
39537| } 
39538| 

39539| if ( 

| Detect->DetectionType==DetectNone ) { 
39540| 

| Debug(DEBUG_DEVCON,("VD: Detect: %08x 

| (None)\n",Detect->DetectionType)); 
39541 1 } else 

39542 1 if ( 

| Detect->DetectionType==Detectlnt13 ) { 
39543 1 

| Debug(DEBUG_DEVCON,("VD: Detect: %08x (Int13) ds=%04x, 
| Cyls=%08x, SPT=%04x, H=%04x, nd=%04x\n", 

39544| 

| Detect->DetectionType, 

39545| 

| Detect->lnt13.DriveSelect, 
39546| 

| Detect->lnt13.MaxCylinders, 
39547| 

| Detect->lnt13.SectorsPerTrack, 
39548| 

| Detect->lnt13.MaxHeads, 
39549 1 

| Detect->lnt13.NumberDrives 
39550 1 

I)); 

39551 1 } else 

39552 1 if ( 

| Detect->DetectionType==DetectExlnt13 ) { 
39553 1 

| Debug(DEBUG_DEVCON,("VD: Detect: %08x (Exlnt13) 

| bs=%04x, f=%04x, C=%08x, h=%08x, spt=%08x, spd=%l64x, 

| ss=%04x, r=%04x\n", 
39554| 

| Detect->DetectionType, 
39555| 

| Detect->Exlnt13.ExBufferSize, 
39556| 

| Detect->Exlnt13.ExFlags, 
39557| 

| Detect->Exlnt13.ExCylinders, 
39558| 

| Detect->Exlnt13.ExHeads, 
39559 1 

| Detect->Exlnt1 3.ExSectorsPerTrack, 



39560| 

| Detect->Exlnt1 3.ExSectorsPerDrive, 
39561 | 

| Detect->Exlnt13.ExSectorSize, 
39562 1 

| Detect->Exlnt13.ExReserved 
39563 1 

I)); 

39564| } else { 

39565| 

| Debug(DEBUG_DEVCON,("VD: Detect: %08x 

| ( U nknown)\n" , Detect-> Detectio nType) ) ; 
39566| } 
39567| } else { 

39568| 

| lrp->loStatus. Information = 0; 
39569| lrp->loStatus. Status = 

| Status; 
39570 1 

| Debug(DEBUG_DEVCON,("VD: %08x sending 

| ioctl\n",Status)); 
39571 | } 
39572 1 } 
39573 1 break; 
39574| } 
39575| 

39576| case lOCTL MOUNTDEV QUERY DEVICE NAME : 

|{ 

39577| PMOUNTDEV_NAME Name = 

| (PMOUNTD E V_N AM E)l rp->Associated I rp .SystemBuffer; 
39578| WCHAR Buffer[200]; 

39579 1 ULONG Len; 

39580 1 
39581 1 

| swprintf (Buffer, U'WDeviceWPsm Devices_%04x\\%s_%d", PSM_ 

| LOW_COMPATIBLE_VERSION,DevExt->Name,DevExt->lnstance); 

39582 1 Len = 

| wcslen(Buffer)*sizeof(WCHAR); 

39583 1 

39584| ASSERT(wcslen(Buffer)<200); 
39585| if ( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEV_NAME ) ) { 
39586| Name->NameLength = 

| (USHORT)Len; 
39587| 

39588| if ( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEV_NAME )+Len ) { 
39589| 



I RtlCopyMemory(Name->Name,Buffer,Len); 
39590| 

| lrp->loStatus.lnformation = FIELD_OFFSET(MOUNTDEV_NAME, 

| Name) +Len; 
39591 1 } else { 

39592| lrp->loStatus. Status = 

| STATUS_BUFFER_OVERFLOW; 
39593 1 

| lrp->loStatus. Information = sizeof(MOUNTDEV_NAME); 
39594| } 
39595| } else { 

39596| // too small for anything.. 

39597| lrp->loStatus.Status = 

| STATUS_BUFFER_TOO_SMALL; 
39598| } 
39599 1 

39600| break; 
39601 1 } 
39602 1 case 

| IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME: { 
39603| PMOUNTDEV_SUGGESTED_LINK_NAME 

| Name=(PMOUNTDEV_SUGGESTED_LINK_NAME)lrp->Associatedlrp.S 

| ystem Buffer; 
39604| WCHAR Buffer[200]; 

39605| ULONG Len; 

39606| 
39607| 

| swprintf(Buffer,L"%s_%d",DevExt->Name,DevExt->lnstance); 
39608| Len = 

| wcslen(Buffer)*sizeof(WCHAR); 
39609 1 if ( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEV_SUGGESTED_LINK_NAME) ) { 
39610| 

| Name->UseOnlylfThereAreNoOtherLinks = 1; 
3961 1 1 Name->NameLength = 

| (USHORT)Len; 
39612| if( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEV_SUGGESTED_LINK_NAME)+Len ) { 
39613| 

| RtlCopyMemory(Name->Name,Buffer,Len); 
39614| 

| lrp->loStatus. Information = 

| FIELD_OFFSET(MOUNTDEV_SUGGESTED_LINK_NAME,Name)+Len; 
39615| }else{ 
39616| lrp->loStatus. Status = 

| STATUS_BUFFER_OVERFLOW; 
39617| 

| lrp->loStatus. Information = 



I sizeof(MOUNTDEV_SUGGESTED_LINK_NAME); 
39618| } 
39619| }else{ 
39620| lrp->loStatus.Status = 

| STATUS_BUFFER_TOO_SMALL; 
39621 1 } 
39622 1 break; 
39623 1 } 

39624| case IOCTL_MOUNTDEV_QUERY_UNIQUE_ID: { 

39625| PMOUNTDEV_UNIQUE_ID 

| Name=(PMOUNTDEV_UNIQUE_ID)lrp->Associatedlrp.SystemBuffe 

I r; 

39626| WCHAR Buffer[200]; 

39627| ULONG Len; 

39628| 
39629 1 

| swprintf(Buffer,L"%s_%d",DevExt->Name,DevExt->lnstance); 
39630 1 Len = 

| wcslen(Buffer)*sizeof (WCHAR); 
39631 1 if ( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEVJJNIQUEJD) ) { 
39632| Name->UniqueldLength = 

| (USHORT)Len; 
39633 1 if ( 

| cu rrentl rpStack-> Parameters . DeviceloContro I .OutputBuff er 

| Length >= sizeof( MOUNTDEV_UNIQUE_ID)+Len ) { 
39634| 

| RtlCopyMemory(Name->Uniqueld,Buffer,Len); 
39635| 

| lrp->loStatus. Information = 

| FIELD_OFFSET(MOUNTDEV_UNIQUE_ID,Uniqueld)+Len; 
39636| } else { 

39637| lrp->loStatus. Status = 

| STATUS_BUFFER_OVERFLOW; 
39638| 

| lrp->loStatus. Information = sizeof(MOUNTDEV_UNIQUE_ID); 
39639 1 } 
39640 1 } else { 

39641 1 lrp->loStatus.Status = 

| STATUS_BUFFER_TOO_SMALL; 
39642 1 } 
39643 1 break; 
39644| } 
39645| #endif 
39646| 
39647| 

39648| // currently not supported ioctls 

39649 1 

39650| case IOCTL_SCSI_PASS_THROUGH: 



39651 1 
39652 1 
39653 1 
39654| 
39655| 
39656| 
39657| 
39658| 
39659 1 
39660| // 
39661 1 
39662 1 
39663 1 
39664| 



case IOCTL_SCSI_MINIPORT: 

case IOCTL_SCSI_GET_INQUIRY_DATA: 

case IOCTL_SCSI_GET_CAPABILITIES: 

case IOCTL_SCSI_PASS_THROUGH_DIRECT: 

case IOCTL_SCSI_GET_ADDRESS: 

case IOCTL_SCSI_RESCAN_BUS: 

case I OCTL_SCS l_G ET D U M P_PO INTERS: 

case IOCTL_STORAG E_FI N D_N EW_DEVICES : 

case IOCTL_DISK_FIND_NEW_DEVICES: 

case IOCTL_DISK_REMOVE_DEVICE : 
case IOCTL_DISK_CONTROLLER_NUMBER: 



//fall through... 
default: 



Debug(DEBUG_DEVCON,("VDisk: loctl 



| not handled! %08x - %s\n", 
39665| 

| currentlrpStack->Parameters.DeviceloControl.loControlCod 
|e, 
39666| 

| File_GetlOCTLString(currentlrpStack->Parameters.Devicelo 

| Control. loControlCode))); 
39667| lrp->loStatus. Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
39668| 

39669 1 } 
39670 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

39671 1 Status = GetExceptionCode(); 

39672| Debug(DEBUG_DEVCON,("VDisk: Exception %08x 

| in PSManDeviceControlVDisk\n",Status)); 
39673 1 } 

39674| try_exit: NOTHING; 

39675| } ^finally { 

39676| ReleaseVDiskResou rce() ; 

39677| } 

39678| 

39679 1 if ( CompleteRequest ) { 

39680| // Finish the I/O operation by simply 

| completing the packet and returning 
39681 1 // the same status as in the packet itself. 
39682 1 

39683| Status = lrp->loStatus.Status; 
39684| 

39685| if ( Status!=0 ) { 

39686| Debug(DEBUG_READ,("VDisk: devcon: Device 

| %08x Irp %08x Error 

| %08x\n",DevExt->DeviceObject,lrp,Status)); 
39687| } 

39688| loCompleteRequest( Irp, lolncrement ); 
39689 1 } 



39690| 

39691 1 //Debug(DEBUG_DEVCON,("PSManDeviceControlVDisk: 

| Done Status=%08x\n", Status)); 
39692| return Status; 
39693 1 
39694| } 
39695| 

39696| r 



39697| STATIC NTSTATUS PSManDeviceControlFSObject( 
39698| 

| PDEVICE_OBJECT DeviceObject, 
39699| PIRP Irp 

39700| ) 
39701 1 { 

39702| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
39703 1 

39704| Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManDevConFSObject Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
39705| I rp->loStatus. Information = 0; 
39706| lrp->loStatus.Status = Status; 
39707| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
39708| Debug(DEBUG_PROCCALL | 

| DEBUG_CLEANUP,("PSManDevConFSObject Done\n")); 
39709 1 

39710| return Status; 
3971 1 1 
39712| } 
39713| 

39714| r 



39715| STATIC NTSTATUS PSManDeviceControlFSFilter( 
39716| 

| PDEVICE_OBJECT DeviceObject, 
39717| PIRP Irp 

39718| ) 
39719| { 

39720| NTSTATUS Status; 
39721 1 

39722| #ifdef DEBUG 

39723| if ( PsmActive ) { 

39724| Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManDevConFSFilter Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
39725| } 
39726| #endif 
39727| 

39728| Status = PSManFSPassThru( DeviceObject, Irp ); 
39729| 



39730| #ifdef DEBUG 

39731 1 if ( PsmActive ) { 

39732 1 Debug(DEBUG_CLEANUP | 

| DEBUG_PROCCALL,("PSManDevConFSFilter Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 
} 

#endif 

return Status; 



39733 
39734 
39735 
39736 
39737 
39738 
39739 
39740 
39741 
39742 
39743 
39744 
39745 
39746 
39747 
39748 
39749 
39750 
39751 
39752 
39753 
39754 
39755 
39756 
39757 
39758 
39759 
39760 
39761 
39762 
39763 
39764 
39765 
39766 
39767 
39768 
39769 
39770 
39771 
39772 
39773 
39774 
39775 
39776 
39777 



} 



File Listing: DEVCON.h 

STATIC NTSTATUS 
PSManDeviceControlObject( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 

STATIC NTSTATUS 
PSManDeviceControlDevice( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 

NTSTATUS 
PSManDeviceControl( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 

STATIC NTSTATUS 
PSManDeviceControlVDisk( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 

STATIC NTSTATUS 
PSManDeviceControlFSObject( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 

STATIC NTSTATUS 
PSManDeviceControlFSFilter( 

PDEVICE_OBJECT DeviceObject, 

PIRP Irp 

); 



39778| 
39779| 

39780| STATIC NTSTATUS 

39781 1 PSManNewDiskCompletion( 

39782| IN PDEVICE_OBJECT DeviceObject, 

39783| IN PIRP Irp, 

39784| IN PVOID Context 

39785| ); 

39786| 

39787| NTSTATUS NotifyUserModeOfEvent( ULONG Event ); 
39788| NTSTATUS NotifyUserModeOfRegChangeEvent( 

| PFILTERED_EXTENSION FiltExt ); 
39789| NTSTATUS NotifyUserModeOfVolumeOnlineEvent( 

| PFILTERED EXTENSION FiltExt); 
39790| 
39791| 

39792| #if _WIN32_WINNT >= 0x0500 
39793| 

39794| // loctls i got from build 2416 whistler SDK (Post beta 

| 1) ntdddisk.h 
39795| // 

39796| // New lOCTLs for GUID Partition tabled disks. 

39797| // 

39798| 

39799| #define IOCTL_DISK_GET_PARTITION_INFO_EX 

| CTL_CODE(IOCTL_DISK_BASE, 0x0012, METHOD_BUFFERED, 

| FILEANYACCESS) 
39800| #define IOCTL_DISK_SET_PARTITION_INFO_EX 

| CTL_CODE(IOCTL_DISK_BASE, 0x0013, METHOD_BUFFERED, 

| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 
39801 1 #define IOCTL_DISK_GET_DRIVE_LAYOUT_EX 

| CTL_CODE(IOCTL_DISK_BASE, 0x0014, METHOD BUFFERED, 

| FILE_ANY_ACCESS) 
39802| #define IOCTL_DISK_SET_DRIVE_LAYOUT_EX 

| CTL_CODE(IOCTL_DISK_BASE, 0x0015, METHOD_BUFFERED, 

| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 
39803| #define IOCTL_DISK_CREATE_DISK 

| CTL_CODE(IOCTL_DISK_BASE, 0x0016, METHOD_BUFFERED, 

| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 
39804| #define IOCTL_DISK_GET_LENGTH_INFO 

| CTL_CODE(IOCTL_DISK_BASE, 0x0017, METHOD_BUFFERED, 

| FILE READ ACCESS) 
39805| #define I OCTL_D I SK_G ET_D Rl VE_G EOM ETRY_EX 

| CTL_CODE(IOCTL_DISK_BASE, 0x0028, METHOD_BUFFERED, 

| FILE ANY ACCESS) 
39806| 
39807| 
39808| // 

39809| // Support for GUID Partition Table (GPT) disks. 
39810| // 



3981 1 1 
39812| // 

39813| // There are currently two ways a disk can be 

| partitioned. With a traditional 
39814| // AT-style master boot record (PARTITION_STYLE_MBR) 

| and with a new, GPT 
39815| // partition table ( P A RT I T I O N_ST Y L E_G PT) . RAW is for an 

| unrecognizable 
39816| // partition style. There are a very limited number of 

| things you can 
39817| // do with a RAW partititon. 
39818| // 
39819| 

39820| typedef enum PARTITION STYLE { 
39821 1 P A RT I T I O N_ST Y L E_M B R , 
39822| PARTITION_STYLE_GPT, 
39823| PARTITION_STYLE_RAW 
39824| } PARTITION_STYLE; 
39825| 
39826| 
39827| // 

39828| // The following structure defines information in a GPT 

| partition that is 
39829| // not common to both GPT and MBR partitions. 
39830 1 // 
39831| 

39832| typedef struct _PARTITIONJNFORMATION_GPT { 
39833| GUID PartitionType; // Partition 

| type. See table 16-3. 
39834| GUID Partitionld; // Unique GUID 

| for this partition. 
39835| ULONG64 Attributes; // See table 

| 16-4. 

39836| WCHAR Name [36]; // Partition 

| Name in Unicode. 
39837| } PARTITION_INFORMATION_GPT, 

| *PPARTITION_INFORMATION_GPT; 
39838| 
39839 1 // 

39840| // The following are GPT partition attributes 

| applicable when the 
39841| // PartitionType is PA RTI Tl ON BAS I C_D ATA G U I D . 
39842| // 
39843| 

39844| #define GPT_BASIC_DATA_ATTRIBUTE_NO_DRIVE_LETTER 

| (0x8000000000000000) 
39845| #define G PTB AS I C_D ATAATT R I B UTEH I D D E N 

| (0x4000000000000000) 
39846| #define G PT_B AS I C_D ATA_ATT R I B U T E_H I D D E N_l F_C LO N E 

| (0x2000000000000000) 



39847| #define G PT_B AS I C_D ATA_ATT R I B LITER E A D_0 N L Y 

| (0x1000000000000000) 
39848| #define GPT_BASIC_DATA_ATTRIBUTE_READ_ONLY_IF_CLONE 

| (0x0800000000000000) 
39849 1 
39850 1 // 

39851 1 // The following structure defines information in an 

| MBR partition that is not 
39852| // common to both GPT and MBR partitions. 
39853 1 // 
39854| 

39855| typedef struct _PARTITION_INFORMATION_MBR { 

39856| UCHAR PartitionType; 

39857| BOOLEAN Bootlndicator; 

39858| BOOLEAN RecognizedPartition; 

39859| ULONG Hidden Sectors; 

39860| } PARTITION_INFORMATION_MBR, 

| *PPARTITION_INFORMATION_MBR; 
39861 1 
39862 1 
39863 1 // 

39864| // The structure SET_PARTITION_INFO_EX is used with the 
| ioctl 

39865| // IOCTL_SET_PARTITION_INFO_EX to set information about 
| a specific 

39866| // partition. Note that for MBR partitions, you can 

| only set the partition 
39867| // signature, whereas GPT partitions allow setting of 

| all fields that 
39868| // you can get. 
39869 1 // 
39870 1 

39871 1 typedef SET_PARTITION_INFORMATION 

| SETPARTITIONINFORMATIONMBR; 
39872| typedef PARTITION_INFORMATION_GPT 

| SET_PARTITION_INFORMATION_GPT; 
39873 1 
39874| 

39875| typedef struct _SET_PARTITION_INFORMATION_EX { 
39876| PARTITION_STYLE PartitionStyle; 
39877| union { 

39878| SET PARTITION INFORMATION MBR Mbr; 
39879| SET_PARTITION_INFORMATION_GPT Gpt; 
39880 1 }; 

39881| } SET_PARTITION_INFORMATION_EX, 

| *PSET_PARTITION_INFORMATION_EX; 
39882| 
39883| 
39884| // 

39885| // The structure CREATE_DISK_GPT with the ioctl 



I IOCTL_DISK_CREATE_DISK 
39886| // to initialize an virgin disk with an empty GPT 

| partition table. 
39887| // 
39888| 

39889| typedef struct _C R EAT E_D I SK_G PT { 
39890| GUID Diskld; // Unique disk id 

| for the disk. 

39891 1 ULONG MaxPartitionCount; // Maximim number 

| of partitions allowable. 
39892| } CREATE_DISK_GPT, * PC RE ATE_D I SK_G PT; 
39893 1 
39894| // 

39895| // The structure CREATE DISK MBR with the ioctl 

| IOCTL_DISK_CREATE_DISK 
39896| // to initialize an virgin disk with an empty MBR 

| partition table. 
39897| // 
39898| 

39899| typedef struct _CREATE_DISK_MBR { 
39900| ULONG Signature; 

39901| } CREATE_DISK_MBR, *PCREATE_DISK_MBR; 

39902| 

39903| 

39904| typedef struct _CREATE_DISK { 
39905| PARTITION_STYLE PartitionStyle; 
39906| union { 

39907| CREATE_DISK_MBR Mbr; 
39908| CREATE_DISK_GPT Gpt; 
39909| }; 

39910| } CREATE_DISK, *PCREATE_DISK; 

39911| 

39912| 

39913| // 

39914| // The structure GET_LENGTH_IN FORMATION is used with 
| the ioctl 

39915| // lOCTL DISK GET LENGTH INFO to obtain the length, in 

| bytes, of the 
39916| // disk, partition, or volume. 
39917| // 
39918| 

39919| typedef struct _GET_LENGTH_INFORMATION { 
39920| LARGEJNTEGER Length; 

39921| } GET_LENGTH_INFORMATION, *PGET_LENGTH_IN FORMATION; 

39922| 

39923| // 

39924| // The PARTITION INFORMATION EX structure is used with 
| the 

39925| // IOCTL_DISK_GET_DRIVE_LAYOUT_EX, 
| IOCTL_DISK_SET_DRIVE_LAYOUT_EX, 



39926| // IOCTL_DISK_GET_PARTITION_INFO_EX and 

| IOCTL_DISK_GET_PARTITION_INFO_EX calls. 
39927| // 
39928| 

39929| typedef struct _P A RT I T I O N_l N FO R M AT I O N_EX { 

39930| PARTITION_STYLE PartitionStyle; 

39931 1 LARGE_INTEGER Starting Offset; 

39932| LARGE_INTEGER PartitionLength; 

39933| ULONG PartitionNumber; 

39934| BOOLEAN Rewrite Part it ion; 

39935| union { 

39936| PARTITION_INFORMATION_MBR Mbr; 
39937| PARTITION_INFORMATION_GPT Gpt; 
39938| }; 

39939| } PARTITION_INFORMATION_EX, *PPARTITION_INFORMATION_EX; 
39940 1 
39941 1 
39942 1 // 

39943| // GPT specific drive layout information. 

39944| // 

39945| 

39946| typedef struct _D R I V EL A YO U T_l N FO R M AT I O N_G PT { 
39947| GUID Diskld; 

39948| LARGE INTEGER Starting UsableOffset; 
39949| LARGEJNTEGER UsableLength; 
39950| ULONG MaxPartitionCount; 
39951| } DRIVE_LAYOUT_INFORMATION_GPT, 

| *PDRIVE_LAYOUT_INFORMATION_GPT; 
39952| 
39953| 
39954| // 

39955| // MBR specific drive layout information. 

39956| // 

39957| 

39958| typedef struct _D R I V E_L A YO U T_l N FO R M AT I O N_M B R { 
39959| ULONG Signature; 

39960| } DRIVE_LAYOUT_INFORMATION_MBR, 

| *PDRIVE_LAYOUT_INFORMATION_MBR; 
39961 1 
39962 1 // 

39963| // The structure DRIVE_LAYOUT_INFORMATION_EX is used 
| with the 

39964| // IOCTL_SET_DRIVE_LAYOUT_EX and 

| IOCTL_GET_DRIVE_LAYOUT_EX calls. 
39965| // 
39966| 

39967| typedef struct _DRIVE_LAYOUT_INFORMATION_EX { 
39968| ULONG PartitionStyle; 
39969| ULONG PartitionCount; 
39970| union { 



39971 1 DRIVE_LAYOUT_INFORMATION_MBR Mbr; 
39972| DRIVE_LAYOUT_INFORMATION_GPT Gpt; 
39973 1 }; 

39974| PARTITION_INFORMATION_EX Partition Entry[1]; 
39975| } DRIVE_LAYOUT_INFORMATION_EX, 

| *PDRIVE_LAYOUT_INFORMATION_EX; 
39976| 
39977| 
39978| // 

39979| // The DISK_GEOMETRY_EX structure is returned on 
| issuing an 

39980| // IOCTL_DISK_GET_DRIVE_GEOMETRY_EX ioctl. 
39981 1 // 
39982 1 

39983| typedef enum _DETECTION_TYPE { 

39984| DetectNone, 

39985| Detectlnt13, 

39986| DetectExlnt13 

39987| } DETECTIONTYPE; 

39988| 

39989| typedef struct _DISK_INT13_INFO { 

39990| USHORT DriveSelect; 

39991 1 ULONG MaxCylinders; 

39992| USHORT Sectors PerTrack; 

39993| USHORT MaxHeads; 

39994| USHORT NumberDrives; 

39995| } DISKJNT13JNFO, *PDISK_INT13_INFO; 

39996| 

39997| typedef struct _DISK_EX_INT13_INFO { 

39998| USHORT ExBufferSize; 

39999| USHORT ExFlags; 

40000| ULONG ExCylinders; 

40001| ULONG ExHeads; 

40002| ULONG ExSectorsPerTrack; 

40003| ULONG64 ExSectorsPerDrive; 

40004| USHORT ExSectorSize; 

40005| USHORT ExReserved; 

40006| } DISK_EX_INT13_INFO, *PDISK_EX_INT13_INFO; 
40007| 

40008| typedef struct _DISK_DETECTION_INFO { 

40009| ULONG SizeOf Detect Info; 

40010| DETECTION TYPE DetectionType; 

40011| union { 

40012| struct{ 

40013| 

40014| // 

40015| // If DetectionType == 

| DETECTIONJNT13 then we have just the Int13 
40016| // information. 

40017| // 



40018| 

40019| DISKJNT13JNFO Int13; 

40020 1 

40021 1 // 

40022| // If DetectionType == 

| DETECTION_EX_INT13, then we have the 
40023| // extended int 13 information. 

40024| // 
40025| 

40026| DISK_EX_INT13_INFO Exlnt13; 

| // If DetectionType == DetectExlnt13 
40027| }; 
40028| }; 

40029| } DISK DETECTION INFO, *PDISK_DETECTION_INFO; 

40030| 

40031 | 

40032| typedef struct _DISK_PARTITION_INFO { 
40033| ULONG SizeOfPartitionlnfo; 
40034| PARTITION_STYLE PartitionStyle; 

| // PartitionStyle = RAW, GPT or MBR 
40035| union { 
40036| struct { 

| // If PartitionStyle == MBR 
40037| ULONG Signature; 

| // MBR Signature 
40038| ULONG CheckSum; 

| // MBR Checksum 
40039| } Mbr; 

40040 1 struct { 

| // If PartitionStyle == GPT 
40041| GUID Diskld; 

40042| } Gpt; 

40043| }; 

40044| } DISK_PARTITION_INFO, *PDISK_PARTITION_INFO; 

40045| 

40046| 

40047| // 

40048| // The Geometry structure is a variable length 

| structure composed of a 
40049| // DISK_GEOMETRY_EX structure followed by a 

| DISK_PARTITION_INFO structure 
40050| // followed by a DISK_DETECTION_DATA structure. 
40051 1 // 
40052 1 

40053| #define DiskGeometryGetPartition(Geometry)\ 
40054| 

| ((PDISK_PARTITION_INFO)((Geometry)+1 )) 
40055| 

40056| #define DiskGeometryGetDetect(Geometry)\ 
40057| 



I ((PDISK_DETECTION_INFO)(((PBYTE)DiskGeometryGetPartition 
| (Geometry)+\ 
40058| 

| DiskGeometryGetPartition(Geometry)->SizeOfPartitionlnfo) 

I)) 
40059| 

40060| typedef struct _DISK_GEOMETRY_EX { 
40061 1 DISK_GEOMETRY Geometry; 

| // Standard disk geometry: may be faked by driver. 
40062| LARGEJNTEGER DiskSize; 

| // Must always be correct 
40063| UCHAR Data[1]; 

| // Partition, Detect info 
40064| } DISK GEOMETRY EX, *PDISK_GEOMETRY_EX; 
40065| 

40066| NTSTATUS PsmCreateFiles( tOpenTransactionlnlnternal 

| *ln, PKEVENT AbortEvent ); 
40067| 
40068| 

40069 1 #endif 
40070| 
40071 1 
40072 | 

40073| File Listing: DEVSUP.cpp 
40074| 

40075| #include "precomp.h" 
40076| 

40077| #ifdef ALLOC_PRAGMA_DO_NOT_DO 

40078| #pragma alloc_text(PAGE, SbOpenCacheFilelnAsyncMode) 

40079| #pragma alloc_text(PAGE, SbOpenCacheFilelnSyncMode) 

40080| #pragma alloc_text(PAGE, SbGetAsyncEvent) 

40081| #pragma alloc_text(PAGE, Sb Read And Wait) 

40082| #pragma alloc_text(PAGE, SbWriteAndWait) 

40083| #pragma alloc_text(PAGE, SbGetRegistrySettings) 

40084| #pragma alloc_text(PAGE, FailRequest) 

40085| #pragma alloc_text(PAGE, FlushVolume) 

40086| #endif 

40087| 

40088| typedef NTSTATUS ftZwFlushBuffersFile) ( IN HANDLE 

| FileHandle, OUT PIO_STATUS_BLOCK loStatusBlock ); 
40089| 

40090| tZwFlushBuffersFile ZwFlushBuffersFile; 
40091 1 tZwShutdownSystem ZwShutdownSystem; 
40092| 
40093| 

40094| // 



40096| #define FSCTL_LOCK_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, 



I FILE_ANY_ACCESS) 
40097| #define FSCTL_UNLOCK_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, 

| FILE ANY ACCESS) 
40098| #define FSCTL_DISMOUNT_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
40099| #define FSCTL_I N VAL I DATE_VOLU M ES 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM,21, METHODBUFFERED, 

| FILE_ANY_ACCESS) 
40100| #define FSCTL_IS_VOLUME_MOUNTED 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
40101| 
40102| 

40103| NTSTATUS FS_SystemCall ( 

40104| PFILE_OBJECT FileObject, 

401 05| ULONG loControlCode, 

401 06| const char *CallerFunctionName ); 

40107| 

40108| 

40109| NTSTATUS FS_DismountVolume( PFILE_OBJECT FileObject ) 
40110| { 

401 1 1 1 return FS_SystemCall ( FileObject, 

| FSCTL_DISMOUNT_VOLUME, "FS_DismountVolume" ); 
40112| } 
40113| 

40114| NTSTATUS FSJsVolumeMounted ( PFILE_OBJECT FileObject ) 
40115| { 

401 1 6| return FS_SystemCall ( FileObject, 

| FSCTL_IS_VOLUME_MOUNTED, "FSJsVolumeMounted" ); 
40117| } 
40118| 
40119| 

40120| NTSTATUS FS_UnlockVolume ( PFILE_OBJECT FileObject ) 
40121| { 

40122| return FS_SystemCall ( FileObject, 

| FSCTL_UNLOCK_VOLUME, "FSJJnlockVolume" ); 
40123| } 
40124| 
40125| 

40126| typedef NTSTATUS (* FS_SYSTEM_CALL_FUNCTION) ( 

| PFILE_OBJECT); 
40127| 

40128| NTSTATUS Sblo_SystemCall ( 

40129| const WCHAR *VolumeName, 

40130| FS_SYSTEM_CALL_FUNCTION FsFunctionToCall, 

401 31 1 const char *ActionDebugText, 

40132| ULONG Des i red Access ); 

40133| 



40134| /* 

I */ 

40135| 
40136| 

40137| void DeleteAIISnapShots ( void * ) 
40138| { 

401 39 1 pkSnapShotMaster OneToDelete=NULL; 
40140| PDEVICE_OBJECT DevObj=NULL; 
40141| PFILTERED EXTENSION DevExt=NULL; 
40142| pkSnapShotEntry p=NULL; 
40143| 

40144| Debug(DEBUG_THREAD,( M DeleteAIISnapShotsThread: 

| Starting\n M )); 
40145| 

40146| //start at the top 
40147| __try{ 

401 48 1 if(AcquireOpenCloseResource()==STATUS_WAIT_0) { 

40149| __try{ 

401 50| UpdateGlobalStatus 

| (PSM_DESTROYING_SNAPSHOT); 
40151| StartOver: 
40152| OneToDelete = NULL; 

40153| DevObj = 

| PSManDriverObject->DeviceObject; 
401 54| // go through all volumes looking for 

| snapshots 
40155| while(DevObj != NULL) { 

40156| 

| if(PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK) { 
40157| DevExt = 

| GetFilteredExtension(DevObj); 
40158| 

40159| GetSnapShotForRead(); 

40160| __try{ 

40161| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
40162| if (p) { 

40163| OneToDelete = 

| p->MasterSnapShot; 
401 64 1 DoneWithSnapShot(p); 
40165| break; 
40166| } 

40167| } finally { 

401 68| ReleaseSnapShotForReadQ; 
40169| } 
40170| } 

401 71 1 DevObj=DevObj->NextDevice; 

40172| } 

40173| 

40174| if(p) { 



40175| pOTJJSER User = 

| FindPSMUser(PsGetCurrentProcess(),(_ETHREAD*)-2); 
40176| 

| Debug(DEBUG_DCPSM,("DeleteAIISnapShots: Deleting 
| Snapshot %08x\n",OneToDelete)); 



401 77| lnternalClosePSM(User,OneToDelete); 

40178| goto StartOver; 

40179| }else{ 

40180| } 

40181| } finally { 

401 82 1 ReleaseOpenCloseResource(); 

40183| UpdateGlobalStatus (PSMJDLE); 

40184| } 

401 85| } // if OpenClose Resource acquired 

40186| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

40187| Debug(DEBUG_DCPSM,("DeleteAIISnapShots: 



| Exception %08x deleting snapshot 

| %08x\n",GetExceptionCode(),OneToDelete)); 
40188| } 
40189| 

40190| Debug(DEBUG_THREAD,( M DeleteAIISnapShotsThread: 

| Exiting\n")); 
40191 1 PsTerminateSystemThread( 0 ); 
40192| return; 
40193| } 
40194| 

40195| void DeleteAIISnapShotsForVolume ( void *Volume ) 
40196| { 

401 97| pkSnapShotMaster OneToDelete=NULL; 

40198| PDEVICE_OBJECT DevObj; 

40199| PFILTERED EXTENSION DevExt=NULL; 

40200| pkSnapShotEntry p; 

40201 | 

40202 | 

| Debug(DEBUG_THREAD,( M DeleteAIISnapShotsForVolumeThread: 
| Starting\n")); 



40203 | 

40204| // start at the top 

40205| _try { 

40206| if(AcquireOpenCloseResource()==STATUS_WAIT_0) { 

40207| __try { 

40208| DevObj = (PDEVICE_OBJECT)Volume; 

40209| DevExt = GetFilteredExtension (DevObj); 
40210| 

40211| StartOver: 

40212| OneToDelete = NULL; 

40213| 

40214| GetSnapShotForRead(); 

40215| __try{ 



40216| 

| p=GetTopSnapShot(&DevExt->SnapShots); 



40217| if(p) { 

40218| OneTo Delete = 

| p->MasterSnapShot; 

40219| DoneWithSnapShot(p); 

40220| } 

40221 1 } ^finally { 

40222| ReleaseSnapShotForRead(); 

40223 1 } 

40224| 

40225| if(p) { 

40226| pOTJJSER User = 



| FindPSMUser(PsGetCurrentProcess(),(_ETHREAD*)-2); 
40227| 

| Debug(DEBUG_DCPSM,("DeleteAIISnapShotsForVolume: 
| Deleting Snapshot %08x\n M ,OneTo Delete)); 



40228| lnternalClosePSM(User,OneToDelete); 

40229| goto StartOver; 

40230| } else { 

40231| } 

40232| } finally { 

40233| ReleaseOpenCloseResource(); 

40234| } 

40235| } // if OpenClose Resource acquired 



40236| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

40237| 

| Debug(DEBUG_DCPSM,("DeleteAIISnapShotsForVolume: 

| Exception %08x deleting snapshot 

| %08x\n",GetExceptionCode(),OneToDelete)); 
40238| } 
40239| 
40240| 

| Debug(DEBUG_THREAD,( M DeleteAIISnapShotsForVolumeThread: 

| Exiting\n")); 
40241 1 PsTerminateSystemThread( 0 ); 
40242 1 return; 
40243 1 } 
40244| 
40245| 

40246| /* 



40247| void FailRequestAII ( pkSnapShotEntry Snapshot, 

| NTSTATUS Error ) 
40248| { 

40249| BOOLEAN DoCallBacks=FALSE; 
40250| PAG E D_CO D E () ; 
40251 | 

40252| Debug(DEBUG_DEVSUP,("FailRequest: Error %08x 



I occured, failing PSM users\n", Error)); 
40253| pmAcquireMutex ( &WorkerThreadMutex, NULL); 
40254| Debug(DEBUG_DEVSUP,("FailRequest: Got mutex\n M )); 
40255| // only set error once.. 
40256| if(!LastErrorStatus) { 
40257| 

40258| Debug(DEBUG_DEVSUP,("FailRequest: Turning psm 
I off\n")); 

40259| LastErrorStatus = Error; 

40260| I* 3-21 -99, dont disable drive as it seems that 

| the file system doesnt like it and does 
40261 1 the following things that are bad mojo. 

40262 1 1 . Lose memory to a vpb as it can not be 

| dismounted right (ie the create fails due to the volume 
40263 1 being not in the drive when trying to 

| remount, since we can not open the volume, we can not 

| lock 

40264| or dismount it.) 

40265| 2. It seems to corrupt memory in the KTHREAD 

| structure for its own thread, not sure why it does this 
40266| 

40267| VDiskDisableAIIQ; 
40268| 7 
40269| PsmOff(); 
40270| 

40271 1 // minimize the amount of time we are in here, 

| as our threads 
40272| // can not do anything, including exit. 
40273| DoCallBacks = TRUE; 
40274| } 
40275| 

40276| pmReleaseMutex ( &WorkerThreadMutex ); 
40277| 

40278| // ok, now call the registered callbacks. 

40279| if(DoCallBacks) { 

40280| pOTJJSER User=NULL; 

40281 | 

40282| Debug(DEBUG_DEVSUP,("FailRequest: Marking 

| snapshots\n")); 
40283| MarkAIISnapShotsWithError( Snapshot, Error ); 
40284| 

40285| Debug(DEBUG_DEVSUP,("FailRequest: Doing 

| callbacks\n")); 
40286| if((gLogErrors) && 

| (Error!=PSM_CANCELED_BY_USER) && 

| (Error!=STATUS_SUCCESS)) { 
40287| WCHAR ErrorStr[1 0]; 

40288| WCHAR *Strings[1]; 

40289| swprintf(ErrorStr,L"%08x n ,Error); 
40290| Strings[0] = ErrorStr; 



40291| 

40292| Debug(DEBUG_DEVSUP,("FailRequest: Logging 

| error %08x\n", Error)); 
40293| switch (Error) { 

40294| case PSM_ERROR_CACHEFILE_FULL: { 

40295| Hint -save -e740 7 

40296| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_CACHEFILE_FULL,PSM_ERROR_CACHEFILE_FULL,NULL,0,NULL,0) 

I ; 

40297| Hint -restore 7 

40298| break; 
40299| } 
40300| 

40301| default: 

40302| Hint -save -e740 7 

40303| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_DISA 

| BLED_ERROR,Error,NULL,0,Strings,1); 
40304| Hint -restore 7 

40305| } 
40306| } 
40307| 

40308| if(GlobalData->NumActive) { 
40309| HANDLE TempHandle; 

40310| pmStartThread( 

4031 1 1 (PKSTARTROUTINE)DeleteAIISnapShots, 

| // IN PKSTART_ROUTINE StartRoutine, 
40312| NULL, // IN PVOID 

| StartContext 
40313| &TempHandle //OUT 

| PHANDLE ThreadHandle, 
40314| ); 

40315| ZwClose(TempHandle); 

40316| } 

40317| 

40318| 

40319| Debug(DEBUG_DEVSUP,("FailRequest: Getting user 
| mutex\n")); 

40320| pmAcquireMutex ( &PSMUserMutex, NULL ); 
40321 1 Debug(DEBUG_DEVSUP,("FailRequest: Got user 

| mutex\n")); 
40322 | 

40323| User=GlobalData->PSMUsers; 
40324| while(User) { 

40325| if((User->Open) && (User->ErrorEvent)) { 

40326| Debug(DEBUG_DEVSUP,("FailRequest: 

| Setting error event for user %08x\n M ,User)); 
40327| pmSetEvent(User->ErrorEvent); 
40328| } else { 



40329| Debug(DEBUG_DEVSUP,("FailRequest: 

| Skipping user %08x\n M ,User)); 
40330| } 

40331 1 User=User->Next; 
40332 1 } 

40333| pmReleaseMutex ( &PSMUserMutex); 
40334| } 

40335| Debug(DEBUG_DEVSUP,("FailRequest: Leaving 

| FailRequest\n")); 
40336| 
40337| } 
40338| 

40339| void FailRequestForVolume( pkSnapShotEntry Snapshot, 

| NTSTATUS Error ) 
40340 1 { 

40341 1 BOOLEAN DoCallBacks=FALSE; 
40342| PAG E DCOD E () ; 
40343 1 

40344| Debug(DEBUG_DEVSUP,("FailRequestForVolume: Error 

| %08x occured, failing PSM users\n", Error)); 
40345| pmAcquireMutex ( &WorkerThreadMutex, NULL); 
40346| Debug(DEBUG_DEVSUP,( M FailRequestForVolume: Got 

| mutex\n M )); 
40347| // only set error once.. 
40348| if(!SnapShot->MasterSnapShot->Status) { 
40349| Debug(DEBUG_DEVSUP,("FailRequestForVolume: 

| failing\n")); 

40350| SnapShot->MasterSnapShot->Status = Error; 
40351 1 // minimize the amount of time we are in here, 

| as our threads 
40352| // can not do anything, including exit. 
40353| DoCallBacks = TRUE; 
40354| } 
40355| 

40356| pmReleaseMutex ( &WorkerThreadMutex ); 
40357| 

40358| // ok, now call the registered callbacks. 

40359| if(DoCallBacks) { 

40360| pOTJJSER User=NULL; 

40361 1 

40362| Debug(DEBUG_DEVSUP,("FailRequestForVolume: 

| Marking snapshots\n")); 
40363| MarkAIISnapShotsWithErrorForVolume( Snapshot, 

| Error); 
40364| 

40365| Debug(DEBUG_DEVSUP,("FailRequestForVolume: 

| Doing callbacks\n")); 
40366| if((gLogErrors) && 

| (Error!=PSM_CANCELED_BY_USER) && 

| (Error!=STATUS_SUCCESS)) { 



40367| WCHAR ErrorStr[10]; 

40368| WCHAR *Strings[1]; 

40369| swprintf(ErrorStr,L"%08x",Error); 

40370| StringsfO] = ErrorStr; 

40371 | 

40372| Debug(DEBUG_DEVSUP,("FailRequestForVolume: 

| Logging error %08x\n", Error)); 
40373| switch (Error) { 

40374| case PSM_ERROR_CACHEFILE_FULL: { 

40375| Hint -save -e740 7 

40376| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_CACHEFILE_FULL,PSM_ERROR_CACHEFILE_FULL,NULL,0,NULL,0) 

I ; 

40377| /-lint -restore 7 

40378| break; 
40379 1 } 
40380 1 

40381 1 default: 

40382| Hint -save -e740 7 

40383 1 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_DISA 

| BLED_ERROR,Error,NULL,0,Strings,1); 
40384| Hint -restore 7 

40385| } 
40386| } 
40387| 

40388| if(GlobalData->NumActive) { 
40389| HANDLE TempHandle; 

40390| pmStartThread( 
40391 | 

| (PKSTART_ROUTINE)DeleteAIISnapShotsForVolume, // IN 

| PKSTART_ROUTINE StartRoutine, 
40392| SnapShot->DeviceObject, 

| // IN PVOID StartContext 
40393| STempHandle // OUT 

| PHANDLE ThreadHandle, 
40394| ); 

40395| ZwClose(TempHandle); 

40396| } 

40397| 

40398| // fixfixfix we need to set the error events 

| for the snapshots 
40399 1 } 

40400| Debug(DEBUG_DEVSUP,("FailRequestForVolume: Leaving 

| FailRequesfAn")); 
40401 1 
40402 1 } 
40403 1 

40404| // decides what action should be taken based on 



I snapshot and error 
40405| void FailRequest( pkSnapShotEntry Snapshot, NTSTATUS 

| Error ) 
40406| { 

40407| if(SnapShot) { 
40408| switch(Error) { 

40409| case PSM_ERROR_CACHEFILE_FULL : 

40410| FailRequestForVolume(SnapShot,Error); 

4041 1 1 break; 

40412| default: 

40413| break; 

40414| } 

40415| }else{ 

4041 6| // global error, not specific to any snapshot 

40417| Fail RequestAII(SnapShot, Error); 

40418| } 

40419| } 

40420| 

40421 | 

40422| char *CopyFileNameOnly( char *Buffer, char *Path ) 
40423 1 { 

40424| char *p = strrchr(Path,'\Y); 
40425| if( !p ) { 
40426| p = Path; 
40427| } 

40428| if(strlen(p)>12) { 
40429| p+=strlen(p)-12; 
40430 1 } 

40431 1 strcpy(Buffer,p); 

40432 1 return Buffer; 

40433 1 } 

40434| 

40435| 

40436| void SbTrace2 ( char *Code, ULONG Arg1, ULONG Arg2, 
| ULONG Arg3, ULONG Arg4, PCHAR Msg, char *File, ULONG 
| Line ) 

40437| { 

40438| CHAR FileName[20]; 
40439 1 

40440 1 if (Psm Active) { 

40441 1 Debug(DEBUG_TRACE,("%-20.20s> %-13.13s %5d: 

| %08x %08x %08x %08x %s\n", 
40442 1 Code, 

40443| CopyFileNameOnly(FileName, File), Line, 

40444| Arg1, 

40445| Arg2, 

40446| Arg3, 

40447| Arg4, 

40448| Msg 

40449| )); 



40450| } 
40451 1 } 
40452 1 

40453| #ifdef SYNC 

40454| #define SB_DESIRED_ACCESS (FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE) 
40455| #else 

40456| #define SB_DESIRED_ACCESS (STANDARD_RIGHTS_WRITE | 

W 

40457| FILE_WRITE_DATA | 

|\ 

40458| FILE_WRITE_ATTRIBUTES | 

|\ 

40459| FILEWRITEEA | 

|\ 

40460| FILE_APPEND_DATA | 

|\ 

40461| STANDARD_RIGH TS_R E A D | 

|\ 

40462| F I L E_R E A D_D AT A | 

|\ 

40463| FILE_READ_ATTRIBUTES | 

|\ 

40464| FILEREADEA) 

40465| #endif 

40466| 

40467| #define AsyncMode 0 
40468| #define SyncMode 1 
40469 1 
40470 1 

40471 1 NTSTATUS SbCreate Directory ( const WCHAR 

| * Directory Name, PSECURITY_DESCRIPTOR SD, ULONG 
| Attributes ) 

40472 1 { 

40473| UNICODE_STRING UniName={0}; 
40474| WCHAR Buffer[200]; 

40475| OBJECT ATTRIBUTES ObjectAttributes={0}; 
40476| IO_STATUS_BLOCK loStatus; 
40477| HANDLE FileHandle; 
40478| NTSTATUS Status; 
40479 1 

40480| wcscpy(Buffer,DirectoryName); 
40481 1 if(Buffer[wcslen(Buffer)-1]!=L'\V) { 
40482| wcscat(Buffer,L M \\ M ); 
40483 1 } 

40484| RtllnitUnicodeString(&UniName,Buffer); 
40485| 

40486| InitializeObjectAttributes ( &ObjectAttributes, 

40487| &UniName, 

40488| OBJ_CASE_INSENSITIVE, 



NULL, 
SD); 

Status = ZwCreateFile( SFileHandle, 
GENERIC_WRITE, 



SObjectAttributes, 



40489| 
40490| 
40491 | 
40492 1 
40493| 

| // desired access 
40494| 

| // object attributes 
40495| 
40496| 

| alloc size 
40497| 

| attributes 
40498| 

| FILE_SHARE_READ, 

| access 
40499| 

| // create disposition 
40500 1 
40501 1 

| options 
40502 1 



&loStatus, 
NULL, 

Attributes, 



// 



// file 



FILE_SHARE_WRITE | 
// share 

FILECREATE, 

FILE_DIRECTORY_FILE| 
0, // create 



NULL, //eabuffer 
0 ); // ealength 
if(NT_SUCCESS(Status)) { 
ZwClose(FileHandle); 



40503 1 
40504| 
40505| 
40506| } 

40507| return Status; 
40508| } 
40509 1 
40510| 

4051 1 1 NTSTATUS SbTouch Volume ( const WCHAR *VolumeName ) 
40512| { 

UNICODE_STRING UniName={0}; 
WCHAR *Buffer=(WCHAR*)MemAllocateString(256); 
OBJECT_ATTRIBUTES ObjectAttributes={0}; 
IO_STATUS_BLOCK loStatus; 
HANDLE FileHandle; 
NTSTATUS Status; 



40513| 
40514| 
40515| 
40516| 
40517| 
40518| 
40519| 
40520| 
40521 | 
40522 1 



if(IBuffer) { 

return STATUS_INSUFFICIENT_RESOURCES; 

} 



40523| 

40524| #ifdef DEBUG 

40525| if(lsSnapShotAcquiredForWrite()) { 
40526| // the reason this is bad is that we have the 
| writer lock 

40527| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
40528| // thus producing a deadlock, to fix it, dont 



I call with writer lock 
40529| // which you can do by spinning off whatever 

| you are trying to do to a 
40530| // worker thread. 

40531 1 Debug(DEBUG_DCPSM,( M SbTouchVolume: Snapshot 

| resource acquired for write!\n")); 
40532| DbgBreakPoint(); 
40533 1 } 
40534| #endif 
40535| 

40536| wcscpy(Buffer,VolumeName); 
40537| if(Buffer[wcslen(Buffer)-1]!=L'\Y) { 
40538| wcscat(Buffer,L M \V); 
40539 1 } 

40540| RtllnitUnicodeString(&UniName, Buffer); 
40541 | 

40542| InitializeObjectAttributes ( &ObjectAttributes, 

40543| &UniName, 

40544| OBJ_CASE_INSENSITIVE, 

40545| NULL, 

40546| NULL ); 

40547| 

40548| Status = ZwCreateFile( &FileHandle, 
40549| GENERIC_READ, 

| // desired access 
40550 1 &ObjectAttributes, 

| // object attributes 
40551 1 &loStatus, 
40552| NULL, // 

| alloc size 

40553| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
40554| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share 

| access 

40555| FILE_OPEN, 

| // create disposition 
40556| FILE_DIRECTORY_FILE| 
40557| 

| Fl LE_OPEN_FOR_BACKU P_l NTENT, //create 
| options 

40558| NULL, //eabuffer 

40559 1 0); //ealength 

40560| if(NT_SUCCESS(Status)) { 
40561 1 ZwClose(FileHandle); 
40562 1 } 

40563 1 MemFreeString(Buffer); 
40564 1 return Status; 
40565| } 
40566| 



40567| /* 



40568| NTSTATUS SbGetAsyncEvent ( 
40569| HANDLE &EventHandle, 
40570| PVOID &EventObject ) 
40571 1 { 

40572| NTSTATUS Status=STATUS_SUCCESS; 
40573 1 

40574| PAG E DCOD E () ; 
40575| 

40576| EventHandle = INVALID_HANDLE_VALUE; 

40577| EventObject = NULL; 

40578| 

40579| Status = ZwCreateEvent ( 

40580| &EventHandle, // OUT PHANDLE EventHandle, 
40581 1 0, // IN ACCESS_MASK Desired Access, 

40582| NULL, // IN POBJECT ATTRIBUTES 

| ObjectAttributes, 
40583| SynchronizationEvent, // IN EVENT_TYPE 

| EventType, 

40584| FALSE // IN BOOLEAN Initial Event State 

40585| ); 

40586| 

40587| 

40588| if ( NT_SUCCESS( Status ) ) { 
40589 1 // Get a Object handle so we can wait on 
| requests... 

40590| Status = ObReferenceObjectByHandle( 
40591| EventHandle, //IN HANDLE Handle, 

40592| SB_DESIRED_ACCESS, // IN ACCESS_MASK 

| DesiredAccess, 
40593| NULL, // IN POBJECT_TYPE 

| ObjectType, // optional 

40594| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
40595| &EventObject, //OUT PVOID *Object, 

40596| NULL //OUT 

| POBJECTJHANDLEJNFORMATION Handlelnformation // 

| optional 
40597| ); 
40598| 

40599| if ( NT_SUCCESS( Status ) ) { 
40600| Debug(DEBUG_DEVSUP,( M SbGetAsyncEvent: 
| EventHandle=%08x, 

| EventObject=%08x\n", EventHandle, EventObject)); 
40601 1 ASSERT(lsValidHandle(EventHandle)); 
40602| ASSERT(EventObject != NULL); 

40603| return STATUS_SUCCESS; 

40604| } else { 

40605| Debug(DEBUG_DEVSUP,( M SbGetAsyncEvent: Error 



I %08x Unable to get object\n",Status)); 



40606| } 

40607| ZwClose(EventHandle); 

40608| EventHandle = INVALIDHANDLEVALUE; 

40609| EventObject = NULL; 

40610| }else{ 

4061 1 1 Debug(DEBUG_DEVSUP,("SbGetAsyncEvent: Error %08x 



| Unable to create event\n",Status)); 
40612| } 
40613| 

40614| //Failure... 

40615| ASSERT(!NT_SUCCESS(Status)); 

40616| ASSERT(EventHandle == INVALID_HANDLE_VALUE); 

4061 7| ASSERT(EventObject == NULL); 

40618| return Status; 

40619| } 

40620| 

40621 1 r 



40622| NTSTATUS SbWriteAndWait ( 



40623| pPsmFilelnfo Info, 

40624| PIO_STATUS_BLOCK loStatus, 

40625| PCVOID Buffer, 

40626| ULONG ByteCount, 

40627| PLARGE_INTEGER Location 

40628| ) 



40629 1 { 

40630| NTSTATUS Status=0; 
40631 | 

40632| PAGED_CODE(); 

40633| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
40634| 

40635| loStatus->Status = STATUS_PENDING; 

40636| loStatus->lnformation = Oxffffffff; 

40637| 

40638| #ifdef NOWRITE 
40639 1 if(1){ 

40640| LARGE_INTEGER TimeToWait; 
40641 | 

40642| Status = 0; 
40643 1 

40644| TimeToWait.QuadPart = 

| RELATIVE(SECONDS(((Location->QuadPart/512) & 
I0xl)+1)); 

40645| KeDelayExecutionThread( 

40646| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE WaitMode, 
40647| FALSE, // IN BOOLEAN Alertable, 

40648| &TimeToWait // IN PLARGE INTEGER Interval 



40649| ); 
40650| } 
40651 1 #else 

40652| // FILE WRITE THROUGH will not return till data is 
40653 1 //written... 

40654| ASSERT ( lsValidHandle(lnfo->WaitHandle) ); 
40655| ASSERT ( lsValidHandle(lnfo->WaitObject) ); 
40656| 

40657| Status = ZwWriteFile( 

40658| lnfo->FileHandle, // IN HANDLE FileHandle, 
40659| lnfo->WaitHandle, // IN HANDLE Event, 
| optional 

40660| NULL, // IN PIO_APC_ROUTINE 

| ApcRoutine, optional 
40661 1 NULL, // IN PVOID ApcContext, 

| optional 

40662| loStatus, // OUT PIO_STATUS_BLOCK 

| loStatusBlock, 
40663| (PVOID)Buffer, // IN PVOID Buffer, 
40664| ByteCount, // IN ULONG Length, 
40665| Location, // IN PLARGEJNTEGER 

| ByteOffset, optional 
40666| NULL // IN PULONG Key 

| optional 
40667| ); 
40668| 

40669| if ( Status != STATUS_SUCCESS ) { 
40670| Debug(DEBUG_DEVSUP,("!M! SbWriteAndWait: 
| Status=%08x, 

| FileHandle=%08x\n",Status,lnfo->FileHandle)); 
40671 1 ASSERT(Status!=0xc0000024); // trying to catch 
I bug 

40672| //ASSERT ( Status == STATUS_SUCCESS ); //it's 

| gonna fail, but get attention! 
40673 1 } 
40674| 

40675| if (Status == STATUS_PENDING) { 

40676| ASSERT(KeGetCurrentlrql() < D I S P ATC H_L E V E L) ; 

40677| pmWaitForSingleObject(lnfo->WaitObject, NULL); 

40678| Status = loStatus->Status; 

40679 1 } 

40680| 

40681 1 #endif 
40682 1 

40683 1 return Status; 

40684| } 

40685| 

40686| /* 

| */ 

40687| NTSTATUS SbReadAndWait ( 



40688| pPsmFilelnfo Info, 

40689| PIO_STATUS_BLOCK loStatus, 

40690| PVOID Buffer, 

40691 1 ULONG ByteCount, 

40692| PLARGEJNTEGER Location 

40693| ) 



40694| { 

40695| NTSTATUS Status=0; 
40696| 

40697| PAGED_CODE(); 

40698| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
40699 1 

40700| loStatus->Status = STATUS_PENDING; 

40701 1 loStatus->lnformation = Oxffffffff; 

40702| 

40703| ASSERT ( lsValidHandle(lnfo->WaitHandle) ); 
40704| ASSERT ( lsValidHandle(lnfo->WaitObject) ); 
40705| 

40706| Status = ZwReadFile( 

40707| lnfo->FileHandle, // IN HANDLE FileHandle, 
40708| lnfo->WaitHandle, // IN HANDLE Event, 
| optional 

40709| NULL, // IN PIO_APC_ROUTINE 

| ApcRoutine, optional 
40710| NULL, // IN PVOID ApcContext, 

| optional 

4071 1 1 loStatus, // OUT PIO_STATUS_BLOCK 

| loStatusBlock, 
40712| Buffer, // IN PVOID Buffer, 
40713| ByteCount, // IN ULONG Length, 
40714| Location, // IN PLARGEJNTEGER 

| ByteOffset, optional 
40715| NULL // IN PULONG Key 

| optional 
40716| ); 
40717| 

40718| if ( Status != STATUS_SUCCESS ) { 
40719| Debug(DEBUG_DEVSUP,("!M! SbReadAndWait: 
| Status=%08x, 

| FileHandle=%08x\n",Status,lnfo->FileHandle)); 
40720| ASSERT(Status!=0xc0000024); // trying to catch 
I bug 

40721 1 //ASSERT ( Status == STATUS_SUCCESS ); //it's 

| gonna fail, but get attention! 
40722 1 } 
40723 1 

40724| if (Status == STATUS_PENDING) { 

40725| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 

40726| pmWaitForSingleObject(&lnfo->WaitObject, NULL); 



40727| Status = loStatus->Status; 

40728| } 

40729| 

40730| return Status; 

40731| } 

40732| 

40733| /* 



40734| void SbGetRegistrySettings ( IN PUNICODE_STRING 

| RegistryPath ) 
40735| { 

40736| PAG E D_CO D E () ; 

40737| 

40738| 

| Reg_GetULONGKey(RegistryPath,L"FailFreed",1 ,&gFailFreed) 



40740 1 

| Reg_GetULONGKey(RegistryPath,L"LogErrors",1 ,&g Log Errors) 

I ; 

40741 | 
40742 1 

| Reg_GetULONGKey(RegistryPath,L"LogOpenClose",1 ,&gl_ogOpen 
| Close); 
40743 1 

40744| // allow 1 -1 000 threads 
40745| 

| Reg_GetULONGKey(RegistryPath,L"NumThreads M ,NUMTHREADS_DE 

| F,&NumberOfThreads); 
40746| if(NumberOfThreads<NUMTHREADS_MIN) { 
40747| NumberOfThreads = NUMTHREADS_MIN; 
40748| } 

40749| if(NumberOfThreads>NUMTHREADS_MAX) { 
40750| NumberOfThreads = NUMTHREADS_MAX; 
40751 1 } 
40752 1 

40753| // allow 1 -5000000 microseconds (5 seconds) 
40754| // this is number of microseconds in the registry 
40755| 

| Reg_GetULONGKey(RegistryPath,L"NewThreadStartDelay",NEWT 

| HREADDELAY_DEF,&NewThreadStartDelay); 
40756| if(NewThreadStartDelay<NEWTHREADDELAY_MIN) { 
40757| N ewTh read Start De I ay = N E WTH R E A D D E L A Y_M I N ; 
40758| } 

40759| if(NewThreadStartDelay>NEWTHREADDELAY_MAX) { 
40760| N ewTh read Start De I ay = N EWTH R E A D D E L A Y_M AX ; 
40761 1 } 
40762 1 

40763| // allow 1 -1 000 threads 
40764| 



I Reg_GetULONGKey(RegistryPath,L"MaxThreads",MAXTHREADS_DE 

| F,&MaxThreads); 
40765| if(MaxThreads<NumberOfThreads) { 
40766| MaxThreads = NumberOfThreads; 
40767| } 

40768| if (MaxThreads>MAXTH READS_MAX) { 
40769| MaxThreads = MAXTHREADS_MAX; 
40770| } 
40771 | 
40772 1 

| Reg_GetULONGKey(RegistryPath,L"DoPagingFile M ,0,&DoPaging 
I File); 

40773| if (DoPagingFile>1 ) { 

40774| DoPagingFile=1 ; 

40775| } 

40776| 

40777| 

| Reg_GetULONGKey(RegistryPath,L"CreateOptions M ,CREATEOPTI 
| ONS_DEF,&PSManCreateOptions); 
40778| 

| Reg_GetULONGKey(RegistryPath,L"OpenOptions",OPENOPTIONS_ 

| DEF,&PSManOpenOptions); 
40779 1 
40780 1 

| Reg_GetULONGKey(RegistryPath,L"FillOnWrite M ,FILLONWRITES 
| _DEF,&PSManFillOnWrite); 
40781 | 

40782| // this is number of microseconds in the registry 
40783 1 

| Reg_GetULONGKey(RegistryPath,L"HungSystemTimeOut M ,HUNGSY 

| STEMTIMEOUT_DEF,&gHungSystemTimeOut); 
40784| if(gHungSystemTimeOut<HUNGSYSTEMTIMEOUT_MIN) { 
40785| gHungSystemTimeOut=HUNGSYSTEMTIMEOUT_MIN; 
40786| } 

40787| if(gHungSystemTimeOut>HUNGSYSTEMTIMEOUT_MAX) { 

40788| gHungSystemTimeOut=HUNGSYSTEMTIMEOUT_MAX; 

40789 1 } 

40790| 

40791| } 

40792| 

40793| extern "C" { 
40794| //from ntifs.h 
40795| NTSYSAPI 
40796| BOOLEAN 
40797| NTAPI 
40798| RtlValidSid ( 
40799| PSIDSid 
40800| ); 
40801 1 NTSYSAPI 
40802| NTSTATUS 



40803| NTAPI 
40804| RtlCreateAcI ( 



40805| PACL Acl, 

40806| ULONG AclLength, 

40807| ULONG AclRevision 

40808| ); 



40809| NTSYSAPI 

40810| NTSTATUS 

40811| NTAPI 

40812| Rtl Add AccessAI lowed Ace ( 



40813| PACL Acl, 

40814| ULONG AceRevision, 

4081 5| ACCESS_MASK Access Mask, 

40816| PSIDSid 

40817| ); 

40818| 



40819| #define SECURITY NT AUTHORITY 

| {0,0,0,0,0,5} // ntifs 
40820| #define DOMAIN_GROUP_RID_ADMINS 

| (0x00000200L) 
40821 1 #define SECURITY_LOCAL_SYSTEM_RID 

| (0x0000001 2L) 
40822| #define SECURITY_BUILTIN_DOMAIN_RID 

| (0x00000020L) 
40823| #define DOMAIN_ALIAS_RID_ADMINS 

| (0x00000220L) 
40824| } 
40825| 
40826| /* 

40827| ROBLAPTOPVrob is S-1 -5-21 
40828| NT AUTHORITYVsystem is S-1 -5-1 8 
40829 1 

40830| The following rights are assigned to the security 

| descriptor returned 
40831| 

40832| System : Full control 
40833| Administrator : Read attributes 



40834| Write attributes 

40835| Delete 

40836| Read permissions 

40837| Change permissions 

40838 1 Take o wne rs h i p 



40839| 7 

40840| PSECURITY_DESCRIPTOR SbGetAdminOnlySD( ) 
40841 1 { 

40842| NTSTATUS Status; 
40843| PSID adminSid; 
40844| PSID systemSid; 
40845| PACL Acl; 

40846| PSECURITY_DESCRIPTOR SecurityDescriptor; 



40847| ULONG system Sid Length; 

40848| SID_IDENTIFIER_AUTHORITY systemSidAuthority = 

| SECURITY_NT_AUTHORITY; 
40849| ULONG ad minS id Length; 

40850| SID_IDENTIFIER_AUTHORITY adminSidAuthority = 

| SECURITY_NT_AUTHORITY; 
40851 | 
40852 1 // 

40853 1 // Initialize buffer pointers 
40854| // 

40855| SecurityDescriptor = (PSECURITY_DESCRIPTOR) 
| MemAllocatePoolWithTag( NonPagedPool, 4096, 
| PSM_SECURITY_TAG ); 

40856| 

40857| if(SecurityDescriptor) { 

40858| systemSidLength = RtlLengthRequiredSid( 1 ); 
40859| adminSidLength = RtlLengthRequiredSid( 2 ); 
40860| systemSid = (PSID) 

| (((char*)SecurityDescriptor)+1 024); 
40861| adminSid = (PSID) 

| (((char*)systemSid)+systemSidLength); 
40862| Acl = (PACL)(((char*)adminSid)+adminSidLength); 
40863| 

40864| // 

40865| // Create an absolute-form security descriptor 

| for manipulation. 
40866| // The one on the security descriptor is in 

| self-relative form. 
40867| // 

40868| Status = RtlCreateSecurityDescriptor( 

| SecurityDescriptor, SECURITY_DESCRIPTOR_REVISION ); 
40869| 

40870| if( NT_SUCCESS( Status ) ) { 
40871 1 // 

40872| // Initialize a SID that identifies the 

| world-authority 
40873 1 // 

40874| RtllnitializeSid( systemSid, 

| &systemSidAuthority, 1 ); 
40875| RtllnitializeSid( adminSid, 

| &adminSidAuthority, 2 ); 
40876| *RtlSubAuthoritySid( systemSid, 0 ) = 

| SECURITY_LOCAL_SYSTEM_RID; 
40877| *RtlSubAuthoritySid( adminSid, 0 ) = 

| SECURITY_BUILTIN_DOMAIN_RID; 
40878| *RtlSubAuthoritySid( adminSid, 1 ) = 

| DOMAIN_ALIAS_RID_ADMINS; 
40879 1 
40880 1 

40881 1 Status = RtlCreateAcI ( 



40882| Acl, // IN PACL Acl, 

40883| 1024, // IN ULONG AclLength, 

40884| ACL_REVISION// IN ULONG AclRevision 

40885| ); 

40886| 

40887| if(NT_SUCCESS(Status)) { 

40888| Status = RtlAddAccessAllowedAce( 

40889| Acl, // IN OUT PACL Acl, 

40890| ACL_REVISION, // IN ULONG 

| AceRevision, 
40891 1 SPECIFIC_RIGHTS_ALL | 

| STANDARD_RIGHTS_ALL, // IN ACCESS_MASK AccessMask, 
40892| systemSid// IN PSID Sid 

40893 1 ); 

40894| if(NT_SUCCESS(Status)) { 

40895| Status = RtlAddAccessAllowedAce( 

40896| Acl, // IN OUT PACL Acl, 

40897| ACL_REVISION, // IN ULONG 

| AceRevision, 
40898| STANDARD_RIGHTS_ALL | 

40899| STANDARD_RIGHTS_REQUIRED | 

40900| SYNCHRONIZE | 

40901 1 FILE_ADD_FILE | // this is so 

| we can create files in the directory 
40902| FILE_READ_ATTRIBUTES | 

40903| FILE_WRITE_ATTRIBUTES, // IN 

| ACCESS_MASK AccessMask, 
40904| adminSid// IN PSID Sid 

40905| ); 
40906| 

40907| Status = 

| RtlSetDaclSecurity Descriptor 
40908| SecurityDescriptor, // IN OUT 

| PSECURITY_DESCRIPTOR SecurityDescriptor, 
40909| TRUE, // IN BOOLEAN 

| DaclPresent, 
40910| Acl, //IN PACL Dad 

| OPTIONAL, 
4091 1 1 FALSE // IN BOOLEAN 

| DaclDefaulted OPTIONAL 
40912| ); 

40913| if(NT_SUCCESS(Status)) { 

40914| 

| Debug(DEBUG_DEVSUP,("SbAssignAdminRightsOnly: Valid 

| descriptor^", Status)); 
40915| return SecurityDescriptor; 

40916| }else{ 
40917| 

| Debug(DEBUG_DEVSUP,( M SbAssignAdminRightsOnly: SetDacI 
| failed %08x\n",Status)); 



40918| } 
40919| }else{ 
40920| 

| Debug(DEBUG_DEVSUP,( M SbAssignAdminRightsOnly: AddAce 

| failed %08x\n M ,Status)); 
40921| } 
40922| } else { 

40923| 

| Debug(DEBUG_DEVSUP,("SbAssignAdminRightsOnly: CreateAcI 

| failed %08x\n M ,Status)); 
40924| } 
40925| 

40926| } else { 
40927| 

| Debug(DEBUG_DEVSUP,( M SbAssignAdminRightsOnly: Unable to 
| initialize security descriptor %08x\n", Status)); 
40928| } 

40929| MemFreePool(SecurityDescriptor); 
40930| } else { 

40931 1 Status = STATUS_INSUFFICIENT_RESOURCES; 
40932| Debug(DEBUG_DEVSUP,("SbAssignAdminRightsOnly: 

| out of memory for SD %08x\n", Status)); 
40933 1 } 

40934| return NULL; 

40935| } 

40936| 

40937| #if _WIN32_WINNT<0x0500 

40938| #define PsGetVersion(a,b,c,d) (*(c)=1381) 

40939 1 #endif 

40940 1 

40941 1 I* 

40942| It appears under Whistler (build >2250) that 
| ntdll.dll is no longer mapped into the system process 
| space 

40943| so we can not longer call the passed in function 
| from a system thread (it would be ok if in the callers 
| context though) 

40944| 

40945| To work around this, we just take the normal 

| preamble and get the system index number for 

| ZwFlushBuffersFile 
40946| (We do this because the index changes with every 

| service pack) 
40947| 

40948| For every processor archtecture we need to have 

| code here to check for it. 
40949| This also would happen if Microsoft changed how 

| they call NT functions in future releases 
40950 1 7 
40951 | 



40952| #if_X86_ 

40953| // this function is not in the ntoskrnl.lib file, i 

| dont know how to add it, so lets call it direct 
40954| //NTSYSAPI NTSTATUS NTAPI ZwFlushBuffersFile ( IN 

| HANDLE FileHandle, OUT PIO_STATUS_BLOCK loStatusBlock 

I); 

40955| 

40956| /* 



40957| Hint -save -e533 -e144 -e715 7 
40958| STATIC ULONG X86_Flush_lndex; 
40959| STATIC ULONG X86_Shutdown_lndex; 
40960 1 

40961 1 _declspec ( naked ) NTSTATUS NTAPI 

| ZwFlushBuffersFileX86 ( IN HANDLE FileHandle, OUT 
| PIO_STATUS_BLOCK loStatusBlock ) 

40962 1 { 

40963 1 _asm { 

40964| mov eax,X86_Flush_lndex //; 

| NtFlushBuffersFile call number 
40965| lea edx,dword ptr [esp+4] //; Load effective 

| addr 

40966| int 2Eh //; System call 

40967| retn 8 //; Must have ret 

| with naked functions 
40968| } 
40969 1 } 
40970 1 

40971 1 Hint -restore 7 
40972| #endif 
40973 1 

40974| NTSTATUS GrablndexNumber( PVOID UserModePointer, ULONG 

| &lndexNumber ) 
40975| { 

40976| // whistler way 
40977| #if _X86_ 

40978| unsigned char *Buffer=(unsigned 

| char*)UserModePointer; 
40979| #ifdef DEBUG 

40980| Debug(DEBUG_DEVSUP,("Dump of user mode space\n")); 

40981 1 Debug(DEBUG_DEVSUP,(" %02x%02x%02x%02x 
| %02x%02x%02x%02x-%02x%02x%02x%02x 
| %02x%02x%02x%02x\n",Buffer[0x00],Buffer[0x01],Buffer[0x0 
| 2] , Buffer[0x03] , Buff er[0x04], Buff er[0x05], Buffer[0x06] , B 
| uffer[0x07],Buffer[0x08],Buffer[0x09],Buffer[0x0a],Buffe 
| r[0x0b],Buffer[0x0c],Buffer[0x0d],Buffer[0x0e],Buffer[0x 
I Of])); 

40982| Debug(DEBUG_DEVSUP,(" %02x%02x%02x%02x 
| %02x%02x%02x%02x-%02x%02x%02x%02x 
| %02x%02x%02x%02x\n M ,Buffer[0x10],Buffer[0x1 1],Buffer[0x1 



I 2] , BuffeifOx 1 3], Buff er[Ox 1 4], Buff er[Ox1 5], Buffer[Ox 1 6] , B 
| uffer[Ox1 7],Buffer[0x1 8],Buffer[0x1 9],Buffer[0x1 a], Buffe 
| r[Ox1 b],Buffer[Ox1c],Buffer[Ox1d],Buffer[Ox1e],Buffer[Ox 

I if])); 

40983| Debug(DEBUG_DEVSUP,(" %02x%02x%02x%02x 
| %02x%02x%02x%02x-%02x%02x%02x%02x 
| %02x%02x%02x%02x\n" , Buff er[0x20] , Buf fer[0x2 1 ] , Buf fe r[0x2 
| 2] , Buffer[0x23], Buff er[Ox24], Buff er[0x25], Buffer[0x26] , B 
| uffer[0x27], Buffer[0x28] , Buffer[0x29], Buffer[0x2a] , Buffe 
| r[0x2b],Buffer[0x2c],Buffer[0x2d],Buffer[0x2e],Buffer[0x 
I 2f])); 

40984| Debug(DEBUG_DEVSUP,(" %02x%02x%02x%02x 
| %02x%02x%02x%02x-%02x%02x%02x%02x 
| %02x%02x%02x%02x\n",Buffer[0x30],Buffer[0x31],Buffer[0x3 
| 2] , Buffer[0x33], Buff er[0x34], Buff er[0x35], Buffer[0x36] ,B 
| uffer[0x37],Buffer[0x38],Buffer[0x39],Buffer[0x3a], Buffe 
| r[0x3b],Buffer[0x3c],Buffer[0x3d],Buffer[0x3e],Buffer[0x 
I 3f])); 

40985| #endif 

40986| 

40987| if((Buffer[0] == Oxb8) && // mov eax, 
40988| (Buffer[5] == Oxba) && // mov edx, 
40989| ((Buffer[1 0] == Oxff) && (Buffer[1 1 ] == 0xd2)) 
| && // call edx 

40990| ((Buffer[1 2] == 0xc2) && (Buffer[1 3] == 0x08)) 

| // ret 8 
40991 1 ) { 

40992| // okay, input is what we expect, lets get the 

| system index number 
40993 1 Buffer++; 

40994| IndexNumber = *(ULONG*)Buffer; 
40995| return STATUS_SUCCESS; 
40996| } else { 
40997| // unknown code.. 

40998| return STATUS_INVALID_SYSTEM_SERVICE; 
40999 1 } 
41000| #else 

41001| return STATUS_INVALID_SYSTEM_SERVICE; 

41002| #endif 

41003| } 

41004| 

41005| 

41 006| // called in the context of the user 

41007| NTSTATUS SetFlushRoutine( PVOID UserModePointer ) 
41008| { 

41009| ULONG Build=0; 

41010| PsGetVersion( NULL,NULL,&Build,NULL ); 
41011| if(Build<=2195) { 
41012| // nt 3.51 , 4 and Windows 2000 way 
41013| ZwFlushBuffersFile = 



I (tZwFlushBuffersFile)UserModePointer; 
41014| }else{ 
41015| // whistler way 
41016| 

| if(NT_SUCCESS(GrablndexNumber(UserModePointer,X86_Flush_ 
I Index))) { 
41017| #ifdef _X86_ 

41018| ZwFlushBuffersFile = ZwFlushBuffersFileX86; 

41019| #else 
41020| #endif 
41021| } 
41022| } 

41 023| return STATUS_SUCCESS; 

41024| } 

41025| 

41 026| // called in the context of the user 
41027| #if 0 

41028| NTSTATUS SetShutdownRoutine( PVOID UserModePointer ) 
41029| { 

41 030| NTSTATUS Status; 
41031| ULONG Build=0; 

41 032| PsGetVersion( NULL, NULL,&Build, NULL ); 
41033| if(Build<=2195){ 
41 034| // nt 3.51 , 4 and Windows 2000 way 
41 035| ZwShutdownSystem = 

| (tZwShutdownSystem)UserModePointer; 
41036| }else{ 
41037| //whistler way 
41038| 

| if(NT_SUCCESS(GrablndexNumber(UserModePointer,X86_Shutdo 
| wnjndex))) { 
41039| #ifdef_X86_ 

41 040| ZwShutdownSystem = ZwShutdownSystemX86; 

41041| #else 
41042| #endif 
41043| } 
41044| } 

41 045| return STATUS_SUCCESS; 

41046| } 

41047| #endif 

41048| 

41049| 

41050| NTSTATUS My Flush Buffers File( HANDLE Handle, 

| PIO_STATUS_BLOCK loStatus ) 
41051| { 

41 052| NTSTATUS Status; 
41053| 

41054| __try{ 

41 055| if(ZwFlushBuffersFile) { 

41 056| // this causes an write access violation 



I for some reason.. 
41057| // 

| ProbeForRead(ZwFlushBuffersFile,4,sizeof(UCHAR)); 
41 058| Status = 

| ZwFlushBuffersFile(HandleJoStatus); 
41059| }else{ 

41 060| Status = STATUS_INVALID_SYSTEM_SERVICE; 

41061| } 
41062| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

41 063| Status = GetExceptionCode(); 

41064| Debug(DEBUG_DEVSUP,("MyFlushBuffersFile: 

| Exception %08x\n M , Status)); 
41065| } 

41066| return Status; 

41067| } 

41068| 

41069| /* 



41070| NTSTATUS SbCreateAndFillFile ( 
41071| const WCHAR *FileName, 
41072| PLARGEJNTEGER Initialize, 
41073| PVOID AbortEvent, 
41074| BYTE Pattern, 
41075| ULONG FillOnWriteOption ) 

41076| { 

41 077| UNICODE_STRING FullFileName={0}; 

41078| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

41 079| NTSTATUS Status=0,Status2=0; 

41 080| IO_STATUS_BLOCK loStatus={0}; 

41 081 1 ULONG CreateOptions=0; 

41082| ULONG Desired Access=0; 

41083| HANDLE FileHandle=NULL; 

41084| FILE END OF FILE INFORMATION EOFInfo={0}; 

41085| FILE_STANDARD_INFORMATION FSInfo={0}; 

41 086| LARGEJNTEGER Location={0}; 

41087| LARGEJNTEGER Timeout={0}; 

41 088| PSECURITY_DESCRIPTOR SD = SbGetAdminOnlySD(); 
41089| 

41090| PAG E D_CO D E () ; 
41091| 

41092| Debug(DEBUG_DEVSUP,( M SbCreateAndFillFile: 

| FileName='%S'\n M ,FileName)); 
41093| // 

| Reg_GetULONGKey(&gRegistryPath,L"FillOnWrite M ,FILLONWRIT 
| ES_DEF,&PSManFillOnWrite); 
41094| 

41095| #ifdef DEBUG 

41 096| if(lsSnapShotAcquiredForWrite()) { 

41 097| // the reason this is bad is that we have the 



I writer lock 

41 098| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
41 099| // thus producing a deadlock, to fix it, dont 

| call with writer lock 
41 1 00| // which you can do by spinning off whatever 

| you are trying to do to a 
41101| //worker thread. 

41 1 02 1 Debug(DEBUG_DCPSM,( ,, SbCreateAndFillFile: 

| Snapshot resource acquired for write!\n")); 
41103| DbgBreakPoint(); 
41104| } 
41105| #endif 
41106| 

41 1 07\ RtllnitUnicodeString( &FullFileName, FileName ); 
41108| 

41 1 09| InitializeObjectAttributes ( &ObjectAttributes, 

41110| &FullFileName, 

41 1 1 1 1 OBJ_CASE_INSENSITIVE, 

41112| NULL, 

41113| SD); 

41114| 

41115| CreateOptions = FILE_SYNCHRONOUS_IO_NONALERT | 

| FILE WRITE THROUGH | FILE SEQUENTIAL ONLY; 
41116| // FILE_NO_COMPRESSION | 

41117| // FILE_WRITE_THROUGH | 

41118| // FILE_NOJNTERMEDIATE_BUFFERING; 
41119| 

41120| if(PSManCreateOptions) { 

41 121 1 CreateOptions |= PSManCreateOptions; 

41122| } 

41123| 

41124| DesiredAccess = (FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE); 
41125| 

41 1 26| Status = ZwCreateFile( &FileHandle, 
41 1 27| DesiredAccess, 

| // desired access 
41 1 28| &ObjectAttributes, 

| // object attributes 
41129| &loStatus, 
41130| InitialSize, 

| // alloc size 

41 1 31 1 FILE_ATTRIBUTE_HIDDEN, 

| // file attributes 
41132| 0, 

| // share access 
41133| FILE_SUPERSEDE, 

| // create disposition 
41134| CreateOptions, 



I // create options 
41135| NULL, //eabuffer 

41136| 0); //ealength 

41137| 

41 138| EOFInfo.EndOfFile = (*lnitialSize); 
41139| 

41 1 40| // free security descriptor 

41141| if(SD){ 

41142| MemFreePool(SD); 

41143| } 

41144| 

41 145| if (NT_SUCCESS(Status)) { 

41 1 46| Status = ZwQuerylnformationFile( 

41147| FileHandle, // IN HANDLE 

| FileHandle, 
41148| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41149| &FSInfo, // IN PVOID 

| Filelnformation, 
41150| sizeof(FILE_STANDARD_INFORMATION), 

| // IN ULONG Length, 
41 151 1 FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41152| ); 
41153| 

41 1 54| // cant have a directory as a file name 
41 155| if(FSInfo. Directory) { 
41 156| ZwClose(FileHandle); 

41157| Status = STATUS_FILE_IS_A_DI RECTORY; 

41 1 58| goto EndOf FileStuff ; 

41159| } 
41160| 

41 1 61 1 Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| AllocSize=%08x%08x\n M 
41162| "After Create 

| EndOfFile=%08x%08x\n" 
41163| 

| NL=%d, DP=%d, Dir=%d, io=%08x, lnf=%08x\n", 
41164| 

| FSInfo.AllocationSize.HighPart, 
41165| 

| FSInfo.AllocationSize.LowPart, 



41 1 66| FSInfo.EndOf File.HighPart, 

41 1 67| FSInfo.EndOf File.LowPart, 

41168| FSInfo.NumberOfLinks, 

41 1 69 1 FSInfo.DeletePending, 

41170| FSInfo. Directory, 
41171| 

| loStatus. Status, loStatus. Information 

41172| )); 



41173| 

41 1 74 1 Status = ZwSetlnformationFile( 

41 1 75| FileHandle, // IN HANDLE 

| FileHandle, 
41176| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41177| &EOFInfo, //IN PVOID 

| Filelnformation, 
41 1 78| sizeof(EOFInfo), // IN ULONG 

I Length, 

41179| FileEndOf Filelnformation //IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41180| ); 
41181| 

41182| if(Status) { 

41183| Debug(DEBUG_DEVSUP,( M SbCreateAndFillFile: 

| Error %08x setting eof\n",Status)); 
41184| } 
41185| 

41 186| Status = ZwQuerylnformationFile( 
41 187| FileHandle, // IN HANDLE 

| FileHandle, 
41188| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41189| &FSInfo, // IN PVOID 

| Filelnformation, 
41190| sizeof(FILESTANDARDINFORMATION), 

| // IN ULONG Length, 
41 191 1 FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41192| ); 
41193| 

41194| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| AllocSize=%08x%08x\n M 
41195| "After Set EOF 

| EndOfFile=%08x%08x\n" 
41196| 

| NL=%d, DP=%d, Dir=%d\n", 
41197| 

| FSInfo.AllocationSize.HighPart, 
41198| 

| FSInfo.AllocationSize.LowPart, 



41199| 


FSInfo.EndOfFile.HighPart, 


41200| 


FSInfo.EndOfFile.LowPart, 


41201| 


FSInfo.NumberOf Links, 


41202| 


FSInfo.DeletePending, 


41203| 


FSInfo. Directory 


41204| 


)); 


41205| 




41206| 





41207| Status = ZwSetlnformationFile( 
41208| FileHandle, // IN HANDLE 

| FileHandle, 
41209| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41210| &EOFInfo, //INPVOID 

| Filelnformation, 
4121 1 1 sizeof(EOFInfo), // IN ULONG 

I Length, 

41212| FileAllocationlnformation //IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41213| ); 
41214| 

41215| if(Status) { 

41216| Debug(DEBUG_DEVSUP,( M SbCreateAndFillFile: 

| Error %08x setting alloc size\n", Status)); 
41217| } 
41218| 

41219| Status = ZwQuerylnformationFile( 
41220| FileHandle, // IN HANDLE 

| FileHandle, 
41221| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41222| &FSInfo, //INPVOID 

| Filelnformation, 
41223| sizeof(FILE_STANDARD_INFORMATION), 

| // IN ULONG Length, 
41224| FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41225| ); 
41226| 

41227| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| AllocSize=%08x%08x\n M 
41228| "After Set Alloc 

| EndOfFile=%08x%08x\n M 
41229| 

| NL=%d, DP=%d, Dir=%d\n", 
41230| 

| FSInfo.AllocationSize.HighPart, 
41231| 

| FSInfo.AllocationSize.LowPart, 



41232| 


FSInfo.EndOfFile.HighPart, 


41233| 


FSInfo.EndOfFile.LowPart, 


41234| 


FSInfo.NumberOf Links, 


41235| 


FSInfo.DeletePending, 


41236| 


FSInfo. Directory 


41237| 


)); 


41238| 




41239| 




41240| 





41241 1 if ( FillOnWriteOption==FILLONWRITE_DISABLED ) 
|{ 

41242| // Do nothing. 

41243| } else if(FillOnWriteOption==FILLONWRITE_ALL) { 
41244| ULONG FillSize = 

| min(65536,EOFInfo.EndOfFile.LowPart); 
41 245| char *Buffer = (char 

| *)MemAllocatePoolWithTag( PagedPool, FillSize, TEMPTAG 

I); 

41246| 

41247| if (Buffer) { 

41 248| memset(Buffer, Pattern, FillSize) ; 

41249| Location.QuadPart = 0; 

41250| Status = STATUS_SUCCESS; 

41251| 

41252| while( 

| (Location. QuadPart<EOFInfo.EndOfFile.QuadPart) && 
41253| (Status == STATUS_SUCCESS)){ 

41254| Retry: 

41 255| Status = ZwWriteFile( 

41256| FileHandle, // IN HANDLE 

| FileHandle, 

41257| NULL, // IN HANDLE Event, 

| optional 

41258| NULL, //IN 

| PIO_APC_ROUTINE ApcRoutine, optional 
41259| NULL, // IN PVOID 

| ApcContext, optional 
41260| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41261| Buffer, //IN PVOID 

| Buffer, 

41262| FillSize, //IN ULONG 

I Length, 

41263| &Location, //IN 

| PLARGEJNTEGER ByteOffset, optional 

41264| NULL // IN PULONG 

| Key optional 

41265| ); 

41266| 

| if(Status==STATUS_INSUFFICIENT_RESOURCES) { 
41267| LARGEJNTEGER TimeToWait={0}; 

41268| 
41269| 

| Debug(DEBUG_DCPSM,("SbCreateAndFillFile: Out of memory 

| from ZwWriteFile, delaying\n")); 
41270| TimeToWait. Quad Part = 

| RELATIVE(SECONDS(1)); 
41271| 

41 272| KeDelayExecutionThread( 



41273| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 

| WaitMode, 
41274| FALSE, 

| // IN BOOLEAN Alertable, 
41275| 

| &TimeToWait // IN PLARGEJNTEGER Interval 
41276| ); 
41277| 
41278| 

41279| goto Retry; 

41280| } 

41 281 1 Location. QuadPart += FillSize; 

41282| 

41283| if(NT_SUCCESS(Status) && 

| (AbortEvent)) { 
41 284| // see if abort event signaled, 

| 0 timeout checks 
41285| Status = 

| pmWaitForSingleObject(AbortEvent,&Timeout); 
41286| if(Status==STATUS_SUCCESS) { 

41 287| // event to cancel was 

| specified! 
41288| Status = 

| PSM_CANCELED_BY_USER; 
41289| }else{ 

41290| Status = STATUS_SUCCESS; 

41291| } 

41292| } 

41293| } 

41294| 

41295| FREEPOINTER(Buffer); 

41296| Debug(DEBUG_DEVSUP,("Done writing to 

| '%S\ status=%08x\n",FileName,Status)); 
41297| Status2 = ZwQuerylnformationFile( 

41298| FileHandle, //IN 

| HANDLE FileHandle, 
41299| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41300| &FSInfo, //IN 

| PVOID Filelnformation, 
41301 1 sizeof(FILE_STANDARD_IN FORMATION), 

| // IN ULONG Length, 
41 302| FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41303| ); 
41304| 
41305| 

| Debug(DEBUG_DEVSUP,( M SbCreateAndFillFile: 
| AllocSize=%08x%08x\n M 



41306| "After fill 

| EndOfFile=%08x%08x\n" 
41307| 

| NL=%d, DP=%d, Dir=%d\n", 
41308| 

| FSInfo.AllocationSize.HighPart, 
41309| 

| FSInfo.AllocationSize.LowPart, 
41310| 

| FSInfo.EndOfFile.HighPart, 
41311| 

| FSInfo.EndOfFile.LowPart, 
41312| 

| FSInfo.NumberOfLinks, 
41313| 

| FSInfo.DeletePending, 
41314| FSInfo. Directory 

41315| )); 
41316| 

41317| }else{ 

41318| Debug(DEBUG_DEVSUP,("Out of memory for 

| writing to '%S'\n M ,FileName)); 
41319| ASSERT(FALSE); 
41320| } 

41 321 1 } else if (FillOnWriteOption==FILLONWRITE_EOF) { 
41322| CHAR Buffer=0; 

41323| //write to end of file 

41324| Location. QuadPart = 

| EOFInfo.EndOfFile.QuadPart- 1; 
41325| 

41 326| Status = ZwWriteFile( 

41327| FileHandle, // IN HANDLE 

| FileHandle, 
41328| NULL, // IN HANDLE 

| Event, [optional] 
41329| NULL, //IN 

| PIO_APC_ROUTINE ApcRoutine, [optional] 
41330| NULL, // IN PVOID 

| ApcContext, [optional] 
41331| &loStatus, //OUT 

| PIO_STATUS_BLOCK lo Status Block, 
41332| &Buffer, // IN PVOID 

| Buffer, 

41333| sizeof(Buffer), // IN ULONG 

I Length, 

41334| &Location, //IN 

| PLARGEJNTEGER ByteOffset, [optional] 

41335| NULL // IN PULONG Key 

| [optional] 

41336| ); 



41337| }else{ 

41338| Debug(DEBUG_DEVSUP,( M SbCreateAndFillFile: 
| Undefined 

| FillOnWriteOption=%08x\n",FillOnWriteOption)); 
41339| ASS E RT( F A LS E) ; 

41340| } 
41341| 

41 342| // flush the data, NTFS seems to keep this 
| stuff around and not actually "extend" the file 

41343| //insp4 

41344| Status2 = 

| MyFlushBuffersFile(FileHandle,&loStatus); 

41345| 

41346| if(!NT_SUCCESS(Status2)) { 

41347| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| Error %08x (%08x) flushing 

| '%S'\n",Status2,loStatus.Status,FileName)); 
41348| }else{ 

41349| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| success flushing '%S'\n",FileName)); 
41350| } 
41351| 

41352| Status2 = ZwQuerylnformationFile( 
41353| FileHandle, // IN HANDLE 

| FileHandle, 
41354| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41355| &FSInfo, // IN PVOID 

| Filelnformation, 
41356| sizeof(FILE_STANDARD_INFORMATION), 

| // IN ULONG Length, 
41357| FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41358| ); 
41359| 

41360| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| AllocSize=%08x%08x\n" 
41361| "After flush 

| EndOfFile=%08x%08x\n" 
41362| 

| NL=%d, DP=%d, Dir=%d\n", 
41363| 

| FSInfo.AllocationSize.HighPart, 
41364| 

| FSInfo.AllocationSize.LowPart, 



41365| FSInfo.EndOfFile.HighPart, 

41366| FSInfo.EndOfFile.LowPart, 

41367| FSInfo.NumberOf Links, 

41368| FSInfo.DeletePending, 

41369| FSInfo. Directory 



413701 )); 

41371| 

41372| 

41373| if(!NT_SUCCESS(Status)) { 

41374| FILE_DISPOSITION_INFORMATION Del={0}; 

41375| 

41 376| // delete file if we could not create it. 

| gets around having 0 length files 
41377| Del. DeleteFile = TRUE; 

41378| Status2 = ZwSetlnformationFile( FileHandle, 

41379| SloStatus, &Del, sizeof(Del), 

41380| FileDispositionlnformation 
41381| ); 

41382| if(NT_SUCCESS(Status2)) { 

41383| 

| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: Success 

| deleting file\n")); 
41384| }else{ 
41385| 

| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: Error %08x 
| (%08x) deleting file\n",Status2,loStatus.Status)); 

41386| } 

41387| } 

41388| 

41 389| // keep the file closed, 
41390| ZwClose(FileHandle); 
41391| FileHandle=NULL; 
41392| } 
41393| 

41394| EndOfFileStuff: 

41395| if(NT_SUCCESS(Status)) { 

41396| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: '%S' 
| created %08x 

| (%08x)\n",FileName,Status,loStatus.Status)); 
41397| }else{ 

41398| Debug(DEBUG_DEVSUP,("SbCreateAndFillFile: 

| Error! Create '%S' returned = %08x 

| (%08x)\n",FileName,Status,loStatus.Status)); 
41399| } 

41400| return Status; 

41401| } 

41402| 

41403| 

41404| 

41405| r 



41406| NTSTATUS SblsADirectory ( const WCHAR *CacheFileName ) 
41407| { 

41408| UNICODE_STRING FullFileName={0}; 
41409| OBJECT_ATTRIBUTES ObjectAttributes={0}; 



41410| NTSTATUS Status=0; 

4141 1 1 IO_STATUS_BLOCK loStatus={0}; 

41412| HANDLE FileHandle=NULL; 

41413| FILE STANDARD INFORMATION FSInfo={0}; 

41414| 

41415| PAG E D_CO D E () ; 
41416| 

41417| RtllnitUnicodeString( &FullFileName, 

| CacheFileName); 
41418| 

41419| InitializeObjectAttributes ( &ObjectAttributes, 

41420| &FullFileName, 

41 421 1 OBJ_CASE_INSENSITI VE, 

41422| NULL, 

41423| NULL); 

41424| 

41425| Status = ZwCreateFile( &FileHandle, 
41426| FILE_GENERIC_READ, 

| // desired access 
41 427| &ObjectAttributes, 

| // object attributes 
41428| &loStatus, 
41429| NULL, // 

| alloc size 

41430| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
41431 1 FILE SHARE WRITE | 

| FILE_SHARE_READ, //share 

| access 

41432| FILE_OPEN, 

| // create disposition 
41433| 

| FILE_SYNCHRONOUS_IO_NONALERT, // create 

| options 

41434| NULL, // eabuffer 

41435| 0); //ealength 

41436| 

41437| if (NT_SUCCESS(Status)) { 
41438| Status = ZwQuerylnformationFile( 
41439| FileHandle, // IN HANDLE 

| FileHandle, 
41440| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
41441| &FSInfo, // IN PVOID 

| Filelnformation, 
41442| sizeof(FILE_STANDARD_INFORMATION), 

| // IN ULONG Length, 
41443| FileStandardlnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
41444| ); 



41445| 

41446| if(FSInfo. Directory) { 

41447| Status = STATU S_F I LE_IS_A_D I RECTORY; 

41448| } 

41449| 

41 450| // keep the file closed, as this routine is to 

| create the cache file 
41451| // not open it.. 
41452| ZwClose(FileHandle); 
41453| FileHandle=NULL; 
41454| } 
41455| 

41456| if((Status!=STATUS_FILE_IS_A_DIRECTORY) && (Status 
| != STATUS_OBJECT_PATH_SYNTAX_BAD)) { 

41457| Debug(DEBUG_DEVSUP,("SblsADirectory: Cache file 
| is not a directory %08x\n", Status)); 

41458| }else{ 

41459| Debug(DEBUG_DEVSUP,("SblsADirectory: Error! 

| cache file is a directory %08x\n", Status)); 
41460| } 

41461| return Status; 

41462| } 

41463| 

41464| r 



41465| NTSTATUS SbDeleteFile( 
41 466| const WCHAR *FileName, 
41467| ULONG File Attributes ) 
41468| { 

41469| UNICODE_STRING FullFileName={0}; 
41470| OBJECT_ATTRIBUTES ObjectAttributes={0}; 
41 471 1 NTSTATUS Status=0; 
41472| IO_STATUS_BLOCK loStatus={0}; 
41473| HANDLE FileHandle=NULL; 
41474| 

4 1 475 1 PAG E D_CO D E () ; 
41476| 

41477| #ifdef DEBUG 

41478| if(lsSnapShotAcquiredForWrite()) { 
41 479| // the reason this is bad is that we have the 
| writer lock 

41480| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
41481 1 // thus producing a deadlock, to fix it, dont 

| call with writer lock 
41 482| // which you can do by spinning off whatever 

| you are trying to do to a 
41 483| // worker thread. 

41484| Debug(DEBUG_DCPSM,("SbDeleteFile: Snapshot 
| resource acquired for write!\n M )); 



41485| DbgBreakPoint(); 
41486| } 
41487| #endif 
41488| 

41489| RtllnitUnicodeString( &FullFileName, FileName); 
41490| 

41 491 1 InitializeObjectAttributes ( &ObjectAttributes, 

41492| &FullFileName, 

41493| OBJ_CASE_INSENSITIVE, 

41494| NULL, 

41495| NULL); 

41496| 

41497| Status = ZwCreateFile( &FileHandle, 
41498| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, // desired access 

41 499 1 &ObjectAttributes, 

| // object attributes 
41500| &loStatus, 
41501| NULL, // 

| alloc size 

41502| FileAttributes, // 

| file attributes 
41503| 0, 

| // share access 
41504| FILE_OPEN, 

| // create disposition 
41505| 

| FILE_SYNCHRONOUS_IO_NONALERT, //create 
| options 

41506| NULL, //eabuffer 

41507| 0); //ealength 

41508| 

41 509| if (NT_SUCCESS(Status)) { 

41510| FILE_DISPOSITION_INFORMATION Del={0}; 
41511| 

41 51 2| // delete file if we could not create it. gets 

| around having 0 length files 
41513| Del.DeleteFile = TRUE; 
41514| Status = ZwSetlnformationFile( FileHandle, 
41 51 5| &loStatus, &Del, sizeof (Del), 

41 51 6| FileDispositionlnformation 
41517| ); 
41518| 

41519| ZwClose(FileHandle); 
41520| 

41521 1 if ( !NT_SUCCESS(Status) ) { 

41522| Debug(DEBUG_DEVSUP,("SbDeleteFile: 

| ZwSetlnformationFile('%S') returned %08x\n M , Status)); 
41523| } 
41524| }else{ 



41525| Debug(DEBUG_DEVSUP,("SbDeleteFile: 

| ZwCreateFile('%S') returned %08x\n",FileName,Status)); 
41526| } 
41527| 

41 528| if (NT_SUCCESS(Status)) { 

41529| Debug(DEBUG_DEVSUP,("SbDeleteFile: Success 

| deleting file\n M )); 
41530| }else{ 

41531 1 Debug(DEBUG_DEVSUP,("SbDeleteFile: Error %08x 
| (%08x) deleting file 

| , %S , \n" J Status s loStatus.Status s FileName)); 
41532| } 

41533| return Status; 

41534| } 

41535| 

41536| 

41537| extern "C M 
41538| NTSYSAPI 
41539| NTSTATUS 
41540| NTAPI 

41541| ZwWaitForSingleObject( 

41542| IN HANDLE Handle, 

41543| IN BOOLEAN Alertable, 

41544| IN PLARGEJNTEGER Timeout OPTIONAL 

41545| ); 

41546| 

41547| // 

| 

41548| 
41549| 

41550| // NOTE. We needed to do the following nesting delink 
| in a separate thread because it eats up too much stack 

41551 1 // when it's being performed during rebuild on a 
| reboot. 

41552| 

41553| 

41554| typedef struct sDeleteReparselnterface { 
41555| IN const WCHAR *FileName; 
41 556| OUT NTSTATUS Status; 

41557| } tDeleteReparselnterface, *pDeleteReparselnterface; 
41558| /* 



41559| void SbDeleteAIIReparsePointsAndDirThread( 

| tDeleteReparselnterface *IF ) 
41560| { 

41561| UNICODE_STRING FullFileName={0}; 
41562| OBJECT ATTRIBUTES ObjectAttributes={0}; 
41563| // NTSTATUS Status=0; 
41564| IO_STATUS_BLOCK loStatus={0}; 
41565| HANDLE FileHandle=NULL; 



41566| WCHAR NewName[512]; 
41567| 

41568| PAGED_CODE(); 
41569| 

41570| #if DO_ALL_CLEANUP 
41571| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 

| d: path='%S'\n",IF->FileName)); 
41572| #endif /*DO_ALL_CLEANUP7 
41573| 

41574| RtllnitUnicodeString( &FullFileName, IF->FileName); 
41575| 
41576| 
41577| 
41578| 
41579| 
41580| 

41581| #if 1 //what it was 

41582| IF->Status = ZwCreateFile( SFileHandle, 

FILE_TRAVERSE | 
FILE_DELETE_CHILD | 
FILE_READ_ATTRIBUTES | 
FILE_LIST_DIRECTORY, 



InitializeObjectAttributes ( SObjectAttributes, 
SFullFileName, 
OBJ_CASE_INSENSITIVE, 
NULL, 
NULL); 



41583| 
41584| 
41585| 
41586| 

| // desired access 
41587| 

| // object attributes 
41588| 
41589| 

| alloc size 
41590| 

| // file attributes 
41591| 

| // share access 
41592| 

| // create disposition 
41593| 
41594| 
41595| 



&ObjectAttributes, 



SloStatus, 
NULL, 



// 



FILE_ATTRIBUTE_NORMAL, 



0, 



FILEOPEN, 



FILE_DIRECTORY_FILE, 
NULL, //eabuffer 
0 ); // ealength 
41596| #else //what we tried different 
41597| IF->Status = ZwCreateFile( SFileHandle, 



41598| 

| // desired access 
41599| 

| // object attributes 
41600| 
41601| 

| alloc size 
41602| 

| // file attributes 
41603| 



FILE_ALL_ACCESS, 



SObjectAttributes, 



SloStatus, 
NULL, 



// 



FILE_ATTRIBUTE_NORMAL, 



I FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, 
| // share access 



| // create disposition 
41605| 

| FILE_DIRECTORY_FILE|FILE_SYNCHRONOUS_IO_NONALERT, 



41608| #endif 

41609| if (NT_SUCCESS(IF->Status)) { 

41610| FILE_DIRECTORY_IN FORMATION *Fi=NULL; 

41 61 1 1 ULONG NumFound=0; 

41612| ULONG NumSuccessfullyDeleted=0; 

41613| ULONG NumUnsuccessfullyDeleted=0; 

41614| HANDLE Event; 

41615| 

41 61 6| ZwCreateEvent ( 

41 61 7| &Event, // OUT PHANDLE EventHandle, 

41 61 8| EVENTALLACCESS, // IN 

| ACCESS_MASK Desired Access, 
41619| NULL, // IN POBJECT_ATTRIBUTES 

| ObjectAttributes, 
41 620| SynchronizationEvent, // IN EVENT_TYPE 

| EventType, 
41 621 1 FALSE // IN BOOLEAN 

| InitialEventState 
41622| ); 
41623| 
41624| 

41625| ULONG FiSize = 

| sizeof(FILE_DIRECTORY_INFORMATION)+sizeof(WCHAR)*256; 
41626| Fi = 

| (FILE_DIRECTORY_INFORMATION*)MemAllocatePoolWithTag(Page 

| dPool,FiSize,TEMPTAG); 
41627| if(Fi){ 
41628| do{ 

41 629| IF->Status = ZwQueryDirectoryFile( 

41630| FileHandle, 

41631| Event, 

41632| NULL, 

41633| NULL, 

41634| &loStatus, 

41635| Fi, 

41636| FiSize, 

41 637| FileDirectorylnformation, 

41638| TRUE, 

41639| NULL, 

41640| FALSE 



41604| 



FILE_OPEN, 



41606| 
41607| 



NULL, //eabuffer 
0); //ealength 



41641| 
41642| 



); 

if(IF->Status==STATUS_PENDING) { 



41 643| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
41644| 

| ZwWaitForSingleObject(Event,FALSE,NULL); 



41 645| 

41 646| IF->Status = loStatus. Status; 

41647| } 
41 648| 

41649| if(NT_SUCCESS(IF->Status)) { 

41 650| NTSTATUS Status2=0; 

41 651 1 NumFound++; 

41 652| ULONG CharslnFileName = 



| Fi->FileNamel_ength / sizeof(WCHAR); 
41653| 

| swprintf(NewName,L"%-*.*s", CharslnFileName, CharslnFileNa 

| me,Fi->FileName); 
41654| if ( wcscmp(NewName,L". M )!=0 && 

| wcscmp(NewName,L M ..")!=0 ) { 
41 655| // Only delete reparse points 

| so we dont accidently delete data files. 
41 656| // Also delete empty 

| directories because they might be failed junctions. 
41 657| if (Fi->FileAttributes & 

| (FILE ATTRIBUTE REPARSE POINT | 

| FILE_ATTRIBUTE_DIRECTORY)) { 
41658| 

| swprintf(NewName,L"%s\\%-*.*s",IF->FileName,CharslnFileN 
| ame,CharslnFileName,Fi->FileName); 
41659| 

41660| if((Status2= 

| SbDeleteMountPoint(NewName))==0) { 
41 661 1 #if DO_ALL_CLEANUP 

41662| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 
| d: Deleted file 

| '%-*.*S , \n",Fi->FileNameLength/sizeof(WCHAR),Fi->FileNam 

| eLength/sizeof(WCHAR),Fi->FileName)); 
41663| #endif 

| /*DO_ALL_CLEANUP7 
41664| 

| NumSuccessfullyDeleted++; 
41665| }else{ 
41 666| #if DO_ALL_CLEANUP 

41667| 

| Debug(DEBUG_DEVSUP,( M SbDeleteAIIReparsePointsAndDirThrea 
| d: Error %08x deleting file 

| '%-*.*S'\n",Status2,Fi->FileNameLength/sizeof(WCHAR),Fi- 
| >FileNameLength/sizeof(WCHAR),Fi->FileName)); 
41668| #endif 
| /*DO_ALL_CLEANUP7 



41669| 

| NumUnsuccessfullyDeleted++; 
41670| } 
41671| }else{ 
41672| #if DO_ALL_CLEANUP 

41673| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 

| d: Skipping file '%S'\n",NewName)); 
41674| #endif /*DO_ALL_CLEANUP7 

41675| } 
41676| }else{ 
41677| #if DO_ALL_CLEANUP 

41678| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 

| d: Skipping special dir '%S'\n",NewName)); 
41679| #endif /*DO_ALL_CLEANUP7 

41680| } 
41681| } 

41682| } while(IF->Status==0); 

41683| 

41684| MemFreePool(Fi); 

41685| } 

41686| 

41687| ZwClose(Event); 
41688| ZwClose(FileHandle); 
41689| 

41690| #if DO_ALL_CLEANUP 
41691| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 

| d results (Status=%08x):\n",IF->Status)); 
41 692| Debug(DEBUG_DEVSUP,(" Total files found 

| : %d\n",NumFound)); 
41693| Debug(DEBUG_DEVSUP,(" Number deleted 

| : %d\n",NumSuccessfullyDeleted)); 
41 694| Debug(DEBUG_DEVSUP,(" Number not deleted 

| : %d\n",NumUnsuccessfullyDeleted)); 
41 695| #endif /*DO_ALL_CLEANUP7 
41696| } 
41697| 

41698| #ifdef DEBUG 

41699| #if DO_ALL_CLEANUP 

41700| if(NT_SUCCESS(IF->Status)) { 

41701| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 

| d: Success deleting file\n")); 
41702| }else{ 
41703| 

| Debug(DEBUG_DEVSUP,("SbDeleteAIIReparsePointsAndDirThrea 
| d: Error %08x (%08x)\n",IF->Status,loStatus.Status)); 
41704| } 



41705| #endif /*DO_ALL_CLEANUP7 
41706| #endif r DEBUG*/ 
41707| } 
41708| 

41709| /* 



41710| void SbSnapShotCleanupThread ( tDeleteReparsel interface 

|*IF) 
41711| { 

41712| //typical IF->FileName = 

| '\Device\PsmDevices_0200\_Device_HarddiskVolume3_1\snaps 

[ hots' 
41713| 

41 71 4| // This function is used only for cleaning up a 
| virtual volume. 

41715| // It calls SbDeleteAIIReparsePointsAndDirThread to 
| clean up 

41 71 6| // the same stuff we do on the real volume, plus 

| anything else 
41 71 7| // we additionally want to clean up only on 

| snapshots. 
41718| 

41719| Debug(DEBUG_DEVSUP,( M SbSnapShotCleanupThread: 

| path='%S'\n'',IF->FileName)); 
41720| SbDeleteAIIReparsePointsAndDirThread (IF); 
41721| 

41 722| // Remove pagefile.sys from virtual volume. 

41 723 1 // That's OK because even if we revert to snapshot, 

| pagefile.sys will 
41724| //be re-created. 
41725| 

41726| ULONG DirNameLengthlnChars 

| wcslen(IF->FileName); 
41727| const ULONG PathLengthlnChars = 256 + 

| DirNameLengthlnChars; 
41728| const ULONG PathLengthlnBytes 

| sizeof(WCHAR) * PathLengthlnChars; 
41 729| WCHAR *PathName = (WCHAR 

| *)MemAllocatePoolWithTag(PagedPool, PathLengthlnBytes, 

| FILENAMETAG); 
41730| if ( PathName ) { 

41731 1 wcscpy ( PathName, IF->FileName ); 
41 732| if ( DirNameLengthlnChars>0 && 

| PathName[DirNameLengthlnChars-1]=='\V ) { 
41733| PathName[--DirNameLengthlnChars] = 0; // 

| remove final backslash 
41734| } 
41735| 

41 736| // Scan backwards to final remaining 
| backslash... truncate afterward 



41 737\ II to eliminate 'snapshots' directory. (We 

| want root of virtual volume.) 
41738| while ( DirNamel_engthlnChars>0 && 

| PathName[DirNameLengthlnChars-1]!='\V ) { 
41 739| --DirNameLengthlnChars; 
41740| } 
41741| 

41742| if ( DirNameLengthlnChars > 0 ) { 

41 743| PathName[DirNamel_engthlnChars] = 0; 

41744| 

| Debug(DEBUG_DEVSUP,("SbSnapShotCleanupThread: 
| Extracted virtual volume root = '%S'\n",PathName)); 
41745| 

41 746| struct FileDeletelnfo { 

41 747| const WCHAR * FileName; 

41748| ULONG FileAttributes; 

41749| }; 

41750| 

41 751 1 static FileDeletelnfo ExtraFilesToDelete[] 

l = { 

41752| {L"pagefile.sys M , 

| (FILE ATTRIBUTE HIDDEN | FILE_ATTRIBUTE_SYSTEM)}, 
41753| {NULL,0} // marks end of list 

41754| }; 
41755| 

41756| for ( ULONG i=0; 

| ExtraFilesToDelete[i]. FileName != NULL; ++i ) { 
41757| wcscpy ( 

| &PathName[DirNameLengthlnChars], 

| ExtraFilesToDelete[i]. FileName ); 
41 758| SbDeleteFile (PathName, 

| ExtraFilesToDelete[i]. FileAttributes); 
41759| } 
41760| } 
41761| 

41 762| FREE_POINTER(PathName); 
41763| }else{ 

41764| Debug(DEBUG_DEVSUP,("SbSnapShotCleanupThread: 

| Out of memory for path name!\n")); 
41765| } 
41766| } 
41767| 
41768| 

41769|/* 



41770| NTSTATUS SbDeleteAIIReparsePointsAndDir( const WCHAR 

| *FileName ) 
41771| { 

41772| tDeleteReparselnterface IF; 
41 773| HANDLE TempHandle; 



41 774| NTSTATUS StartTh read Status = 0; 
41775| 

41776| IF.FileName = FileName; 

41777| IF.Status = 0; 

41778| 

41779| #ifdef DEBUG 

41 780| if(lsSnapShotAcquiredForWrite()) { 
41 781 1 // the reason this is bad is that we have the 
| writer lock 

41 782| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
41 783| // thus producing a deadlock, to fix it, dont 

| call with writer lock 
41 784| // which you can do by spinning off whatever 

| you are trying to do to a 
41 785| // worker thread. 
41786| 

| Debug(DEBUG_DCPSM,("SbDeleteAIIReparsePointsAndDir: 

| Snapshot resource acquired for write!\n")); 
41787| DbgBreakPoint(); 
41788| } 
41789| #endif 
41790| 

41791| #if DO_ALL_CLEANUP 

41792| Debug(DEBUG_DEVSUP,( M PSMAN: 

| SbDeleteAIIReparsePointsAndDirThread, starting work 

| thread!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n")); 
41793| #endif /*DO_ALL_CLEANUP7 
41794| 

41 795| StartThreadStatus = pmStartThread( 
41796| 

| (PKSTART_ROUTINE)SbDeleteAIIReparsePointsAndDirThread, 

| // IN PKSTART ROUTI N E StartRoutine, 
41797| (PVOID)&IF, //IN 

| PVOID StartContext 
41 798| &TempHandle // OUT 

| PHANDLE ThreadHandle, 
41799| ); 

41 800| if (NT_SUCCESS(StartThreadStatus)) { 
41801 1 #if DO_ALL_CLEANUP 

41802| Debug(DEBUG_DEVSUP,("PSMAN : System ready, 

| SbDeleteAIIReparsePointsAndDirThread started, 
| waiting\n")); 

41803| #endif /*DO_ALL_CLEANUP7 

41804| 

41805| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
41806| 

41 807| // dont need the handle anymore. 
41808| ZwClose(TempHandle); 



41809| TempHandle=NULL; 
41810| 

41811| // the thread sets the irp status 
41812| }else{ 

41813| Debug(DEBUG_DEVSUP, ("Error %08x starting 
| SbDeleteAIIReparsePointsAndDirThread\n",StartThreadStatu 

Is)); 

41814| IF.Status = StartThreadStatus; 
41815| } 

41816| return (IF.Status); 

41817| } 

41818| 

41819| r 



41820| NTSTATUS SbSnapShotCleanup ( const WCHAR *FileName ) 
41821| { 

41822| tDeleteReparselnterface IF; 

41823| HANDLE TempHandle; 

41824| NTSTATUS StartThreadStatus = 0; 

41825| 

41 826| I F. FileName = FileName; 

41827| IF.Status = 0; 

41828| 

41829| 

41830| Debug(DEBUG_DEVSUP,("PSMAN: SbSnapShotCleanup, 
| starting work 

| thread!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n")); 
41 831 1 StartThreadStatus = pmStartThread( 
41832| 

| (PKSTART_ROUTINE)SbSnapShotCleanupThread, // IN 

| PKSTART_ROUTINE StartRoutine, 
41833| (PVOID)&IF, //IN 

| PVOID StartContext 
41834| STempHandle //OUT 

| PHANDLE ThreadHandle, 
41835| ); 

41836| if(NT_SUCCESS(StartThreadStatus)) { 

41837| Debug(DEBUG_DEVSUP,("PSMAN: System ready, 

| SbSnapShotCleanup started, waiting\n")); 
41838| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
41839| 

41840| // dont need the handle anymore. 
41 841 1 ZwClose(TempHandle); 
41842| TempHandle=NULL; 
41843| 

41 844| // the thread sets the irp status 
41845| }else{ 

41846| Debug(DEBUG_DEVSUP, ("Error %08x starting 
| SbSnapShotCleanupThread\n",StartThreadStatus)); 



41 847| IF.Status = StartThreadStatus; 
41848| } 

41849| return (IF.Status); 

41850| } 

41851| 

41852| /* 

| */ 

41853| NTSTATUS SbDeleteMountPoint( const WCHAR *FileName ) 
41854| { 

41855| UNICODE_STRING FullFileName={0}; 
41856| OBJECT_ATTRIBUTES ObjectAttributes={0}; 
41857| NTSTATUS Status=0; 
41858| IO_STATUS_BLOCK loStatus={0}; 
41859| HANDLE FileHandle=NULL; 
41860| 

41861| PAG E D_CO D E () ; 
41862| 

41863| RtllnitUnicodeString( &FullFileName, FileName); 
41864| 

41865| InitializeObjectAttributes ( &ObjectAttributes, 

41866| &FullFileName, 

41 867| OBJ_CASE_INSENSITI VE, 

41868| NULL, 

41869| NULL); 

41870| 

41871 1 Status = ZwCreateFile( &FileHandle, 
41872| FILE_GENERIC_WRITE | 

| FILE_GENERIC_READ, // desired access 
41 873 1 &ObjectAttributes, 

| // object attributes 
41874| &loStatus, 
41875| NULL, 

| // alloc size 

41876| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
41877| 0, // share access 

41878| FILEOPEN, 

| // create disposition 
41879| FILE_DIRECTORY_FILE| 
41880| 

| FILE_OPEN_REPARSE_POINT| 
41881| 

| Fl LE_OPEN_FOR_BACKU P_l NTENT, // create 

| options 

41882| NULL, // eabuffer 

41883| 0); //ealength 

41884| 

41885| if (NT_SUCCESS(Status)) { 

41886| FILE_DISPOSITION_INFORMATION Del={0}; 

41887| 



41888| // delete file if we could not create it. gets 

| around having 0 length files 
41889| Del.DeleteFile = TRUE; 
41890| Status = ZwSetlnformationFile( FileHandle, 
41 891 1 &loStatus, &Del, sizeof (Del), 

41892| FileDispositionlnformation 
41893| ); 
41894| 

41 895| ZwClose(FileHandle); 
41896| 

41897| if ( !NT_SUCCESS(Status) ) { 

41898| Debug(DEBUG_DEVSUP,( M SbDeleteMountPoint: 

| ZwSetlnformationFile returned %08x\n", Status)); 
41899| } 
41900| } 
41901| 

41 902| if (NT_SUCCESS(Status)) { 
41903| #if DO_ALL_CLEANUP 

41904| Debug(DEBUG_DEVSUP,("SbDeleteMountPoint: 

| Success deleting mount point '%S\n",FileName)); 
41905| #endif /*DO_ALL_CLEANUP7 
41906| }else{ 

41907| Debug(DEBUG_DEVSUP,("SbDeleteMountPoint: Error 

| %08x (%08x) deleting mount point 

| VoS'Vn^StatusJoStatus.Status^ileName)); 
41908| } 

41909| return Status; 

41910| } 

41911| 

41912| 

41913| /* 

| */ 

41914| 

41915| NTSTATUS Sblo_WriteDevice ( 

41916| PDEVICE_OBJECT DeviceObject, 

41917| PLARGEJNTEGER ByteOffset, 

41918| ULONG ByteCount, 

41919| const char *Buff ) 
41920| { 

41921| PIRP lrp=NULL; 

41922| KEVENT Event={0}; 

41923| IO_STATUS_BLOCK loStatusBlock={0}; 

41924| NTSTATUS Status=0; 

41925| 

41926| PAG E DCOD E () ; 
41927| 

41928| __try{ 

41929| // 

41930| // Set the event object to the unsignaled 
| state. 



41931 1 // It will be used to signal request 

| completion. 
41932| // 
41933| 

41934| KelnitializeEvent(&Event, 

41 935| Notif icationEvent, 

41936| FALSE); 

41937| 

41938| 

41939| 

41940| // 

41941 1 // Create IRP for read 

41942| // 

41943| 

41944| Irp = loBuildSynchronousFsdRequest( 

I IRP_MJ_WRITE, 
41945| 

| DeviceObject, 
41946| (PVOID) 

I Buff, 

41947| ByteCount, 
41948| ByteOffset, 
41949| &Event, 
41950| 

| &loStatusBlock); 
41951| 

41952| if (!lrp){ 

41953| Debug(DEBUG_DEVSUP,( M Sblo_WriteDevice: 

| Error! Unable to allocate irp\n")); 
41954| return STATUS_INSUFFICIENT_RESOURCES; 

41955| } 
41956| 

41957| Status = loCallDriver(DeviceObject, Irp); 
41958| 

41959| if (Status == STATU S_P E N D I N G) { 
41960| 

41961 1 ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
41962| pmWaitForSingleObject(&Event, NULL); 

41963| 

41964| Status = loStatusBlock.Status; 

41965| } 
41966| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

41967| Status = GetExceptionCode(); 

41968| Debug(DEBUG_DEVSUP,("Sblo_WriteDevice: 

| Exception %08x\n", Status)); 
41969| } 
41970| 

41971| return Status; 



41972| } 
41973| 

41974| /* 

| */ 

41975| NTSTATUS Sblo_ReadDevice( PDEVICE_OBJECT DeviceObject, 
41976| PLARGEJNTEGER ByteOffset, 

41977| ULONG ByteCount, 

41978| char *Buff) 

41979| { 

41980| PIRP lrp=NULL; 

41981| KEVENT Event={0}; 

41982| IO_STATUS_BLOCK loStatusBlock={0}; 

41983| NTSTATUS Status=0; 

41984| 

41985| PAG E D_CO D E () ; 
41986| 

41987| _try{ 
41988| /* 

41989| Debug(DEBUG_DEVSUP,("Sblo_ReadDevice: Reading 

| Device %08x at %08x%08x for %08x to %08x\n", 
41990| DeviceObject, 
41 991 1 ByteOffset->HighPart, 
41 992 1 ByteOffset->LowPart, 
41993| ByteCount, 
41994| Buff 
41995| )); 
41996| 7 
41997| // 

41998| // Set the event object to the unsignaled 
| state. 

41999| // It will be used to signal request 

| completion. 
42000| // 
42001 | 

42002| //Debug(DEBUG_DEVSUP,( M Setting EventVn")); 

42003| KelnitializeEvent(&Event, 

42004| NotificationEvent, 

42005| FALSE); 

42006| 

42007| 

42008| 

42009 1 // 

4201 0| // Create IRP for read 

42011| // 

42012| 

42013| //Debug(DEBUG_DEVSUP,( M Creating Read lrp\n")); 
42014| Irp = loBuildSynchronousFsdRequest( 

I IRP_MJ_READ, 
42015| 

| DeviceObject, 



42016| Buff, 
42017| ByteCount, 
42018| ByteOffset, 
42019| &Event, 
42020| 

| &loStatusBlock); 
42021 | 

42022| if (!lrp) { 

42023| Debug(DEBUG_DEVSUP,( M Sblo_ReadDevice: 

| Error! Unable to allocate irp\n M )); 
42024| return STATUS_INSUFFICIENT_RESOURCES; 

42025| } 
42026| 

42027| Status = loCallDriver(DeviceObject, Irp); 
42028| 

42029| if (Status == STATU S_P E N D I N G) { 
42030| 

42031 1 // Debug(DEBUG_DEVSUP,("Sblo_ReadDevice: 
| Waiting for read to finish lrp=%08x, Event=%08x, 
| loStatus=%08x\n M ,lrp,Event,&loStatusBlock)); 

42032| ASSERT(KeGetCurrentlrql() < 

| DISPATCHLEVEL); 

42033| pmWaitForSingleObject(&Event, NULL); 

42034| 

42035| Status = loStatusBlock.Status; 

42036| } 
42037| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42038| Status = GetExceptionCode(); 

42039| Debug(DEBUG_DEVSUP,( n Sblo_ReadDevice: Exception 

| %08x\n",Status)); 
42040 1 } 
42041 | 

42042 1 return Status; 

42043 1 } 

42044| 

42045| /* 



42046| NTSTATUS 

42047| Sblo_ReadDeviceMdlCompletionRoutine( 
42048| IN PDEVICE_OBJECT DeviceObject, 
42049| IN PIRP Irp, 
42050| IN PVOID Context 
42051 1 ) 
42052 1 { 

42053| NOT_REFERENCED(DeviceObject); 
42054| NOTREFERENCED(Context); 
42055| 

42056| pmSetEvent(lrp->UserEvent); 
42057| 



42058| // keep nt from touching our irp, which will be 

| handled by person 
42059| // who wanted the event set 

42060| return STATUS_MORE_PROCESSING_REQUIRED; 
42061 1 } 
42062 1 

42063| r 



| */ 

42064| NTSTATUS Sblo_ReadDeviceMdl( PDEVICE_OBJECT 

| DeviceObject, 
42065| PLARGEJNTEGER ByteOffset, 

42066| ULONG ByteCount, 

42067| PIRP 

| Originallrp, 
42068| PMDL Mdl) 

42069 1 { 

42070| PIRP lrp=NULL; 

42071| KEVENT Event={0}; 

42072| IO_STATUS_BLOCK loStatusBlock={0}; 

42073| NTSTATUS Status=0; 

42074| PIO_STACK_LOCATION Stack=NULL; 

42075| 

42076| PAG E D_CO D E () ; 
42077| 

42078| __try { 
42079| /* 

42080| Debug(DEBUG_DEVSUP,("Sblo_ReadDevice: Reading 

| Device %08x at %08x%08x for %08x to %08x\n", 
42081 1 DeviceObject, 
42082 1 ByteOff set->H igh Part, 

42083| ByteOffset->LowPart, 
42084| ByteCount, 
42085| Buff 
42086| )); 
42087| 7 
42088| // 

42089| // Set the event object to the unsignaled 
| state. 

42090| // It will be used to signal request 

| completion. 
42091| // 

42092| KelnitializeEvent(&Event, NotificationEvent, 

| FALSE); 
42093| 
42094| 

42095| // 

42096| // Create IRP for read 

42097| // 

42098| 

42099| Irp = lrpAllocatelrp(DeviceObject->StackSize); 



42100| 

42101| if (!lrp){ 

42102| Debug(DEBUG_DEVSUP,( M Sblo_ReadDeviceMdl: 

| Error! Unable to allocate irp\n M )); 
421 03 1 return STATUS_INSUFFICIENT_RESOURCES; 

42104| } 
42105| 

42106| lrp->Flags = 0; //IRP_READ_OPERATION; 
42107| 

42108| /* TESTTEST 

42109| if(Originallrp->Flags & IRP_NOCACHE) { 
421 1 0| lrp->Flags |= IRP_NOCACHE; 

421 1 1 | } 

42112| if(Originallrp->Flags & IRP_PAGING_IO) { 
421 13| lrp->Flags |= IRP_PAGING_IO; 

42114| } 

421 15| if(Originallrp->Flags & 

| IRP_SYNCHRONOUS_PAGING_IO) { 
42116| lrp->Flags |= IRP_SYNCHRONOUS_PAGING_IO; 

42117| } 
42118| 7 

42119| lrp->Associatedlrp.SystemBuffer = NULL; 

42120| lrp->MdlAddress = Mdl; 

42121 1 lrp->UserBuffer = NULL; 

42122| lrp->UserEvent = & Event; 

42123| lrp->Userlosb = &loStatusBlock; 

42124| Hint -save -e740 7 

42125| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
42126| Hint -restore 7 
42127| if(Originallrp) { 

421 28| lrp->Tail.Overlay.OriginalFileObject = 

| Originallrp->Tail. Overlay. Original FileObject; 
42129| } 

42130| lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 
42131| lrp->loStatus. Status 

| STATUS_PENDING; 
42132| lrp->loStatus. Information = 0; 

42133| 

42134| Stack = loGetNextlrpStackLocation(lrp); 
42135| RtlZeroMemory((PVOID)Stack, 

| sizeof(IO_STACK_LOCATION)); 
42136| loSetCompletionRoutine(lrp, 

| Sblo_ReadDeviceMdlCompletionRoutine, NULL, TRUE, TRUE, 

I TRUE); 

42137| Stack->MajorFunction = IRP_MJ_READ; 
42138| Stack->MinorFunction = 0; 
42139| Stack->Parameters.Read.ByteOffset.QuadPart = 
| ByteOffset->QuadPart; 



42140| Stack->Parameters. Read. Length = ByteCount; 
42141 1 Stack->Parameters. Read. Key = 0; 
421 42 1 Stack->DeviceObject = DeviceObject; 
42143| Stack->FileObject = NULL; 
42144| 

42145| Status = loCallDriver(DeviceObject, Irp); 
42146| 

42147| if (Status == STATUS_PENDING) { 
42148| 

42149| // Debug(DEBUG_DEVSUP,("Sblo_ReadDevice: 
| Waiting for read to finish lrp=%08x, Event=%08x, 
| Status=%08x, 

| loStatus=%08x,%08x\n",lrp,&Event,Status,loStatusBlock.St 

| atusJoStatusBlock.lnformation)); 
42150| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
42151 1 pmWaitForSingleObject(&Event,NULL); 
42152| 

42153| Status = loStatusBlock. Status; 

42154| }else{ 

42155| Debug(DEBUG_DEVSUP,( M Sblo_ReadDevice: Read 

| finished without wait. Irp=%08x, Event=%08x, 
| Status=%08x, 

| loStatus=%08x,%08x\n",lrp,&Event,Status,loStatusBlock.St 

| atusJoStatusBlock.lnformation)); 
42156| } 
42157| 

421 58| // free the Irp we allocated, as we do not need 

| it anymore. 
42159| IrpFreelrp(lrp); 
42160| 
42161| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

421 62 1 Status = GetExceptionCode(); 

42163| Debug(DEBUG_DEVSUP,("Sblo_ReadDeviceMdl: 

| Exception %08x\n",Status)); 
42164| } 
42165| 

42166| return Status; 

42167| } 

42168| 

42169| 

42170| NTSTATUS Sblo_OpenVolumeHandle ( 
421 71 1 const WCHAR *VolumeName, 
42172| HANDLE &VolumeHandle, 
42173| PFILE_OBJECT &VolumeFileObject, 
42174| ULONG Des i red Access ) 

42175| { 

42176| UNICODE_STRING UniName={0}; 

421 77| OBJECT ATTRIBUTES Object Attributes={0}; 



42178| 
42179| 
42180| 



IO_STATUS_BLOCK loStatus = {0}; 
HANDLE FileHandle = 0; 

NTSTATUS Status = 0; 



42181| 

42182| VolumeHandle = INVALID_HANDLE_VALUE; 

42183| VolumeFileObject = NULL; 

42184| 

42185| RtllnitUnicodeString(&UniName,VolumeName); 
42186| 

42187| InitializeObjectAttributes ( 

421 88| &ObjectAttributes, 

42189| &UniName, 

42190| OBJ_CASE_INSENSITIVE, 

42191| NULL, 

42192| NULL); 

42193| 

421 94| Status = ZwCreateFile( 

42195| & VolumeHandle, 

421 96| DesiredAccess, 

421 97| &ObjectAttributes, 

42198| &loStatus, 

42199| NULL, // 
| alloc size 

42200| FILEATTRIBUTENORMAL, 

42201 1 FILE_SHARE_WRITE | FILE_SHARE_READ, 

42202| FILE_OPEN, 

42203 1 0, // 

| create options 

42204| NULL, // 

| eabuffer 

42205| 0 ); // 

| ealength 
42206| 

42207| if(NT_SUCCESS(Status)) { 

42208| Status = ObReferenceObjectByHandle( 

42209| VolumeHandle, 

42210| GENERIC_WRITE, 

42211| NULL, 

4221 2| (KPROCESSOR_MODE)KernelMode, 

42213| (PVOID *)&VolumeFileObject, 

42214| NULL); 
42215| 

42216| if(!NT_SUCCESS(Status)) { 

42217| Debug(DEBUG_DEVSUP,( M Sblo_OpenVolumeHandle: 
| Error %08x in 

| ObReferenceObjectByHandle('%S')\n",Status,VolumeName)); 

4221 8| ZwClose (VolumeHandle); 

42219| VolumeHandle = INVALID_HANDLE_VALUE; 

42220| VolumeFileObject = NULL; 

42221 1 } 



42222| } else { 

42223| Debug(DEBUG_DEVSUP,("Sblo_OpenVolumeHandle: 
| Error %08x in 

| ZwCreateFile('%S')\n",Status,VolumeName)); 
42224| VolumeHandle = INVALID_HANDLE_VALUE; 
42225| } 
42226| 

42227| return Status; 

42228| } 

42229| 

42230| 

42231| NTSTATUS Sblo_CloseVolumeHandle ( 
42232| HANDLE &VolumeHandle, 
42233| PFILE_OBJECT &VolumeFileObject ) 
42234| { 

42235| NTSTATUS Status = STATUS_SUCCESS; 
42236| if ( VolumeFileObject==NULL || 

| !lsValidHandle(VolumeHandle) ) { 
42237| ASSERT ( VolumeFileObject != NULL ); 
42238| ASSERT ( IsValidHandle(VolumeHandle) ); 
42239| Status = STATUS_INVALID_PARAMETER; 
42240| Debug(DEBUG_DEVSUP,("Sblo_CloseVolumeHandle: 

| Invalid parameter -- VolumeHandle=%08x, 

| VolumeFileObject=%08x\n M ,VolumeHandle,VolumeFileObject)) 

I ; 

42241 1 } else { 

42242| ObDereferenceObject (VolumeFileObject); 

42243| ZwClose (VolumeHandle); 

42244| 

42245| VolumeFileObject = NULL; 

42246| VolumeHandle = INVALID_HANDLE_VALUE; 

42247| } 

42248| 

42249 1 return Status; 

42250 1 } 
42251 1 
42252 1 

42253| NTSTATUS Sblo_SystemCall ( 

42254| const WCHAR *VolumeName, 

42255| FS_SYSTEM_CALL_FU NOTION FsFunctionToCall, 

42256| const char *ActionDebugText, 

42257| ULONG DesiredAccess ) 

42258| { 

42259| HANDLE FileHandle = INVALID_HANDLE_VALUE; 

42260| PFILE_OBJECT FileObject = NULL; 

42261 1 Debug(DEBUG_DEVSUP,( M Sblo_SystemCall: %sing volume 

| '%S'\n",ActionDebugText,VolumeName)); 

42262| NTSTATUS Status = Sblo_OpenVolumeHandle ( 

| VolumeName, FileHandle, FileObject, DesiredAccess ); 

42263| if ( NT_SUCCESS(Status) ) { 



42264| Status = (*FsFunctionToCall) (FileObject); 

42265| if(NT_SUCCESS(Status)) { 

42266| Debug(DEBUG_DEVSUP,("Sblo_SystemCall: 

| Success %sing volume 

| '%S'\n",ActionDebugText,VolumeName)); 
42267| } else { 

42268| Debug(DEBUG_DEVSUP,("Sblo_SystemCall: Error 

| %08x %sing volume 

| '%S'\n",Status,ActionDebugText,VolumeName)); 
42269| } 

42270| Sblo_CloseVolumeHandle ( FileHandle, FileObject 

I); 

42271 1 } 
42272 1 

42273| if ( !NT_SUCCESS(Status) ) { 

42274| Debug(DEBUG_DEVSUP,("Sblo_SystemCall: 

| Returning %08x\n M ,Status)); 
42275| } 
42276| 

42277 1 return Status; 
42278| } 
42279 1 
42280 1 

42281 1 NTSTATUS Sblo_DismountVolume( const WCHAR *VolumeName ) 
42282 1 { 

42283| return Sblo_SystemCall ( VolumeName, 

| FS_DismountVolume, "dismount", GENERIC_READ ); 
42284| } 
42285| 
42286| 
42287| 
42288| 

42289| /* 



42290| NTSTATUS Sblo_lnvalidateVolumes ( PDEVICE_OBJECT 

| FSObject, HANDLE FileHandle ) 
42291| { 

42292| PIRP lrp=NULL; 

42293| KEVENT Event={0}; 

42294| IO_STATUS_BLOCK loStatusBlock={0}; 

42295| NTSTATUS Status=0; 

42296 1 P 1 0_STAC K_LOC ATI ON I rpStack= NULL; 

42297| 

42298| _try { 
42299| 

42300| Debug(DEBUG_DEVSUP,("Sblo_lnvalidateVolumes: 

| invalidating volume %08x\n", FSObject)); 
42301| 

42302| // 

42303| // Set the event object to the unsignaled 



I state. 

42304| // It will be used to signal request 

| completion. 
42305| // 
42306| 

42307| KelnitializeEvent(&Event, NotificationEvent, 

I FALSE); 
42308| 
42309| 

42310| // 

4231 1 1 // Create IRP for read 

42312| // 

42313| 

42314| Irp = lrpAllocatelrp(FSObject->StackSize); 
42315| 

42316| if (!lrp){ 
42317| 

| Debug(DEBUG_DEVSUP,( M Sblo_lnvalidateVolumes: Error! 

| Unable to allocate irp\n")); 
42318| try_return(Status = 

| STATUS_INSUFFICIENT_RESOURCES); 
42319| } 
42320| 

42321 1 lrp->Flags = 0; //IRP_READ_OPERATION; 
42322 | 

42323 1 I rp- > Assoc i ated I rp . Sy ste m B uf f e r 

| &FileHandle; 
42324| lrp->MdlAddress = NULL; 

42325| lrp->UserBuffer = NULL; 
42326| lrp->UserEvent = & Event; 
42327| lrp->Userlosb = &loStatusBlock; 
42328| Hint -save -e740 7 
42329| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
42330| Hint -restore 7 

42331 1 lrp->Tail.Overlay.OriginalFileObject = NULL; 
42332 1 lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 
42333| lrp->loStatus. Status 

| STATUS_PENDING; 
42334| lrp->loStatus. Information = 0; 

42335| 

42336| IrpStack = loGetNextlrpStackLocation(lrp); 
42337| RtlZeroMemory((PVOID) IrpStack, 

| sizeof(IO_STACK_LOCATION)); 
42338| // just sets event 
42339| loSetCompletionRoutine(lrp, 

| Sblo_ReadDeviceMdlCompletionRoutine, NULL, TRUE, TRUE, 

I TRUE); 

42340| lrpStack->MajorFunction = 



I IRP_MJ_FILE_SYSTEM_CONTROL; 
42341 1 lrpStack->MinorFunction = 

| IRP_MN_USER_FS_REQUEST; 
42342 1 

| lrpStack->Parameters.DeviceloControl.loControlCode = 
| FSCTL_INVALIDATE_VOLUMES; 
42343 1 

| lrpStack->Parameters. DeviceloControl.OutputBufferLength 
l = 0; 
42344| 

| lrpStack->Parameters.DeviceloControUnputBufferLength 
| = sizeof(HANDLE); 
42345| 

| lrpStack->Parameters.DeviceloControl.Type3lnputBuffer = 
| NULL; 

42346| lrpStack->DeviceObject = FSObject; 
42347| lrpStack->FileObject = NULL; 
42348| 

42349| Status = loCallDriver(FSObject, Irp); 
42350 1 

42351 1 if (Status == STATU S_P E N D I N G) { 
42352 1 
42353 1 

| Debug(DEBUG_DEVSUP,("Sblo_lnvalidateVolumes: Waiting 

| for dismount to finish\n")); 
42354| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 
42355 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

42356| 

42357| Status = loStatusBlock.Status; 

42358| } 

42359| IrpFreelrp(lrp); 
42360 1 

42361 1 try_exit: NOTHING; 
42362 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42363 1 Status = GetExceptionCode(); 

42364| Debug(DEBUG_DEVSUP,("Sblo_lnvalidateVolumes: 

| Exception %08x\n M , Status)); 
42365| } 
42366| 

42367 1 return Status; 
42368| } 
42369 1 
42370 1 /* 

42371 1 Several ways to get the FS object 
42372| 1 . first object created is usually the fs object 
42373| 2. usually only the fs object has a name 
42374| 7 

42375| r 



42376| PDEVICE_OBJECT Get FSObject From VolumeObject ( 

| PDEVICE_OBJECT Volume ) 
42377| { 

42378| PDEVICE_OBJECT DevObj = Volume; 
42379| 

42380| if(! DevObj) { 
42381| return NULL; 
42382| } 
42383| 

42384| // get first object created (at end of linked list) 
42385| while(DevObj->NextDevice) { 
42386| DevObj = DevObj->NextDevice; 
42387| } 
42388| 

42389| // okay, lets make sure it is named 

42390| if(DevObj->Flags & DO_DEVICE_HAS_NAME) { 

42391 1 return DevObj; 

42392 1 } else { 

42393| return NULL; 

42394| } 

42395| } 

42396| 

42397| r 



42398| NTSTATUS lnvalidateVolumes( PDEVICE_OBJECT Volume ) 
42399 1 { 

42400| HANDLE VolumeHandle=INVALID_HANDLE_VALUE; 

42401 1 NTSTATUS Status=STATUS_UNSUCCESSFUL; 

42402| PDEVICE_OBJECT FsObject=NULL; 

42403| POB J ECT_N AM E_l N FORMATION OBI=NULL; 

42404| PFILE_OBJECT FileObject=NULL; 

42405| PDEVICE_OBJECT DeviceObject=NULL; 

42406| ULONG Returned=0; 

42407| OBJECT_ATTRIBUTES ObjAttr={0}; 

42408| IO_STATUS_BLOCK loStatus={0}; 

42409 1 

4241 0| // Volume = "virtual volume" by psm 
4241 1 1 // Volume->Vpb->DeviceObject == unnamed fileystem 
| object 

42412| // Volume->Vpb->RealDevice == Volume as owned by 

| lowest device (eg \harddisk0\partition1) 
42413| 

42414| FsObject = 

| GetFSObjectFromVolumeObject(Volume->Vpb->DeviceObject); 
42415| 

42416| if(IFsObject) { 

4241 7| return STATUS_OBJECT_NAME_NOT_FOUND; 

42418| } 

42419| 



42420| if((Volume->Vpb) && (Volume->Vpb->Flags & 

| VPB_MOUNTED)) { 
42421 | 

42422| // we need to get a FileObject to the "Volume" 
42423 1 

42424| // step 1 . We need the device name 

| (\harddisk0\partition1) 
42425| 

42426| Status = ObQueryNameString( 
42427 1 Vo lu me->Vpb-> Real Device , 

42428| NULL, 0, &Returned ); 

42429 1 

42430| if((Status==STATUS_INFO_LENGTH_MISMATCH) && 

| (Returned>0)) { 
42431 1 OBI = (POBJECT_NAME_IN FORMATION) 

| MemAllocatePoolWithTag(PagedPool,Returned,FILENAMETAG); 
42432| if(OBI) { 

42433| 

42434| Status = ObQueryNameString( 

42435| Volume->Vpb->RealDevice, 

42436| OBI, 

42437| Returned, 

42438 1 & Returned ); 

42439| 

42440| if(NT_SUCCESS(Status)) { 

42441 1 // step 2. get file object for 

| volume 

42442| Status = loGetDeviceObjectPointer( 

42443| &OBI->Name, 

42444| 0, 

42445| &FileObject, 

42446| &DeviceObject 

42447| ); 

42448| 

42449| if(NT_SUCCESS(Status)) { 

42450 1 // step 3. get handle for file 

| object 

42451 1 /* fails with 0xc0000001 STATUSJJNSUCCESSFUL 

42452| Status = ObOpenObjectByPointer( 

42453| FileObject, 

42454| 0, 

42455| NULL, 

42456| 0, 

42457 1 * I o Fi leObjectTy pe, 

42458| 

| (KPROCESSOR_MODE)KernelMode, 
42459| &VolumeHandle 
42460| ); 
42461 | 
42462| 7 



42463| 

42464| InitializeObjectAttributes ( 

| &ObjAttr, 

42465| &OBI->Name, 

| OBJ_CASE_INSENSITIVE, NULL, NULL ); 
42466| 

42467| Status = ZwOpenFile( 

42468| &VolumeHandle, 
42469| 0, 
42470| &ObjAttr, 
42471| &loStatus, 
42472| 0, 
42473| 0 
42474| ); 
42475| 

42476| if(NT_SUCCESS(Status)) { 

42477| // step 4. Tell file system 

| to invalidate 
42478| 

| ASSERT(lsValidHandle(VolumeHandle)); 
42479| Status = 

| Sblo_lnvalidateVolumes(FsObject,VolumeHandle); 
42480| 

42481 1 // close handle 

42482| ZwClose(VolumeHandle); 

42483| VolumeHandle = 

| INVALIDHANDLEVALUE; 
42484| } else { 

42485| 

| Debug(DEBUG_DEVSUP,("Devsup: Invalidate Volumes: Error 

| %08x getting handle\n",Status)); 
42486| } 
42487| // close object 

42488| 

| ObDereferenceObject(FileObject); 
42489| } else { 

42490| Debug(DEBUG_DEVSUP,("Devsup: 
| InvalidateVolumes: Error %08x getting device object 
| pointer\n", Status)); 

42491 1 } 

42492 1 } else { 

42493| Debug(DEBUG_DEVSUP, ("Query name 

| failed error %08x\n",Status)); 
42494 1 } 

42495| FREEPOINTER(OBI); 
42496| } else { 

42497| Debug(DEBUG_DEVSUP,("Out of memory for 

| %d byte\n", Returned)); 
42498| } 
42499 1 } else { 



42500| Debug(DEBUG_DEVSUP, ("Query name failed 

| getting size error %08x\n", Status)); 
42501| } 
42502| 

42503| } else { 

42504| Debug(DEBUG_DEVSUP,("Devsup: InvalidateVolumes: 

| volume %08x not mounted\n",Volume)); 
42505| } 

42506| return Status; 

42507| } 

42508| 

42509| 

42510| /* 



4251 1 1 NTSTATUS Sblo_GetGeometry( PDEVICE_OBJECT 

| DeviceObject, 
42512| PDISK GEOMETRY Geometry ) 

42513| { 

42514| PIRP lrp=NULL; 

42515| KEVENT Event={0}; 

42516| IO_STATUS_BLOCK loStatusBlock={0}; 

42517| NTSTATUS Status=0; 

42518| 

42519| __try{ 
42520| 

42521| // 

42522| // Set the event object to the unsignaled 
| state. 

42523| // It will be used to signal request 

| completion. 
42524| // 
42525| 

42526| KelnitializeEvent(&Event, 

42527| NotificationEvent, 

42528| FALSE); 

42529| 

42530| 

42531| 

42532| // 

42533| // Create IRP for get drive layout device 

| control. 
42534| // 
42535| 

42536| Irp = 

| loBuildDeviceloControlRequest(IOCTL_DISK_GET_DRIVE_GEOME 

I TRY, 
42537| 

| DeviceObject, 
42538| NULL, 
42539| 0, 



42540| Geometry, 
42541 | 

| sizeof(DISK_GEOMETRY), 
42542 1 FALSE, 
42543 1 & Event, 

42544| 

| &loStatusBlock); 
42545| 

42546| if (Nrp) { 

42547| Debug(DEBUG_DEVSUP,( M Sblo_GetDriveLayout: 

| Error! Unable to allocate irp\n")); 
42548| return STATUS_INSUFFICIENT_RESOURCES; 

42549 1 } 
42550 1 

42551 1 Status = loCallDriver(DeviceObject, Irp); 
42552 1 

42553| if (Status == STATUS_PENDING) { 
42554| 

42555| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
42556 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

42557| 

42558| Status = loStatusBlock.Status; 

42559 1 } 
42560 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42561 1 Status = GetExceptionCode(); 

42562| Debug(DEBUG_DEVSUP,("Sblo_GetDriveLayout: 

| Exception %08x\n", Status)); 
42563 1 } 

42564| return Status; 

42565| } 

42566| 

42567| /* 



42568| NTSTATUS Sblo_GetCapabilities( PDEVICE_OBJECT 

| DeviceObject, 
42569| PIO_SCSI_CAPABILITIES 

| Caps) 
42570 1 { 

42571| PIRP lrp=NULL; 

42572| KEVENT Event={0}; 

42573| IO_STATUS_BLOCK loStatusBlock={0}; 

42574| NTSTATUS Status=0; 

42575| 

42576| __try { 
42577| 

42578| // 

42579| // Set the event object to the unsignaled 
| state. 



42580| // It will be used to signal request 

| completion. 
42581 1 // 
42582 1 

42583| KelnitializeEvent(&Event, 

42584| NotificationEvent, 

42585| FALSE); 

42586| 

42587| 

42588| 

42589 1 // 

42590| // Create IRP for get drive layout device 

| control. 
42591| // 
42592| 

42593| Irp = 

| loBuildDeviceloControlRequest(IOCTL_SCSI_GET_CAPABILITIE 

IS, 
42594| 

| DeviceObject, 
42595| NULL, 
42596| 0, 
42597| Caps, 
42598| 

| sizeof(IO_SCSI_CAPABILITIES), 
42599| FALSE, 
42600| &Event, 
42601| 

| &loStatusBlock); 
42602| 

42603| if (!lrp) { 

42604| Debug(DEBUG_DEVSUP,("SbloGetCapabilites: 

| Error! Unable to allocate irp\n M )); 
42605| return STATUS_INSUFFICIENT_RESOURCES; 

42606| } 
42607| 

42608| Status = loCallDriver(DeviceObject, Irp); 
42609| 

42610| if (Status == STATUS_PENDING) { 
4261 1 | 

42612| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 
42613| pmWaitForSingleObject(&Event,NULL); 
42614| 

42615| Status = loStatusBlock.Status; 

42616| } 
42617| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

4261 8| Status = GetExceptionCode() ; 

42619| Debug(DEBUG_DEVSUP,("Sblo_GetCapabilities: 



I Exception %08x\n M , Status)); 
42620| } 

42621 1 return Status; 

42622 1 } 

42623| 

42624| 

42625| /* 



42626| NTSTATUS Sblo_GetDriveLayout( PDEVICE_OBJECT 

| DeviceObject, 
42627| 

| PDRIVE_LAYOUT_INFORMATION Drive Layout Info, 
42628| ULONG 

| DriveLayoutlnfoSize ) 
42629 1 { 

42630| PIRP lrp=NULL; 

42631| KEVENT Event={0}; 

42632| IO_STATUS_BLOCK loStatusBlock={0}; 

42633| NTSTATUS Status=0; 

42634| 

42635| __try { 
42636| 

42637| // 

42638| // Set the event object to the unsignaled 
| state. 

42639| // It will be used to signal request 

| completion. 
42640| // 
42641 | 

42642| KelnitializeEvent(&Event, 
42643| NotificationEvent, 
42644| FALSE); 
42645| 
42646| 

42647| // 

42648| // Create IRP for get drive layout device 

| control. 
42649 1 // 
42650 1 

42651| lrp = 

| loBuildDeviceloControlRequest(IOCTL_DISK_GET_DRIVE_LAYOU 

IT, 
42652| 

| DeviceObject, 
42653| NULL, 
42654| 0, 
42655| 

| DriveLayoutlnfo, 
42656| 

| DriveLayoutlnfoSize, 



42657| FALSE, 
42658| & Event, 

42659| 

| SloStatusBlock); 
42660| 

42661| if (!lrp) { 

42662| Debug(DEBUG_DEVSUP,("Sblo_GetDrivel_ayout: 

| Error! Unable to allocate irp\n")); 
42663| return STATUS_INSUFFICIENT_RESOURCES; 

42664| } 
42665| 
42666| 

42667| Status = loCallDriver(DeviceObject, Irp); 
42668| 

42669| if (Status == STATUS_PENDING) { 
42670| 

42671 1 ASSERT(KeGetCurrentlrql() < 

| DISPATCHJ.EVEL); 
42672| Debug(DEBUG_DEVSUP,("Sblo_GetDrivel_ayout: 

[ Waiting for request to finish\n")); 
42673| pmWaitForSingleObject(&Event,NULL); 
42674| 

42675| Status = loStatusBlock. Status; 

42676| } else 

42677| if(Status!=STATUS_SUCCESS) { 

42678| Debug(DEBUG_DEVSUP,("Sblo_GetDriveLayout: 

| Error %08x reading drive layoufAn", Status)); 
42679 1 } 
42680 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42681 1 Status = GetExceptionCodeO; 

42682| Debug(DEBUG_DEVSUP,("Sblo_GetDriveLayout: 

| Exception %08x\n",Status)); 
42683 1 } 
42684| 

42685| return Status; 

42686| 

42687| } 

42688| 

42689| /* 



42690| NTSTATUS Sblo_DeviceloControl( PDEVICE_OBJECT 
| DeviceObject, 



42691 1 ULONG loctlCode, 

42692| char *lnBuffer, 

42693| ULONG InBufferSize, 

42694| char *OutBuffer, 

42695| ULONG OutBufferSize, 

42696| ULONG * Bytes Returned 

42697| ) 



42698| { 

42699| PIRP lrp=NULL; 

42700| IO_STATUS_BLOCK losb={0}; 

42701 1 KEVENT Event={0}; 

42702| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
42703 1 

42704| *Bytes Returned = 0; 
42705| 

42706| // Set the event object to the unsignaled state. 
42707| // It will be used to signal request completion. 
42708| 

42709| KelnitializeEvent(&Event, Notification Event, 

| FALSE); 
42710| 

4271 1 1 Irp = loBuildDeviceloControlRequest( loctlCode, 

42712| DeviceObject, 

42713| InBuffer, 

42714| InBufferSize, 

42715| OutBuffer, 

42716| OutBufferSize, 

42717| FALSE, 

42718| &Event, 

42719| &losb); 

42720| 

42721 | 

42722 1 if (Irp) { 
42723 1 

42724| __try { 

42725| Status = loCallDriver(DeviceObject, Irp); 

42726| 

42727| if (Status == STATUS_PENDING) { 

42728| 

42729| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 
42730| pmWaitForSingleObject(&Event,NULL); 
42731 | 

42732| Status = losb.Status; 

42733 1 } 
42734| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42735| Status = GetExceptionCode(); 

42736| 

| Debug(DEBUG_DEVSUP,( M Sblo_DeviceloControl:Error! 

| Exception %08x sending scsi command\n", Status)); 
42737| } 
42738| } else { 

42739| Debug(DEBUG_INFO,("Sblo_DeviceloControl: Error 

| no Irp available\n")); 
42740| Status = losb.Status; 
42741 1 } 



42742 
42743 
42744 
42745 
42746 
42747 
42748 
42749 
42750 
42751 
42752 
42753 

I- 
42754 
42755 
42756 
42757 
42758 
42759 
42760 
42761 

I - 
42762 
42763 
42764 
42765 
42766 
42767 
42768 
42769 
42770 
42771 
42772 
42773 
42774 
42775 
42776 
42777 
42778 
42779 
42780 
42781 
42782 
42783 
42784 
42785 
42786 
42787 
42788 
42789 



if (!NT_SUCCESS(Status)) { 

* Bytes Returned = losb. Information; 

} 



return Status; 



} 



#ifdef DEBUG 

/* 

7 

void Debug_DumpSector( char *Buffer, ULONG Size ) 
{ 

ULONG i,j; 

UCHAR *UBuffer = (UCHAR*)Buffer; 
char s[80]; 
char *t; 

// 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 



// no need to even try if debugging is not on.. 
if(!Debugl_evel) { 
return; 

} 

for(i=0;i<Size;i+=16) { 
t=s; 

t+=sprintf(t,"%03x : ",i); 

for(j=i;j-i<16;j++) { 

t+=sprintf(t,"%02x ",UBuffer[j]); 

} 

for(j=i;j-i<16;j++) { 

if ((UBuffer[j]>31) && (UBuffer[j]<128)) { 

*t++ = UBuffer[j]; 
} else { 

*t++ = '.'; 

} 

} 

*t=0; 

Debug(DEBUG_INFO,("%s\n",s)); 

} 

} 

#endif 



42790| 
42791 1 /* 



42792| NTSTATUS CheckMediaLoaded ( PDEVICE_OBJECT 

| DeviceObject, PIRP Irp ) 
42793 1 { 

42794| PVDISK_EXTENSION DevExt=NULL; 
42795| PIO_STACK_LOCATION irpSp=NULL; 
42796| NTSTATUS Err=STATUS_SUCCESS; 
42797| 

42798| __try { 

42799| DevExt = GetVDiskExtension(DeviceObject); 
42800| irpSp = loGetCurrentlrpStackLocation( Irp ); 
42801| 

42802| if ((!DevExt->PartitionActive) || 

| (DevExt->DriveNotReady)) { 
42803| // If the volume is mounted, we must tell 

| the f ilesystem to 
42804| // verify that the media in the drive is 

| the same volume. 
42805| //Debug(DEBUG_DEVSUP,("PSMan: Scsi: CML: 

| Drive not ready\n M )); 
42806| 

42807| if ( DevExt->DeviceObject->Vpb->Flags & 

| VPB_MOUNTED ) { 
42808| //Debug(DEBUG_DEVSUP,("PSMan: Scsi: 

| CML: Informing File system\n")); 
42809| DevExt->DeviceObject->Flags |= 

| DO_VERIFY_VOLUME; 
42810| } 
4281 1 | 

| lnterlockedlncrement((PLONG)&DevExt->DiskChangeCount); 
42812| } 
42813| 

42814| if ( (DevExt->DeviceObject->Flags & 

| DO_VERIFY_VOLUME) && 
42815| !(irpSp->Flags & SL OVERRIDE VERIFY VOLUME) 

42816| ){ 
42817| 

42818| //Debug(DEBUG_DEVSUP,("PSMan: Scsi: CML: 

| Verify bit is set\n")); 
42819| 

42820| // if DO_VERIFY_VOLUME bit is set 

42821 1 // in device object flags, fail request. 

42822| loSetHardErrorOrVerifyDevice(lrp, 

| DeviceObject); 
42823 1 

42824| lrp->loStatus.Status = 

| STATUS_VERIFY_REQUIRED; 
42825| lrp->loStatus. Information = 0; 



42826| 

42827| Err = lrp->loStatus.Status; 

42828| } else { 

42829| // if we are still here, then just say 

| error.. 

42830| if ((!DevExt->PartitionActive) || 

| (DevExt->DriveNotReady)) { 
42831 1 lrp->loStatus.Status = 

| STATUS_IO_DEVICE_ERROR; //STATUS_NO_MEDIA_IN_DEVICE; 
42832| lrp->loStatus. Information = 0; 

42833| Err = lrp->loStatus.Status; 

42834| } 
42835| } 
42836| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

42837| lrp->loStatus. Status = GetExceptionCode(); 
42838| 

42839| Debug(DEBUG_DEVSUP,("PSMan: Scsi: CML: 

| Exception %08x\n",lrp->loStatus. Status)); 
42840| Err = lrp->loStatus. Status; 
42841 1 } 
42842 1 

42843 1 return Err; 

42844| } 

42845| 

42846| // pass in -1 for thread to get any user for a process. 
42847| r 



42848| pOTJJSER FindPSMUser ( PEPROCESS Process, PETHREAD 

| Thread ) 
42849 1 { 

42850| pOTJJSER Next=NULL; 
42851| PAG E D_CO D E () ; 
42852| 

42853| pmAcquireMutex ( &PSMUserMutex, NULL ); 
42854| Next=GlobalData->PSMUsers; 
42855| while(Next) { 



42856| if ( Next->ProcesslD == Process ) { 

42857| if ( Thread==(PETHREAD)-1 || 

| Thread==Next->ThreadlD ) { 

42858| break; 

42859 1 } 

42860 1 } 
42861 1 

42862 1 Next = Next->Next; 

42863 1 } 



42864| pmReleaseMutex ( &PSMUserMutex ); 
42865| 

42866 1 return Next; 
42867| } 



42868| 

42869| // pass in -1 for thread to get any user for a process. 
42870| /* 



42871| pOTJJSER FindPSMUserByFileObject ( PFILE_OBJECT 

| FileObject ) 
42872| { 

42873| pOTJJSER Next=NULL; 
42874| PAG E DCOD E () ; 
42875| 

42876| pmAcquireMutex ( &PSMUserMutex, NULL ); 
42877| Next=GlobalData->PSMUsers; 
42878| while(Next) { 



42879| if(FileObject==Next->FileObject) { 
42880| break; 
42881 1 } 
42882 1 

42883| Next = Next->Next; 



42884| } 

42885| pmReleaseMutex ( &PSMUserMutex ); 
42886| 

42887| return Next; 
42888| } 
42889 1 

42890| /* 



42891 1 pOTJJSER FindPSMUserBySnapShot ( pkSnapShotMaster 

| Snapshot ) 
42892 1 { 

42893| pOT_USER Next=NULL; 
42894| pkSnapShotEntry p; 
42895| 

42896| PAG E D_CO D E () ; 

42897| 

42898| 

42899 1 GetSnapShotForRead(); 
42900 1 _Jry { 
42901 | 

| p=GetTopSnapShotForMaster(&SnapShot->SnapShots); 
42902| while(p) { 

42903| pmAcquireMutex ( &PSMUserMutex, NULL ); 

42904| _Jry { 

42905| Next=GlobalData->PSMUsers; 

42906| while(Next) { 

42907| 

| if(lslnUserList(Next,p)==STATUS_SUCCESS) { 
42908| break; 
42909 1 } 
42910| 

4291 1 1 Next = Next->Next; 



42912 
42913 
42914 
42915 
42916 
42917 
42918 
42919 
42920 
42921 

|P= 
42922 
42923 
42924 
42925 
42926 
42927 
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42930 
42931 
42932 

I- 
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42937 
42938 
42939 
42940 
42941 
42942 
42943 

I- 
42944 
42945 
42946 
42947 
42948 
42949 
42950 
42951 
42952 
42953 
42954 
42955 
42956 
42957 
42958 



} 

} finally { 

pmReleaseMutex ( &PSMUserMutex ); 

} 

if(Next) { 
//found one 
DoneWithSnapShot(p); 
break; 
} else { 

GetNextSnapShotForMaster(&SnapShot->SnapShots,p); 
} 

} 

} ^finally { 

ReleaseSnapShotForRead(); 

} 



return Next; 



} 



/*- 



void AddPSMUser( pOTJJSER User ) 
{ 

PAG E D_CO D E () ; 

pmAcquireMutex ( &PSMUserMutex, NULL ); 
User->Next = GlobalData->PSMUsers; 
GlobalData->PSMUsers = User; 
pmReleaseMutex ( &PSMUserMutex ); 

} 



/* 



-7 



void DeletePSMUser( pOTJJSER User ) 
{ 

pOTJJSER Prev=NULL; 
pOTJJSER Next=NULL; 
PAG E D_CO D E () ; 

pmAcquireMutex ( &PSMUserMutex, NULL ); 
Next=GlobalData->PSMUsers; 
while(Next) { 
if(Next==User) { 
if(Prev==NULL) { 

Global Data->PSMUsers = Next->Next; 
} else { 

Prev->Next = Next->Next; 

} 



42959| 

42960| break; 

42961 1 } 

42962 1 Prev = Next; 

42963| Next = Next->Next; 



42964| } 

42965| pmReleaseMutex ( &PSMUserMutex ); 

42966| } 

42967| 

42968| /* 



42969| NTSTATUS FlushVolume( const WCHAR *Name ) 
42970 1 { 

42971 1 UNICODE_STRING UniName={0}; 

42972| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

42973| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

42974| IO_STATUS_BLOCK loStatus={0}; 

42975| HANDLE FileHandle=NULL; 

42976| 

42977| PAG E D_CO D E () ; 
42978 1 

42979| RtllnitUnicodeString (&UniName, Name); 
42980 1 
42981 | 

42982| InitializeObjectAttributes ( &ObjectAttributes, 

42983| &UniName, 

42984| OBJ_CASE_INSENSITIVE, 

42985| NULL, 

42986| NULL); 

42987| 

42988| DoAgain: 

42989| Status = ZwOpenFile( &FileHandle, 
42990| F I L E_R E A D_D AT A | 

| FILE WRITE DATA | SYNCHRONIZE, //desired access 
42991 1 &ObjectAttributes, // 

| object attributes 
42992| &loStatus, 
42993| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share access 
42994| 

| FILE_SYNCHRONOUS_IO_NONALERT ); // open options 
42995| 

42996| if(NT_SUCCESS(Status)) { 
42997| Flush: 
42998| Status = 

| MyFlushBuffersFile(FileHandle,&loStatus); 
42999 | 

43000| if(!NT_SUCCESS(Status)) { 

43001 1 Debug(DEBUG_DEVSUP,( M Devsup: flushVolumes: 

| Error %08x flushing\n",Status)); 



43002| } 
43003| 

43004| if(Status==STATUS_PENDING) { 

43005| pmWaitForSingleObject(FileHandle,NULL); 

43006| 

43007| Status = loStatus.Status; 

43008| } 

43009| if(!NT_SUCCESS(Status)) { 

43010| Debug(DEBUG_DEVSUP,("PSMan: FlushVolume: 

| Error %08x flsuhing volume '%S'\n",Status,Name)); 
4301 1 | } 

43012| ZwClose(FileHandle); 
43013| FileHandle=NULL; 
43014| }else{ 

43015| Debug(DEBUG_DEVSUP,("PSMan: FlushVolume: Error 

| %08x opening volume '%S'\n",Status,Name)); 
4301 6| // volume got mounted, try again 
43017| if(Status==STATUS_REPARSE) { 
43018| goto DoAgain; 

43019| } 
43020| 

43021 1 // being handled async. 

43022| if(Status==STATUS_PENDING) { 

43023| Debug(DEBUG_DEVSUP,("PSMan: FlushVolume: 

| Waiting for file %d to open\n",FileHandle)); 
43024| pmWaitForSingleObject(FileHandle,NULL); 
43025| 

43026| Status = loStatus.Status; 

43027| if(NT_SUCCESS(Status)) { 

43028| goto Flush; 

43029 1 } else { 

43030| Debug(DEBUG_DEVSUP,("PSMan: 

| FlushVolume: Error %08x opening volume 

| '%S'\n",Status,Name)); 
43031| ZwClose(FileHandle); 
43032| FileHandle=NULL; 
43033| } 
43034| } 
43035| } 
43036| 

43037| return Status; 

43038| } 

43039| 

43040| #ifdef DEBUG 
43041 | 

43042| STATIC ULONG CurrentDebugl_ine=0; 

43043| STATIC char Lines[MAX_BACK_LOG_FOR_DEBUG][255]={0}; 
43044| 

43045| r 



43046| void Debug PrintSave( char*fmt, ... ) 
43047| { 

43048| vajist argptr; 

43049| LARGEJNTEGER Time; 

43050| ULONG Len; 

43051| KIRQL oldlrql; 

43052| ULONG OurLine; 

43053| LARGEJNTEGER Ticks; 

43054| 

43055| // do not use pm* functions in here 

43056| // or call any other function that does 

43057| // or a deadlock will occur 

43058| // we are imposing this limit so the pm* 

43059| // functions can write to the debug log file 

43060| 

43061| ASSERT(CurrentDebugLine<MAX_BACK_LOG_FOR_DEBUG); 
43062| KeAcquireSpinLock( &PSM_DebugSpinLock, &oldlrql ); 
43063| 

43064| OurLine = CurrentDebugLine++; 

43065| if(CurrentDebugLine>=MAX_BACK_LOG_FOR_DEBUG) { 
43066| CurrentDebugLine = 0; 
43067| } 

43068| KeReleaseSpinLock( &PSM_DebugSpinLock, oldlrql ); 
43069| 

43070| va_start(argptr, fmt); 

43071 1 vsprintf(Lines[OurLine], fmt, argptr); 

43072| va_end(argptr); 

43073 1 

43074| KeQuerySystemTime(&Time); 

43075| Ticks = KeQueryPerformanceCounter( NULL ); 

43076| DbgPrint("%08x%08x %08x%08x (%08x): 

| %s",Time.HighPart,Time.LowPart,Ticks.HighPart,Ticks.LowP 

| art,PsGetCurrentThread(),Lines[OurLine]); 
43077| #ifdef DEBUG 
43078| Len = strlen(Lines[OurLine]); 
43079 1 

43080| if(Len>200) { 

43081 1 DbgPrintf'Above Line length = %d > 

| 200!!!",Len); 
43082| DbgBreakPoint(); 
43083 1 } 
43084| #endif 

43085| Lines[OurLine][200] = 0; 
43086| 

43087| if(gDebugToLog) { 

43088| // we dont use MemAllocate* here because we 

| dont want this information logged 
43089| tDebugLogEntry *DebugEntry = (tDebugLog Entry *) 

| ExAllocatePoolWithTag(NonPagedPool,sizeof (tDebugLogEntry 

| ),DEBUG_ENTRY_TAG); 



43090| if(DebugEntry) { 

43091| spnntf(DebugEntry->LogEntry,"%08x%08x 
| %08x%08x (%08x): 

| %s'\Time.HighPart,Time.LowPart,Ticks.HighPart,Ticks.LowP 
| art,PsGetCurrentThread(),Lines[OurLine]); 
43092| 

43093| ExInterlockedlnsertTailList ( 

| &PSM_DebugQueue, 
43094| 

| &(DebugEntry->ListEntry), 
43095| 

| &PSM_DebugSpinLock); 
43096| 

43097| KeReleaseSemaphore( 

| &PSM_DebugSemaphore,1,1, FALSE); 
43098| } else { 

43099| DbgPrint("Out of memory for line 

| , %s , \n M ,Lines[OurLine]); 
43100| } 
43101| } 
43102| } 
43103| 

43104| /* 



43105| void BugCheckCallBack( PVOID Buffer, ULONG /"Length*/ ) 
43106| { 

43107| ULONG ij; 
43108| 

431 09 1 // display to screen 

43110| i = M AX_B AC K_LOG_FO R_D E B U G ; 

431 1 1 | 

431 1 2| if (CurrentDebugLine>0) 

431 13| j=CurrentDebugLine-1 ; 

43114| else 

431 15| j=MAX_BACK_LOG_FOR_DEBUG-1 ; 
43116| 

43117| while(i) { 

431 18| HalDisplayString(Lines[j]); 

43119| if(j>0) 

43120| j--; 

43121| else 

431 22 1 j=MAX_BACK_LOG_FOR_DEBUG-1 ; 
43123| 

43124| i-; 

43125| } 
43126| 

431 27| // store in bugcheck data 

43128| memmove(Buffer,Lines,MAX_BACK_LOG_FOR_DEBUG*255); 
43129| 

431 30 1 // loop forever so user can read screen to us 



43131| while(1); 
43132| } 
43133| 

43134| r 

| */ 

43135| void DebugLogThread( PVOID Context ) 
43136| { 

43137| UNICODE_STRING Uni; 
43138| UNICODE_STRING LogFile; 
43139| WCHAR Buff[256]; 

43140| OBJECT_ATTRIBUTES Object Attributes; 

43141 1 IO_STATUS_BLOCK loStatus; 

43142| HANDLE FileHandle; 

431 43 1 tDebugLogEntry *DebugEntry; 

43144| NTSTATUS Status; 

431 45| PLIST_ENTRY ListEntry; 

43146| LARGEJNTEGER TimeToWait; 

43147| 

431 48| Reg_GetStringKey ( 

| &gRegistryPath,L M DebugLogFile M ,L M C:\\psm.log M ,&Uni); 
43149| 

43150| LogFile.Buffer = Buff; 

43151| LogFile.Length = 0; 

43152| LogFile. MaximumLength = 256*2; 

43153| 

43154| 

| RtlAppendUnicodeToString(&LogFile,L M \\DosDevices\\"); 
431 55 1 RtlAppendUnicodeStringToString (&LogFile,&Uni); 
43156| Reg_FreeString(&Uni); 
43157| 

431 58 1 InitializeObjectAttributes ( &ObjectAttributes, 

43159| &LogFile, 

431 60 1 OBJ_CASE_INSENSITIVE, 

43161| NULL, 

43162| NULL); 

43163| 

43164| TryOpenAgain: 

431 65 1 Status = ZwCreateFile( &FileHandle, 
43166| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, //desired access 
431 67 1 &Object Attributes, // object 

| attributes 
43168| &loStatus, 
43169| NULL, // 

| alloc size 

43170| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
431 71 1 FILE_SHARE_READ, 

| // share access 
43172| FILE_OPEN, // 



I FILE_OVERWRITE_IF, // create 

| disposition 
43173| 

| FILE_SYNCHRONOUS_IO_NONALERT,// | FILE_WRITE_TH ROUGH, 

| // create options 
43174| NULL, // eabuffer 

43175| 0); //ealength 

43176| 

431 77| if(Status!=STATUS_OBJECT_PATH_NOT_FOUND) { 

431 78| if(NT_SUCCESS(Status)) { 

43179| PFILE_RENAME_INFORMATION Rename; 

43180| WCHAR*p; 

43181| UNICODE_STRING Uni; 

43182| 

43183| DbgPrint( M Renaming file\n M ); 

43184| Rename = (PFILE_RENAME_IN FORMATION) 

| MemAllocatePoolWithTag(PagedPool,sizeof(FILE_RENAME_INFO 

| RMATION)+255,TEMPTAG); 
43185| Rename->ReplacelfExists = TRUE; 

43186| Rename->RootDirectory = NULL; 

43187| p=wcsrchr(LogFile.Buffer,L'\V); 
43188| if(p) { 

43189| Uni.Buffer=Rename->FileName; 
43190| wcscpy(Rename->FileName,p+1); 
43191 1 wcscat(Rename->FileName,L".bak M ); 
43192| Rename->FileNameLength = Uni. Length = 

| (USHORT)NumBytes(Rename->FileName); 
43193| Uni.MaximumLength = 512; 

43194| 

431 95| Status = ZwSetlnformationFile( 

43196| FileHandle, //IN 

| HANDLE FileHandle, 
43197| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
43198| Rename, // IN PVOID 

| Filelnformation, 
43199| 

| sizeof(FILE_RENAME_INFORMATION)+255, // IN 
| ULONG Length, 



43200| FileRenamelnformation // IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
43201| ); 

43202| if(NT_SUCCESS(Status)) { 

43203| DbgPrint("Success on renaming file 

| to '%wZ'\n",&Uni); 
43204| } else { 

43205| DbgPrint("Error %08x on renaming 

| file to , %wZ , \n",Status,&Uni); 
43206| } 
43207| } 



43208| MemFreePool(Rename); 

43209| ZwClose(FileHandle); 

43210| } 

43211| }else{ 

43212| goto WaitForlt; 

43213| } 

43214| 

43215| Status = ZwCreateFile( &FileHandle, 
43216| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, //desired access 
4321 7\ &ObjectAttributes, // object 

| attributes 
43218| &loStatus, 
43219| NULL, // 

| alloc size 

43220| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
43221 1 FILE_SHARE_READ, 

| // share access 
43222| FILE_SUPERSEDE, // 

| FILE_OVERWRITE_IF, //create 

| disposition 
43223 | 

| FILE_SYNCHRONOUS_IO_NONALERT, //| FILE_WRITE_TH ROUGH, 

| // create options 
43224| NULL, // eabuffer 

43225| 0); //ealength 

43226| 

43227| if(NT_SUCCESS(Status)) { 
43228| 

43229| while(1){ 
43230 | 

| pmAcquireSemaphore(&PSM_DebugSemaphore,NULL); 
43231 | 

43232| ListEntry = ExInterlockedRemoveHeadList ( 

43233| &PSM_DebugQueue, // List Head 

43234| &PSM_DebugSpinLock // Lock 

43235| ); 
43236| 

43237| if((ListEntry) && 

| (ListEntry!=&PSM_DebugQueue)) { 
43238| Hint -save -e41 3 7 

43239| DebugEntry = CONTAINING_RECORD( 

| ListEntry, tDebugLogEntry, ListEntry ); 
43240| Hint -restore 7 

43241 | 

43242| Status = ZwWriteFile( 

43243| FileHandle, // IN HANDLE 

| FileHandle, 

43244| NULL, // IN HANDLE Event, 



I optional 

43245| NULL, // IN 

| PIO_APC_ROUTINE ApcRoutine, optional 
43246| NULL, // IN PVOID 

| ApcContext, optional 
43247| &loStatus, // OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
43248| DebugEntry->LogEntry, // IN 

| PVOID Buffer, 
43249| strlen(DebugEntry->LogEntry), 

| // IN ULONG Length, 
43250| NULL, // IN PLARGEJNTEGER 

| ByteOffset, optional 
43251 1 NULL // IN PULONG Key 

| optional 
43252 1 ); 
43253 1 

43254| ExFreePool(DebugEntry); 
43255| } 
43256| } 

43257| // never get here because of while(1 ) 
43258| //ZwClose(FileHandle); 
43259 1 

43260 1 } else { 
43261| WaitForlt: 

43262| DbgPrint("Error %08x opening debug log file, 

| Waiting.. An",Status); 
43263| TimeToWait.QuadPart = RELATIVE(SECONDS(10)); 
43264| KeDelayExecutionThread( 
43265| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE WaitMode, 
43266| FALSE, // IN BOOLEAN Alertable, 

43267| &TimeToWait // IN PLARGEJNTEGER Interval 

43268| ); 

43269| goto TryOpenAgain; 
43270 1 } 
43271 1 

43272| PsTerminateSystemThread( 0 ); 
43273 1 } 
43274 1 
43275| 

43276| #endif 
43277| 

43278| /* 

| */ 

43279| pkSnapShotEntry GetTopSnapShot( PLIST_ENTRY ListHead ) 
43280 1 { 

43281 1 PLIST_ENTRY ListEntry; 
43282| pkSnapShotEntry p; 
43283 1 



43284| #ifdef DEBUG 

43285| if((!lsSnapShotAcquiredForWrite()) && 

| (!lsSnapShotAcquiredForRead())) { 
43286| Debug(DEBUG_DCPSM,("GetTopSnapShot: Snapshot 

| resource not acquired!\n")); 
43287| DbgBreakPoint(); 
43288| } 
43289| #endif 
43290| 

43291 1 ListEntry = ListHead->Flink; 
43292 | 

43293| if((!ListEntry) || (ListEntry==ListHead)) { 

43294| // Debug(DEBUG_THREAD,("GetTopSnapShot: 

| ListEntry is empty\n")); 
43295| return NULL; 
43296| } 
43297| 

43298| Hint -save -e41 3 7 

43299| p = (CONTAINING_RECORD( ListEntry, tkSnapShotEntry, 

| DevExt)); 
43300 1 Hint -restore 7 
43301 1 UseSnapShot(p); 
43302| return p; 
43303 1 } 
43304| 

43305| I* 



43306| pkSnapShotEntry GetNextSnapShot( PLIST_ENTRY ListHead, 

| pkSnapShotEntry Snapshot ) 
43307| { 

43308| PLIST_ENTRY ListEntry; 
43309| pkSnapShotEntry p; 
43310| 

4331 1 1 #ifdef DEBUG 

43312| if((!lsSnapShotAcquiredForWrite()) && 

| (NsSnapShotAcquiredForReadO)) { 
43313| Debug(DEBUG_DCPSM,("GetNextSnapShot: Snapshot 

| resource not acquired!\n")); 
43314| DbgBreakPoint(); 
43315| } 
43316| #endif 
43317| 

43318| ListEntry = SnapShot->DevExt.Flink; 
43319| 

43320| if((!ListEntry) || (ListEntry==ListHead)) { 

43321| //end of list 

43322| DoneWithSnapShot(SnapShot); 

43323| return NULL; 

43324| } 

43325| 



43326| Hint -save -e41 3 7 

43327| p = (CONTAINING_RECORD( ListEntry, tkSnapShotEntry, 

| DevExt)); 
43328| Hint -restore 7 
43329 1 UseSnapShot(p) ; 
43330| DoneWithSnapShot(SnapShot); 
43331| return p; 
43332| } 
43333| 

43334| /* 



43335| pkSnapShotEntry GetTopSnapShotForMaster( PLIST_ENTRY 

| ListHead ) 
43336| { 

43337| PLIST_ENTRY ListEntry; 
43338| pkSnapShotEntry p; 
43339| 

43340| #ifdef DEBUG 

43341 1 if((!lsSnapShotAcquiredForWrite()) && 

| (HsSnapShotAcquiredForReadO)) { 
43342| Debug(DEBUG_DCPSM,("GetTopSnapShotForMaster: 

| Snapshot resource not acquired !\n")); 
43343| DbgBreakPoint(); 
43344| } 
43345| #endif 
43346| 

43347| ListEntry = ListHead->Flink; 
43348| 

43349| if((!ListEntry) || (ListEntry==ListHead)) { 

43350| // Debug(DEBUG_THREAD,("GetTopSnapShotForMaster: 

| ListEntry is empty\n")); 
43351| return NULL; 
43352| } 
43353| 

43354| Hint -save -e41 3 7 

43355| p = (CONTAINING_RECORD( ListEntry, tkSnapShotEntry, 

| Master)); 
43356| Hint -restore 7 
43357| UseSnapShot(p); 
43358| return p; 
43359 1 } 
43360 1 

43361 1 /* 



43362| pkSnapShotEntry GetNextSnapShotForMaster( PLIST ENTRY 

| ListHead, pkSnapShotEntry Snapshot ) 
43363 1 { 

43364| PLIST_ENTRY ListEntry; 
43365| pkSnapShotEntry p; 
43366| 



43367| #ifdef DEBUG 

43368| if((!lsSnapShotAcquiredForWrite()) && 

| (!lsSnapShotAcquiredForRead())) { 
43369| Debug(DEBUG_DCPSM,("GetNextSnapShotForMaster: 

| Snapshot resource not acquired !\n M )); 
43370| DbgBreakPointQ; 
43371 1 } 
43372| #endif 
43373 1 

43374| ListEntry = SnapShot->Master.Flink; 
43375| 

43376| if((!ListEntry) || (ListEntry==ListHead)) { 

43377| // end of list 

43378| DoneWithSnapShot(SnapShot); 

43379| return NULL; 

43380 1 } 

43381 1 

43382| Hint -save -e41 3 7 

43383| p = (CONTAINING_RECORD( ListEntry, tkSnapShotEntry, 

| Master)); 
43384| Hint -restore 7 
43385| UseSnapShot(p); 
43386| DoneWithSnapShot(SnapShot); 
43387| return p; 
43388| } 
43389| 
43390| 

43391| I* 



43392| BOOLEAN lnList( PLIST_ENTRY ListHead, tkSnapShotEntry 

| *SnapShot) 
43393| { 

43394| tkSnapShotEntry * Entry; 

43395| PLIST_ENTRY Next = ListHead->Flink; 

43396| 

43397| #ifdef DEBUG 

43398| if((!lsSnapShotAcquiredForWrite()) && 

| (HsSnapShotAcquiredForReadO)) { 
43399| Debug(DEBUG_DCPSM,("lnList: Snapshot resource 

| not acquired!\n")); 
43400| DbgBreakPoint(); 
43401| } 
43402| #endif 
43403| 

43404| if(!lsListEmpty(ListHead)) { 
43405| while(Next!=ListHead) { 
43406| Entry = 

| CONTAINING_RECORD(Next,tkSnapShotEntry,DevExt); 
43407| if(Entry == Snapshot) { 

43408| return TRUE; 



43409| } 

4341 0| Next = Next->Flink; 

4341 1 1 } 
43412| }else{ 

43413| // list is empty so it cant be on it.. 
43414| } 

43415| return FALSE; 

43416| } 

43417| 

43418| /* 



43419| pkSnapShotEntry 

| FindSnapShotEntryForDevice(pkSnapShotMaster 
| MasterSnapShot, PDEVICE_OBJECT DeviceObject) 

43420| { 

43421 1 pkSnapShotEntry p=NULL; 
43422 1 

43423| #ifdef DEBUG 

43424| if((!lsSnapShotAcquiredForWrite()) && 

| (!lsSnapShotAcquiredForRead())) { 
43425| Debug(DEBUG_DCPSM,("FindSnapShotEntryForDevice: 

| Snapshot resource not acquired !\n")); 
43426| DbgBreakPoint(); 
43427| } 
43428| #endif 
43429 1 
43430 1 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
43431| while(p) { 

43432| if(p->DeviceObject==DeviceObject) { 

43433| DoneWithSnapShot(p); 

43434| break; 

43435| } 

43436| 

| p=GetNextSnapShotForMaster(&MasterSnapShot->SnapShots,p) 

I ; 

43437| } 
43438| return p; 
43439| } 
43440| 

43441 1 /* 



43442 1 /* 

43443| This routine can be called with it being exclusive 

| or shared. 
43444| 7 

43445| void DoneWithSnapShot( pkSnapShotEntry Snapshot ) 
43446| { 

43447| lnterlockedDecrement((PLONG)&SnapShot->Count); 
43448| 



43449| if((SnapShot->Deleted) && (SnapShot->Count==0)) { 
43450| BOOLEAN IsExclusive = 

| IsSnapShotAcquiredForWriteO; 
43451 1 ULONG IsShared = FALSE; 
43452 1 

43453| // looks like if IsSnapShotAcquiredForWrite 

| returns true, then 
43454| // so will IsSnapShotAcquiredForRead, which is 

| NOT what we want 
43455| // so only check shared access if not exclusive 
43456| 

43457| if(MsExclusive) { 

43458| IsShared = IsSnapShotAcquiredForReadO; 

43459 1 } 
43460 1 

43461 1 // Cant be both at once!!! 
43462| #ifdef DEBUG 

43463| if((lsExclusive) && (IsShared)) { 

43464| Debug(DEBUG_DEVSUP,("DoneWithSnapShot: 

| Exclusive and shared??? tell me how please!!!\n")); 
43465| DbgBreakPoint(); 
43466| } else 

43467| if((!lsExclusive) && (NsShared)) { 

43468| Debug(DEBUG_DEVSUP,("DoneWithSnapShot: No 

| resource held!!!!\n")); 
43469| DbgBreakPoint(); 
43470 1 } else 
43471 1 if(lsExclusive) { 

43472| Debug(DEBUG_DEVSUP,("DoneWithSnapShot: 

| Resource held exclusive!!!!\n")); 
43473 1 } else { 

43474| Debug(DEBUG_DEVSUP,("DoneWithSnapShot: 

| Resource held shared! !!!\n M )); 
43475| } 
43476| #endif 
43477| 

43478| if(lsShared) { 

43479| ReleaseSnapShotForRead(); 

43480 1 } 

43481 1 // if not already exclusive then grab it. 

43482| if(NsExclusive) { 

43483| GetSnapShotForWrite(); 

43484| } 

43485| __try { 

43486| // free snapshot 

43487| Debug(DEBUG_DEVSUP,( M DoneWithSnapShot: 

| Snapshot %08x is deleted\n",SnapShot)); 
43488| 

43489| // remove resource or we will bug check the 

| system 



43490| Dictionary ::Destroy(SnapShot->Dictionary); 

43491| 

43492| // zero out everything incase someone uses 

| them 

43493| RtlZeroMemory(SnapShot,sizeof(*SnapShot)); 
43494| 

43495| MemFreePool(SnapShot); 
43496| SnapShot=NULL; 

43497| } ^finally { 

43498| if(NsExclusive) { 

43499| // release it 

43500| ReleaseSnapShotForWrite(); 
43501 1 // and go back to being shared if it 

| was 

43502| if(lsShared) { 

43503| GetSnapShotForRead(); 

43504| } 

43505| } 

43506| } 

43507| } else { 

43508| if(SnapShot->Deleted) { 

43509| Debug(DEBUG_DEVSUP,("DoneWithSnapShot: 

| Snapshot %08x is deleted and still in use %08x 

| time(s)\n",SnapShot,SnapShot->Count)); 
43510| } 
4351 1 1 } 
43512| return; 
43513| } 
43514| 

43515| void UseSnapShot( pkSnapShotEntry Snapshot ) 
43516| { 

43517| lnterlockedlncrement((PLONG)&SnapShot->Count); 
43518| return; 
43519| } 
43520| 

43521 1 NTSTATUS 

43522| PSManlrpCompletion( 

43523| IN PDEVICE_OBJECT DeviceObject, 

43524| IN PIRP Irp, 

43525| IN PVOID Context 

43526| ) 

43527| 

43528| /*++ 

43529 1 

43530| Routine Description: 
43531| 

43532| Forwarded IRP completion routine. Set an event and 
| return 

43533| STATUS_MORE_PROCESSING_REQUIRED. Irp forwarder will 
| wait on this 



43534| event and then re-complete the irp after cleaning 

I up. 
435351 

Arguments: 



43536 
43537 
43538 
43539 
43540 
43541 
43542 
43543 
43544 
43545 
43546 
43547 
43548 
43549 
43550 
43551 
43552 
43553 
43554 
43555 
43556 
43557 
43558 
43559 
43560 
43561 
43562 
43563 
43564 
43565 
43566 
43567 
43568 
43569 
43570 
43571 

| line 
43572 

| drivers 
43573 
43574 
43575 
43576 
43577 
43578 
43579 
43580 



DeviceObject is the device object of the WMI driver 
Irp is the WMI irp that was just completed 
Context is a PKEVENT that forwarder will wait on 

Return Value: 

STATUS_MORE_PORCESSING_REQUIRED 

~7 
{ 

PKEVENT Event = (PKEVENT) Context; 

UNREFERENCED_PA RAM ET E R( DeviceObject) ; 
UNREFERENCED_PARAMETER(lrp); 

pmSetEvent(Event); 

return(STATUS_MORE_PROCESSING_REQUIRED); 
} // end PSManlrpCompletion() 

NTSTATUS 

PSManForwardlrpSynchronous( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

) 

/*++ 

Routine Description: 

This routine sends the Irp to the next driver in 

when the Irp needs to be processed by the lower 
s 

prior to being processed by this one. 

Arguments: 

DeviceObject 
Irp 



Return Value: 



43581 | 

43582 1 NTSTATUS 

43583 1 

43584| ~7 

43585| 

43586| { 

43587| KEVENT event; 
43588| NTSTATUS status; 
43589 1 

43590| PDEVICE_OBJECT Target=NULL; 
43591 | 

43592| switch(PsmGetObjectType(DeviceObject)) { 
43593| case OBJECT_FILTEREDDISK: { 
43594| PFILTEREDEXTENSION 

| Dev Ext= Get Fi Itered Extens io n ( DeviceObject) ; 
43595| Target = DevExt->TargetDeviceObject; 

43596| break; 
43597| } 

43598| caseOBJECT_FS_FILTER:{ 

43599| PFS_FILTER_EXTENSION DevExt = 

| (PFS_FILTER_EXTENSION) 

| GetDeviceExtension(DeviceObject); 
43600 1 Target = DevExt->TargetDeviceObject; 

43601 1 break; 
43602 1 } 
43603| default: 

43604| Debug(DEBUG_DEVSUP,("SendSync: Invalid request 

| for object type %d\n",PsmGetObjectType(DeviceObject))); 
43605| ASSERT(FALSE); 

43606| return STATUS_INVALID_DEVICE_REQUEST; 

43607| } 

43608| 

43609| ASSERT(Target != NULL); 
43610| 

4361 1 1 KelnitializeEvent(&event, NotificationEvent, 

| FALSE); 
43612| 
43613| // 

4361 4| // copy the irpstack for the next device 

43615| // 

43616| 

4361 7| loCopyCurrentlrpStackLocationToNext(lrp); 

43618| 

43619| // 

43620| // set a completion routine 
43621 1 // 
43622 1 

43623| loSetCompletionRoutine(lrp, PSManlrpCompletion, 
43624| &event, TRUE, TRUE, TRUE); 

43625| 



43626| // 

43627| // call the next lower device 

43628| // 

43629| 

43630| status = loCallDriver(Target, Irp); 

43631| 

43632| // 

43633| // wait for the actual completion 

43634| // 

43635| 

43636| if (status == STATUS_PENDING) { 
43637| pmWaitForSingleObject(&event, NULL); 
43638| status = lrp->loStatus.Status; 
43639| } 
43640| 

43641| return status; 
43642| 

43643| }//end PSManForwardlrpSynchronous() 
43644| 

43645| #define FILTER_DEVICE_PROPOGATE_FLAGS 0 
43646| #define FILTER_DEVICE_PROPOGATE_CHARACTERISTICS 

| (FILE REMOVABLE MEDIA | \ 
43647| 

| FILE READ ONLY DEVICE | \ 
43648| 

| FILE_FLOPPY_DISKETTE \ 
43649| ) 
43650| 
43651| VOID 

43652| PSManSyncFilterWithTarget( 
43653| IN PDEVICE_OBJECT FilterDevice, 
43654| IN PDEVICE_OBJECT TargetDevice 
43655| ) 
43656| { 

43657| ULONG propFlags; 
43658| 

43659| PAGED_CODE(); 

43660| 

43661 1 // 

43662| // Propogate all useful flags from target to psman. 

| MountMgr will look 
43663| // at the psman object capabilities to figure out 

| if the disk is 
43664| // a removable and perhaps other things. 
43665| // 

43666| propFlags = TargetDevice->Flags & 
| FILTER DEVICE PROPOGATE FLAGS; 
43667| FilterDevice->Flags |= propFlags; 
43668| 

43669| propFlags = TargetDevice->Characteristics & 



I FILTER_DEVICE_PROPOGATE_CHARACTERISTICS; 
43670| FilterDevice->Characteristics |= propFlags; 
43671 1 } 
43672 1 
43673 1 
43674| VOID 

43675| PSManAddCounters( 

43676| IN OUT PDISK_PERFORMANCE TotalCounters, 
43677| IN PDISK PERFORMANCE NewCounters 
43678| ) 
43679 1 { 

43680| TotalCounters->BytesRead.QuadPart += 

| NewCou nters->Bytes Read . Quad Part; 
43681 1 TotalCounters->BytesWritten.QuadPart+= 

| NewCounters->BytesWritten.QuadPart; 
43682| TotalCounters->ReadTime.QuadPart += 

| NewCounters->ReadTime.QuadPart; 
43683| TotalCounters->WriteTime.QuadPart += 

| NewCou nters->WriteTime.QuadPart; 
43684| #if _WIN32_WINNT>=0x0500 
43685| TotalCounters->ldleTime.QuadPart += 

| NewCou nters->ldleTime.QuadPart; 
43686| TotalCounters->ReadCount += 

| NewCou nters->ReadCount; 
43687| TotalCounters->WriteCount += 

| NewCounters->WriteCount; 
43688| TotalCounters->SplitCount += 

| NewCounters->SplitCount; 
43689 1 #endif 
43690 1 } 
43691| 
43692| 

43693| int CreateJunction( const PWCHAR LinkDirectory, const 

| PWCHAR LinkTarget, LARGEJNTEGER Time ) 
43694| { 

43695| UNICODE_STRING UniName={0}; 

43696| char reparseBuffer[MAX_PATH*3]; 

43697| OBJECT_ATTRIBUTES ObjectAttributes={0}; 

43698| IO_STATUS_BLOCK loStatus; 

43699| WCHAR targetNativeFileName[MAX_PATH]; 

43700| HANDLE FileHandle; 

43701 1 NTSTATUS Status; 

43702| PREPARSE_MOUNTPOINT_DATA_BUFFER reparselnfo = 
43703| (PREPARSE_MOUNTPOINT_DATA_BUFFER) 

| reparseBuffer; 
43704| 
43705| 

43706| SbTouchVolume(LinkTarget); 
43707| 

43708| wcscpy(targetNativeFileName, LinkTarget); 



43709| RtllnitUnicodeString( &UniName, LinkDirectory ); 
43710| 

4371 1 1 Debug(DEBUG_DICT,("Creating junction for '%S' to 

| '%S'\n", 
43712| LinkDirectory, 
43713| targetNativeFileName)); 
43714| 
43715| // 

4371 6| // Create the directory to be linked 

43717| // 

43718| 

43719| NTSTATUS create DirSt at us = SbCreateDi rectory ( 
| LinkDirectory, NULL, FILE_ATTRIBUTE_NORMAL ); 

43720| Debug(DEBUG_DICT,("CreateJunction: 
| SbCreateDirectory('%S') returned %08x\n", 

43721 1 LinkDirectory, 

43722| createDirStatus)); 

43723 1 

43724| // 

43725| // Create the link 
43726| // 

43727| InitializeObjectAttributes ( &ObjectAttributes, 

43728| &UniName, 

43729| OBJ_CASE_INSENSITIVE, 

43730| NULL, 

43731| NULL); 

43732| 

43733| Status = ZwCreateFile( &FileHandle, 
43734| GENERIC_WRITE, 

| // desired access 
43735| &ObjectAttributes, 

| // object attributes 
43736| &loStatus, 
43737| NULL, // 

| alloc size 

43738| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
43739| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, //share 

| access 

43740| FILE_OPEN, 

| // create disposition 
43741 1 /*FILE_DIRECTORY_FILE|7 
43742 1 

| FILE_OPEN_REPARSE_POINT| 
43743 1 

| Fl LE_OPEN_FOR_BACKU P_l NTENT, //create 
| options 

43744| NULL, // eabuffer 

43745| 0); //ealength 



43746| 

43747| if(NT_SUCCESS(Status)) { 

43748| FILE_BASIC_IN FORMATION Basic; 

43749| 

43750| // set creation date and time 
43751 1 Status = ZwQuerylnformationFile( 
43752| FileHandle, // IN HANDLE 

| FileHandle, 
43753| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
43754| &Basic, //INPVOID 

| Filelnformation, 
43755| sizeof(Basic), // IN ULONG 

I Length, 

43756| FileBasiclnformation// IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
43757| ); 

43758| Basic.CreationTime = Time; 
43759 1 

43760| Status = ZwSetlnformationFile( 
43761 1 FileHandle, // IN HANDLE 

| FileHandle, 
43762| &loStatus, //OUT 

| PIO_STATUS_BLOCK loStatusBlock, 
43763| &Basic, //INPVOID 

| Filelnformation, 
43764| sizeof(Basic), // IN ULONG 

I Length, 

43765| FileBasiclnformation // IN 

| FILE_INFORMATION_CLASS FilelnformationClass 
43766| ); 
43767| 

43768| // 

43769| // Build the reparse info 
43770 1 // 

43771 1 RtlZeroMemory( reparselnfo, sizeof( 

| REPARSE_MOUNTPOINT_DATA_BUFFER )); 
43772| reparselnfo->ReparseTag = 

| IO_REPARSE_TAG_MOUNT_POINT; 
43773 1 

43774| reparselnfo->ReparseTargetLength = wcslen( 

| targetNativeFileName ) * sizeof(WCHAR); 
43775| reparselnfo->ReparseTargetMaximumLength = 

| reparselnfo->ReparseTargetLength + sizeof(WCHAR); 
43776| wcscpy( reparselnfo->ReparseTarget, 

| targetNativeFileName ); 
43777| reparselnfo->ReparseDataLength = 

| reparselnfo->ReparseTargetLength + 12; 
43778| 

43779| Debug(DEBUG_DEVSUP,("rt=%08x, rdl=%08x, r=%04x, 



I rtl=%04x, rtml=%04x, r1=%04x, '%S'\n M , 
43 780 1 reparse I nf o -> ReparseTag , 

43781 1 reparselnfo->ReparseDatal_ength, 
43 782 1 reparse I nf o -> Rese rved , 

43783| reparselnfo->ReparseTargetl_ength, 
43784| reparsel nfo-> ReparseTargetMaxi mu m Length , 

43785| reparsel nfo->Reserved1 , 

43 786 1 reparse I nf o -> ReparseTarget 

43787| )); 
43788| 

43789| // 

43790| //Set the link 

43791| // 

43792| Status = ZwFsControlFile( 
43793| FileHandle, 
43794| NULL, 
43795| NULL, 
43796| NULL, 
43797| &loStatus, 

43798| FSCTL_SET_REPARSE_POINT, 
43799| reparselnfo, 

43800| reparselnfo->ReparseDataLength + 

| REPARSE_MOUNTPOINT_HEADER_SIZE, 
43801| NULL, 
43802| NULL 
43803| ); 
43804| 

43805| if(NT_SUCCESS(Status)) { 

43806| Debug(DEBUG_DICT,("Success creating link 

| '%S' to VoSW,LinkDirectory,LinkTarget)); 
43807| } else { 

43808| Debug(DEBUG_DICT, ("Error %08x sending 

| ioctl\n",Status)); 
43809| } 

4381 0| ZwClose(FileHandle); 
4381 1 | 

43812| }else{ 

43813| Debug(DEBUG_DICT,("Error %08x creating junction 

| for '%S' to '%S'\n",Status,LinkDirectory,LinkTarget)); 
43814| } 
43815| 

43816| return 0; 
43817| } 
43818| 
43819| /* 

43820| Determines if a request is pending for 1 or more in 
| the 

43821 1 range specified 
43822 1 7 

43823| ULONG IsBeing Processed ( tWriteRequest *Request ) 



43824| { 

43825| LIST_ENTRY *ListEntry; 
43826| unsigned int64 RSectorl = 

| Request->RoundedSector.QuadPart; 
43827| unsigned int64 RSector2 = 

| Request->RoundedSector.QuadPart + Request-> Rounded Count 

1-1; 

ULONG FoundOne=0; 
KIRQL oldlrql; 



43828| 
43829 1 
43830 1 
43831 | 
43832 1 
43833 1 
43834| 
43835| 



pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 
ListEntry = ProcessingQueue.Flink; 



Sector Count Sector Count 



0 



1 



while(ListEntry!=&ProcessingQueue) { 
tWriteRequest *p = 
| CONTAINING_RECORD(ListEntry,tWriteRequest,ProcessingEntr 

|y); 

43836| unsigned int64 PSectorl = 

| p->RoundedSector.QuadPart; 
43837| unsigned int64 PSector2 = 

| p->RoundedSector.QuadPart + p->RoundedCount - 1 ; 
43838| 

43839| if( (p->DeviceObject == Request->DeviceObject)) 
|{ 

43840 1 1* 
43841 | 
43842 1 

|0 
43843 1 

|0 
43844| 

|0 
43845| 

|0 
43846| 
|0 
43847| 

|0 
43848| 

I 1 
43849 1 

I 1 
43850 1 

I 1 
43851 | 

I 1 
43852| 
43853 1 

43854| if ( (RSectorl >= PSectorl && 

| RSectorl <=PSector2) || 



8 



8 



8 



7 



43855| (RSector2>=PSector1 && 

| RSector2<=PSector2) || 
43856| (PSector1>=RSector1 && 

| PSector1<=RSector2) || 
43857| (PSector2>=RSector1 && 

| PSector2<=RSector2) ) { 
43858| FoundOne = 1; 

43859 1 break; 
43860 1 } 
43861 1 } 
43862 1 

43863| ListEntry = ListEntry->Flink; 

43864| } 

43865| 

43866| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 

43867| return FoundOne; 

43868| } 

43869| 

43870 1 /* 

43871 1 Determines if a request is pending for 1 or more in 
| the 

43872 1 range specified, if it is not then add request to 

| queue 
43873 1 7 

43874| ULONG IsBeing Processed Ex ( tWriteRequest *Request ) 
43875| { 

43876| LIST ENTRY *ListEntry; 
43877| unsigned int64 RSectoM = 

| Request->RoundedSector.QuadPart; 
43878| unsigned int64 RSector2 = 

| Request->RoundedSector.QuadPart + Request->RoundedCount 

1-1; 

43879| ULONG FoundOne=0; 

43880| KIRQL oldlrql; 
43881 | 

43882| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 

43883| ListEntry = ProcessingQueue.Flink; 

43884| 

43885| while(ListEntry!=&ProcessingQueue) { 

43886| tWriteRequest *p = 

| CONTAINING_RECORD(ListEntry,tWriteRequest,ProcessingEntr 

|y); 

43887| unsigned int64 PSectorl = 

| p->RoundedSector.QuadPart; 
43888| unsigned int64 PSector2 = 

| p->RoundedSector.QuadPart + p->RoundedCount - 1 ; 
43889 1 

43890| if( (p->DeviceObject == Request->DeviceObject)) 
|{ 

43891| /* 



43892| Sector Count Sector Count 

43893| 0 1 

|0 1 
43894| 0 1 

| 0 8 
43895| 1 1 

| 0 8 
43896| 8 1 

| 0 8 
43897| 0 8 

| 0 8 
43898| 0 8 

|0 1 
43899| 0 8 

I 1 3 
43900 1 0 2 

I 1 3 
43901 1 0 2 

I 1 1 

43902 1 2 1 

I 1 3 
43903 1 7 
43904| 

43905| if ( (RSector1>=PSector1 && 

| RSector1<=PSector2) || 
43906| (RSector2>=PSector1 && 

| RSector2<=PSector2) || 
43907| (PSector1>=RSector1 && 

| PSector1<=RSector2) || 
43908| (PSector2>=RSector1 && 

| PSector2<=RSector2) ) { 
43909| FoundOne = 1 ; 

43910| break; 
4391 1 | } 
43912| } 
43913| 

43914| ListEntry = ListEntry->Flink; 

43915| } 

43916| 

4391 7| // add to list if not currently on there. 

43918| if(IFoundOne) { 

43919| 

| lnsertTailList(&ProcessingQueue,&Request->ProcessingEntr 

|y); 

43920| } 
43921 | 

43922| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 
43923| return FoundOne; 
43924| } 
43925| 



43926| 

43927| NTSTATUS FS_GetVolumeBitmap( PFILE_OBJECT FileObject, 

| STA RTI N G_LC N_l N PUT_BU F F E R *SLIB, VOLUME_BITMAP_BUFFER 
| *VB, ULONG VBSize ) 

43928| { 

43929| PIRP lrp=NULL; 

43930| KEVENT Event={0}; 

43931 1 IO_STATUS_BLOCK loStatusBlock={0}; 

43932| NTSTATUS Status=0; 

43933| PIO_STACK_LOCATION lrpStack=NULL; 

43934| PDEVICE_OBJECT DeviceObject; 

43935| ULONG Ret = 0; 

43936| 

43937| _try { 
43938| 

43939| DeviceObject = 

| loGetRelatedDeviceObject(FileObject); 
43940 1 

43941 1 // 

43942| // Set the event object to the unsignaled 
| state. 

43943| // It will be used to signal request 

| completion. 
43944| // 
43945| 

43946| KelnitializeEvent(&Event, NotificationEvent, 

| FALSE); 
43947| 
43948| 

43949 1 // 

43950| // Create IRP for read 
43951 1 // 
43952 1 

43953| Irp = lrpAllocatelrp(DeviceObject->StackSize); 
43954| 

43955| if (Mrp) { 

43956| Debug(DEBUG_DEVSUP,("FS_GetVolumeBitmap: 

| Error! Unable to allocate irp\n")); 
43957| try_return(Status = 

| STATUS_INSUFFICIENT_RESOURCES); 
43958| } 
43959 1 

43960| lrp->Flags = 0; //IRP_READ_OPERATION; 
43961 | 

43962| lrp->Associatedlrp.SystemBuffer = NULL; 
43963| lrp->MdlAddress = NULL; 

43964| lrp->UserBuffer = VB; 
43965| lrp->UserEvent = &Event; 
43966| lrp->Userlosb = SloStatusBlock; 
43967| Hint -save -e740 7 



43968| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
43969| Hint -restore 7 

43970| lrp->Tail.Overlay.OriginalFileObject = NULL; 
43971 1 lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 
43972| lrp->loStatus. Status 

| STATUS_PENDING; 
43973| lrp->loStatus. Information = 0; 

43974| 

43975| IrpStack = loGetNextlrpStackLocation(lrp); 
43976| RtlZeroMemory((PVOID)lrpStack, 

| sizeof(IO_STACK_LOCATION)); 
43977| // just sets event 
43978| loSetCompletionRoutine(lrp, 

| Sblo_ReadDeviceMdlCompletionRoutine, NULL, TRUE, TRUE, 

I TRUE); 

43979| lrpStack->MajorFunction = 

I IRP_MJ_FILE_SYSTEM_CONTROL; 
43980| lrpStack->MinorFunction = 

| IRP_MN_USER_FS_REQUEST; 
43981 1 

| lrpStack->Parameters.DeviceloControl.loControlCode = 
| FSCTL GET VOLUME BITMAP; 
43982 1 

| lrpStack->Parameters. DeviceloControl.OutputBufferLength 
| = VBSize; 
43983 1 

| lrpStack->Parameters.DeviceloControl.lnputBufferLength 
| = s izeof ( ST A RT I N G_L C N_l N P U T_B U F F E R) ; 
43984| 

| lrpStack->Parameters.DeviceloControl.Type3lnputBuffer = 
I SLIB; 

43985| lrpStack->DeviceObject = 

| FileObject->DeviceObject; 
43986| lrpStack->FileObject = FileObject; 
43987| 

43988| Status = loCallDriver(DeviceObject, Irp); 
43989 1 

43990| if (Status == STATUS_PENDING) { 
43991| 

43992| Debug(DEBUG_DEVSUP,("FS_GetVolumeBitMap: 

| Waiting for get bitmap to finish\n")); 
43993| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 
43994 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

43995| 

43996| Status = loStatusBlock.Status; 

43997| Ret = lrp->loStatus. Information; 

43998| } 



43999| IrpFreelrp(lrp); 
44000| 

44001 1 #if DO_ALL_IO 

44002| Debug(DEBUG_DEVSUP 5 ("FS_GetVolumeBitmap 
| Status=%08x, size=%08x (%x,%x), Wanted=%l64x, 
| got=%l64x, Ieft=%l64x\n", 

44003 1 Status, 

44004| VBSize, 

44005| loStatusBlock.lnformation, 

44006| Ret, 

44007| SLIB->StartingLcn, 

44008| VB->StartingLcn, 

44009| VB->BitmapSize 

44010| )); 

44011| #endif 

44012| 

44013| try_exit: NOTHING; 
44014| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

44015| Status = GetExceptionCode(); 

44016| Debug(DEBUG_DEVSUP,("FS_GetVolumeBitMap: 

| Exception %08x\n M , Status)); 
44017| } 
44018| 

44019| return Status; 
44020| } 
44021 | 

44022| unsigned int64 GetVolumeBitmapSize( PFILE_OBJECT 

| VolumeObject ) 
44023 1 { 

44024| STARTING_LCN_INPUT_BUFFER SLIB={0}; 

44025| VOLUME BITMAP BUFFER VB={0}; 

44026| NTSTATUS Status = FS_GetVolumeBitmap( VolumeObject, 

| &SLIB, &VB, sizeof(VOLUME_BITMAP_BUFFER)); 
44027| 

44028| if(Status==STATUS_BUFFER_OVERFLOW) { 
44029 1 // dword align buffer size 

44030| return (DWORD_ALIGN(VB.BitmapSize.QuadPart) / 

| 8)+FIELD_OFFSET(VOLUME_BITMAP_BUFFER, Buffer); 
44031 1 } else { 

44032| Debug(DEBUG_DEVSUP,("GetVolumeBitMapSize: Error 

| %08x\n M ,Status)); 
44033| ASSERT(Status==STATUS_SUCCESS); 
44034 1 return 0; 
44035| } 
44036| } 
44037| 
44038| 

44039| // 

| 



44040| #define BYTES_PER_WORK_UNIT (4096) 

44041 1 #def ine CLUSTERS_PER_WORK_UNIT (8*BYTES_PER_WORK_UNIT) 
44042| // Gets and coalesces the volume bit map as of the 

| snapshot into a GranuleBitMap. If no map already exists 

| it becomes the 

44043| // UsedGranuleBitMap as all used need to be marked for 

| caching, otherwise it is used to reset all used 

| granules as needing 
44044| // to be recached for this snapshot. 
44045| 

44046| // NOTE: Since we may be dealing with large bitmaps 
| which could take significant time to read this has to 
| occur 

44047| // asynchronously while writes may be being 
| processed. All writes have to be cached during this 
| time. 

44048| // Sure, it may be superfluous! but it will be 

| SAFE. 
44049 1 
44050 1 

44051| ULONG ReassessUsedGranuleBitMap ( 
44052| PFILE_OBJECT VolumeObject, 
44053| LARGEJNTEGER NumClusterslnVolume, 
44054| ULONG ClusterSizelnBytes, 
44055| PRTL_BITMAP *GranuleBitMap ) 
44056| { 

44057| ULONG status = STATUS_SUCCESS; 

44058| ULONG ClustersPerGranule = GRANULE_SIZE / 

| ClusterSizelnBytes; 
44059| ULONG NumGranules = 

| (ULONG)((NumClusterslnVolume.QuadPart + 

| (ClustersPerGranule-1 )) / ClustersPerGranule); 
44060| ULONG Granulelndex=0; 
44061 1 LARGEJNTEGER Clusterlndex={0}; 
44062| ULONG k=0; 

44063| ULONG GranuleBitMapSizelnBytes = 

| (sizeof(RTL_BITMAP)+((NumGranules+31) / 32) * 4); 
44064| RTL_BITMAP WorkUnitBitMap; 
44065| // Fastfat.sys seems to be off by one byte when 

| calculating the amount of data to transfer 
44066| // into our buffer, we dont care about the end, as 

| we will reread at starting at that byte anyway 
44067| VOLUME_BITMAP_BUFFER *WorkUnit = 

| (VOLUME_BITMAP_BUFFER *) 

| MemAllocatePoolWithTag(PagedPool,FIELD_OFFSET(VOLUME_BIT 
| MAP_BUFFER,Buffer)+ 

| BYTES_PER_WORK_UNIT+sizeof (DWORD), TEMPTAG ); 
44068| 

44069| ASSERT ( GRANULE_SIZE >= ClusterSizelnBytes ); 
44070| ASSERT ( GRANULE_SIZE % ClusterSizelnBytes == 0 ); 



44071 1 // we can only handle 32bits for granule size 
44072| ASSERT ( ((NumClusterslnVolume.QuadPart + 

| (ClustersPerGranule-1)) / ClustersPerGranule) < 

| 0x00000000ffffffffUI64); 
44073 1 

44074| if (!(*GranuleBitMap)) { 
44075| *GranuleBitMap = (PRTLBITMAP) 
| MemAllocatePoolWithTag( 

| PagedPool,GranuleBitMapSizelnBytes,PSM_FREE_SPACE_TAG 

I); 

44076| if (*GranuleBitMap) { 
44077| 

| RtllnitializeBitMap(*GranuleBitMap,(PULONG)(*GranuleBitM 

| ap + 1),NumGranules ); 
44078| RtlClearAIIBits ( *GranuleBitMap ); 

44079 1 } 
44080 1 } 

44081 1 if (!(*GranuleBitMap) || IWorkUnit ) { 

44082| Debug( DEBUG_DEVSUP,( "Out of memory in 

| BuildUsedGranuleBitMap\n" )); 
44083| status = STATUS_INSUFFICIENT_RESOURCES; 
44084| } else { 

44085| RtlZeroMemory( WorkUnit, 

| FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer)+ 
| BYTES_PER_WORK_UNIT); // not really needed 

44086| 

| RtllnitializeBitMap(&WorkUnitBitMap,(PULONG)(&WorkUnit-> 
| Buffer), CLUSTERS_PER_WORK_UNIT); 
44087| 

44088| for ( Granulelndex=0; Granulelndex < 

| NumGranules; ++Granulelndex ) { 
44089| BOOLEAN GranulelsUsed = FALSE; 

44090| Clusterlndex.QuadPart = (unsigned 

| int64)ClustersPerGranule * Granulelndex; 

44091 | 

44092| for ( k=0; k<ClustersPerGranule; ++k, 

| ++Clusterlndex.QuadPart ) { 
44093| // calculate the index of the bit 

| within the work unit... 
44094| ULONG workUnitBitOffset = 

| (ULONG)(Clusterlndex.QuadPart% 

| CLUSTERS_PER_WORK_UNIT); 
44095| if ( workUnitBitOffset == 0 ) { 

44096| 

44097| // time to slurp another batch of 

| bits 

44098| ULONGLONG 

| BitsToFetch=NumClusterslnVolume.QuadPart - 

| Clusterlndex.QuadPart; 
44099| ULONG bytesToFetch = 



I (ULONG)((BitsToFetch+7) / 8); 
44100| 

441 01 1 if ( bytesTo Fetch > 

| BYTES_PER_WORK_UNIT ) { 
44102| bytesToFetch = 

| BYTES_PER_WORK_UNIT; 
44103| } 
441 04| bytesToFetch += 

| FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer); 
44105| 

44106| STARTING_LCN_INPUT_BUFFER SLIB; 

441 07\ SLIB.StartingLcn = Clusterlndex; 

44108| 

441 09 1 status = FS_GetVolumeBitmap( 

| VolumeObject, &SLIB, WorkUnit, bytesToFetch ); 
44110| 

441 1 1 1 if(status==STATUS_BUFFER_OVERFLOW) 
|{ 

441 12| // this is not an error, it is 

| just a warning saying we didnt get all 
44113| // the data that is left 

44114| status = STATUS_SUCCESS; 

44115| } 
44116| 

441 1 7| if ( !NT_SUCCESS(status)) { 

44118| Debug( DEBUG_DEVSUP,( "Error 

| retrieving work unit in BuildUsedGranuleBitMap\n" )); 
44119| goto cleanup; 

44120| } 
44121| 

441 22 1 if ( Granulelndex==0) { 

441 23\ II Only after getting the very 

| first chunk of virtual volume bitmap do we need to... 
44124| 

441 25| // do a sanity check that the 

| virtual volume is also at ground zero 
44126| ASSERT 

| (WorkUnit->StartingLcn.QuadPart==0); 
44127| 

44128| // ... and in case the virtual 

| volume is smaller than the live ( because of subsequent 

| dynamic volume expansion) 
441 29| // use the size of the virtual 

| bitmap we've found as the size we're going to examine 

| in this reassessment call 
44130| 

441 31 1 NumClusterslnVolume.QuadPart = 

| WorkUnit->BitmapSize.QuadPart; 
44132| NumGranules = 

| (ULONG)((NumClusterslnVolume.QuadPart + 



I (ClustersPerGranule-1)) / ClustersPerGranule); 
44133| Debug( DEBUG_DEVSUP,( 

| "Restricting reassessment to Virtual volumes smaller 

| bitmap size (%l64d = 0x%l64x)\n" 
44134| ,WorkUnit->BitmapSize 
44135| ,WorkUnit->BitmapSize 
44136| )); 
44137| } 
44138| 

44139| #if DO_ALL_BITMAPS 

44140| //FIXFIXFIX need an assert to make 

| sure workunit fits 32b its 
44141| for (ULONG i= 0; 

| i*4<bytesToFetch-FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffe 

| r); i+=0x8 ) { 
44142| if ( (i==0) || 

44143| ( 

| ((PULONG)(WorkUnit->Buffer))[i+0] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+0] ) || 
44144| ( 

| ((PULONG)(WorkUnit->Buffer))[i+1] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+1] ) || 
44145| ( 

| ((PULONG)(WorkUnit->Buffer))[i+2] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+2] ) || 
44146| ( 

| ((PULONG)(WorkUnit->Buffer))[i+3] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+3] ) || 
44147| ( 

| ((PULONG)(WorkUnit->Buffer))[i+4] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+4] ) || 
44148| ( 

| ((PULONG)(WorkUnit->Buffer))[i+5] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+5] ) || 
44149| ( 

| ((PULONG)(WorkUnit->Buffer))[i+6] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+6] ) || 
44150| ( 

| ((PULONG)(WorkUnit->Buffer))[i+7] != 

| ((PULONG)(WorkUnit->Buffer))[i-8+7] ) ) { 
44151| 

44152| Debug(DEBUG_DEVSUP,(" 

| Granule/Cluster: %8l64x/%08l64x: %08x %08x %08x %08x 
| - %08x %08x %08x %08x\n" 

44153| 

| ,(WorkUnit->StartingLcn.QuadPart+i*0x20)/ClustersPerGran 
| ule 
44154| 

| ,(Workllnit->StartingLcn.QuadPart+i*0x20) 
44155| 



I ,((PULONG)(WorkUnit->Buffer))[i+OxO] 
44156| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x1] 
44157| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x2] 
44158| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x3] 
44159| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x4] 
44160| 

| ,((PULONG)(WorkUnjt->Buffer))[i+0x5] 
44161| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x6] 
44162| 

| ,((PULONG)(WorkUnit->Buffer))[i+0x7] 
44163| )); 
44164| } 
44165| } 
44166| #endif 
44167| } 
44168| 

441 69| if ( Clusterlndex.QuadPart >= 

| NumClusterslnVolume.QuadPart ) { 
441 70| break; // this is why 

| memset(WorkUnit,...) above not needed. 
44171| } 
44172| 

441 73| PsmBitPositionValidate 

| (&WorkUnitBitMap, workUnitBitOffset); 
44174| 

| if(RtlCheckBit(&WorkUnitBitMap,workUnitBitOffset)) { 
441 75| // If one cluster is used, the 

| whole granule is used... 
441 76| GranulelsUsed = TRUE; 

441 77| break; // don't waste time looking 

| at other clusters in this granule 
44178| } 
44179| } 
44180| 

44181| if ( GranulelsUsed ) { 

441 82 1 PsmBitPositionValidate (*GranuleBitMap, 

| Granulelndex); 
441 83 1 RtlSetBits ( *GranuleBitMap, 

| Granulelndex, 1 ); 
44184| } 
44185| } 
44186| } 
44187| 

44188| cleanup: 

44189| if ( !NT_SUCCESS(status) ) { 



44190| if ( *GranuleBitMap ) { 

441 91 1 MemFreePool( *GranuleBitMap ); 

44192| *GranuleBitMap = NULL; 

44193| } 

44194| } 

44195| 

44196| if ( WorkUnit ) { 

44197| MemFreePool( WorkUnit ); 

44198| WorkUnit = NULL; 

44199| } 

44200| 

44201| return status; 



44202| } 
44203| 
44204| /* 

44205| NewSize is the size in «Sectors» to extend to. 
44206| 7 

44207| NTSTATUS Extend F reeSp ace B it maps( PDEVICE_OBJECT Volume, 

| LARGEJNTEGER NewSize ) 
44208| { 

44209| NTSTATUS Status = STATUSJJNSUCCESSFUL; 
4421 0| pDictionary po=NULL; 
4421 1 1 PFILTERED_EXTENSION 

| Dev Ext= Get F i I te red Exte ns io n ( Vo I u m e) ; 
44212| 

44213| __try{ 

44214| if((PersistentDictionary::DoFreeSpaceChecks()) 

| && (DevExt->PSMed)) { 
44215| 

| PersistentDictionary::GetDictionaryForVolume(Volume,po); 
44216| if ( po ) { 

4421 7| PRTL BITMAP OldMap=NULL; 

44218| ULONG lnTransform=0; 

44219| pPersistentDictionary 

| p=(pPersistentDictionary)po; 
44220| ULONG ClusterSize = 

| p->GetVolumeClusterSize(); 
44221 | 

44222| // Cluster size cant be zero if 

| DoFreeSpaceChecks is on 
44223| ASSERT(ClusterSize); 
44224| ASSERT(GRANULE_SIZE>=ClusterSize); 
44225| 

44226| ULONG ClustersPerGranule = GRANULE_SIZE 

| / ClusterSize; 
44227| ULONGLONG NewSizelnClusters = 

| ((NewSize.QuadPart*512)+(ClusterSize-1)) / ClusterSize; 
44228| ULONG NumGranules = 

| (ULONG)((NewSizelnClusters + (ClustersPerGranule-1)) / 

| ClustersPerGranule); 



44229| ULONG GranuleBitMapSizelnBytes = 

| (sizeof(RTL_BITMAP)+((NumGranules+31) / 32) * 4); 
44230 1 

44231 1 // allocate memory before getting the 

| snapshot for write access 
44232| // as we are allocating paged memory, 

| and io may need to occur 
44233| PRTL_BITMAP NewMap = (PRTL_BITMAP) 

| MemAllocatePoolWithTag( 

| PagedPool,GranuleBitMapSizelnBytes,PSM_FREE_SPACE_TAG 

I); 

44234| 

44235| if (NewMap) { 

44236| 

44237| 

| RtllnitializeBitMap(NewMap,(PULONG)(NewMap+ 
| 1),NumGranules ); 
44238| 

44239 1 // lock out everybody from 

| accessing the free space map. 
44240| GetSnapShotForWrite(); 
44241 | 

44242 1 __try { 

44243 1 Old Map = 

| p->GetVolumeCachingMap(0); 
44244| if(IOIdMap) { 

44245| OldMap = 

| p->GetVolumeCachingMap(1); 
44246| InTransform = 1 ; 

44247| } 
44248| 

44249| if(OldMap) { 

44250 1 // make sure we are 

| actually increasing and not decreasing 
44251 | 

| if(NewMap->SizeOfBitMap>OldMap->SizeOfBitMap) { 
44252 1 

44253| RtlMoveMemory( 
44254| NewMap->Buffer, 
44255| OldMap->Buffer, 
44256| 

| (OldMap->SizeOfBitMap+7) /8); 
44257| 

44258| // clear out the new 

| extended area 
44259| PsmBitRangeValidate 

| (NewMap, OldMap->SizeOfBitMap, NewMap->SizeOfBitMap - 

| OldMap->SizeOfBitMap); 
44260 1 

| RtlClearBits(NewMap,OldMap->SizeOfBitMap,NewMap->SizeOfB 



I itMap-OldMap->SizeOfBitMap); 
44261 | 
44262 | 

| p->SetVolumeCachingMap(lnTransform,NewMap); 
44263 1 

44264| MemFreePool(OldMap); 
44265 1 

44266| Status = 

| STATUS_SUCCESS; 
44267| } else { 

44268| // Told to shrink. 

44269 1 Status = 

| STATUS_SUCCESS; 
44270| MemFreePool(NewMap); 
44271 1 // this is to just 

| catch this weird case 
44272 1 ASS E RT( FALSE) ; 

44273 1 } 
44274| } else { 

44275| // if this happens, then 

| the free space logic hasnt started yet for 
44276| // the very first snapshot, 

| when it does start, it will be using the new size 
44277| Status = STATUS_SUCCESS; 

44278| MemFreePool(NewMap); 
44279 1 } 

44280| } ^finally { 

44281 1 ReleaseSnapShotForWrite(); 
44282 1 } 
44283 1 } else { 

44284| Debug(DEBUG_DICT,( M lnsufficient 

| memory to extend granule bitmap for volume 

| %08x\n M , Volume)); 
44285| Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
44286| // we havent coded this condition 

| yet FIXFIXFIX 
44287 1 ASS E RT( FALSE) ; 

44288| } 
44289 1 } else { 

44290| Debug(DEBUG_DICT,("No dictionary for 

| volume %08x\n",Volume)); 
44291 1 Status = STATUS_NO_SUCH_DEVICE; 

44292 1 } 
44293 1 } else { 
44294 1 // nothing to update 

44295| Status = STATUS_SUCCESS; 

44296| } 
44297 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 



44298| Status = GetExceptionCode(); 

44299| Debug(DEBUG_DICT, ("Exception %08x in 

| ExtendFreeSpaceBitmaps\n",Status)); 
44300| } 
44301| 

44302| return Status; 

44303| } 

44304| 

44305| 

44306| NTSTATUS FindAndProcessVirtualVolumeBitMap( const WCHAR 
| *VirtualVolName, const WCHAR *LiveVolName, PRTL_BITMAP 
| *BitMap, ULONG &ClusterSize ) 

44307| { 

44308| #if 1 

44309| UNICODE_STRING UniName={0}; 

44310| WCHAR *Buffer=(WCHAR*)MemAllocateString(256); 

44311| OBJECT ATTRIBUTES ObjectAttributes={0}; 

44312| IO_STATUS_BLOCK loStatus; 

44313| HANDLE FileHandle; 

44314| PFILE_OBJECT LiveFileObject; 

44315| PFILE_OBJECT Virtual FileObject; 

4431 6| NTSTATUS Status; 

44317| 

44318| If (Buffer) { 

44319| return STATUS_INSUFFICIENT_RESOURCES; 
44320| } 
44321 | 

44322| #ifdef DEBUG 

44323| if(lsSnapShotAcquiredForWrite()) { 
44324| // the reason this is bad is that we have the 
| writer lock 

44325| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
44326| // thus producing a deadlock, to fix it, dont 

| call with writer lock 
44327| // which you can do by spinning off whatever 

| you are trying to do to a 
44328| // worker thread. 
44329 | 

| Debug(DEBUG_DCPSM,("FindAndProcessVirtualVolumeBitMap: 

| Snapshot resource acquired for write!\n")); 
44330| DbgBreakPoint(); 
44331| } 
44332| #endif 
44333| 

44334| SbTouchVolume(VirtualVolName); 
44335| 

44336| wcscpy (Buffer, VirtualVol Name); 
44337| RtllnitUnicodeString(&UniName,Buffer); 
44338| 



44339| InitializeObjectAttributes ( &ObjectAttributes, 

44340| &UniName, 

44341 1 OBJ_CASE_INSENSITIVE, 

44342| NULL, 

44343| NULL); 

44344| 

44345| Status = ZwCreateFile( &FileHandle, 
44346| GENERIC_READ, 

| // desired access 
44347| &ObjectAttributes, 

| // object attributes 
44348| &loStatus, 
44349 1 NULL, // 

| alloc size 

44350| FILE_ATTRIBUTE_NORMAL, 

| // file attributes 
44351 1 FILE SHARE WRITE | 

| FILE_SHARE_READ, //share 

| access 

44352| FILE_OPEN, 

| // create disposition 
44353 1 0, // create 

| options 

44354| NULL, // eabuffer 

44355| 0); //ealength 

44356| if(NT_SUCCESS(Status)) { 

44357| Status = ObReferenceObjectByHandle( 

44358| FileHandle, //IN HANDLE Handle, 

44359| GENERIC_READ, 

44360| NULL, // IN POBJECT_TYPE 

| ObjectType, // optional 

44361 1 (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
44362| (PVOID *)&VirtualFileObject, // OUT 

| PVOID *Object, 
44363| NULL //OUT 

| POBJECT HANDLE INFORMATION Handlelnformation // 

| optional 
44364| ); 
44365| 

44366| if(NT_SUCCESS(Status)) { 
44367| 

44368| ZwClose(FileHandle); 
44369 1 
44370 1 

44371 1 SbTouchVolume(LiveVolName); 
44372 1 

44373 1 wcscpy ( But f e r, Live Vo I N am e) ; 

44374| RtllnitUnicodeString(&UniName,Buffer); 

44375| 



&UniName, 



NULL, 
NULL); 



44376| InitializeObjectAttributes ( 

| &ObjectAttributes, 
44377| 
44378| 

| OBJ_CASE_INSENSITIVE 
44379| 
44380| 
44381 1 
44382 1 
44383 1 

| // desired access 
44384| 

| // object attributes 
44385| 
44386| 

| // alloc size 
44387| 

| FILE_ATTRIBUTE_NORMAL, 



Status = ZwCreateFile( &FileHandle, 
GENERIC_READ, 



&ObjectAttributes, 



&loStatus, 
NULL, 



44388| 

| FILE_SHARE_READ, 

| access 
44389| 

| // create disposition 
44390 | 

| create options 
443911 



//file attributes 
FILE_SHARE_WRITE | 
// share 

FILE OPEN, 



0, 



// 



44392| 
44393| 
44394| 
44395| 

| Handle, 
44396| 
44397| 



NULL, //eabuffer 
0); //ealength 
if(NT_SUCCESS(Status)) { 

Status = ObReferenceObjectByHandle( 
FileHandle, // IN HANDLE 



GENERIC_READ, 
NULL, // IN 

| POBJECT TYPE ObjectType, //optional 
44398| (KPROCESSOR_MODE)KernelMode, 

| // IN KPROCESSOR_MODE AccessMode, 
44399| (PVOID *)&LiveFileObject, // 

| OUT PVOID *Object, 
44400| NULL //OUT 

| POBJECTJHANDLEJNFORMATION Handlelnformation // 
| optional 
44401| ); 
44402| 

44403| if(NT_SUCCESS(Status)) { 

44404| 

44405| LARGEJNTEGER LiveBitmapSize; 

44406| LiveBitmapSize.QuadPart = 

| GetVolumeBitmapSize(LiveFileObject); 
44407| 

44408| if(LiveBitmapSize.QuadPart) { 



44409| FILE_FS_SIZE_INFORMATION 

| LiveFsSize; 
44410| ULONG Returned; 

4441 1 | 

4441 2| // get volume cluster size 

44413| Status = 

| loQueryVolumelnformation( 
44414| LiveFileObject, // IN 

| PFILE_OBJECT FileObject, 
44415| FileFsSizelnformation, // 

| IN FS_INFORMATION_CLASS FslnformationClass, 
4441 6| sizeof (LiveFsSize), // IN 

| ULONG Length, 
4441 7\ &LiveFsSize, // OUT PVOI D 

| Fslnformation, 
4441 8| &Returned // OUT PULONG 

| ReturnedLength 
44419| ); 

44420| if(NT_SUCCESS(Status)) { 

44421 1 PDEVICE_OBJECT 

| DevObj=GetObjectFromName((WCHAR*)LiveVolName); 
44422| PFILTERED EXTENSION DevExt 

| = GetFilteredExtension(DevObj); 
44423| LARGEINTEGER 

| VolSizelnClusters; 
44424| 

44425| ClusterSize = 

| LiveFsSize. SectorsPerAllocationUnit * 

| LiveFsSize. BytesPerSector; 
44426| VolSizelnClusters. QuadPart 

| = ( DevExt->Pi.PartitionLength. QuadPart + ClusterSize-1 

| )/ClusterSize ; 
44427| 

44428| ASSERT 

| (VolSizelnClusters.QuadPart >= 

| LiveFsSize.TotalAllocationUnits. QuadPart); 
44429 1 

44430| Debug(DEBUG_DEVSUP,("Volume 

| '%S' has %l64d clusters and %d 

| cluster size\n M 
44431| ,LiveVolName 
44432| 

| ,VolSizelnClusters. QuadPart 
44433| 

| , LiveFsSize. SectorsPerAllocationUnit 
44434| )); 
44435| 

| Debug(DEBUG_DEVSUP,("FileSys'%S' has %l64d (%d bitmap 
| bytes) clusters and %d cluster size\n" 
44436| ,VirtualVolName 



44437| 

| ,LiveFsSize.TotalAllocationUnits.QuadPart 
44438| ,LiveBitmapSize.LowPart 
44439| 

| ,LiveFsSize.SectorsPerAllocationUnit 
44440| )); 
44441 1 

44442 1 #if DO_ALL_BITMAPS 

44443| if (*BitMap!=NULL) { 

44444| for (ULONG i=0; 

| i*4<((*BitMap)->SizeOfBitMap+7)/8;i+=0x8 ) { 
44445| if ( (i==0) || 

44446| ( 

| (*BitMap)->Buffer[i+0] != (*BitMap)->Buffer[i-8+0] ) 

I II 

44447| ( 

| (*BitMap)->Buffer[i+1] != (*BitMap)->Buffer[i-8+1] ) 
I II 

44448| ( 

| (*BitMap)->Buffer[i+2] != (*BitMap)->Buffer[i-8+2] ) 
I II 

44449| ( 

| (*BitMap)->Buffer[i+3] != (*BitMap)->Buffer[i-8+3] ) 
I II 

44450| ( 

| (*BitMap)->Buffer[i+4] != (*BitMap)->Buffer[i-8+4] ) 
I II 

44451 | ( 

| (*BitMap)->Buffer[i+5] != (*BitMap)->Buffer[i-8+5] ) 
I II 

44452| ( 

| (*BitMap)->Buffer[i+6] != (*BitMap)->Buffer[i-8+6] ) 
I II 

44453| ( 

| (*BitMap)->Buffer[i+7] != (*BitMap)->Buffer[i-8+7] ) ) 

|{ 
44454| 

44455| 

| Debug(DEBUG_DEVSUP,(" Granule %08x: %08x %08x %08x 

| %08x - %08x %08x %08x %08x\n" 
44456| ,i*0x20 
44457| 

| ,(*BitMap)->Buffer[i+0x0] 
44458| 

| ,(i+1)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x1] : 0x0dd1b1d5 
44459| 

| ,(i+2)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x2] : 0x0dd1b1d5 
44460 1 



I ,(i+3)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x3] : 0x0dd1b1d5 
44461 | 

| ,(j+4)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x4] : 0x0dd1b1d5 
44462| 

| ,(i+5)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x5] : 0x0dd1b1d5 
44463 1 

| ,(i+6)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x6] : 0x0dd1b1d5 
44464| 

| ,(i+7)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 

| (*BitMap)->Buffer[i+0x7] : 0x0dd1b1d5 
44465| )); 
44466| } 
44467| } 
44468| } 
44469| #endif 
44470 1 Status = 

| ReassessUsedGranuleBitMap ( 
44471 1 Virtual FileObject, 

44472| VolSizelnClusters, 
44473| ClusterSize, 
44474| (PRTL_BITMAP*)BitMap ); 

44475| if(NT_SUCCESS(Status)) { 

44476| 

| Debug(DEBUG_DEVSUP,("Success creating 0x%x granule 

| bitmap\n",(*BitMap)->SizeOfBitMap)); 
44477| #if DO_ALL_BITMAPS 
44478| if (*BitMap!=NULL) { 

44479| for (ULONG i=0; 

| i*4<((*BitMap)->SizeOfBitMap+7)/8;i+=0x8 ) { 
44480| if ( (i==0) || 

44481 1 ( 

| (*BitMap)->Buffer[i+0] != (*BitMap)->Buffer[i-8+0] ) 

I II 

44482| ( 

| (*BitMap)->Buffer[i+1] != (*BitMap)->Buffer[i-8+1] ) 
I II 

44483| ( 

| (*BitMap)->Buffer[i+2] != (*BitMap)->Buffer[i-8+2] ) 
I II 

44484| ( 

| (*BitMap)->Buffer[i+3] != (*BitMap)->Buffer[i-8+3] ) 
I II 

44485| ( 

| (*BitMap)->Buffer[i+4] != (*BitMap)->Buffer[i-8+4] ) 
I II 

44486| ( 



I (*BitMap)->Buffer[i+5] != (*BitMap)->Buffer[i-8+5] ) 
I II 

44487| ( 

| (*BitMap)->Buffer[i+6] != (*BitMap)->Buffer[i-8+6] ) 



44488| ( 

| (*BitMap)->Buffer[i+7] != (*BitMap)->Buffer[i-8+7] ) ) 

|{ 
44489| 
44490| 

| Debug(DEBUG_DEVSUP,(" Granule %08x: %08x %08x %08x 

| %08x - %08x %08x %08x %08x\n" 
44491 1 ,i*0x20 
44492 1 

| ,(*BitMap)->Buffer[i+0x0] 
44493 1 



I ,(i+1)*4< 
| (*BitMap 

44494| 

I ,(i+2)*4< 
| (*BitMap 

44495| 

I ,(i+3)*4< 
| (*BitMap 

44496| 

I ,(i+4)*4< 
| ("BitMap 

44497| 

I ,(i+5)*4< 
| (*BitMap 

44498| 

I ,(i+6)*4< 
| (*BitMap 

44499| 

I ,(i+7)*4< 
| (*BitMap 

44500 1 

44501 1 

44502 1 

44503 1 



(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x1] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x2] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x3] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x4] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x5] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x6] : 0x0dd1b1d5 

(*BitMap)->SizeOfBitMap+7)/8 ? 
->Buffer[i+0x7] : 0x0dd1b1d5 

)); 

} 

} 

} 



44504| #endif 

44505| } else { 

44506| 

| Debug(DEBUG_DEVSUP,("Error%08x getting granule 

| bitmap\n",Status)); 
44507| } 
44508| } else { 

44509| Debug(DEBUG_DEVSUP,("Error 

| %08x getting volume cluster size\n",Status)); 
44510| } 



4451 1 1 } else { 

44512| Debug(DEBUG_DEVSUP, ("Error 

| getting size of bitmap\n")); 
44513| Status = STATUSJNVALIDJHANDLE; 

44514| } 
44515| 

| ObDereferenceObject(LiveFileObject); 
44516| }else{ 

4451 7| Debug(DEBUG_DEVSUP, ("Error %08x 

| getting live fileobject\n", Status)); 
44518| } 

44519| ZwClose(FileHandle); 
44520| } else { 

44521 1 Debug(DEBUG_DEVSUP,("Error %08x getting 

| live filehandle\n",Status)); 
44522 1 } 

44523| ObDereferenceObject(VirtualFileObject); 
44524| } else { 

44525| Debug(DEBUG_DEVSUP, ("Error %08x getting 

| virtual fileobject\n", Status)); 
44526| } 
44527| } else { 

44528| Debug(DEBUG_DEVSUP, ("Error %08x getting virtual 

| filehandle\n",Status)); 
44529 1 } 

44530 1 MemFreeString(Buffer); 

44531| return Status; 

44532| #else 

44533| return 0; 

44534| #endif 

44535| } 

44536| 

44537| NTSTATUS FS_SystemCall ( 
44538| PFILE_OBJECT FileObject, 
44539| ULONG loControlCode, 
44540| const char *CallerFunctionName ) 
44541 1 { 

44542| PIRP lrp=NULL; 

44543 1 KEVENT Event={0}; 

44544| IO_STATUS_BLOCK loStatusBlock={0}; 

44545| NTSTATUS Status=0; 

44546 1 P 1 0_STAC K_LOC ATI ON I rpStack= NULL; 

44547| PDEVICE_OBJECT DeviceObject; 

44548| 

44549 1 __try { 
44550 1 

44551 1 Debug(DEBUG_DEVSUP,("%s 

| (loControlCode=%08x)\n",CallerFunctionName, loControlCode 

I)); 

44552 1 



44553| DeviceObject = 

| loGet Related DeviceObject( Fi leObject) ; 
44554| 

44555| // 

44556| // Set the event object to the unsignaled 
| state. 

44557| // It will be used to signal request 

| completion. 
44558| // 
44559| 

44560| KelnitializeEvent(&Event, NotificationEvent, 

I FALSE); 
44561 | 
44562 1 

44563 1 // 

44564| // Create IRP for read 

44565| // 

44566| 

44567| Irp = lrpAllocatelrp(DeviceObject->StackSize); 
44568| 

44569| if (!lrp) { 

44570| Debug(DEBUG_DEVSUP,("%s: Error! Unable to 

| allocate irp\n",CallerFunctionName)); 
44571 1 try_return(Status = 

| STATUS_INSUFFICIENT_RESOURCES); 
44572 1 } 
44573 1 

44574| lrp->Flags = 0; //IRP_READ_OPERATION; 
44575| 

44576| lrp->Associatedlrp.SystemBuffer = NULL; 

44577| lrp->MdlAddress = NULL; 

44578| lrp->UserBuffer = NULL; 

44579 1 lrp->UserEvent = & Event; 

44580| lrp->Userlosb = &loStatusBlock; 

44581| Hint -save -e740 7 

44582| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
44583| Hint -restore 7 

44584| lrp->Tail.Overlay.OriginalFileObject = NULL; 
44585| lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 
44586| lrp->loStatus. Status 

| STATUS_PENDING; 
44587| lrp->loStatus. Information = 0; 

44588| 

44589| IrpStack = loGetNextlrpStackLocation(lrp); 
44590| RtlZeroMemory((PVOID)lrpStack, 

| sizeof(IO_STACK_LOCATION)); 
44591 1 // just sets event 
44592| loSetCompletionRoutine(lrp, 



I Sblo_ReadDeviceMdlCompletionRoutine, NULL, TRUE, TRUE, 
I TRUE); 

44593| lrpStack->MajorFunction = 

| IRP_MJ_FILE_SYSTEM_CONTROL; 
44594| lrpStack->MinorFunction = 

| IRP_MN_USER_FS_REQUEST; 
44595| 

| lrpStack->Parameters.DeviceloControl.loControlCode = 
| loControlCode; 
44596| 

| lrpStack->Parameters. DeviceloControl.OutputBufferLength 
1 = 0; 
44597| 

| lrpStack->Parameters.DeviceloControl.lnputBufferLength 
1 = 0; 
44598| 

| lrpStack->Parameters.DeviceloControl.Type3lnputBuffer = 
| NULL; 

44599| lrpStack->DeviceObject = 

| FileObject->DeviceObject; 
44600| lrpStack->FileObject = FileObject; 
44601 1 

44602| Status = loCallDriver(DeviceObject, Irp); 
44603 1 

44604| if (Status == STATUS_PENDING) { 
44605| 

44606| Debug(DEBUG_DEVSUP,("%s: Waiting for 

| request to finish\n",CallerFunctionName)); 
44607| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
44608| pmWaitForSingleObject(&Event,NULL); 
44609 1 

4461 0| Status = loStatusBlock.Status; 

4461 1 1 } 

44612| IrpFreelrp(lrp); 
44613| 

44614| try_exit: NOTHING; 
44615| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

4461 6| Status = GetExceptionCode(); 

44617| Debug(DEBUG_DEVSUP,("%s: Exception 

| %08x\n",CallerFunctionName,Status)); 
44618| } 
44619| 

44620| return Status; 

44621| } 

44622| 

44623| 

44624| NTSTATUS FilllnWriteRequest( tWriteRequest 

| *WriteRequest, PDEVICE_OBJECT DeviceObject, PIRP Irp, 



I ULONG BPS ) 
44625| { 

44626| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
44627| 

44628| WriteRequest->DeviceObject = DeviceObject; 
44629| WriteRequest->lrp = Irp; 
44630| WriteRequest->ByteOffset = 

| currentlrpStack->Parameters. Write. ByteOffset; 
44631 1 WriteRequest->Bytel_ength = 

| cu rrent I rpStack-> Parameters .Write. Length ; 
44632| WriteRequest->RealSector.QuadPart = 

| WriteRequest->ByteOffset.QuadPart / BPS; 
44633| WriteRequest->RealCount = 

| WriteRequest->ByteLength / BPS; 
44634| 

44635| #define SectorSize (BPS) 

44636| WriteRequest->RoundedSector.QuadPart = 

44637| 

| ROUND_DOWN(WriteRequest->RealSector.QuadPart,SECTORS_PER 

| _GRANULE); 
44638| WriteRequest->RoundedCount = 
44639| (ULONG) 

| (ROUND_UP(WriteRequest->RealSector.QuadPart + 

| WriteRequest->RealCount,SECTORS_PER_GRANULE) 
44640 1 

| WriteRequest->RoundedSector.QuadPart); 
44641 1 WriteRequest->RoundedSectorlnBytes.QuadPart = 

| WriteRequest->RoundedSector.QuadPart * BPS; 
44642 1 Write Request-> Rou ndedCou nt I n Bytes . Qu ad Part = 

| (unsigned int64)WriteRequest->RoundedCount * BPS; 

44643| WriteRequest->DeviceObject = DeviceObject; 

44644| WriteRequest->Buffer = NULL; 

44645| #undef SectorSize 

44646| return STATUS_SUCCESS; 

44647| } 

44648| 

44649| WCHAR NibbleToHexWChar( unsigned char In, BOOLEAN 

| TakeUpper ) 
44650 1 { 

44651 1 In = TakeUpper?(ln » 4):(ln & Oxf); 

44652| return (WCHAR)( ( In > 9 )?(ln - 10 + 'a'):(ln + 

I '0') ); 
44653 1 } 
44654| 

44655| NTSTATUS BufferToHexWChar( PVOID Buffer, ULONG 

| NumBytes, PWCHAR Out, ULONG *OutSize) 
44656| { 

44657| NTSTATUS Status = STATUS_SUCCESS; 
44658| ULONG i; 



44659| unsigned char *ln = (unsigned char*)Buffer; 
44660| 

44661 1 //Round to take whole number of D_words 

44662| NumBytes = (NumBytes+3)/4*4; 
44663 1 

44664| if (Out==NULL) { 



44665| *OutSize = (NumBytes*2+1 )*sizeof(WCHAR); 

44666| } else { 

44667| if (*OutSize < 2) { 

44668| // just give back bad status as not room to 

| put even an empty string 

44669| Status = STATUS_BUFFER_TOO_SMALL; 
44670 1 

44671 1 } else { 
44672 1 

44673| if ((NumBytes*2+1 )*sizeof(WCHAR) > *OutSize 
l){ 

44674| //not enough room for all we have pack 

| the limit and give bad status 

44675| NumBytes = 

| (*OutSize/sizeof(WCHAR)-1)/2; 

44676| Status = STATU S_B U F F E ROVE R F LOW ; 

44677| } 

44678| *OutSize = (NumBytes*2+1 )*sizeof(WCHAR); 
44679 1 

44680| for (i=0;i<NumBytes;ln++,i++,Out+=2) { 

44681 1 Out[0] = NibbleToHexWChar(ln[0],1); 

44682| Out[1] = NibbleToHexWChar(ln[0],0); 

44683 1 } 

44684| Out[0] = L'\0'; 



44685| } 
44686| } 

44687 1 return Status; 
44688| } 
44689| 
44690 1 

44691| NTSTATUS FS_GetLastClusterFromFileMap ( 
44692| const RETRIEVAL_POINTERS_BUFFER *RP, 
44693| LARGE_INTEGER &LastVcn ) 

44694| { 



44695| NTSTATUS Status = STATUS_NOT_FOUND; 

44696| LastVcn.QuadPart = int64(-1 ); 

44697| 

44698| if(!RP){ 

44699| ASSERT(RP != NULL); 

44700| Status = STATUS_INVALID_PARAMETER; 

44701| }else{ 

44702| if ( RP->ExtentCount > 0 ) { 

44703| LastVcn.QuadPart = 



| RP->Extents[RP->ExtentCount-1].NextVcn.QuadPart- 1; 



44704| Status = STATUS_SUCCESS; 

44705| } 
44706| } 
44707| 

44708| return Status; 
44709| } 
44710| 
4471 1 1 

44712| NTSTATUS FS_GetFileMap( PFILE_OBJECT FileObject, 
| STARTING_VCN_INPUT_BUFFER *SVIB, 
| RETRIEVAL_POINTERS_BUFFER *RP, ULONG RPSize ) 

44713| { 

44714| PIRP lrp=NULL; 

44715| KEVENT Event={0}; 

4471 6| IO_STATUS_BLOCK loStatusBlock={0}; 

44717| NTSTATUS Status=0; 

44718| PIO_STACK_LOCATION lrpStack=NULL; 

44719| PDEVICE_OBJECT DeviceObject; 

44720| ULONG Ret = 0; 

44721 1 

44722 1 _try { 
44723 1 

44724 1 DeviceObject = 

| lo Get Related DeviceObject( Fi leObject) ; 
44725| 

44726| // 

44727| // Set the event object to the unsignaled 
| state. 

44728| // It will be used to signal request 

| completion. 
44729 1 // 
44730 1 

44731 1 KelnitializeEvent(&Event, NotificationEvent, 

| FALSE); 
44732 1 
44733 1 

44734| // 

44735| // Create IRP for read 

44736| // 

44737| 

44738| Irp = lrpAllocatelrp(DeviceObject->StackSize); 
44739 1 

44740| if (!lrp) { 

44741 1 Debug(DEBUG_DEVSUP,("FS_GetFileMap: Error! 

| Unable to allocate irp\n")); 
44742| try_return(Status = 

| STATUS_INSUFFICIENT_RESOURCES); 
44743 1 } 
44744| 

44745| lrp->Flags = 0; //IRP_READ_OPERATION; 



44746| 

44747| lrp->Associatedlrp.SystemBuffer = NULL; 

44748| lrp->MdlAddress = NULL; 

44749| lrp->UserBuffer = RP; 

44750| lrp->UserEvent = &Event; 

44751| lrp->Userlosb = &loStatusBlock; 

44752| Hint -save -e740 7 

44753| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
44754| Hint -restore 7 

44755| lrp->Tail.Overlay.OriginalFileObject = NULL; 
44756| lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 
44757| lrp->loStatus. Status 

| STATUS_PENDING; 
44758| lrp->loStatus. Information = 0; 

44759| 

44760| IrpStack = loGetNextlrpStackLocation(lrp); 
44761 1 RtlZeroMemory((PVOID) IrpStack, 

| sizeof(IO_STACK_LOCATION)); 
44762| // just sets event 
44763| loSetCompletionRoutine(lrp, 

| Sblo_ReadDeviceMdlCompletionRoutine, NULL, TRUE, TRUE, 

I TRUE); 

44764| lrpStack->MajorFunction = 

I IRP_MJ_FILE_SYSTEM_CONTROL; 
44765| lrpStack->MinorFunction = 

| IRP_MN_USER_FS_REQUEST; 
44766| 

| lrpStack->Parameters.DeviceloControl.loControlCode = 
| FSCTL_GET_RETRIEVAL_POINTERS; 
44767| 

| lrpStack->Parameters. DeviceloControl.OutputBufferLength 
| = RPSize; 
44768| 

| lrpStack->Parameters.DeviceloControl.lnputBufferLength 
| = sizeof (STARTI NG_VCN_I N PUT_BU FFER) ; 
44769 1 

| lrpStack->Parameters.DeviceloControl.Type3lnputBuffer = 
| SVIB; 

44770 1 I rpStack-> DeviceObject = 

| FileObject-> DeviceObject; 
44771 1 lrpStack->FileObject = FileObject; 
44772 1 

44773| Status = loCallDriver(DeviceObject, Irp); 
44774| 

44775| if (Status == STATUS_PENDING) { 
44776| 

44777| Debug(DEBUG_DEVSUP,("FS_GetFileMap: Waiting 

| for get bitmap to finish\n")); 



44778| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
44779 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

44780| 

44781 1 Status = loStatusBlock.Status; 

44782| Ret = lrp->loStatus. Information; 

44783 1 } 

44784| IrpFreelrp(lrp); 
44785| 

44786| #if DO_ALL_IO 

44787| Debug(DEBUG_DEVSUP,("FS_GetFileMap: 
| Status=%08x, size=%08x (%x,%x), Wanted=%l64x, 
| got=%l64x, count=%08x\n", 

44788| Status, 

44789| RPSize, 

44790| loStatusBlock.lnformation, 

44791 1 Ret, 

44792 1 S VI B->Starting Vcn, 

44793| RP->StartingVcn, 

44794| RP->ExtentCount 

44795| )); 

44796| #endif 

44797| 

44798| try_exit: NOTHING; 
44799 1 } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

44800 1 Status = GetExceptionCode(); 

44801 1 Debug(DEBUG_DEVSUP,("FS_GetFileMap: Exception 

| %08x\n",Status)); 
44802 1 } 
44803 1 

44804 1 return Status; 

44805| } 

44806| 

44807| PDEVICE_OBJECT 
44808| GetPSMStorageFilterObject( 
44809| IN PVPB Vpb 

44810| ) 
4481 1 1 { 

44812| // follow Vpb->RealDevice->AttachedDevice stack. 
44813| PDEVICE_OBJECT p; 
44814| ULONG Count=0; 



44815| 

44816| __try{ 

4481 7| p=Vpb->RealDevice; 

44818| while (p){ 

4481 9| // follow the devices we have allocated 

44820| PDEVICE_OBJECT DevObj = 



| PSManDriverObject->DeviceObject; 
44821 | 



44822| while ( DevObj ) { 

44823| if ((DevObj ==p) || 

| (Count++>0x10000)) { 



44824| 
44825| 
44826| 
44827| 
44828| 
44829 1 
44830 1 
44831 | 
44832 1 
44833 1 
44834| 
44835| 



break; 



} 



DevObj = DevObj->NextDevice; 
}//while( DevObj) 

if ( DevObj ) { 
break; 

} 

p=p->AttachedDevice; 



} 



} 



except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
44836| Debug(DEBUG_SFILTER,("SFILTER: Exception %08x 

| in GPSMSFO\n",GetExceptionCode())); 
44837| p = NULL; 
44838| } 
44839 1 return p; 
44840 1 } 
44841 | 

44842| PDEVICE_OBJECT GetOurObjectForFileObject( PFILE_OBJECT 

| FileObject ) 
44843 1 { 

44844| return GetPSMStorageFilterObject(FileObject->Vpb); 

44845| } 

44846| 

44847 1 ErrorCode 
44848| OpenAFile( 
44849 1 WCHAR 



44850 1 
44851 | 
44852 1 
44853 1 
44854| { 
44855| 
44856| 
44857| 
44858| 
44859 1 
44860 1 
44861 | 
44862 1 
44863 1 
44864| 
44865| 
44866| 
44867| 



*File, 

HANDLE &FileHandle, 
PFILE_OBJECT &FileObject, 
HANDLE SWaitHandle, 
PVOID SWaitObject ) 

UNICODE_STRING FullFileName={0}; 
OBJECT_ATTRIBUTES ObjectAttributes={0}; 
NTSTATUS Status=STATUS_UNSUCCESSFUL; 
IO_STATUS_BLOCK loStatus={0}; 
ULONG ShareAccess = 0; 

FileHandle = INVALID_HANDLE_VALUE; 
WaitHandle = INVALID_HANDLE_VALUE; 
FileObject = NULL; 
WaitObject = NULL; 

PAGED_CODE(); 



44868| Debug(DEBUG_DICT,("pd::OpenAFile(%S)\n",File)); 
44869| 

44870| RtllnitUnicodeString( &FullFileName, File); 
44871 | 

44872 1 InitializeObjectAttributes ( &ObjectAttributes, 

44873| &FullFileName, 

44874| OBJ_CASE_INSENSITIVE, 

44875| NULL, 

44876| NULL ); 

44877| 

44878| Status = ZwCreateFile( &FileHandle, 
44879| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, //desired access 
44880 1 &Object Attributes, // object 

| attributes 
44881 1 &loStatus, 
44882| NULL, // 

| alloc size 

44883| FILE_ATTRIBUTE_HIDDEN, 

| // file attributes 
44884 1 S h are Access , 

| // share access 
44885| FILE_OPEN, // 

| FILE OVERWRITE IF, // create 

| disposition 

44886| FILE_SYNCHRONOUS_IO_NONALERT 
I I 

44887| FILE_NO_COMPRESSION | 

44888| FILE_WRITE_TH ROUGH | 

44889 1 

| FILE_NO_INTERMEDIATE_BUFFERING, 
44890| NULL, // eabuffer 

44891| 0); //ealength 

44892| 
44893| 

44894| if ( NT_SUCCESS(Status) ) { 
44895| // Get a Object handle so we can wait on 
| requests... 

44896| Status = ObReferenceObjectByHandle( 
44897| FileHandle, 

| // IN HANDLE Handle, 
44898| FILE_GENERIC_READ | FILE_GENERIC_WRITE, 

44899| NULL, 

| // IN POBJECT_TYPE ObjectType, (optional) 
44900| (KPROCESSOR_MODE)KernelMode, 

| // IN KPROCESSOR_MODE AccessMode, 
44901 1 (PVOID *)&FileObject, 

I//OUTPVOID *Object, 
44902| NULL ); 

| // OUT POBJECT HANDLE INFORMATION Handlelnformation 



I (optional) 
44903| 

44904| if ( NT_SUCCESS(Status) ) { 
44905| Status = 

| SbGetAsyncEvent(WaitHandle,WaitObject); 
44906| if ( NT_SUCCESS(Status) ) { 

44907| ASSERT(lsValidHandle(FileHandle)); 
44908| ASSERT(FileObject != NULL); 

44909 1 ASS ERT( Is ValidHandle( WaitHand le)) ; 

44910| ASSERT(WaitObject != NULL); 

4491 1 1 return STATUS_SUCCESS; 

44912| }else{ 

44913| Debug(DEBUG_DICT,("pd::OpenAFile: 
| SbGetAsyncEvent(WaitHandle,WaitObject) returned 
| %08x\n",Status)); 

44914| if ( FileObject ) { 

44915| ObDereferenceObject (FileObject); 

44916| FileObject = NULL; 

44917| } 

44918| } 

44919| }else{ 

44920| Debug(DEBUG_DICT,("pd::OpenAFile: 

| ObReferenceObjectByHandle() returned %08x\n",Status)); 
44921 | } 
44922 1 

44923| ZwClose(FileHandle); 

44924| FileHandle = INVALID_HANDLE_VALUE; 

44925| FileObject = NULL; 

44926| } else { 

44927| Debug(DEBUG_DICT,("pd::OpenAFile: 

| ZwCreateFile() returned %08x\n",Status)); 
44928| } 
44929 1 

44930| // Getting here means an error occurred. 
44931 | 

44932| #ifdef DEBUG 

44933| Debug(DEBUG_DICT,("pd::OpenAFile: Error! Unable to 

| open file '%S' %08x 

| (%08x)\n",File,Status,loStatus. Status)); 
44934| ASSERT(!NT_SUCCESS(Status)); 
44935| ASSERT(FileHandle == INVALID_HANDLE_VALUE); 
44936| ASSERT(FileObject == NULL); 

44937| ASSERT(WaitHandle == INVALID_HANDLE_VALUE); 
44938| ASSERT(WaitObject == NULL); 
44939| #endif /'DEBUG*/ 
44940 1 

44941 1 return Status; 
44942 1 } 
44943 1 

44944| // 



I 

44945| 

44946| ErrorCode CloseAFile ( 

44947| HANDLE &FileHandle, 

44948| PFILE_OBJECT &FileObject, 

44949| HANDLE &WaitHandle, 

44950| PVOID &WaitObject) 
44951 1 { 

44952| Debug(DEBUG_DICT,("pd::CloseAFile %08x, %08x, %08x, 

| %08x\n",FileHandle,FileObject,WaitHandle,WaitObject)); 
44953 1 

44954| ASSERT (IsValidHandle(FileHandle)); 

44955| ASSERT (FileObject != NULL); 
44956| 

44957| ZwClose(FileHandle); 

44958| FileHandle = INVALID_HANDLE_VALUE; 

44959 1 if ( FileObject ) { 

44960| ObDereferenceObject(FileObject); 

44961| FileObject = NULL; 

44962| } 

44963| 

44964| ASSERT (IsValidHandle(WaitHandle)); 

44965| ASSERT (WaitObject != NULL); 
44966| 

44967| ZwClose (WaitHandle); 

44968| WaitHandle = INVALID_HANDLE_VALUE; 

44969| if ( WaitObject ) { 

44970| ObDereferenceObject (WaitObject); 

44971 1 WaitObject = NULL; 

44972 1 } 

44973 1 

449 74 1 return 0; 
44975| } 
44976| 
44977| /* 

449 78| FileObject is any open file on the specified volume 
44979 1 7 

44980| NTSTATUS FS_GetVolumelnfo( PFILE_OBJECT FileObject, 
| ULONG &ClusterSize, ULONG &SectorSize, LARGEJNTEGER 
| &TotalClusters, LARGEJNTEGER &AvailClusters ) 

44981 1 { 

44982| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

44983| POB J ECT_N AM E_l N FORMATION OBI=NULL; 

44984| PFILE_OBJECT NewFileObject=NULL; 

44985| PDEVICE_OBJECT DeviceObject=NULL; 

44986| ULONG Returned=0; 

44987| OBJECT ATTRIBUTES ObjAttr={0}; 

44988| IO_STATUS_BLOCK loStatus={0}; 

44989| HANDLE VolumeHandle = I N VALI D_H AN DLE_VALU E ; 

44990| 



44991 1 // FileObject->Vpb->DeviceObject == unnamed 

| fileystem object 
44992 1 // FileObject->Vpb->Real Device == Volume as owned 

| by lowest device (eg \harddisk0\partition1) 
44993 | 

44994| if((FileObject->Vpb) && (FileObject->Vpb->Flags & 

| VPB MOUNTED)) { 
44995| // we need to get a FileObject to the "Volume" 
44996| 

44997| // step 1 . We need the device name 

| (\harddisk0\partition1) 
44998| 

44999 1 Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,NULL, 0, 

| & Returned ); 
45000| 

45001 1 if((Status==STATUS_INFO_LENGTH_MISMATCH) && 

| (Returned>0)) { 
45002| OBI = (POBJECT_NAME_IN FORMATION) 

| MemAllocatePoolWithTag(PagedPool,Returned+sizeof(WCHAR), 

| FILENAMETAG); 
45003| if(OBI) { 

45004| Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,OBI, Return 

| ed,&Returned ); 
45005| 

45006| if(NT_SUCCESS(Status)) { 

45007| wcscat(OBI->Name.Buffer,L"\\"); 
45008| OBI->Name.Length+=sizeof(WCHAR); 
45009 | 

4501 0| InitializeObjectAttributes ( 

| &ObjAttr,&OBI->Name, OBJ_CASE_INSENSITIVE, NULL, NULL 

I); 

45011| 

45012| Status = ZwOpenFile( 

45013| &VolumeHandle, 

45014| 0, 

45015| &ObjAttr, 

45016| &loStatus, 

45017| 0, 

45018| 0 

45019| ); 
45020| 

45021 1 if(NT_SUCCESS(Status)) { 

45022| // get file object from handle 
45023 1 

| ASSERT(lsValidHandle(VolumeHandle)); 

45024 1 Status = 

| ObReferenceObjectByHandle( 

45025| VolumeHandle, // IN 



I HANDLE Handle, 
45026| GENERIC_READ, 
45027| NULL, // IN 

| POBJECT TYPE ObjectType, //optional 
45028| 

| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
45029| (PVOID *)&NewFileObject, 

I//OUTPVOID *Object, 
45030| NULL //OUT 

| POBJECT_HANDLE_IN FORMATION Handlelnformation // 

| optional 
45031| ); 

45032| if(NT_SUCCESS(Status)) { 

45033| 

45034| FILE_FS_SIZE_INFORMATION 
| FsSize; 

45035| ULONG Returned; 

45036| 

45037| // get volume cluster size 

45038| Status = 

| loQueryVolumelnformation( 
45039| NewFileObject, //IN 

| PFILE_OBJECT FileObject, 
45040| FileFsSizelnformation, 

| // IN FS_INFORMATION_CLASS FslnformationClass, 
45041| sizeof (FsSize), // IN 

| ULONG Length, 
45042| &FsSize, // OUT PVOID 

| Fslnformation, 
45043| &Returned // OUT PULONG 

| ReturnedLength 
45044| ); 

45045| if(NT_SUCCESS(Status)) { 

45046| ClusterSize = 

| FsSize. SectorsPerAllocationUnit*FsSize.BytesPerSector; 
45047| SectorSize = 

| FsSize. Bytes PerSector; 
45048| TotalClusters = 

| FsSize. TotalAllocationUnits; 
45049| AvailClusters = 

| FsSize. AvailableAllocationU nits; 
45050| 

| Debug(DEBUG_DEVSUP,("FS_GetVolumelnfo '%S' %08x %08x 
| %l64x/%l64x\n",OBI->Name.Buffer,ClusterSize,SectorSize,A 
| vailClusters, TotalClusters)); 

45051 1 } else { 

45052 1 

| Debug(DEBUG_DEVSUP,("loQueryVolume failed with status 
| %08x\n M ,Status)); 



45053| } 
45054| 

| ObDereferenceObject(NewFileObject); 
45055| } else { 

45056| Debug(DEBUG_DEVSUP,("ObRef 

| failed %08x\n",Status)); 
45057| } 

45058| ZwClose(VolumeHandle); 
45059| VolumeHandle = 

| INVALID_HANDLE_VALUE; 
45060| } else { 

45061 | 

| Debug(DEBUG_DEVSUP,("loGetDevice failed 

| %08x\n",Status)); 
45062 1 } 
45063 1 } else { 

45064| Debug(DEBUG_DEVSUP, ("Query name 

| failed error %08x\n",Status)); 
45065| } 

45066| FREE_POINTER(OBI); 
45067| } else { 

45068| Debug(DEBUG_DEVSUP,("Out of memory for 

| %d byte\n", Returned)); 
45069| Status = STATUSJNSUFFICIENT_RESOURCES; 

45070 1 } 
45071 1 } else { 

45072| Debug(DEBUG_DEVSUP, ("Query name failed 

| getting size error %08x\n",Status)); 
45073 1 } 
45074| } else { 

45075| Debug(DEBUG_DEVSUP,("Devsup: FS_GetVolumelnfo: 

| volume for file object %08x not 

| mounted\n",FileObject)); 
45076| } 

45077| return Status; 
45078| } 
45079 1 
45080 1 r 

45081 1 FileObject is any open file on the specified volume 
45082 1 7 

45083| NTSTATUS FS_GetVolumeAttributes( PFILE_OBJECT 
| FileObject, PFILE_FS_ATTRIBUTE_INFORMATION Attrib, 
| ULONG BufferLength ) 

45084| { 

45085| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
45086| POBJECT_NAME_INFORMATION OBI=NULL; 
45087| PFILE_OBJECT NewFileObject=NULL; 
45088| PDEVICE_OBJECT DeviceObject=NULL; 
45089| ULONG Returned=0; 
45090| OBJECT_ATTRIBUTES ObjAttr={0}; 



45091| IO_STATUS_BLOCK loStatus={0}; 

45092| HANDLE VolumeHandle = INVALID_HANDLE_VALUE; 

45093| 

45094| // FileObject->Vpb->DeviceObject == unnamed 

| fileystem object 
45095| // FileObject->Vpb->Real Device == Volume as owned 

| by lowest device (eg \harddisk0\partition1) 
45096| 

45097| if((FileObject->Vpb) && (FileObject->Vpb->Flags & 

| VPB_MOUNTED)) { 
45098| // we need to get a FileObject to the "Volume" 
45099 1 

451 00| // step 1 . We need the device name 

| (\harddisk0\partition1) 
45101| 

45102| Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,NULL, 0, 

| & Returned ); 
45103| 

45104| if((Status==STATUS_INFO_LENGTH_MISMATCH) && 

| (Returned>0)) { 
45105| OBI = ( POB J ECT_N AM E_l INFORMATION) 

| MemAllocatePoolWithTag(PagedPool,Returned+sizeof(WCHAR), 

| FILENAMETAG); 
45106| if(OBI) { 

451 07| Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,OBI, Return 

| ed,&Returned ); 
45108| 

45109| if(NT_SUCCESS(Status)) { 

451 1 0| wcscat(OBI->Name.Buffer,L"\V); 

451 1 1 1 OBI->Name.Length+=sizeof(WCHAR); 

45112| 

451 1 3| InitializeObjectAttributes ( 

| &ObjAttr,&OBI->Name, OBJ_CASE_INSENSITIVE, NULL, NULL 

I); 

45114| 

451 1 5| Status = ZwOpenFile( 

45116| SVolumeHandle, 

45117| 0, 

45118| SObjAttr, 

45119| SloStatus, 

45120| 0, 

45121| 0 

45122| ); 
45123| 

45124| if(NT_SUCCESS(Status)) { 

451 25| // get file object from handle 
45126| 

| ASSERT(lsValidHandle(VolumeHandle)); 



45127| Status = 

| ObReferenceObjectByHandle( 
45128| VolumeHandle, //IN 

| HANDLE Handle, 
45129| GENERIC_READ, 
45130| NULL, //IN 

| POBJECT_TYPE ObjectType, //optional 
45131| 

| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
45132| (PVOID *)&NewFileObject, 

I//OUTPVOID *Object, 
45133| NULL //OUT 

| POBJECT HANDLE IN FORMATION Handlelnformation // 

| optional 
45134| ); 

451 35| if (NT_SUCCESS(Status)) { 

45136| 

45137| ULONG Returned; 

45138| 

451 39| // get volume cluster size 

45140| Status = 

| loQueryVolumelnformation( 
45141| NewFileObject, //IN 

| PFILE_OBJECT FileObject, 
45142| 

| FileFsAttributelnformation, // IN FS_INFORMATION_CLASS 

| FslnformationClass, 
45143| BufferLength, // IN 

| ULONG Length, 
451 44| Attrib, // OUT PVOI D 

| Fslnformation, 
45145| &Returned // OUT PULONG 

| ReturnedLength 
45146| ); 

451 47| if (NT_SUCCESS(Status)) { 

45148| }else{ 

45149| 

| Debug(DEBUG_DEVSUP,("loQueryVolume failed with status 

| %08x\n M ,Status)); 
45150| } 
45151| 

| ObDereferenceObject(NewFileObject); 
45152| }else{ 

45153| Debug(DEBUG_DEVSUP,("ObRef 

| failed %08x\n M ,Status)); 
45154| } 

45155| ZwClose(VolumeHandle); 
45156| VolumeHandle = 

| INVALID_HANDLE_VALUE; 



45157| }else{ 
45158| 

| Debug(DEBUG_DEVSUP,("loGetDevice failed 

| %08x\n",Status)); 
45159| } 
45160| }else{ 

451 61 1 Debug(DEBUG_DEVSUP, ("Query name 

| failed error %08x\n",Status)); 
45162| } 

45163| FREE_POINTER(OBI); 
45164| }else{ 

451 65| Debug(DEBUG_DEVSUP,("Out of memory for 

| %d byte\n", Returned)); 
45166| Status = STATUS_INSUFFICIENT_RESOURCES; 

45167| } 
45168| }else{ 

451 69| Debug(DEBUG_DEVSUP, ("Query name failed 

| getting size error %08x\n",Status)); 
45170| } 
45171| }else{ 

45172| Debug(DEBUG_DEVSUP,("Devsup: FS_GetVolumelnfo: 

| volume for file object %08x not 

| mounted\n",FileObject)); 
45173| } 

45174| return Status; 

45175| } 

45176| 

45177| 

45178| NTSTATUS 

45179| FS_SetEventCallBack( 

45180| IN PDEVICE_OBJECT DeviceObject, 

45181| IN PIRP Irp, 

45182| IN PVOID Context 

45183| ) 

45184| { 

45185| NOT_REFERENCED(DeviceObject); 
45186| NOTREFERENCED(Context); 
45187| 

45188| pmSetEvent(lrp->UserEvent); 
45189| 

451 90| // keep nt from touching our irp, which will be 

| handled by person 
451 91 1 // who wanted the event set 

45192| return STATUS_MORE_PROCESSING_REQUIRED; 

45193| } 

45194| 

45195| NTSTATUS FS_MoveFile( PFILE_OBJECT FileObject, 

| MOVE_FI LE_D ATA *Data ) 
45196| { 

45197| PIRP lrp=NULL; 



45198| KEVENT Event={0}; 

45199| IO_STATUS_BLOCK loStatusBlock={0}; 

45200| NTSTATUS Status=0; 

45201 1 PIO_STACK_LOCATION lrpStack=NULL; 

45202 1 P D E VIC E_OB J ECT DeviceObject; 

45203| ULONG Ret = 0; 

45204 1 

45205| __try { 
45206| 

45207 1 DeviceObject = 

| lo Get Related DeviceObject( Fi leObject) ; 
45208| 

45209 1 // 

4521 0| // Set the event object to the unsignaled 
| state. 

4521 1 1 //It will be used to signal request 

| completion. 
45212| // 
45213| 

45214| KelnitializeEvent(&Event, NotificationEvent, 

| FALSE); 
45215| 
45216| 

45217| // 

45218| // Create IRP for read 

45219| // 

45220| 

45221 1 Irp = lrpAllocatelrp(DeviceObject->StackSize); 
45222 | 

45223| if (!lrp) { 

45224| Debug(DEBUG_DEVSUP,("FS_MoveFile: Error! 

| Unable to allocate irp\n")); 
45225| try_return(Status = 

| STATUS_INSUFFICIENT_RESOURCES); 
45226| } 
45227| 

45228| lrp->Flags = 0; //IRP_READ_OPERATION; 
45229 1 

45230| lrp->Associatedlrp.SystemBuffer = Data; 
45231| lrp->MdlAddress = NULL; 

45232| lrp->UserBuffer = NULL; 
45233| lrp->UserEvent = &Event; 
45234| lrp->Userlosb = &loStatusBlock; 
45235| Hint -save -e740 7 
45236| lrp->Tail.Overlay.Thread = 

| PsGetCurrentThread(); 
45237| Hint -restore 7 

45238| lrp->Tail.Overlay.OriginalFileObject = NULL; 
45239| lrp->RequestorMode = 

| (KPROCESSOR_MODE)KernelMode; 



45240| lrp->loStatus. Status 

| STATUS_PENDING; 
45241| lrp->loStatus. Information = 0; 

45242| 

45243| IrpStack = loGetNextlrpStackLocation(lrp); 
45244| RtlZeroMemory((PVOID) IrpStack, 

| sizeof(IO_STACK_LOCATION)); 
45245| // just sets event 
45246| loSetCompletionRoutine(lrp, 

| FS_SetEventCallBack, NULL, TRUE, TRUE, TRUE); 
45247| lrpStack->MajorFunction = 

I IRP_MJ_FILE_SYSTEM_CONTROL; 
45248| lrpStack->MinorFunction = 

| IRP_MN_USER_FS_REQUEST; 
45249| 

| lrpStack->Parameters.DeviceloControl.loControlCode = 
| FSCTL MOVE FILE; 
45250| 

| lrpStack->Parameters. DeviceloControl.OutputBufferLength 
1 = 0; 
45251 | 

| lrpStack->Parameters.DeviceloControl.lnputBufferLength 
| = sizeof ( MO VE_F I L E_D ATA) ; 
45252 1 

| lrpStack->Parameters.DeviceloControl.Type3lnputBuffer = 
| NULL; 

45253 1 lrpStack->DeviceObject = 

| FileObject->DeviceObject; 
45254| lrpStack->FileObject = FileObject; 
45255| 

45256| Status = loCallDriver(DeviceObject, Irp); 
45257| 

45258| if (Status == STATU S_P EN DING) { 
45259 1 

45260| Debug(DEBUG_DEVSUP,("FS_MoveFile: Waiting 

| for get bitmap to finish\n")); 
45261 1 ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
45262 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

45263 1 

45264| Status = loStatusBlock.Status; 

45265| Ret = lrp->loStatus. Information; 

45266| } 

45267| IrpFreelrp(lrp); 
45268| 

45269| #if DO_ALL_IO 

45270| Debug(DEBUG_DEVSUP,("FS_MoveFile: 

| Status=%08x\n M ,Status)); 
45271 1 #endif 
45272 1 



45273| try_exit: NOTHING; 
45274| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

45275| Status = GetExceptionCode(); 

45276| Debug(DEBUG_DEVSUP,("FS_MoveFile: Exception 

| %08x\n",Status)); 
45277| } 
45278| 

45279| return Status; 
45280| } 
45281 | 

45282| NTSTATUS CloseVolumeByFileObject( HANDLE &VolumeHandle, 

| PFILE_OBJECT &VolumeFileObject) 
45283 1 { 

45284| if(VolumeFileObject) { 

45285| ObDereferenceObject(VolumeFileObject); 

45286| VolumeFileObject = NULL; 

45287| } 

45288| 

45289| if(lsValidHandle(VolumeHandle)) { 

45290| ZwClose(VolumeHandle); 

45291 1 VolumeHandle = INVALIDHANDLEVALUE; 

45292 1 } 

45293| return STATUS_SUCCESS; 

45294| } 

45295| 

45296| NTSTATUS OpenVolumeByFileObject( PFILE_OBJECT 
| FileObject, HANDLE &VolumeHandle, PFILE_OBJECT 
| &VolumeFileObject, ULONG Root ) 

45297| { 

45298| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

45299| POBJECT NAME IN FORMATION OBI=NULL; 

45300| ULONG Returned=0; 

45301| OBJECT ATTRIBUTES ObjAttr={0}; 

45302| IO_STATUS_BLOCK loStatus={0}; 

45303| 

45304| VolumeHandle = INVALIDHANDLEVALUE; 

45305| VolumeFileObject = NULL; 

45306| 

45307| // FileObject->Vpb->DeviceObject == unnamed 

| fileystem object 
45308| // FileObject->Vpb->Real Device == Volume as owned 

| by lowest device (eg \harddisk0\partition1) 
45309 | 

4531 0| if ((FileObject->Vpb) && (FileObject->Vpb->Flags & 

| VPB_MOUNTED)) { 
4531 1 1 // we need to get a FileObject to the "Volume" 
45312| 

45313| // step 1 . We need the device name 
| (\harddisk0\partition1) 



45314| 

45315| Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,NULL, 0, 

| & Returned ); 
45316| 

45317| if((Status==STATUS_INFO_LENGTH_MISMATCH) && 

| (Returned>0)) { 
45318| OBI = (POBJECT_NAME_INFORMATION) 

| MemAllocatePoolWithTag(PagedPool,Returned+sizeof(WCHAR), 

| FILENAMETAG); 
45319| if (OBI) { 

45320| Status = 

| ObQueryNameString(FileObject->Vpb->RealDevice,OBI, Return 

| ed,&Returned ); 
45321 | 

45322| if(NT_SUCCESS(Status)) { 

45323 1 if (Root) { 

45324| wcscat(OBI->Name.Buffer,L"\\"); 
45325| 

| OBI->Name.Length+=sizeof(WCHAR); 
45326| } 
45327| 

45328| InitializeObjectAttributes ( 

| &ObjAttr,&OBI->Name, OBJ_CASE_INSENSITIVE, NULL, NULL 

I); 

45329 1 

45330 1 Status = ZwOpenFile( 

45331 1 SVolumeHandle, 

45332| GENERIC_READ, 

45333 1 SObjAttr, 

45334| &loStatus, 

45335| FILE_SHARE_WRITE | 

| FILE_SHARE_READ, 
45336| 0 
45337| ); 
45338| 

45339| if(NT_SUCCESS(Status)) { 

45340| // get file object from handle 

45341 | 

| ASSERT(lsValidHandle(VolumeHandle)); 
45342 1 Status = 

| ObReferenceObjectByHandle( 
45343| VolumeHandle, // IN 

| HANDLE Handle, 
45344| GENERIC_READ, 
45345| NULL, // IN 

| POBJECT TYPE ObjectType, //optional 
45346| 

| (KPROCESSOR_MODE)KernelMode, // IN 
| KPROCESSORJVIODE AccessMode, 



45347| (PVOID *)&VolumeFileObject, 

I//OUTPVOID *Object, 
45348| NULL // OUT 

| POB J ECTH AN DLEI N FORM ATI ON Handlelnformation // 

| optional 
45349| ); 

45350| if(NT_SUCCESS(Status)) { 

45351| Debug(DEBUG_DEVSUP,("FO: 
| %08x = Volume: %08x %08x - 

| '%S'\n",FileObject,VolumeHandle,VolumeFileObject,OBI->Na 

| me.Buffer)); 
45352| FREE_POINTER(OBI); 
45353| ASSERT(VolumeFileObject != 

| NULL); 

45354| return Status; 

45355| } else { 

45356| Debug(DEBUG_DEVSUP,("ObRef 

| failed %08x\n",Status)); 
45357| } 

45358| ZwClose(VolumeHandle); 
45359| VolumeHandle = 

| INVALID_HANDLE_VALUE; 
45360| VolumeFileObject = NULL; 

45361 1 } else { 

45362 1 

| Debug(DEBUG_DEVSUP,("loGetDevice failed 

| %08x\n",Status)); 
45363| } 
45364| } else { 

45365| Debug(DEBUG_DEVSUP, ("Query name 

| failed error %08x\n",Status)); 
45366| } 

45367| FREE_POINTER(OBI); 
45368| } else { 

45369| Debug(DEBUG_DEVSUP,("Out of memory for 

| %d byte\n", Returned)); 
45370| Status = STATUS_INSUFFICIENT_RESOURCES; 

45371 | } 
45372 1 } else { 

45373| Debug(DEBUG_DEVSUP, ("Query name failed 

| getting size error %08x\n",Status)); 
45374| } 
45375| } else { 

45376| Debug(DEBUG_DEVSUP,("Devsup: 

| OpenVolumeByFileObject: volume for file object %08x not 
| mounted\n",FileObject)); 

45377| } 

45378| 

45379| // Getting here means an error occurred 
45380| ASSERT(!NT_SUCCESS(Status)); 



45381 1 ASSERT(VolumeHandle == INVALID_HANDLE_VALUE); 

45382| ASSERT(VolumeFileObject == NULL); 

45383 1 return Status; 

45384| } 

45385| 

45386| #ifdef DEBUG 

45387| NTSTATUS ExtendAFileQ 

45388| { 

45389| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

45390| LARGEJNTEGER Initial; 

45391 1 PFILE_OBJECT FileObject; 

45392| HANDLE FileHandle,WaitHandle; 

45393| PVOID WaitObject; 

45394| 

45395| #define FileName L M \\??\\d:\\temp\\test M 
45396| 

45397| Initial. QuadPart = 1024*1024*50; 
45398| 

45399| SbDeleteFile(FileName, FILE ATTRIBUTE NORMAL); 
45400| SbCreateAndFillFile ( FileName, &lnitial, NULL, 00, 

| FILLONWRITE_DISABLED); 
45401 1 

45402 1 Status = 

| OpenAFile(FileName,FileHandle,FileObject,WaitHandle,Wait 

| Object); 
45403 1 

45404| if(NT_SUCCESS(Status)) { 

45405| PFILE_OBJECT Volume Object = NULL; 

45406| HANDLE VolumeHandle = INVALID_HANDLE_VALUE; 

45407| 

45408 1 // open root object 
45409 1 Status = 

| OpenVolumeByFileObject(FileObject,VolumeHandle,VolumeObj 

| ect,TRUE); 
4541 0| if(NT_SUCCESS(Status)) { 
4541 1 1 FILE_FS_SIZE_INFORMATION FsSize; 

45412| ULONG Returned; 

4541 3| // get volume cluster size 

45414| Status = loQueryVolumelnformation( 

45415| VolumeObject, // IN PFILE_OBJECT 

| FileObject, 
4541 6| FileFsSizelnformation, // IN 

| FS_INFORMATION_CLASS FslnformationClass, 
4541 7| sizeof(FsSize), // IN ULONG Length, 

45418| &FsSize, // OUT PVOID Fslnformation, 

45419| &Returned // OUT PULONG ReturnedLength 

45420| ); 
45421 | 

45422| if(NT_SUCCESS(Status)) { 

45423| 



I CloseVolumeByFileObject(VolumeHandle,VolumeObject); 
45424| 

45425| // open volume object 

45426| Status = 

| OpenVolumeByFileObject(FileObject,VolumeHandle,VolumeObj 

| ect, FALSE); 
45427| if ( NT_SUCCESS(Status) ) { 
45428| int64 Size = 

| GetVolumeBitmapSize(VolumeObject); 
45429| 

45430| if(Size) { 

45431 1 STARTING_LCN_INPUT_BUFFER SLIB; 

45432| ULONG 

| ByteSize=FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer)+(ULON 

| G)(Size & Oxffffffff); 
45433| VOLUME_BITMAP_BUFFER *VB= 

| (VOLUME BITMAP BUFFER 

| *) Mem Al locatePoolWithTag( Paged Pool, ByteSize,TEM PTAG) ; 
45434| if(VB) { 

45435| ULONG 

| CountToFind=lnitial.LowPart/ 

| (FsSize.SectorsPerAllocationUnit*FsSize.BytesPerSector); 
45436| SLIB.StartingLcn.QuadPart= 

|0; 

45437 1 Status = 

| FS_GetVolumeBitmap(VolumeObject,&SLIB,VB,ByteSize); 
45438| if(NT_SUCCESS(Status)) { 

45439| RTL_BITMAP BitMap; 

45440 1 

| ASSERT(VB->BitmapSize.HighPart == 0); 
45441 | 

| RtllnitializeBitMap(&BitMap,(ULONG*)VB->Buffer,VB->Bitma 

| pSize.LowPart); 
45442 1 ULONG Pos = 

| RtlFindClearBitsAndSet(&BitMap,CountToFind,0); 
45443| if(Pos!=-1) { 

45444| M O V E_F I L ED ATA 

| Move; 

45445| // VCN = Virtual 

| Cluster number = Offset from start of file 
45446| // LCN = Logical 

| cluster number = Offset from start of volume 
45447| Move.FileHandle = 

| FileHandle; 
45448| // set to last 

| cluster in file 
45449 1 

| Move.StartingVcn.QuadPart = 0;// 

| *FsSize.SectorsPerAllocationUnit*FsSize.BytesPerSector; 
45450 1 



I Move.StartingLcn.QuadPart = (unsigned int64)Pos;// 

| *FsSize.SectorsPerAllocationUnit*FsSize.BytesPerSector; 
45451 1 Move.ClusterCount = 

| CountToFind; 
45452 1 Status = 

| FS_MoveFile(VolumeObject,&Move); 
45453 1 

| if(NT_SUCCESS(Status)) { 
45454| 

| Debug(DEBUG_DEVCON,( M Success moving file\n")); 
45455| } else { 

45456| 

| Debug(DEBUG_DEVCON, ("Error %08x moving 

| file\n",Status)); 
45457| } 
45458| } else { 

45459| Status = 

| STATUS_I N VALI D_PARAM ETER; 
45460| 

| Debug(DEBUG_DEVCON,("Error%08x getting 1 MB 

| buffer\n",Status)); 
45461 1 } 
45462 1 } else { 

45463 1 

| Debug(DEBUG_DEVCON,("ExtendAFile: Error %08x getting 

| bitmap\n",Status)); 
45464| } 
45465| Mem FreePool(VB) ; 

45466| } else { 

45467 1 Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
45468| Debug(DEBUG_DEVCON, ("Error 

| allocing memory for volume bitmap\n")); 
45469| } 
45470 1 } else { 

45471 1 Status = 

| STATUS_I N VALI DPARAM ETER; 
45472| Debug(DEBUG_DEVCON, ("Error %08x 

| getting size of volume bitmap\n", Status)); 
45473 1 } 
45474| } else { 

45475| Debug(DEBUG_DEVCON,("ExtentAFile: 
| Error %08x in 

| OpenVolumeByFileObject(...,FALSE)\n",Status)); 
45476| } 
45477| } else { 

45478| Debug(DEBUG_DEVCON, ("Error %08x getting 

| volume info\n",Status)); 
45479 1 } 
45480 1 



I CloseVolumeByFileObject(VolumeHandle,VolumeObject); 
45481 1 } else { 

45482| Debug(DEBUG_DEVCON,("ExtendAFile: Error 

| %08x opening volume\n",Status)); 
45483 1 } 
45484| 

| CloseAFile(FileHandle,FileObject,WaitHandle,WaitObject); 
45485| } else { 

45486| Debug(DEBUG_DEVCON,("ExtendAFile: Error %08x 

| opening file\n M , Status)); 
45487| } 

45488 1 return Status; 
45489 1 } 
45490| 
45491 | 

45492| NTSTATUS ExtendAFile2() 
45493 1 { 

45494| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

45495| LARGEJNTEGER Initial; 

45496| PFILE_OBJECT FileObject; 

45497| HANDLE FileHandle,WaitHandle; 

45498| PVOID WaitObject; 

45499 1 

45500| #define FileName L"\\??\\d:\\temp\\test" 
45501| 

45502| Initial. QuadPart = 4096; 
45503| 

45504| SbDeleteFile(FileName, FILE_ATTRIBUTE_NORMAL); 
45505| SbCreateAndFillFile ( FileName, &lnitial, NULL, 00, 

| PSManFillOnWrite); 
45506| Status = 

| OpenAFile(FileName,FileHandle,FileObject,WaitHandle,Wait 

| Object); 
45507| 

45508| if(NT_SUCCESS(Status)) { 

45509| PFILE_OBJECT VolumeObject = NULL; 

45510| HANDLE VolumeHandle = INVALID HANDLE VALUE; 

4551 1 1 RETRIEVAL_POINTERS_BUFFER *RP = NULL; 

45512| STARTING_VCN_INPUT_BUFFER SVIB = {0}; 

45513| ULONG CalcSize=0; 

45514| 

45515| //get Last vcn 
45516| ULONG Count = 16; 
45517| 

45518| do{ 

45519| if(RP) { 

45520| MemFreePool(RP); 

45521 1 RP = NULL; 

45522 1 } 

45523| CalcSize = 



I FIELD_OFFSET(RETRIEVAL_POINTERS_BUFFER,Extents)+Count*si 

| zeof(RP->Extents); 
45524| RP = 

| (RETRIEVAL_POINTERS_BUFFER*)MemAllocatePoolWithTag(Paged 

| Pool,CalcSize,TEMPTAG); 
45525| if(RP) { 

45526| RtlZeroMemory(RP,CalcSize); 
45527| SVIB.StartingVcn.QuadPart=0; 
45528| Status = FS_GetFileMap( 

45529| FileObject, 
45530| &SVIB, 
45531 1 RP, 
45532| CalcSize); 
45533 1 Count*=2; 
45534| } else { 

45535| Status = STATUS_INSUFFICIENT_RESOURCES; 

45536| } 

45537| } while(Status == STATUS_BUFFER_OVERFLOW); 
45538| 

45539| if(NT_SUCCESS(Status)) { 
45540| LARGE_INTEGER LastVCN; 

45541 1 Status = 

| FS_GetLastClusterFromFileMap(RP,LastVCN); 
45542| if(NT_SUCCESS(Status)) { 

45543| Debug(DEBUG_DEVSUP,("Last cluster = 

| %08l64x\n",LastVCN)); 
45544| } else { 

45545| Debug(DEBUG_DEVSUP,("Error %08x getting 

| last cluster\n", Status)); 
45546| } 
45547| 

45548| // open root object 

45549 1 Status = 

| OpenVolumeByFileObject(FileObject,VolumeHandle,VolumeObj 

| ect,TRUE); 
45550| if(NT_SUCCESS(Status)) { 

45551 1 FILE_FS_SIZE_INFORMATION FsSize; 

45552| ULONG Returned; 

45553 1 

45554| // get volume cluster size 

45555| Status = loQueryVolumelnformation( 

45556| VolumeObject, // IN PFILE_OBJECT 

| FileObject, 

45557| FileFsSizelnformation, // IN 

| FS_INFORMATION_CLASS FslnformationClass, 
45558| sizeof(FsSize), // IN ULONG Length, 

45559| &FsSize, //OUTPVOID 

| Fslnformation, 
45560| SReturned // OUT PULONG 

| ReturnedLength 



45561| ); 
45562| 

45563| if(NT_SUCCESS(Status)) { 

45564| 

| CloseVolumeByFileObject(VolumeHandle,VolumeObject); 
45565| 

45566| // open volume object 

45567| Status = 

| OpenVolumeByFileObject(FileObject,VolumeHandle,VolumeObj 

| ect, FALSE); 
45568| if ( NT_SUCCESS(Status) ) { 
45569| int64 Size = 

| GetVolumeBitmapSize(VolumeObject); 
45570| 

45571 1 if (Size) { 

45572| ST A RT I N G_LC N_INPUT_BUFFER 

I SLIB; 

45573| ULONG 

| ByteSize=FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer)+(ULON 

| G)(Size & Oxffffffff); 
45574| VOLUME_BITMAP_BUFFER *VB= 

| (VOLUME_BITMAP_BUFFER 

| *)MemAllocatePoolWithTag(PagedPool,ByteSize,TEMPTAG); 
45575| if(VB) { 

45576| ULONG CountToFind=1 0; 

45577| 

| SLIB.StartingLcn.QuadPart= 0; 
45578| Status = 

| FS_GetVolumeBitmap(VolumeObject,&SLIB,VB,ByteSize); 
45579| if(NT_SUCCESS(Status)) 

|{ 

45580| RTL BITMAP BitMap; 

45581 | 

| ASSERT(VB->BitmapSize.HighPart == 0); 
45582 1 

| RtllnitializeBitMap(&BitMap,(ULONG*)VB->Buffer,VB->Bitma 

| pSize.LowPart); 
45583 1 ULONG Pos = 

| RtlFindClearBitsAndSet(&BitMap,CountToFind,0); 
45584| if(Pos!=-1) { 

45585| M O V E_F I L E_D AT A 

| Move; 

45586| // VCN = 

| Virtual Cluster number = Offset from start of file 
45587| // LCN = 

| Logical cluster number = Offset from start of volume 
45588| Move.FileHandle 

| = FileHandle; 
45589 1 //set to last 

| cluster in file 



45590| 

| Move.StartingVcn.QuadPart = LastVCN.QuadPart;// 
| *FsSize.SectorsPerAllocationUnit*FsSize.BytesPerSector; 
45591| 

| Move.StartingLcn.QuadPart = (unsigned int64)Pos;// 

| *FsSize.SectorsPerAllocationUnit*FsSize.BytesPerSector; 
45592| 

| Move.ClusterCount = CountToFind; 
45593| Status = 

| FS_MoveFile(VolumeObject,&Move); 
45594| 

| if(NT_SUCCESS(Status)) { 
45595| 

| Debug(DEBUG_DEVCON, ("Success moving file\n")); 
45596| } else { 

45597| 

| Debug(DEBUG_DEVCON, ("Error %08x moving 

| file\n",Status)); 
45598| } 
45599| } else { 

45600| Status = 

| STATUS_I N VALI D PARAM ETER; 
45601| 

| Debug(DEBUG_DEVCON, ("Error %08x getting 1 MB 

| buffer\n",Status)); 
45602 1 } 
45603| } else { 

45604| 

| Debug(DEBUG_DEVCON,("ExtendAFile: Error %08x getting 

| bitmap\n",Status)); 
45605| } 
45606| MemFreePool(VB); 
45607| } else { 

45608| Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
45609 1 

| Debug(DEBUG_DEVCON, ("Error allocing memory for volume 

| bitmap\n")); 
45610| } 
4561 1 1 } else { 

45612| Status = 

| STATUS_I N VALI D PARAM ETER; 
45613| Debug(DEBUG_DEVCON, ("Error 

| %08x getting size of volume bitmap\n", Status)); 
45614| } 
45615| }else{ 

45616| Debug(DEBUG_DEVCON,("Error%08x 

| in OpenVolumeByFileObject(...,FALSE)\n",Status)); 
45617| } 
45618| }else{ 



45619| Debug(DEBUG_DEVCON, ("Error %08x 

| getting volume info\n", Status)); 
45620| } 
45621| 

| CloseVolumeByFileObject(VolumeHandle,VolumeObject); 
45622| } else { 

45623| Debug(DEBUG_DEVCON,("ExtendAFile: Error 

| %08x opening volume\n",Status)); 
45624| } 

45625| MemFreePool(RP); 
45626| } else { 

45627| Debug(DEBUG_DEVCON,("ExtendAFile: Error 

| %08x getting extents\n", Status)); 
45628| } 
45629| 

| CloseAFile(FileHandle,FileObject,WaitHandle,WaitObject); 
45630| } else { 

45631 1 Debug(DEBUG_DEVCON,("ExtendAFile: Error %08x 

| opening file\n", Status)); 
45632 1 } 

45633 1 return Status; 
45634| } 
45635| #endif 
45636| 

45637| NTSTATUS PsmWriteToFile( 



45638| pPsmFilelnfo Info, 

45639| PIO_STATUS_BLOCK loStatus, 

45640 1 PC VOID Buffer, 

45641 1 ULONG ByteCount, 

45642| PLARGEJNTEGER Location, 

45643| BOOLEAN Directlo, 

45644| PERESOURCE Direct Access Resource 

45645| #ifdef DEBUG 

45646| , BOOLEAN CheckForDeadLock 

45647| #endif 
45648| ) 
45649 1 { 

45650| NTSTATUS Status = STATUSJJNSUCCESSFUL; 
45651 1 

45652| #ifdef DEBUG 

45653| if(CheckForDeadLock && 



| IsSnapShotAcquiredForWriteO) { 
45654| // the reason this is bad is that we have the 
| writer lock 

45655| // and any io that needs to be PSMed, needs to 

| acquire the reader lock 
45656| // thus producing a deadlock, to fix it, dont 

| call with writer lock 
45657| // which you can do by spinning off whatever 

| you are trying to do to a 



45658| // worker thread. 

45659| Debug(DEBUG_DCPSM,("PsmWriteToFile: Snapshot 

| resource acquired for write!\n")); 
45660| DbgBreakPoint(); 
45661 1 } 
45662| #endif 
45663 1 

45664| if (( Directlo ) || (PSMDirectlOOptions & 

| PSM_DIRECTIO_FLAG_ALWAYS_DO_DIRECT)) { 

45665| pmAcquireReaderLock ( Direct Access Resource, 
I TRUE); 

45666| ASSERT ( lnfo->Direct != NULL ); 

45667| if ( lnfo->Direct != NULL ) { 

45668| ASSERT ( lnfo->Direct->readyForDirectlo() 

I); 

45669| if ( lnfo->Direct->readyForDirectlo() ) { 

45670 1 #if DO_ALL_IO 

45671 1 Debug(DEBUG_DEVSUP,( M PsmWriteToFile: 

| Directlo %08x location %08l64x, 

| count=%08x\n M ,Buffer,*Location,ByteCount)); 
45672| #endif 

45673| Status = lnfo->Direct->write ( Buffer, 

| *Location, ByteCount ); 
45674| } else { 

45675| Debug(DEBUG_DEVSUP,( M PsmWriteToFile: 
| Attempt to perform direct IO when lnfo->Direct is not 
| ready\n M )); 

45676| } 

45677| } else { 

45678| Debug(DEBUG_DEVSUP,( M PsmWriteToFile: 

| Attempt to perform direct IO when 

| lnfo->Direct==NULL\n M )); 
45679 1 } 

45680| pmReleaseReaderLock ( DirectAccessResource ); 
45681 1 } else { 
45682 1 #if DO_ALL_IO 

45683| Debug(DEBUG_DEVSUP,("PsmWriteToFile: File %08x 
| location %08l64x, 

| count=%08x\n",Buffer,*Location, ByteCount)); 
45684| #endif 
45685 1 Status = 

| SbWriteAndWait(l nf o, loStatus, Buffer, ByteCou nt, Location) ; 
45686| } 
45687| 

45688 1 return Status; 
45689 1 } 
45690 1 

45691| NTSTATUS PsmReadFromFile( 

45692| pPsmFilelnfo Info, 

45693| PIO_STATUS_BLOCK loStatus, 



45694| PVOID Buffer, 

45695| ULONG ByteCount, 

45696| PLARGEJNTEGER Location, 

45697| BOOLEAN Directlo, 

45698| PERESOURCE DirectAccessResource 

45699| ) 



45700| { 

45701 1 NTSTATUS Status = STATUSJJNSUCCESSFUL; 
45702 1 
45703 1 

45704| if (( Directlo ) || (PSMDirectlOOptions & 

| PSM_DIRECTIO_FLAG_ALWAYS_DO_DIRECT)) { 

45705| pmAcquireReaderLock ( DirectAccessResource, 
I TRUE); 

45706| ASSERT ( lnfo->Direct != NULL ); 

45707| if ( lnfo->Direct != NULL ) { 

45708| ASSERT ( lnfo->Direct->readyForDirectlo() 

I); 

45709| if ( lnfo->Direct->readyForDirectlo() ) { 

45710| #if DO_ALL_IO 

4571 1 1 Debug(DEBUG_DEVSUP,( M PsmReadFromFile: 
| Directlo %08x location %08l64x, 
| count=%08x\n M ,Buffer,*Location,ByteCount)); 

45712| #endif 

45713| Status = lnfo->Direct->read ( Buffer, 

| *Location, ByteCount ); 
45714| }else{ 

45715| Debug(DEBUG_DEVSUP,( M PsmReadFromFile: 
| Attempt to perform direct IO when lnfo->Direct is not 
| ready\n")); 

45716| } 

45717| }else{ 

45718| Debug(DEBUG_DEVSUP,( M PsmReadFromFile: 

| Attempt to perform direct IO when 

| lnfo->Direct==NULL\n M )); 
45719| } 

45720| pmReleaseReaderLock ( DirectAccessResource ); 
45721| }else{ 
45722| #if DO_ALL_IO 

45723| Debug(DEBUG_DEVSUP,("PsmReadFromFile: File 

| %08x location %08l64x, 

| count=%08x\n",Buffer,*Location, ByteCount)); 
45724| #endif 
45725| Status = 

| SbReadAndWait(lnfo,loStatus,Buffer,ByteCount,Location); 
45726| } 
45727| 

45728| return Status; 

45729| } 

45730| 



45731 1 NTSTATUS UpdateDriverSubSystemStatus( DWORD Id, const 

| WCHAR *SubSystemName ) 
45732 1 { 

45733| WCHAR Buffer[1 00]; 

45734| 

45735| // 

| \registry\system\machine\System\currentcontrolset\servic 
| es\psman5 
45736| 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 

45737| Buffer[gRegistryPath. Length / 2] = 0; 
45738 1 wcscat( But f e r, L"\\pe rsistent") ; 
45739 1 

45740| Debug(DEBUG_DEVSUP,( M UpdateDriverSubSystemStatus: 

| ld=%08x, SubSystemName='%S'\n",ld,SubSystemName)); 
45741 | 

45742 1 return 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,SubSy 

| stemName,REG_DWORD,&ld,sizeof(DWORD)); 
45743 1 } 
45744| 

45745| NTSTATUS U pd ate Global Statu s( DWORD Id ) 
45746| { 
45747 1 return 

| UpdateDriverSubSystemStatus(ld,L M GlobalStatus n ); 
45748| } 
45749| 

45750| // returns true if at least one snapshot is always keep 
45751| ULONG AreThereAlwaysKeepSnapShots() 
45752| { 

45753| ULONG FoundOne=0; 

45754| PDEVICE_OBJECT DevObj; 

45755| PFILTERED EXTENSION DevExt=NULL; 

45756| pkSnapShotEntry p; 

45757| 

45758| __try { 

45759| DevObj = PSManDriverObject->DeviceObject; 
45760| // go through all volumes looking for snapshots 
45761 1 while(DevObj != NULL) { 
45762 1 

| if(PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK) { 
45763| DevExt = GetFilteredExtension(DevObj); 

45764 1 

45765| GetSnapShotForRead(); 

45766| __try { 

45767| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
45768| while(p) { 

45769| 



I if(p->MasterSnapShot->Priority==255) { 



45770| FoundOne = TRUE; 

45771 1 DoneWithSnapShot(p); 
45772 1 break; 
45773 1 } 
45774| 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
45775| } 

45776| } ^finally { 

45777| ReleaseSnapShotForRead() ; 

45778| } 

45779 1 } 

45780| if(FoundOne) { 

45781 1 break; 

45782 1 } 

45783| DevObj=DevObj->NextDevice; 
45784| } 
45785| } 



| except(ExceptionFilter(GetExceptionlnformation())) { 

45786| 

| Debug(DEBUG_DCPSM,("AreThereAlwaysKeepSnapShots: 

| Exception %08x\n",GetExceptionCode())); 
45787| } 
45788| 

45789 1 return FoundOne; 

45790 1 } 

45791| 

45792| WCHAR *GetPerVolumeRegistry( PDEVICE_OBJECT Volume ) 
45793| { 

45794| ULONG Length=(g Registry Path. Length/2)+40+1 ; 
45795| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
45796| WCHAR *Buffer = (WCHAR*)MemAllocateString(Length); 
45797| 

45798| if(Buffer) { 
45799 1 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 

45800| Buffer[gRegistryPath. Length / 2] = 0; 
45801 1 wcscat(Buffer,L M \\ M ); 
45802| wcscat(Buffer,DevExt->VolumeGuid); 
45803 1 } 

45804| ASSERT(Buffer); 
45805 1 return Buffer; 
45806| } 
45807| 

45808| void FreePerVolumeRegistry( WCHAR *Buffer ) 
45809 1 { 

45810| ASSERT(Buffer); 
4581 1 1 MemFreeString(Buffer); 



} 

return FALSE; 



45812| } 
45813| 

45814| // 

| 

45815| ULONG IsClusterServerQ 
45816| { 

45817| WCHAR Buffer[256]; 
45818| 

| wcscpy(Buffer,L"\\Registry\\Machine\\Cluster\\Persistent 
| StorageManagerW"); 
45819| if( 

| RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,Buffer)==STATU 
| S_SUCCESS ) { 
45820| return TRUE; 
45821 | 
45822 1 
45823| } 
45824| 
45825| 
45826| 

45827| File Listing: DEVSUP.h 
45828| 

45829| typedef const void *PCVOID; 
45830 1 

45831 1 #define SBPSMAN_BUG_CODE 
45832 1 

45833| #define SB_BUG_BPSNOT512 
45834| #define SB_BUG_ATDISPATCH 
45835| #define SB_BUG_INIT_F AILED 
45836| #define SB_CACHE_FULL 
45837| #define SB_BUG_PREDICT_CANT_OPEN_HEADER (0x00000001) 
45838| #define SB_BUG_REBOOT_FAILED (0x00000001 ) 
45839 1 



(OxeOOOOOOO) 

(0x00000001) 
(0x00000002) 
(0x00000003) 
(0x00000004) 



45840 1 


#define 


SB_ 


_BUG_ 


FILESBPSMAN 


(0x00100000) 


45841 | 


#define 


SB_ 


_BUG_ 


_WRITE_FILE 


(0x00200000) 


45842 1 


#define 


SB. 


.BUG. 


.FILEJNIT 


(0x00400000) 


45843 1 


#define 


SB_ 


_BUG_ 


_FILE_PREDICT 


(0x00800000) 


45844| 


#define 


SB_ 


_BUG_ 


REVERT 


(0x01000000) 



45845| 

45846| #define PSManBugCheck(File,Code,A,B,C) { 

| KeBugCheckEx(SBPSMAN_BUG_CODE | (Code), (File) | 
| _LINE_, A, B, C ); } 

45847| 

45848| ULONG DevicelsBeingBackedUp( PDEVICE_OBJECT 

| DeviceObject ); 
45849 1 

45850| void FailRequest ( pkSnapShotEntry Snapshot, NTSTATUS 
| Error ); 

45851 1 void SbTrace ( UCHAR Code, ULONG Arg1 , ULONG Arg2, 
| ULONG Arg3, ULONG Arg4, PCHAR Msg ); 



45852| void SbTrace2 ( char *Code, ULONG Arg1, ULONG Arg2, 
| ULONG Arg3, ULONG Arg4, PCHAR Msg, char "File, ULONG 
I Line ); 

45853| 

45854| 

45855| NTSTATUS SbOpenCacheFilelnAsyncMode ( 
45856| const WCHAR *CacheFile, 

45857| HANDLE 

| *FileHandle, 
45858| PFILE_OBJECT 

| *FileObject, 
45859| ULONG Options 

45860| ); 
45861 | 

45862| NTSTATUS SbOpenCacheFilelnSyncMode ( 
45863| const WCHAR *CacheFile, 

45864| HANDLE 

| *FileHandle, 
45865| PFILE_OBJECT 

| *FileObject, 
45866| ULONG Options 

45867| ); 
45868| 

45869| NTSTATUS SbGetAsyncEvent ( 
45870| HANDLE SEventHandle, 
45871| PVOID SEventObject ); 
45872| 
45873| 

45874| void SbGetRegistrySettings ( IN PUNICODE_STRING 

| RegistryPath ); 
45875| 

45876| NTSTATUS Sblo_ReadDevice( PDEVICE_OBJECT DeviceObject, 

45877| PLARGEJNTEGER ByteOffset, 

45878| ULONG ByteCount, 

45879| char *Buff); 

45880| 

45881 1 NTSTATUS Sblo_WriteDevice( 

45882| PDEVICE_OBJECT DeviceObject, 

45883| PLARGEJNTEGER ByteOffset, 

45884| ULONG ByteCount, 

45885| const char *Buff ); 

45886| 

45887| 

45888| NTSTATUS Sblo_ReadDeviceMdl( PDEVICE_OBJECT 

| DeviceObject, 
45889| PLARGEJNTEGER ByteOffset, 

45890 1 ULONG ByteCount, 

45891| PIRP 

| Originallrp, 
45892| PMDL Mdl); 



45893| 

45894| NTSTATUS Sblo_GetGeometry( PDEVICE_OBJECT 
| DeviceObject, 



45896| 
45897| 

45898| NTSTATUS Sblo_DeviceloControl( PDEVICE_OBJECT 
| DeviceObject, 



45906| 

45907| NTSTATUS Sb I o_GetD rive Layout ( PDEVICE_OBJECT 

| DeviceObject, 
45908| 

| PDRIVE_LAYOUT_INFORMATION Drive Layout Info, 
45909| ULONG 

| DriveLayoutlnfoSize ); 
45910| #ifdef DEBUG 

4591 1 1 void Debug_DumpSector( char *Buffer, ULONG Size ); 
45912| #else 

45913| #define Debug_DumpSector(b,s) 

45914| #endif 

45915| 

45916| NTSTATUS CheckMediaLoaded ( PDEVICE_OBJECT 

| DeviceObject, PIRP Irp ); 
45917| 

45918| pOTJJSER FindPSMUser ( PEPROCESS Process, PETHREAD 
| Thread); 

45919| void DeletePSMUser( pOT_USER User ); 
45920| void AddPSMUser( pOTJJSER User ); 
45921| pOTJJSER FindPSMUserByFileObject ( PFILE_OBJECT 
| FileObject ); 

45922| pOTJJSER FindPSMUserBySnapShot ( pkSnapShotMaster 
| Snapshot ); 

45923| NTSTATUS FlushVolume( const WCHAR *Name ); 
45924| 

45925| NTSTATUS Sblo_Flush( PDEVICE_OBJECT DeviceObject ); 
45926| NTSTATUS Sblo_FlushTopLevelObject( PDEVICE_OBJECT 
| MyObject ); 

45927| NTSTATUS Sb I ojnval id ate Volumes ( PDEVICE_OBJECT 

| FSObject, HANDLE FileHandle ); 
45928| NTSTATUS lnvalidateVolumes( PDEVICE_OBJECT Volume ); 
45929| NTSTATUS FlushVolumeObject( PDEVICE_OBJECT Volume ); 
45930| PDEVICE_OBJECT Get FSObject Fro mVolumeObject ( 

| PDEVICE_OBJECT Volume ); 



45895| 



PDISK GEOMETRY Geometry ); 



45899| 
45900| 
45901 1 
45902 | 
45903 | 
45904| 
45905| 



ULONG loctlCode, 
char *lnBuffer, 
ULONG InBufferSize, 
char *OutBuffer, 
ULONG OutBufferSize, 
ULONG *BytesReturned 

); 



45931 1 NTSTATUS Sblo_LockVolume( const WCHAR *VolumeName ); 
45932| NTSTATUS Sblo_UnlockVolume( const WCHAR *VolumeName ); 
45933| NTSTATUS Sblo_DismountVolume( const WCHAR *VolumeName 

I); 

45934| NTSTATUS SbDeleteFile( const WCHAR *FileName, ULONG 

| FileAttributes); 
45935| NTSTATUS SbDeleteZeroLengthFile( const WCHAR 

| *FileName); 
45936| 

45937| pkSnapShotEntry GetTopSnapShot( PLIST_ENTRY ListHead ); 
45938| BOOLEAN lnList( PLIST_ENTRY ListHead, tkSnapShotEntry 

| *SnapShot); 
45939 | 

45940| pkSnapShotEntry GetNextSnapShot( PLIST ENTRY ListHead, 

| pkSnapShotEntry Snapshot ); 
45941 1 pkSnapShotMaster GetSnapShotMaster( PLIST_ENTRY 

| ListEntry ); 
45942| pkSnapShotEntry 

| FindSnapShotEntryForDevice(pkSnapShotMaster Snapshot, 

| PDEVICE_OBJECT DeviceObject); 
45943| pkSnapShotEntry GetTopSnapShotForMaster( PLIST_ENTRY 

| ListHead ); 

45944| pkSnapShotEntry GetNextSnapShotForMaster( PLIST_ENTRY 

| ListHead, pkSnapShotEntry Snapshot ); 
45945| void DoneWithSnapShot( pkSnapShotEntry Snapshot ); 
45946| void UseSnapShot( pkSnapShotEntry Snapshot ); 
45947| NTSTATUS SblsADirectory ( const WCHAR *CacheFileName ); 
45948| 
45949 1 VOID 

45950| PSManSyncFilterWithTarget( 

45951 1 IN PDEVICE_OBJECT FilterDevice, 

45952| IN PDEVICE_OBJECT TargetDevice 

45953 1 ); 

45954| NTSTATUS 

45955| PSManForwardlrpSynchronous( 

45956| IN PDEVICE_OBJECT DeviceObject, 

45957| IN PIRP Irp 

45958| ); 

45959 1 NTSTATUS 

45960| PSManlrpCompletion( 

45961 1 IN PDEVICE_OBJECT DeviceObject, 

45962| IN PIRP Irp, 

45963| IN PVOID Context 

45964| ); 

45965| VOID 

45966| PSManAddCounters( 

45967| IN OUT PDISKPERFORMANCE Total Counters, 
45968| IN PDISK_PERFORMANCE NewCounters 
45969 1 ); 
45970| 



45971 1 

45972| typedef struct _FILE_FS_SIZE_INFORMATION { 
45973| LARGE_INTEGER TotalAllocation Units; 
45974| LARGE_INTEGER AvailableAllocationUnits; 
45975| ULONG Sectors PerAllocation Unit; 
45976| ULONG Bytes PerSector; 

45977| } FILE_FS_SIZEJNFORMATION, *PFILE_FS_SIZE_INFORMATION; 
45978| 

45979| typedef struct _FILE_FS_ATTRIBUTE_IN FORMATION { 

45980| ULONG FileSystem Attributes; 

45981 1 LONG MaximumComponentNameLength; 

45982| ULONG FileSystem Name Length; 

45983| WCHAR FileSystemName[1]; 

45984| } FILE_FS_ATTRIBUTE_INFORMATION, 

| *PFILE_FS_ATTRIBUTE_INFORMATION; 
45985| 
45986| 

45987| extern "C" { 

45988| NTKERNELAPI 

45989| NTSTATUS 

45990| loQueryVolumelnformation( 

45991 1 IN PFILE_OBJECT FileObject, 

45992| IN FS_INFORMATION_CLASS FslnformationClass, 

45993| IN ULONG Length, 

45994| OUT PVOID Fslnformation, 

45995| OUT PULONG Returned Length 

45996| ); 

45997| } 

45998| 

45999 | 

46000| char *CopyFileNameOnly( char *Buffer, char *Path ); 

46001 1 NTSTATUS SbGetFileSize ( const WCHAR *CacheFileName, 

| PLARGEJNTEGER FileSize ); 
46002| int CreateJunction( const PWCHAR LinkDirectory, const 

| PWCHAR LinkTarget, LARGEJNTEGER Time ); 
46003| int DeleteJunction( const PWCHAR Junction ); 
46004| NTSTATUS CreateMountPoint( const PWCHAR LinkDirectory, 

| const PWCHAR LinkTarget, LARGEJNTEGER Time ); 
46005| 

46006| NTSTATUS SbTouchVolume ( const WCHAR *VolumeName ); 
46007| 

46008| // 

| 



46010| const ULONG FILLONWRITE_DISABLED 
| 0; // don't zero fill diff file, and use 

| index sector EOF optimizations. 

46011| const ULONG FILLONWRITE_ALL 

| 1 ; // zero fill everything upon creation. 



46012| const ULONG FILLONWRITE_EOF 

| 2; // write one byte at EOF to initialize 

| entire file (not recommended). 
46013| 

46014| // It seems nt4sp4 ntfs upon recieving a 

| ZwSetlnformationFile with FileEndOfFilelnformation 

| doesnt actually 
46015| // extend the file until it is written to. Seems to 

| only set the "filesize". We need to have the file 

| completely 

4601 6| // allocated or when we write to our cache file we will 
| hang.. 

46017| const ULONG FILLONWRITES_DEF = FILLONWRITE_DISABLED; 

| // if no registry option specified, use most efficient 

| settings 
46018| 

46019| NTSTATUS SbCreateAndFillFile ( 

46020| const WCHAR *FileName, 

46021| PLARGEJNTEGER Initialize, 

46022| PVOID AbortEvent, 

46023| BYTE Pattern, 

46024| ULONG FillOnWriteOption ); 

46025| 

46026| // 

| 

| 

46027| 

46028| ULONG IsBeingProcessedEx ( tWriteRequest *Request ); 

46029| ULONG IsBeing Processed ( tWriteRequest *Request ); 

46030| NTSTATUS FindAndProcessVirtualVolumeBitMap( const WCHAR 

| *VirtualVolName, const WCHAR *LiveVolName, PRTL_BITMAP 

| *BitMap, ULONG &ClusterSize ); 
46031 1 NTSTATUS SbCreate Directory ( const WCHAR 

| *DirectoryName, PSECURITY_DESCRIPTOR SD, ULONG 

| Attributes ); 

46032| NTSTATUS S b Delete Mo untPoint( const WCHAR *FileName ); 
46033| NTSTATUS SbDeleteAIIReparsePointsAndDir( const WCHAR 

| *SnapShotsPathName ); 
46034| NTSTATUS SbSnapShotCleanup( const WCHAR 

| *SnapShotsPathName ); 
46035| NTSTATUS FilllnWriteRequest( tWriteRequest 

| *WriteRequest, PDEVICE_OBJECT DeviceObject, PIRP Irp, 

| ULONG BPS ); 

46036| NTSTATUS SetFlushRoutine( PVOID UserModePointer ); 
46037| 

46038 1 ErrorCode 

46039| OpenAFile( 

46040| WCHAR *File, 

46041| HANDLE &FileHandle, 

46042| PFILE_OBJECT &FileObject, 



46043 1 HANDLE & WaitHandle, 
46044| PVOID &WaitObject ); 

46045| 

46046| ErrorCode 

46047| CloseAFile ( 

46048| HANDLE &FileHandle, 

46049| PFILE_OBJECT &FileObject, 

46050| HANDLE &WaitHandle, 

46051 1 PVOID &WaitObject ); 

46052 1 

46053| #define IO_REPARSE_TAG_MOUNT_POINT 

| (0xA0000003) 
46054| #define FSCTL_SET_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHODBUFFERED, 

| FILE_SPECIAL_ACCESS) // REPARSE_DATA_BUFFER, 
46055| #define FSCTL_GET_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD BUFFERED, 

| FILE_ANY_ACCESS) // REPARSE_DATA_BUFFER 
46056| #define FSCTL DELETE REPARSE POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) // REPARSE_DATA_BUFFER, 
46057| 
46058| // 

46059| // Undocumented FSCTL SET REPARSE POINT structure 

| definition 
46060 1 // 

46061 1 #define REPARSE MOUNTPOINT HEADER SIZE 8 
46062 1 typedef struct { 



46063 1 


DWORD 


ReparseTag; 


46064| 


DWORD 


ReparseDataLength; 


46065| 


WORD 


Reserved; 


46066| 


WORD 


ReparseTargetLength; 


46067| 


WORD 


ReparseTargetM ax i m u m Length ; 


46068| 


WORD 


Reserved 1; 


46069 1 


WCHAR 


ReparseTarget[1]; 



46070| } REPARSE_MOUNTPOINT_DATA_BUFFER, 

| *PREPARSE_MOUNTPOINT_DATA_BUFFER; 
46071 | 

46072| NTSTATUS S hutdown System ( SHUTDOWN_ACTION Action ); 
46073| NTSTATUS BufferToHexWChar( PVOID Buffer, ULONG 

| NumBytes, PWCHAR Out, ULONG *OutSize); 
46074| 

46075| #define FSCTL_G ET_NTFS_VOLU M E_D ATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, 
| FILE ANY ACCESS) // NTFS_VOLUME_DATA_BUFFER 

46076| #define FSCTL_GET_NTFS_FILE_RECORD 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, 
| FILE_ANY_ACCESS) // NTFS_FILE_RECORD_INPUT_BUFFER, 
| NTFS_FILE_RECORD_OUTPUT_BUFFER 

46077| #define FSCTL_GET_VOLUME_BITMAP 



I CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // STARTING_LCN_INPUT_BUFFER, 

| VOLUME_BITMAP_BUFFER 
46078| #define FSCTL G ET RETRI EVAL POI NTERS 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_N EITHER, 

| FILE ANY ACCESS) // STARTING_VCN_INPUT_BUFFER, 

| RETRIEVAL_POINTERS_BUFFER 
46079| #define FSCTL_MOVE_FILE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD BUFFERED, 

| FILE_SPECIAL_ACCESS) // MOVE_FILE_DATA, 
46080| #define FSCTL_IS_VOLUME_DIRTY 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
46081 1 #def ine FSCTL_GET_HFS_INFORMATION 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
46082| #define FSCTL ALLOW EXTENDED DASD IO 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_N EITHER, 

| FILE ANY ACCESS) 
46083 1 

46084| #if(_WIN32_WINNT >= 0x0400) 
46085| // 

46086| // Structure for FSCTL_GET_VOLUME_BITMAP 

46087| // 

46088| 

46089 1 typedef struct { 
46090| 

46091 1 LARGEJNTEGER StartingLcn; 
46092 | 

46093| } STARTING_LCN_INPUT_BUFFER, 

| *PSTARTING_LCN_INPUT_BUFFER; 
46094| 

46095| typedef struct { 
46096| 

46097| LARGE_INTEGER StartingLcn; 
46098| LARGE_INTEGER BitmapSize; 
46099| UCHARBuffer[1]; 
46100| 

46101| } VOLUME_BITMAP_BUFFER, *PVOLUME_BITMAP_BUFFER; 

46102| #endif /* _WIN32_WINNT >= 0x0400 7 

46103| 

46104| #if(_WIN32_WINNT >= 0x0400) 
46105|// 

46106| // Structure for FSCTL_GET_RETRIEVAL_POINTERS 

46107| // 

46108| 

46109| typedef struct { 
46110| 

461 1 1 1 LARGEJNTEGER StartingVcn; 
46112| 



46113| } STARTING_VCN_INPUT_BUFFER, 

| *PSTARTING_VCN_INPUT_BUFFER; 
46114| 

46115| typedef struct RETRIEVALPOINTERSJ3UFFER { 
46116| 

461 1 7| ULONG ExtentCount; 

46118| LARGEJNTEGER StartingVcn; 

46119| struct { 

461 20| LARGEJNTEGER NextVcn; 
46121| LARGEJNTEGER Lcn; 
46122| } Extents[1]; 
46123| 

46124| } RETRIEVAL_POINTERS_BUFFER, 

| *PRETRIEVAL_POINTERS_BUFFER; 
46125| #endif /* _WIN32_WINNT >= 0x0400 7 
46126| 

46127| #if(_WIN32_WINNT >= 0x0400) 
46128| // 

46129| // Structures for FSCTL_GET_NTFS_FILE_RECORD 

46130|// 

46131| 

46132| typedef struct { 
46133| 

46134| LARGEJNTEGER FileReferenceNumber; 
46135| 

46136| } NTFS_FILE_RECORDJNPUT_BUFFER, 

| *PNTFS_FILE_RECORD INPUT BUFFER; 
46137| 

46138| typedef struct { 
46139| 

46140| LARGEJNTEGER FileReferenceNumber; 
461 41 1 ULONG FileRecordLength; 
46142| UCHAR FileRecordBuffer[1]; 
46143| 

46144| } NTFS_FILE_RECORD_OUTPUT_BUFFER, 

| *PNTFS_FILE_RECORD_OUTPUT_BUFFER; 
46145| #endif /* _WIN32_WINNT >= 0x0400 7 
46146| 

46147| #if(_WIN32_WINNT >= 0x0400) 
46148| // 

46149| // Structure for FSCTL_MOVE_FILE 

46150| // 

46151| 

46152| typedef struct { 
46153| 

46154| HANDLE FileHandle; 
46155| LARGEJNTEGER StartingVcn; 
46156| LARGEJNTEGER StartingLcn; 
461 57| ULONG ClusterCount; 
46158| 



46159| } M O V E_F I L E_D AT A , *PMOVE_FILE_DATA; 
46160| #endif /* _WIN32_WINNT >= 0x0400 7 
46161| 

46162| NTSTATUS FS_GetVolumeBitmap( 

461 63| PFILE_OBJECT FileObject, 

46164| STARTING_LCN_INPUT_BUFFER *SLIB, 

461 65| VOLUME_BITMAP_BUFFER *VB, 

461 66| ULONG VBSizelnBytes ); 

46167| 

46168| NTSTATUS FS_GetFileMap( PFILE_OBJECT FileObject, 
| STARTING_VCN_INPUT_BUFFER *SVIB, 
| RETRIEVAL_POINTERS_BUFFER *RP, ULONG RPSize ); 

46169| 

46170| NTSTATUS FS_GetLastClusterFromFileMap ( 
461 71 1 const RETRIEVAL_POINTERS_BUFFER *RP, 
46172| LARGEJNTEGER &LastVcn ); 

46173| 

46174| PDEVICE_OBJECT GetOurObjectForFileObject( PFILE_OBJECT 

| FileObject ); 
46175| 

46176| PDEVICE_OBJECT 

461 77| GetPSMStorageFilterObject( 

46178| IN PVPB Vpb 

46179| ); 

46180| 

46181| NTSTATUS FS_GetVolumelnfo( PFILE_OBJECT FileObject, 
| ULONG &ClusterSize, ULONG &SectorSize, LARGEJNTEGER 
| &TotalClusters, LARGEJNTEGER &AvailClusters ); 



46182| 

46183| NTSTATUS PsmWriteToFile( 

46184| pPsmFilelnfo Info, 

461 85| PIO_STATUS_BLOCK loStatus, 

46186| PCVOID Buffer, 

46187| ULONG ByteCount, 

46188| P LARGEJNTEGER Location, 

46189| BOOLEAN Directlo, 

46190| PERESOURCE Direct Access Resource 

46191 1 #ifdef DEBUG 

46192| , BOOLEAN CheckForDeadLock=TRUE 

46193| #endif 

46194| ); 

46195| 

46196| NTSTATUS PsmReadFromFile( 

46197| pPsmFilelnfo Info, 

46198| PIO_STATUS_BLOCK loStatus, 

46199| PVOID Buffer, 

46200| ULONG ByteCount, 

46201 1 P LARGEJNTEGER Location, 

46202| BOOLEAN Directlo, 

46203| PERESOURCE Direct Access Resource 



46204| ); 
46205| 

46206| NTSTATUS U pd ate G lo bal Statu s( DWORD Id ); 

46207| NTSTATUS UpdateDriverSubSystemStatus( DWORD Id, const 

| WCHAR *SubSystemName ); 
46208| PSECURITY_DESCRIPTOR SbGetAdminOnlySD( ); 
46209| NTSTATUS Sblo_lsVolumeMounted( const WCHAR *VolumeName 

I); 

46210| NTSTATUS FSJsVolumeMounted ( PFILE_OBJECT FileObject 

I); 

46211| ULONG AreThereAlwaysKeepSnapShots(); 
46212| 

46213| NTSTATUS Sblo_OpenVolumeHandle ( 
46214| const WCHAR *VolumeName, 
46215| HANDLE &VolumeHandle, 
4621 6| PFILE_OBJECT &Volu me FileObject, 
46217| ULONG Des i red Access ); 

46218| 

46219| NTSTATUS Sblo_CloseVolumeHandle ( 
46220| HANDLE &VolumeHandle, 
46221 1 PFILE_OBJECT &Volu me FileObject ); 
46222 | 

46223| NTSTATUS FS_LockVolume ( PFILE_OBJECT FileObject ); 
46224| NTSTATUS FSJJnlockVolume ( PFILE_OBJECT FileObject ); 
46225| NTSTATUS FS_DismountVolume ( PFILE_OBJECT FileObject ); 
46226| NTSTATUS ExtendFreeSpaceBitmaps( PDEVICE_OBJECT Volume, 

| LARGEJNTEGER NewSize ); 
46227| NTSTATUS Sblo_GetCapabilities( PDEVICE_OBJECT 

| DeviceObject, 
46228| PIO_SCSI_CAPABILITIES 

I Caps); 

46229| NTSTATUS FS_GetVolumeAttributes( PFILE_OBJECT 
| FileObject, PFILE_FS_ATTRIBUTE_INFORMATION Attrib, 
| ULONG BufferLength ); 

46230 | 

46231 1 #define DWORD_ALIGN(x) ((((x)+31 )/32)*32) 
46232 | 

46233| WCHAR *GetPerVolumeRegistry( PDEVICE_OBJECT Volume ); 

46234| void FreePerVolumeRegistry( WCHAR *Buffer ); 

46235| ULONG lsClusterServer(); 

46236| 

46237| 

46238| 

46239| File Listing: FILE.cpp 
46240 1 

46241 1 #include "precomp.h" 
46242 1 

46243| CHAR *NtFsMetaDataFileNames[MAX_NTFS_ENTRY_NUM] = { 
46244| "$Mft M , 
46245| "$MftMirr", 



46246 
46247 
46248 
46249 
46250 
46251 
46252 
46253 
46254 
46255 
46256 
46257 
46258 
46259 
46260 
46261 
46262 
46263 
46264 
46265 
46266 
46267 
46268 
46269 
46270 
46271 
46272 
46273 
46274 
46275 
46276 
46277 
46278 
46279 
46280 
46281 
46282 
46283 



46284 

l>= 
46285 



46286 
46287 
46288 
46289 
46290 
46291 
46292 



"$LogFile", 

M $Volume M , 

"$AttrDef", 

"$Root", 

"$Bitmap", 

"$Boot", 

"$BadClus", 

"$Secure", 

"$UpCase", 

"$Extend", 

"$12", 

"$13", 

"$14", 

"$15" 



}; 



WCHAR *NtFsMetaDataFileNamesW[MAX_NTFS_ENTRY_NUM] = { 
L"$Mft", 
L"$MftMirr", 
L"$LogFile", 
L"$Volume", 
L"$AttrDef", 
L"$Root", 
L"$Bitmap", 
L"$Boot", 
L"$BadClus", 
L"$Secure", 
L"$UpCase", 
L"$Extend", 
L"$12", 
L"$13", 
L"$14", 
L"$15" 

}; 



// this function retrieves the FULL path and filename 
// (which can be greater than MAX_PATH). If any 



portions of the filename 



// are paged out, and this routine is called at 

D I S P ATC H_L E V E L then 

// the filename will not be present. If called 



| <DISPATCH, the page 



// will be mapped in. 

// The returned Unicode string WILL be null terminated. 

/* 

Filenames can look like these: 
filename=test.file parent=null 



46293| filename=\test1\test2\test.file parent=null 
46294| filename=test2\test.file parent=\test1 
| parent=null 

46295| filename=test.file parent=test2 parent=\test1 

| parent=null 
46296| 
46297| 7 
46298| 

46299| r 



46300| STATIC PUNICODE_STRING GetUniString( ULONG Size ) 
46301 | { 

46302| PUNICODE_STRING String; 
46303 1 

46304| PAG E D_CO D E () ; 

46305| String = 

| (PUNICODE_STRING)MemAllocatePoolWithTag(NonPagedPool,siz 
| eof(UNICODE_STRING)+Size+sizeof(WCHAR),FILENAMETAG); 

46306| if(String) { 

46307| RtlZeroMemory(String, 

| sizeof(UNICODE_STRING)+Size+sizeof(WCHAR)); 

46308| 

46309| String->Length = (unsigned short)Size; 
46310| String->MaximumLength = (unsigned 

| short)(Size+sizeof(WCHAR)); 
4631 1 1 Hint -save -e740 7 

46312| String->Buffer = (WCHAR*)(String+1); 
46313| Hint -restore 7 
46314| } 

46315| return String; 

46316| } 

46317| 

46318| Hint -save -e1 49 7 

46319| r 



46320| PUNICODE_STRING File_GetFileName( 
46321| PFILE_OBJECTfileObject 
46322| ) 
46323| { 

46324| PUNICODE_STRING fileName=NULL; 
46325| 

46326| // Do this in an exception handling block, in case 

| of mangled names in the 
46327| //file object 
46328| _try { 
46329| 

46330| if ((fileObject) && 

| (fileObject->FileName.Buffer)) { 
46331 1 ASSERT (fileObject->Type==IO_TYPE_FILE); 

46332| ASSERT 



I (fileObject->Size==sizeof(FILE_OBJECT)); 
46333| ASSERT 

| (fileObject->FileName.MaximumLength>=fileObject->FileNam 

| e. Length); 
46334| 

46335| fileName = GetUniString( 

| fileObject->FileName. Length ); 
46336| if(fileName) { 

46337| __try { 

46338| // We need to move memory, not 

| strcpy as the can be no 
46339| //terminator (0). 

46340| RtlMoveMemory( fileName->Buffer, 

| fileObject->FileName. Buffer, 

| fileObject->FileName. Length); 
46341 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
46342| ULONG i; 

46343| // some kind of fault just 

| occurred. Probably accessing 
46344| // memory that has been paged out. 

| but can be a bad pointer 
46345| //also. 

46346| Debug(DEBUG_FILE, ("Error! Fault 

| %08x while getting name\n",GetExceptionCode())); 
46347| // fill in with ?, so we know its 

| been mapped out. 
46348| for 

| (i=0;k(fileObject->FileName. Length / 

| sizeof(WCHAR));i++) 
46349| fileName->Buffer[i] = L'?'; 

46350 1 } 
46351 | 

46352 1 } 

46353| return fileName; 

46354| } else { 

46355| fileName = GetUniString( 4*sizeof(WCHAR) ); 

46356| if(fileName) { 

46357| wcscpy( fileName->Buffer, U'DASD" ); 

46358| } 

46359| return fileName; 

46360 1 } 

46361 | 

46362 | 

46363 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
46364| // Some kind of fault (probably a Page Fault 

| from a bad pointer) 
46365| //do cleanup... 
46366| 



46367| Debug(DEBUG_FILE,("Error! Fault %08x in 

| File_GetFileName\n",GetExceptionCode())); 
46368| 

46369| if(fileName) { 

46370| FREE_POINTER(fileName); 

46371 | } 

46372 1 

46373| fileName = GetUniString( 3*sizeof(WCHAR) ); 
46374| if(fileName) { 

46375| wcscpy( fileName->Buffer, L"???" ); 

46376| } 

46377| return fileName; 
46378| } 
46379 1 } 

46380| Hint -restore 7 
46381 | 

46382| /'lint -save -e149 7 

46383| r 



46384| PUNICODE_STRING File_GetFullFileName( 
46385| PFILE_OBJECTfileObject 
46386| ) 
46387| { 

46388| ULONG pathl_en=0; 

46389| PWCHAR path Off set= NULL; 

46390| PFILE_OBJECT relatedFileObject=NULL; 

46391| PUNICODE_STRING fullFileName=NULL; 

46392| 

46393| // Do this in an exception handling block, in case 

| of mangled names in the 
46394| //file object 
46395| _try { 
46396| 
46397| 

46398| fullFileName = GetUniString ( 

| MAX_PATH*sizeof(WCHAR) ); 
46399| if(!fullFileName) { 

46400| Debug(DEBUG_FILE, ("Error! Out of memory for 

| FileName get, 

| need=%d\n",sizeof(UNICODE_STRING)+MAX_PATH*sizeof(WCHAR) 

| +sizeof(WCHAR))); 
46401 1 return NULL; 

46402 1 } 
46403 1 

46404| // Is it DASD (Volume) I/O? 
46405| if( (IfileObject) || 
46406| ( If ileObject->FileName. Buffer) 

46407| // || (fileObject->Flags & 

| FO_DIRECT_DEVICE_OPEN) 
46408| ) { 



46409| #if 0 

46410| // rob, 1-18-2001 - causes hangs to occur 

| when ntfs does a "checkpoint" of the volume. 
4641 1 1 ULARGEJNTEGER Id; 

46412| 

| if(File_QueryMFTEntryNumber(fileObject,ld)==STATUS_SUCCE 
|SS){ 

46413| if(ld.QuadPart<MAX_NTFS_ENTRY_NUM) { 

46414| 

| wcscpy(fullFileName->Buffer,NtFsMetaDataFileNamesW[ld.Lo 
| wPart]); 
46415| }else{ 

4641 6| swprintf( fullFileName->Buffer, 

| L"ID = %l64x", Id.QuadPart ); 
46417| } 

46418| fullFileName->Length = 

| NumBytes(fullFileName->Buffer); 
46419| return fullFileName; 

46420| } 
46421 1 #endif 

46422| wcscpy( fullFileName->Buffer, L"DASD" ); 

46423| fullFileName->Length = 

| NumBytes(fullFileName->Buffer); 
46424| return fullFileName; 

46425| } 
46426| 

46427| // find out how much room we need for the 

| entire path name 
46428| pathLen = 0; 
46429| related FileObject = fileObject; 
46430 1 

46431 1 while(related FileObject) { 
46432| // validity checks... 

46433 1 

46434| if (!MmlsAddressValid( relatedFileObject )) 

|{ 

46435| Debug(DEBUG_FILE, ("Error! FileObject %p 

| is not a valid pointer, (%p is the 

| root)\n",relatedFileObject,fileObject)); 
46436| wcscpy(fullFileName->Buffer,L"Error! 

| Invalid FileObject"); 
46437| fullFileName->Length = 

| NumBytes(fullFileName->Buffer); 
46438| return fullFileName; 

46439 1 } 
46440 1 

46441 1 if (relatedFileObject->Type!=IO_TYPE_FILE) 

|{ 

46442| Debug(DEBUG_FILE, ("Error! FileObject %p 

| is not a file object, (%p is the 



I root)\n",relatedFileObject,fileObject)); 
46443| wcscpy(fullFileName->Buffer,L"Error! 

| Not a FileObject"); 
46444| fullFileName->Length = 

| NumBytes(fullFileName->Buffer); 
46445| return fullFileName; 

46446| } 
46447| 

46448| // ASSERT (MmlsAddressValid( 

| relatedFileObject )); 
46449| // ASSERT 

| (relatedFileObject->Type==IO_TYPE_FILE); 
46450| ASSERT 

| (relatedFileObject->Size==sizeof(FILE_OBJECT)); 
46451 1 ASSERT 

| (relatedFileObject->FileName.MaximumLength>=relatedFileO 

| bject->FileName. Length); 
46452 1 

46453| pathLen += 

| relatedFileObject->FileName. Length + sizeof(WCHAR); 
46454| relatedFileObject = 

| relatedFileObject->RelatedFileObject; 
46455| } 
46456| 

46457| // decrement the count by one (the root object 

| already has a slash 
46458| pathLen -= sizeof(WCHAR); 
46459 1 

46460| // due to FileName->Length being a USHORT and 

| being the number of 
46461 1 // bytes NOT chars (1 char = 2 bytes in 

| Unicode), the largest filename 
46462 1 // can only 32768 Chars. So if the pathLen 

| (which is a ULONG) is 
46463| // greater than 65536 then something is wrong.. 
46464| if (pathLen>65535) { 

46465| Debug(DEBUG_FILE, ("Error! Invalid path 

| length for filename (%d)\n M , pathLen)); 
46466| wcscpy(fullFileName->Buffer,L"Error! 

| Invalid Path Length"); 
46467| fullFileName->Length = 

| NumBytes(fullFileName->Buffer); 
46468| return fullFileName; 

46469 1 } 
46470 1 

46471 1 // if greater than MAX_PATH (which was 

| allocated above), 
46472 1 // free and allocate how much we need. 
46473| if (pathLen>fullFileName->MaximumLength) { 
46474| FREEPOINTER(fullFileName); 



46475| fullFileName = GetUniString( pathLen ); 

46476| if(!fullFileName) { 

46477| Debug(DEBUG_FILE, ("Error! Out of memory 

| for FileName get 

| Need=%d\n",sizeof(UNICODE_STRING)+pathLen+sizeof(WCHAR)) 

I); 

46478| return NULL; 

46479| } 
46480| } 
46481 | 

46482| // ok, we now have a buffer big enough for the 

| entire path and filename 
46483 1 // lets go ahead and put the path together by 

| working backwards 
46484| 

46485| fullFileName->Length = (unsigned short)pathLen; 
46486| 

46487 1 // start at end and work backwards. 

46488| pathOffset = fullFileName->Buffer+(pathLen / 

| sizeof(WCHAR)); 
46489 1 

46490| // add the terminator char 
46491| pathOffset[0] = L'\0'; 
46492| related FileObject = fileObject; 
46493| while(related FileObject) { 
46494| pathOffset -= 

| (relatedFileObject->FileName.Length / sizeof(WCHAR)); 
46495| 

46496| __try { 

46497| // We need to move memory, not strcpy 

| as the can be no 
46498| //terminator (0). 

46499| RtlMoveMemory( pathOffset, 

| relatedFileObject->FileName. Buffer, 

| relatedFileObject->FileName. Length); 
46500| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
46501| ULONG i; 

46502| // some kind of fault just occurred. 

| Probably accessing 
46503| // memory that has been paged out. but 

| can be a bad pointer 
46504| // also. 

46505| Debug(DEBUG_FILE, ("Error! Fault %08x 

| while getting name\n",GetExceptionCode())); 
46506| // fill in with ?, so we know its been 

| mapped out. 
46507| for 

| (i=0;k(relatedFileObject->FileName. Length / 

| sizeof(WCHAR));i++) 



46508| pathOffset[i] = L'?'; 

46509| } 

4651 0| // if not the root... (root == pathOffset 

| == start) 

4651 1 1 //we need to add a slash in front of the 

| name (because it is 
4651 2| // relative to the next file object 

46513| if(pathOffset>fullFileName->Buffer) { 

4651 4| // add in the separator 

46515| pathOffset--; 
4651 6| pathOffset[0] = LAV; 

46517| } 
46518| 

46519| relatedFileObject = 

| relatedFileObject->RelatedFileObject; 
46520| 
46521 | } 
46522 1 

46523| #ifdef DEBUG 

46524| if ( ( ( ((char*)(fullFileName->Buffer))[0] ) 
I == '?' ) II 

46525| ( ( ((char*)(fullFileName->Buffer))[1] ) == 

I'? 1 ) 
46526| ) { 

46527| Debug(DEBUG_FILE, ("Invalid name\n")); 

46528| } 
46529| #endif 
46530| 

46531 1 return fullFileName; 
46532 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
46533| // Some kind of fault (probably a Page Fault 

| from a bad pointer) 
46534| //do cleanup... 
46535| 

46536| Debug(DEBUG_FILE,("Error! Fault %08x in 

| File_GetFullFileName\n",GetExceptionCode())); 
46537| 

46538| if(fullFileName) { 

46539| FREE_POINTER(fullFileName); 

46540 1 } 

46541 | 

46542| fullFileName = GetUniString( 3*sizeof(WCHAR) ); 
46543| if(fullFileName) { 

46544| wcscpy( fullFileName->Buffer, L"???" ); 

46545| } 

46546| return fullFileName; 
46547| } 
46548| } 

46549| Hint -restore */ 



46550| 
46551 | 
46552| /* 



46553| int FileJsPagingFile ( 

46554| PDEVICE_OBJECT DeviceObject, 

46555| PIRP Irp 

46556| ) 
46557| { 

46558| int PagingFile=0; 
46559| PUNICODE_STRING FileName; 
46560| #define PAGEFILENAME L"pagefile.sys M 
46561 1 N OT_R EFERENCED( Dev iceObject) ; 
46562 1 

46563| if( ( lrp->Flags & IRP_PAGING_IO ) || 

46564| ( lrp->Flags & IRP_SYNCHRONOUS_PAGING_IO )) { 

46565| FileName = File_GetFileName( 

| lrp->Tail. Overlay. OriginalFileObject ); 
46566| if (FileName) { 
46567| if(FileName->Length >= 24) { 
46568| WCHAR *p = FileName->Buffer + 

| (FileName->Length / sizeof(WCHAR)) - 12; 
46569 1 

46570| if(_wcsicmp(p,PAGEFILENAME)==0) { 

46571| PagingFile = 1; 

46572 1 } 
46573 1 } 

46574| FREE_POINTER(FileName); 
46575| } 
46576| } 
46577| 

46578| // will this ever happen??? 
46579| if ( (IPagingFile) && (lrp->Flags & 

| IRP_ASSOCIATED_IRP) ) { 
46580| if( ( lrp->Associatedlrp.Masterlrp->Flags & 

| IRP_PAGING_IO ) || 
46581 1 ( lrp->Associatedlrp.Masterlrp->Flags & 

| IRP_SYNCHRONOUS_PAGING_IO) ) { 
46582| FileName = File_GetFileName( 

| lrp->Associatedlrp.Masterlrp->Tail. Overlay. OriginalFileO 

I bject ); 
46583| if(FileName) { 
46584| if(FileName->Length >= 24) { 

46585| WCHAR *p = FileName->Buffer + 

| (FileName->Length / sizeof(WCHAR)) - 12; 
46586| 

46587| if(_wcsicmp(p,PAGEFILENAME)==0) { 

46588| PagingFile = 1; 

46589 1 } 
46590| } 



46591 
46592 
46593 
46594 
46595 
46596 
46597 
46598 
46599 
46600 
46601 
46602 
46603 
46604 
46605 
46606 
46607 
46608 
46609 
46610 
46611 
46612 
46613 
46614 
46615 
46616 
46617 
46618 
46619 
46620 
46621 
46622 



46623 
46624 
46625 
46626 
46627 
46628 
46629 



46630 



46631 
46632 
46633 
46634 
46635 
46636 



FREE_POINTER(FileName); 

} 

} 

} 

return PagingFile; 



} 



#ifndef _NTIFS_ 

#if _WIN32_WINNT<0x0500 

typedef struct _FILE_NAME_INFORMATION { 

ULONG FileNameLength; 

WCHAR FileName[1]; 
} FILE NAME INFORMATION, *PFILE_NAME_INFORMATION; 
#endif 

extern "C" 

NTKERNELAPI 

NTSTATUS 

loQueryFilelnformation( 

IN PFILE_OBJECT FileObject, 

IN FILE_INFORMATION_CLASS FilelnformationClass, 

IN ULONG Length, 

OUT PVOID Filelnformation, 

OUT PULONG ReturnedLength 

); 

#endif 



#ifdef DEBUG 

I* 

• 7 

void File_Printlrp( 

PCCHAR Msg, 

PDEVICE_OBJECT DeviceObject, 
PIRP Irp 

) 

{ 

PIO_STACK_LOCATION currentlrpStack = 



| loGetCu rrentl rpStackLocation( I rp) ; 



PFILTERED EXTENSION DevExt = 



| GetFilteredExtension(DeviceObject); 



PUNICODE_STRING FileName; 
ULONG Remainder; 
ULARGEJNTEGER UL; 
ULONG Sector; 

UL.QuadPart = 



| currentlrpStack->Parameters.Write.ByteOffset.QuadPart; 



46637| Sector = RtlEnlargedUnsignedDivide ( UL, 512, 

| &Remainder); 
46638| 

46639| FileName = File_GetFullFileName( 

| lrp->Tail. Overlay. OriginalFileObject ); 
46640 1 

46641 1 Debug(DEBUG_WRITE,("%s DO %p (%S) Irp %p Mdl %p 

| Flags %08x Buff %p Mode %p\n M , 
46642| Msg, 

46643| DeviceObject, DevExt->Name, 

46644| Irp, 

46645| lrp->MdlAddress, 

46646| lrp->Flags, 

46647 1 I rp->Associ ated I rp . System Buff er, 

46648| lrp->RequestorMode 

46649 1 )); 

46650 | 

46651 1 Debug(DEBUG_WRITE,(" Pnd %d Stk %d/%d Cncl %d Ape 

| %d Znd %d losb %p Evt %p CmpKey %08x\n", 
46652| lrp->PendingReturned, 
46653| lrp->CurrentLocation, 
46654 1 I rp->StackCou nt, 
46655| lrp->Cancel, 
46656| lrp->ApcEnvironment, 
46657| lrp->AllocationFlags, 
46658| lrp->Userlosb, 
46659 1 I rp->UserEvent, 
46660| lrp->Tail.CompletionKey 

46661| )); 
46662| 

46663| Debug(DEBUG_WRITE,(" CanRtn %p UserB %p Thd %p 

| AuxBuf %p OFO %p %wZ\n", 
46664| I rp->Cancel Routine, 
46665| I rp->UserBuffer, 
46666| I rp->Tail. Overlay. Thread, 
46667| I rp->Tail. Overlay. AuxiliaryBuffer, 
46668| lrp->Tail.Overlay.OriginalFileObject, 
46669| FileName 

46670| )); 
46671 | 

46672| Debug(DEBUG_WRITE,(" Stack: %s %d.%d Figs %02x Ctrl 

| %d Ofs %12d Len %3d\n", 
46673 1 

| File_GetMajorFunctionName(currentlrpStack->MajorFunction 

I), 

46674| currentlrpStack->MajorFunction, 
46675| currentlrpStack->MinorFunction, 
46676| currentlrpStack->Flags, 
46677| currentlrpStack->Control, 
46678| Sector, 



46679| currentlrpStack->Parameters. Write.Length / 51 2 
46680 1 )); 
46681 | 

46682| Debug(DEBUG_WRITE,(" Key %08x DO %p FO %p CmpRtn 
| %p Ctxt %p\n", 



46683 1 


cu rrent 1 rpStack-> Parameters . Write . Key, 


46684 1 


currentlrpStack->DeviceObject, 


46685| 


cu rrent 1 rpStack-> Fi leObject, 


46686| 


currentlrpStack->CompletionRoutine, 


46687| 


currentlrpStack->Context 


46688| 


)); 


46689 1 




46690 1 


if (FileName) { 


46691| 


FREEPOINTER(FileName); 


46692| 


} 


46693| 




46694| } 




46695| 





46696| /* converts a Unicode string to ansi and returns back a 

| string 
46697| 7 

46698| /* 



46699| void SimpleUniToAnsi( PUNICODE_STRING Unicode, char 

| *Ansi ) 
46700| { 
46701| inti; 

46702| for (i=0;i<Unicode->l_ength / 2;i++) { 
46703| Ansi[i] = (char)Unicode->Buffer[i]; 
46704| } 
46705| 

46706| Ansi[Unicode->Length / 2] = 0; 
46707| return; 
46708| } 
46709| 

46710| I* 



46711| void File_PrintOnel_iner( 

46712| PCCHAR Msg, 

46713| PDEVICE_OBJECT DeviceObject, 

46714| PIRPIrp 

46715| ) 

46716| { 

4671 7| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
46718| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
46719| PUNICODE_STRING FileName; 
46720| ULONG Remainder; 
46721 1 ULARGEJNTEGER UL; 



46722| ULONG Sector; 
46723| 

46724| UL.QuadPart = 

| currentlrpStack->Parameters. Write. ByteOffset.QuadPart; 
46725| Sector = RtlEnlargedUnsignedDivide ( UL, 512, 

| &Remainder); 
46726| 

46727| //Debug(DEBUG_WRITE,( M %08x %08x Getting name 

| (%08x)\n",lrp,lrp->Tail.Overlay.OriginalFileObject,KeGet 

| CurrentlrqlQ)); 
46728| FileName = File_GetFullFileName( 

| lrp->Tail. Overlay. OriginalFileObject ); 
46729| if(FileName) { 
46730| char *Buff=(char 

| *)MemAllocatePoolWithTag(NonPagedPool,FileName->Length+1 

| ,FILENAMETAG); 
46731 1 if(Buff) { 

46732| // we cant convert Unicode chars at 

| irql>=DISPATCH_LEVEL 
46733| SimpleUniToAnsi(FileName,Buff); 
46734| 

46735| if(KeGetCurrentlrql()<DISPATCH_LEVEL) { 

46736| Debug(DEBUG_PSMFILES,( "%08x %-25.25s 

| '%S' %08x %3x '%s'\n",lrp, 
46737| Msg, DevExt->Name, 

46738| Sector, 
46739 1 

| currentlrpStack->Parameters. Write. Length / 512, 
46740 1 Buff 
46741| )); 
46742| } else { 

46743| Debug(DEBUG_PSMFILES,( "%08x %-25.25s 

| '(At Dispatch Level)' %08x %3x '%s'\n",lrp, 
46744| Msg, 
46745| Sector, 
46746| 

| currentlrpStack->Parameters. Write. Length / 512, 
46747| Buff 
46748| )); 
46749 1 } 

46750| FREE_POINTER(Buff); 
46751 1 } 
46752 1 

46753| FREE_POINTER(FileName); 

46754| } 

46755| } 

46756| 

46757| 

46758| I* 



46759| char *File_GetlOCTLString( ULONG loControlCode ) 
46760| { 

46761 1 switch(loControlCode) { 
46762 1 

46763| // Disk Class driver 

46764| case IOCTL_DISK_GET_DRIVE_GEOMETRY : return 

| "IOCTL_DISK_GET_DRIVE_GEOMETRY"; 
46765| case IOCTL_DISK_GET_PARTITION_INFO : return 

| "IOCTL_DISK_GET_PARTITION_INFO"; 
46766| case IOCTL_DISK_SET_PARTITION_INFO : return 

| "IOCTL_DISK_SET_PARTITION_INFO"; 
46767| case I OCTL_D I SK_G ET_D Rl VE_LAYOUT : return 

| "IOCTL_DISK_GET_DRIVE_LAYOUT"; 
46768| case IOCTL_DISK_SET_DRIVE_LAYOUT : return 

| "IOCTL_DISK_SET_DRIVE_LAYOUT M ; 
46769| case IOCTL_DISK_VERIFY : return 

| M IOCTL_DISK_VERIFY"; 
46770| case IOCTL_DISK_FORMAT_TRACKS : return 

| "IOCTL DISK FORMAT TRACKS"; 
46771 1 case IOCTL_DISK_REASSIGN_BLOCKS : return 

| "IOCTL_DISK_REASSIGN_BLOCKS M ; 
46772| case I OCTLD I SK P E R FO RM AN C E : return 

| "IOCTL_DISK_PERFORMANCE"; 
46773| case IOCTL_DISK_IS_WRITABLE : return 

| M IOCTL_DISK_IS_WRITABLE M ; 
46774| case IOCTL_DISK_LOGGING : return 

| "IOCTL_DISK_LOGGING"; 
46775| case IOCTL_DISK_FORMAT_TRACKS_EX : return 

| "IOCTL_DISK_FORMAT_TRACKS_EX"; 
46776| case IOCTL_DISK_HISTOGRAM_STRUCTURE : return 

| "IOCTL_DISK_HISTOGRAM_STRUCTURE"; 
46777| case I OCTLD I SKH I STOG RAMD ATA : return 

| "IOCTL_DISK_HISTOGRAM_DATA"; 
46778| case I OCTL D I SK_H I STOG RAM_R ES ET : return 

| "lOCTL DISK HISTOGRAM RESET"; 
46779| case IOCTL_DISK_REQUEST_STRUCTURE : return 

| "IOCTL_DISK_REQUEST_STRUCTURE"; 
46780| case IOCTL_DISK_REQUEST_DATA : return 

| "IOCTL_DISK_REQUEST_DATA"; 
46781 | 
46782 1 

46783| #if(_WIN32_WINNT >= 0x0400) 

46784| case IOCTL_DISK_CONTROLLER_NUMBER : return 

| "IOCTL_DISK_CONTROLLER_NUMBER"; 
46785| case SMART GET VERSION : return 

| "SMART_GET_VERSION"; 
46786| case SMART SEND DRIVE COMMAND : return 

| "SMART_SEND_DRIVE_COMMAND"; 
46787| case S M A RT_RC V_D R I V E_D ATA : return 

| "SMART RCV DRIVE DATA"; 



46788| #else 

46789| case IOCTL_DISK_REMOVE_DEVICE : return 

| M IOCTL_DISK_REMOVE_DEVICE"; 
46790| #endif /* _WIN32_WINNT >= 0x0400 7 
46791| 

46792| // internal 

46793| case IOCTL_DISK_INTERNAL_SET_VERIFY : return 

| "IOCTL_DISK_INTERNAL_SET_VERIFY"; 
46794| case IOCTL_DISK_INTERNAL_CLEAR_VERIFY : return 

| "IOCTL_DISK_INTERNAL_CLEAR_VERIFY"; 
46795| 

46796| // common to all class drivers 

46797| case IOCTL_DISK_CHECK_VERIFY : return 

| "IOCTL_DISK_CHECK_VERIFY"; 
46798| case IOCTL_DISK_MEDIA_REMOVAL : return 

| "IOCTL_DISK_MEDIA_REMOVAL M ; 
46799| case IOCTL_DISK_EJECT_MEDIA : return 

| "IOCTL_DISK_EJECT_MEDIA"; 
46800| case IOCTL DISK LOAD MEDIA : return 

| "IOCTL_DISK_LOAD_MEDIA"; 
46801 1 case IOCTL_DISK_RESERVE : return 

| "IOCTL DISK RESERVE"; 
46802| case IOCTL_DISK_RELEASE : return 

| "IOCTL_DISK_RELEASE"; 
46803| case IOCTL_DISK_FIND_NEW_DEVICES : return 

| "IOCTL_DISK_FIND_NEW_DEVICES M ; 
46804| 

46805| #if _WIN32_WINNT >=0x0500 

46806| case IOCTL_DISK_UPDATE_DRIVE_SIZE : return 

| "IOCTL_DISK_UPDATE_DRIVE_SIZE M ; 
46807| case IOCTL_DISK_GROW_PARTITION : return 

| M IOCTL_DISK_GROW_PARTITION M ; 
46808| case I OCTL_D I SK_G ET_CACH E_l N FO RM ATION : return 

| "IOCTL_DISK_GET_CACHE_INFORMATION"; 
46809| case IOCTL_DISK_SET_CACHE_INFORMATION : return 

| "lOCT^DIS^SETJDACHEJNFORMATION"; 
46810| case lOCTL DISK DELETE DRIVE LAYOUT : return 

| "IOCTL_DISK_DELETE_DRIVE_LAYOUT"; 
4681 1 1 case IOCTL_DISK_FORMAT_DRIVE : return 

| "lOCTL DISK FORMAT DRIVE"; 
46812| case IOCTL_DISK_SENSE_DEVICE : return 

| "IOCTL_DISK_SENSE_DEVICE"; 
46813| case IOCTL_DISK_INTERNAL_SET_NOTIFY : return 

| "IOCTL_DISK_INTERNAL_SET_NOTIFY"; 
46814| #endif 
46815| 

46816| case IOCTL_DISK_SIMBAD : return 

| "IOCTL_DISK_SIMBAD"; 
46817| 

46818| case IOCTL_STORAGE_CHECK_VERIFY : return 



I " I O CTL_STO RAG E_C H EC K_V E R I F Y" ; 
46819| case I OCT L_STO RAG E_M E D I A_R E M OVA L : return 

| "IOCTL_STORAGE_MEDIA_REMOVAL"; 
46820| case I OCTLSTO RAG EEJECTM E D I A : return 

| "IOCTL_STORAGE_EJECT_MEDIA"; 
46821 1 case I OCT L_STO RAG E_LO A D_M E D I A : return 

| "lOCTLSTORAGELOADMEDIA"; 
46822| case IOCTL_STORAGE_RESERVE : return 

| "IOCTLSTORAGERESERVE"; 
46823| case I OCT L_STO RAG E_R E L E AS E : return 

| "IOCTL_STORAGE_RELEASE"; 
46824| case IOCTL_STORAGE_FIND_NEW_DEVICES : return 

| " I OCTL_STO RAG E_F I N D_N E W_D E V I C ES" ; 
46825| 

46826| #if _WIN32_WINNT >=0x0500 

46827| case IOCTL_STORAGE_CHECK_VERIFY2 : return 

| " I OCTL STO RAG E C H EC K_V E R I F Y2 " ; 
46828| case I OCT L_STO RAG E_LO A D_M E D I A2 : return 

| " IOCTLSTORAG EL OA DM E D I A2" ; 
46829| case IOCTL_STORAGE_EJECTION_CONTROL : return 

| "IOCTL_STORAGE_EJECTION_CONTROL"; 
46830| case IOCTL STORAG E_MCN_CONTROL : return 

| "IOCTL_STORAGE_MCN_CONTROL"; 
46831 1 case I OCTL_STO RAG E G ET M E D I A TY P ES_EX : return 

| "IOCTL STORAG E_G ET_M E D IA_TYPES_EX" ; 
46832| case I OCTL_STO RAG E_R ES ET_B U S : return 

| " I OCTL STO RAG E_R ES ET BU S" ; 
46833| case I OCTL_STO RAG E_R ES ET_D E V I C E : return 

| " I OCTL STO RAG E_R ES ET_D E V ICE"; 
46834| case I OCTL_STO RAG E_G ET_D E VI C E_N UMBER : return 

| "IOCTL_STORAGE_GET_DEVICE_NUMBER"; 
46835| case IOCTL STORAG E PREDICT FAILURE : return 

| "IOCTL_STORAGE_PREDICT_FAILURE"; 
46836| case I OCTL_STO RAG E_QU E R Y_P RO P E RT Y : return 

| " I OCTL_STO RAG E_Q U E R Y_P ROPE RTY" ; 
46837| #endif 
46838| 

46839| // SCSI Class driver 

46840| case IOCTL_DISK_GET_MEDIA_TYPES : return 

| "IOCTL_DISK_GET_MEDIA_TYPES"; 
46841 1 case IOCTL_SCSI_PASS_THROUGH : return 

| "IOCTL_SCSI_PASS_THROUGH"; 
46842| case IOCTL_SCSI_MINIPORT : return 

| "IOCTL_SCSI_MINIPORT"; 
46843| case IOCTL_SCSI_GETJNQUIRY_DATA : return 

| "IOCTL_SCSI_GET_INQUIRY_DATA"; 
46844| case IOCTL_SCSI_GET_CAPABILITIES : return 

| "IOCTL_SCSI_GET_CAPABILITIES"; 
46845| case IOCTL_SCSI_PASS_THROUGH_DIRECT : return 

| "IOCTL_SCSI_PASS_THROUGH_DIRECT"; 



46846| case IOCTL_SCSI_GET_ADDRESS : return 

| M IOCTL_SCSI_GET_ADDRESS M ; 
46847| case IOCTL_SCSI_RESCAN_BUS : return 

| "IOCTL_SCSI_RESCAN_BUS"; 
46848| case IOCTL_SCSI_GET_DUMP_POINTERS : return 

| " IOCTL_SCS l_G ET DUM P_PO I NTE RS"; 
46849| 

46850| #if _WIN32_WINNT >=0x0500 

46851 1 case IOCTL_SCSI_FREE_DUMP_POINTERS : return 

| "IOCTL_SCSI_FREE_DUMP_POINTERS M ; 
46852| case IOCTL_IDE_PASS_THROUGH : return 

| M IOCTL_IDE_PASS_THROUGH M ; 
46853 1 #endif 
46854| 

46855| // fault tolerant driver 

46856| case FT_INITIALIZE_SET : return 

| "FT INITIALIZE SET"; 
46857| case FT_REGENERATE : return 

| "FT REGENERATE"; 
46858| case FT_CON FIGURE : return 

| "FT_CONFIGURE"; 
46859 1 case FT VERIFY : return 

| "FT_VERIFY"; 
46860| case FT SECONDARY READ : return 

| " FT S ECO N DA R Y_R E A D" ; 
46861 1 case FT_P R I M A R Y_R E A D : return 

| " FT P R I M A R Y_R E A D " ; 
46862| case FT_BALANCED_READ_MODE : return 

| " FT_B AL AN C E D_R E A D_M ODE"; 
46863| case FT_SYNC_REDUNDANT_COPY : return 

| "FT_SYNC_REDUNDANT_COPY"; 
46864| case FT SEQUENTIAL WRITE MODE : return 

| "FT_SEQUENTIAL_WRITE_MODE"; 
46865| case FT_PARALLEL_WRITE_MODE : return 

| "FT PARALLEL WRITE MODE"; 
46866| case FT_Q U E R Y_S ET_ST ATE : return 

| "FT QUERY SET STATE"; 
46867| 

46868| #if _WIN32_WINNT >=0x0500 

46869| case FT_C L U ST E R_S ET_M E M B E R_STAT E : return 

| "FT_CLUSTER_SET_MEMBER_STATE"; 
46870| case FT_CLUSTER_GET_MEMBER_STATE : return 

| " FT_C L U STE R_G ET_M E M B E R_ST AT E " ; 
46871 | 

46872 1 // fault tolereant driver 2 

46873| case FT_CREATE_LOGICAL_DISK 

| : return " FT C R EAT E LOG I CAL D I S K" ; 
46874| case FT_BREAK_LOGICAL_DISK 

| : return "FT_BREAK_LOGICAL_DISK"; 
46875| case FT ENUMERATE LOGICAL DISKS 



I : return "FT_ENUMERATE_LOGICAL_DISKS"; 
46876| case FT_QUERY_LOGICAL_DISK_INFORMATION 

| : return "FT_QUERY_LOGICAL_DISK_IN FORMATION"; 
46877| case FT ORPHAN LOGICAL DISK MEMBER 

| : return "FT_ORPHAN_LOGICAL_DISK_M EMBER"; 
46878| case FT_REPLACE_LOGICAL_DISK_M EMBER 

| : return "FT_REPLACE_LOGICAL_DISK_MEMBER"; 
46879| case FT_Q U E R Y_N T_D E V I C E_N AM E_FO R_LOG I C A L_D I SK 

| : return "FT_QUERY_NT_DEVICE_NAME_FOR_LOGICAL_DISK"; 
46880| case FT_INITIALIZE_LOGICAL_DISK 

| : return "FT_INITIALIZE_LOGICAL_DISK"; 
46881 1 case FT_QUERY_DRIVE_LETTER_FOR_LOGICAL_DISK 

| : return "FT_QUERY_DRIVE_LETTER_FOR_LOGICAL_DISK"; 
46882| case FT_CHECK_IO 

| : return "FT_CHECK_IO"; 
46883| case FT_SET_DRIVE_LETTER_FOR_LOGICAL_DISK 

| : return "FT_SET_DRIVE_LETTER_FOR_LOGICAL_DISK"; 
46884| case FT_QUERY_NT_DEVICE_NAME_FOR_PARTITION 

| : return "FT_QUERY_NT_DEVICE_NAME_FOR_PARTITION"; 
46885| case FT_CHANGE_NOTIFY 

| : return " FT_C HANG E_N OT I F Y" ; 
46886| case FT_STOP_SYNC_OPERATIONS 

| : return "FT_STOP_SYNC_OPERATIONS"; 
46887| case FT Q U E RY LOG I CAL D I S K_l D 

| : return "FT_QUERY_LOGICAL_DISK_ID"; 
46888| case FT_CREATE_PARTITION_LOGICAL_DISK 

| : return "FT_CREATE_PARTITION_LOGICAL_DISK"; 
46889 1 

46890| // volume manager 

46891| case IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS : 

| return "IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS"; 
46892| case IOCTL_VOLUME_SUPPORTS_ONLINE_OFFLINE : 

| return "IOCTL_VOLUME_SUPPORTS_ONLINE_OFFLINE"; 
46893| case IOCTL_VOLUME_ONLINE 

| return "IOCTL_VOLUME_ONLINE"; 
46894| case IOCTL_VOLUME_OFFLINE 

| return "IOCTL_VOLUME_OFFLINE"; 
46895| case IOCTL_VOLUME_IS_OFFLINE 

| return "IOCTL_VOLUME_IS_OFFLINE"; 
46896| case IOCTL_VOLUME_IS_IO_CAPABLE 

| return "IOCTL_VOLUME_IS_IO_CAPABLE"; 
46897| case lOCTL VOLUME QUERY FAILOVER SET 

| return "IOCTL_VOLUME_QUERY_FAILOVER_SET"; 
46898| case IOGTL_VOLUME_QUERY_VOLUME_NUMBER 

| return "lOCTL VOLUME QUERY VOLUME NUMBER"; 
46899| case IOCTL_VOLUME_LOGICAL_TO_PHYSICAL 

| return "IOCTL_VOLUME_LOGICAL_TO_PHYSICAL"; 
46900| case IOCTL_VOLUME_PHYSICAL_TO_LOGICAL 

| return "IOCTL_VOLUME_PHYSICAL_TO_LOGICAL"; 
46901| 



46902| // mountmgr 

46903| case IOCTL_MOUNTMGR_CREATE_POINT 

| : return "IOCTL_MOUNTMGR_CREATE_POINT"; 
46904| case IOCTL_MOUNTMGR_DELETE_POINTS 

| : return "IOCTL_MOUNTMGR_DELETE_POINTS"; 
46905| case IOCTL_MOUNTMGR_QUERY_POINTS 

| : return "IOCTL_MOUNTMGR_QUERY_POINTS"; 
46906| case IOCTL_MOUNTMGR_DELETE_POINTS_DBONLY 

| : return "IOCTL_MOUNTMGR_DELETE_POINTS_DBONLY"; 
46907| case IOCTL_MOUNTMGR_NEXT_DRIVE_LETTER 

| : return "IOCTL_MOUNTMGR_NEXT_DRIVE_LETTER"; 
46908| case IOCTL_MOUNTMGR_AUTO_DL_ASSIGNMENTS 

| : return "IOCTL_MOUNTMGR_AUTO_DL_ASSIGNMENTS"; 
46909| case IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED 

| : return "IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_CREATED"; 
46910| case IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED 

| : return M IOCTL_MOUNTMGR_VOLUME_MOUNT_POINT_DELETED"; 
4691 1 1 case IOCTL_MOUNTMGR_CHANGE_NOTIFY 

| : return "IOCTL_MOUNTMGR_CHANGE_NOTIFY"; 
46912| case IOCTL_MOUNTMGR_KEEP_LINKS_WHEN_OFFLINE 

| : return "IOCTL_MOUNTMGR_KEEP_LINKS_WHEN_OFFLINE"; 
46913| case IOCTL_MOUNTMGR_CHECK_UNPROCESSED_VOLUMES 

| : return "IOCTL_MOUNTMGR_CHECK_UNPROCESSED_VOLUMES"; 
46914| case IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION 

| : return M IOCTL_MOUNTMGR_VOLUME_ARRIVAL_NOTIFICATION"; 
46915| 

4691 6| // supported on all mounted devices 

46917| case IOCTL_MOUNTDEV_QUERY_UNIQUE_ID 

| : return "IOCTL_MOUNTDEV_QUERY_UNIQUE_ID"; 
46918| case IOCTL_MOUNTDEV_QUERY_DEVICE_NAME 

| : return "IOCTL_MOUNTDEV_QUERY_DEVICE_NAME"; 
46919| case IOCTL_MOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY 

| : return "IOCTL_MOUNTDEV_UNIQUE_ID_CHANGE_NOTIFY"; 
46920| case IOCTL_MOUNTDEV_QUERY_SUGGESTED_LINK_NAME 

| : return "lOCTL MOUNTDEV QUERY SUGGESTED LINK NAME"; 
46921 1 case IOCTL_MOUNTDEV_LINK_CREATED 

| : return "IOCTL_MOUNTDEV_LINK_CREATED"; 
46922| case IOCTL_MOUNTDEV_LINK_DELETED 

| : return "IOCTL_MOUNTDEV_LINK_DELETED"; 
46923| #ifndef I OCTL_MOU NTD E V_QU E RY_STABLE_G U I D 
46924| #define IOCTL_MOUNTDEV_QUERY_STABLE_GUID 

| CTL_CODE(MOUNTDEVCONTROLTYPE, 6, METHOD BUFFERED, 

| FILE_ANY_ACCESS) 
46925| #endif 
46926| 

46927| // added in whistler build 241 6 

46928| case lOCTL MOUNTDEV QUERY STABLE GUID : return 

| "IOCTL_MOUNTDEV_QUERY_STABLE_GUID"; 
46929 | 

46930| // new disk ioctls from whistler build 241 6 



46931 1 case CTL_CODE(IOCTL_DISK_BASE, 0x0012, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 
46932| case IOCTL_DISK_GET_PARTITION_INFO_EX : 

| return "IOCTL_DISK_GET_PARTITION_INFO_EX"; 
46933| case IOCTL_DISK_SET_PARTITION_INFO_EX : 

| return "IOCTL_DISK_SET_PARTITION_INFO_EX"; 
46934| case CTL_CODE(IOCTL_DISK_BASE, 0x0014, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 
46935| case IOCTL_DISK_GET_DRIVE_LAYOUT_EX 

| return " I OCTL_D I SK_G ET_D R I V E_LA YO UT_EX M ; 
46936| case IOCTL_DISK_SET_DRIVE_LAYOUT_EX 

| return "IOCTL_DISK_SET_DRIVE_LAYOUT_EX M ; 
46937| case IOCTL_DISK_CREATE_DISK 

| return "IOCTL_DISK_CREATE_DISK"; 
46938| case IOCTL_DISK_GET_LENGTH_INFO 

| return " I OCTL_D I SK_G ET_L E N GTH_I N FO" ; 
46939| case CTL_CODE(IOCTL_DISK_BASE, 0x0028, 

| METHOD_BUFFERED, FILE_READ_ACCESS): 
46940| case IOCTL_DISK_GET_DRIVE_GEOMETRY_EX 

| return " I OCTL_D I SK_G ET_D R I V E_G EOM ETR Y_EX M ; 
46941 | 

46942| #ifndef IOCTL_ACPI_ASYNC_EVAL_METHOD 

46943| #define IOCTL_ACPI_ASYNC_EVAL_METHOD 

| CTL_CODE(FILE_DEVICE_ACPI, 0, METHOD_BUFFERED, 
| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 

46944| #define IOCTL_ACPI_EVAL_METHOD 

| CTL_CODE(FILE_DEVICE_ACPI, 1, METHOD BUFFERED, 
| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 

46945| #define IOCTL_ACPI_ACQUIRE_GLOBAL_LOCK 

| CTL_CODE(FILE_DEVICE_ACPI, 4, METHOD_BUFFERED, 
| FILE_READ_ACCESS | FILE_WRITE_ACCESS) 

46946| #define IOCTL_ACPI_RELEASE_GLOBAL_LOCK 

| CTL_CODE(FILE_DEVICE_ACPI, 5, METHOD_BUFFERED, 
| FILE READ ACCESS | FILE_WRITE_ACCESS) 

46947| #endif 

46948| // whistler build 241 6 sends down acpi commands 

| to the disk driver for some reason.. 
46949| case IOCTL_ACPI_ASYNC_EVAL_METHOD : return 

| " I OCTL_AC P l_AS YN C_E V A L_M ETH O D" ; 
46950| case IOCTL_ACPI_EVAL_METHOD : return 

| "IOCTL_ACPI_EVAL_METHOD"; 
46951 1 case IOCTL_ACPI_ACQUIRE_GLOBAL_LOCK : return 

| "IOCTL_ACPI_ACQUIRE_GLOBAL_LOCK"; 
46952| case IOGTL_ACPI_RELEASE_GLOBAL_LOCK : return 

| "IOCTL_ACPI_RELEASE_GLOBAL_LOCK"; 
46953 1 
46954| 

46955| #endif 
46956| 

46957| default: 



46958 
46959 
46960 
46961 
46962 

I- 
46963 
46964 
46965 
46966 

I 

46967 
I 

46968 
I 

46969 
I 

46970 



return "Unknown IOCTL code"; 



7 



char *File_GetMajorFunctionName ( ULONG MajorFunction ) 
{ 

switch (MajorFunction) { 
case I R P_M J_C R EAT E 
return " I R P_M J_C R EAT E" ; 

case I R P_M J_C R EAT E_NAMED_PIPE 
retu r n " I R P_M J_C R EAT E_N AM E D_P I P E" ; 

case IRP_MJ_CLOSE 
return "IRP_MJ_CLOSE"; 

case IRP_MJ_READ 
return " I R P_M J_R E A D " ; 

case IRP_MJ_WRITE 
| return "IRP_MJ_WRITE"; 
46971| case IRP_MJ_QUERY_INFORMATION 
1RP_MJ_QUERY_INFORMATION"; 

case IRP_MJ_SET_INFORMATION 
'IRP_MJ_SET_INFORMATION"; 

case I R P_M J_Q U E R YE A 
' I R P_M J_Q U E R Y_E A" ; 

case IRP_MJ_SET_EA 
'IRP_MJ_SET_EA"; 

case IRP_MJ_FLUSH_BUFFERS 
'IRP_MJ_FLUSH_BUFFERS"; 
case I RP_MJ_QUERY_VOLUME_IN FORMATION : 
| return "I RP_MJ_QUERY_VOLUME_IN FORMATION"; 
46977| case IRP_MJ_SET_VOLUME_INFORMATION 

| return "IRP_MJ_SET_VOLUME_INFORMATION"; 
469781 case IRP_MJ_DIRECTORY_CONTROL 
"IRP_MJ_DIRECTORY_CONTROL"; 

case IRP_MJ_FILE_SYSTEM_CONTROL 
"IRP_MJ_FILE_SYSTEM_CONTROL"; 

case IRP_MJ_DEVICE_CONTROL 
" I RP_M J_D EVI C E_CONTROL" ; 

case IRP_MJ_INTERNAL_DEVICE_CONTROL 
"IRP_MJ_INTERNAL_DEVICE_CONTROL"; 

case IRP_MJ_SHUTDOWN 
"IRP_MJ_SHUTDOWN"; 

case IRP_MJ_LOCK_CONTROL 
"IRP_MJ_LOCK_CONTROL"; 

case IRP_MJ_CLEANUP 
"IRP_MJ_CLEANUP"; 
case I R P_M J_C R EAT E_M A I LS LOT 
| return " I R P_M J_C R EAT E_M A I LS LOT" ; 
469861 case IRP_MJ_QUERY_SECURITY 



| return 
46972 

| return 
46973 

| return 
46974 

| return 
46975 

| return 
46976 



| return 
46979 

| return 
46980 

| return 
46981 

| return 
46982 

| return 
46983 

| return 
46984 

| return 
46985 



I return "IRP_MJ_QUERY_SECURITY"; 
46987| case IRP_MJ_SET_SECURITY 

| return "IRP_MJ_SET_SECURITY"; 
46988| 

46989| #if _WIN32_WINNT<0x0500 
469901 case IRP MJ SET POWER 



| return "IRP_MJ_SET_POWER"; 



46991 



| return "IRP_MJ_QUERY_POWER"; 



46992 
46993 



| return "IRP_MJ_POWER"; 



46994 



| return "IRP_MJ_SYSTEM_CONTROL"; 



46995 



| return "IRP_MJ_DEVICE_CHANGE"; 



46996 



| return " I R P_M J_Q U E R Y_QU OTA" ; 



46997 



return "IRP_MJ_SET_QUOTA"; 



46998 



| return "IRP_MJ_PNP"; 



46999 
47000 
47001 
47002 
47003 
47004 
47005 
47006 

I) 
47007 
47008 
47009 
47010 



47011 



47012 



47013 



47014 



47015 



47016 



47017 



case IRP MJ QUERY POWER 



#else 



case IRP MJ POWER 



case IRP MJ SYSTEM CONTROL 



case IRP MJ DEVICE CHANGE 



case IRP MJ QUERY QUOTA 



case IRP MJ SET QUOTA 



case IRP MJ PNP 



#endif 
default: 

return "Unknown function"; 

} 

} 



char *File_GetPnpMinorFunctionName( ULONG MinorFunction 
{ 

#if _WIN32_WINNT>=0x0500 
switch(MinorFunction) { 

case IRP MN START DEVICE 



| return " I R P_M N_ST A RT_D E V I C E" 



case IRP_MN_QUERY_REMOVE_DEVICE 



| return "IRP_MN_QUERY_REMOVE_DEVICE"; 



case IRP MN REMOVE DEVICE 



| return "IRP_MN_REMOVE_DEVICE"; 



case IRP MN CANCEL REMOVE DEVICE 



| return "IRP MN CANCEL REMOVE DEVICE" 



case IRP_MN_STOP_DEVICE 



| return "IRP_MN_STOP_DEVICE"; 



case IRP MN QUERY STOP DEVICE 



| return "IRP_MN_QUERY_STOP_DEVICE"; 



case IRP MN CANCEL STOP DEVICE 



| return "IRP_MN_CANCEL_STOP_DEVICE"; 



case IRP MN QUERY DEVICE RELATIONS 



| return "IRP MN QUERY DEVICE RELATIONS"; 



47018| case I R P_M N_Q U E R Y_l N T E R F A C E 

| return "IRP_MN_QUERY_INTERFACE"; 
47019| case I R P_M N_Q U E R Y_C A P AB I L I T I ES 

| return "IRP MN QUERY CAPABILITIES"; 
47020| case IRP_MN_QUERY_RESOURCES 

| return "IRP_MN_QUERY_RESOURCES"; 
47021 1 case IRP_MN_QUERY_RESOURCE_REQUIREMENTS : 

| return "IRP_MN_QUERY_RESOURCE_REQUIREMENTS"; 
47022| case IRP_MN_QUERY_DEVICE_TEXT 

| return " I R P_M N_QU E R Y_D E V I C E_T EXT" ; 
47023| case IRP_MN_FILTER_RESOURCE_REQUIREMENTS: 

| return "IRP_MN_FILTER_RESOURCE_REQUIREMENTS"; 
47024| case IRP_MN_READ_CONFIG 

| return "IRPMNREADCONFIG"; 
47025| case IRP_MN_WRITE_CONFIG 

| return "IRP_MN_WRITE_CONFIG"; 
47026| case IRP_MN_EJECT 

| return "IRP_MN_EJECT"; 
47027| case IRP_MN_SET_LOCK 

| return "IRP_MN_SET_LOCK"; 
47028| case I RP_MN_QU ERY_I D 

| return "IRPMNQUERYID"; 
47029| case I R P_M N_Q U E R Y_P N P_D E V I C E_STAT E 

| return " I R P_M N_Q U E R Y_P N P_D E V I C E STAT E" ; 
47030| case IRP_MN_QUERY_BUS_INFORMATION 

| return "I RP_MN_QUERY_BUS_IN FORMATION"; 
47031| case IRP_MN_DEVICE_USAGE_NOTIFICATION : 

| return "IRP_MN_DEVICE_USAGE_NOTIFICATION"; 
47032| case IRP_MN_SURPRISE_REMOVAL 

| return "IRP_MN_SURPRISE_REMOVAL"; 
47033| case I R P_M N_Q U E R Y_L E G AC Y_B U S_l N FO R M AT ION: 

| return "I RP_MN_QUERY_LEGACY_BUS_IN FORMATION"; 
47034| default: 

47035| return "Unknown function"; 
47036| } 
47037| #else 

47038| return "Unknown function"; 
47039| #endif 
47040| } 
47041 | 

47042| char *File_GetPowerMinorFunctionName( ULONG 

| MinorFunction ) 
47043 1 { 

47044| #if _WIN32_WINNT>=0x0500 

47045| switch(MinorFunction) { 

47046| case IRP_MN_WAIT_WAKE : return 

| "IRP_MN_WAIT_WAKE"; 
47047| case IRP_MN_POWER_SEQUENCE : return 

| "IRP_MN_POWER_SEQUENCE"; 
47048| case IRP_MN_SET_POWER : return 



I "IRP_MN_SET_POWER"; 
47049| case IRP_MN_QUERY_POWER : return 

| "IRPMNQUERYPOWER"; 
47050| default: 

47051 1 return "Unknown function"; 
47052 1 } 
47053 1 #else 

47054| return "Unknown function"; 
47055| #endif 
47056| } 
47057| 

47058| char *File_GetSystemControlMinorFunctionName( ULONG 

| MinorFunction ) 
47059 1 { 

47060| #if _WIN32_WINNT>=0x0500 
47061 1 switch(MinorFunction) { 

47062| case IRP_MN_QUERY_ALL_DATA : return 

| " I R P_M N_Q U E R Y_AL L_D ATA" ; 
47063| case IRP_MN_QUERY_SINGLE_INSTANCE : return 

| "IRP_MN_QUERY_SINGLE_INSTANCE"; 
47064| case IRP_MN_CHANGE_SINGLE_INSTANCE : return 

| "IRP MN CHANGE SINGLE INSTANCE"; 
47065| case IRP_MN_CHANGE_SINGLE_ITEM : return 

| "IRP_MN_CHANGE_SINGLE_ITEM"; 
47066| case IRP_MN_ENABLE_EVENTS : return 

| "IRP_MN_ENABLE_EVENTS"; 
47067| case I RP MN DISABLE EVENTS : return 

| "IRP_MN_DISABLE_EVENTS"; 
47068| case IRP_MN_ENABLE_COLLECTION : return 

| "IRP_MN_ENABLE_COLLECTION"; 
47069| case IRP_MN_DISABLE_COLLECTION : return 

| "IRP MN DISABLE COLLECTION"; 
47070| case IRP_MN_REGINFO : return 

| "IRP_MN_REGINFO"; 
47071 1 case IRP_MN_EXECUTE_METHOD : return 

| "IRP_MN_EXECUTE_METHOD"; 
47072| default: 

47073| return "Unknown function"; 
47074| } 
47075| #else 

47076| return "Unknown function"; 
47077| #endif 
47078| } 
47079| 

47080| #endif 
47081 | 
47082 1 
47083 | 

47084| File Listing: FILE.h 
47085| 
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I); 

47121 
47122 
47123 

I); 

47124 



PUNICODE_STRING File_GetFullFileName( 
PFILE_OBJECT fileObject 

); 

PUNICODE_STRING File_GetFileName( 
PFILE_OBJECT fileObject 

); 

int FileJsPagingFile ( 

PDEVICE_OBJECT DeviceObject, 
PIRP Irp 

); 

PUNICODE_STRING File_QueryFileName( 
PFILE_OBJECT fileObject 

); 

NTSTATUS File_QueryMFTEntryNumber( 
PFILE_OBJECT fileObject, 
ULARGEJNTEGER &ld); 

#define MAX_NTFS_ENTRY_NUM 16 
CHAR *NtFsMetaDataFileNames[]; 

#ifdef DEBUG 
void File_Printlrp( 

PCCHAR Msg, 

PDEVICE_OBJECT DeviceObject, 
PIRP Irp 

); 

void File_PrintOnel_iner( 

PCCHAR Msg, 

PDEVICE_OBJECT DeviceObject, 
PIRP Irp 

); 

char *File_GetMajorFunctionName ( ULONG MajorFunction 

char *File_GetloTypeName ( ULONG loType ); 

char *File_GetlOCTLString( ULONG loControlCode ); 

char *File_GetPnpMinorFunctionName( ULONG MinorFunction 

char *File_GetSystemControlMinorFunctionName( ULONG 



| MinorFunction ); 
47125| char *File_GetPowerMinorFunctionName( ULONG 

| MinorFunction ); 
47126| 
47127| #else 

47128| #define File_Printlrp( Msg, DeviceObject, Irp ) 
47129| #define File_PrintOneLiner( Msg, DeviceObject, Irp ) 
47130| #define File_GetMajorFunctionName ( MajorFunction ) 
47131 1 #define File_GetloTypeName ( loType ) 



47132| #define File_GetlOCTLString( loControlCode ) 
47133| #define File_GetPnpMinorFunctionName( MinorFunction ) 
47134| #define File_GetSystemControlMinorFunctionName( 
| MinorFunction ) 

47135| #define File_GetPowerMinorFunctionName( MinorFunction ) 

47136| #endif 

47137| 

47138| 

47139| 

47140| File Listing: FLUSH.cpp 
47141| 

47142| #include "precomp.h" 

47143| 

47144| 

47145| /* 



47146| NTSTATUS 
47147| PSManFlush( 

47148| IN PDEVICE_OBJECT DeviceObject, 

47149| IN PIRP Irp 

47150| ) 

47151| 

47152| /*++ 

47153| 

47154| Routine Description: 
47155| 

471 56| Passes the Irp to the correct handler 
47157| 

47158| Arguments: 
47159| 

471 60| DriverObject - Pointer to device object to being 

| shutdown by system. 
47161| Irp - IRP involved. 
47162| 

47163| Return Value: 
47164| 

47165| NT Status 

47166| 

47167| -7 

47168| 

47169| { 

47170| 

47171| NTSTATUS Status; 
47172| 

471 73 1 switch(PsmGetObjectType(DeviceObject)) { 
47174| case OBJECTJNTERNAL 
471 75 1 Status = PSManFlushObject(DeviceObject, 

I Irp); 

47176| break; 

47177| case OBJECT_FILTEREDDISK : 



47178| 

I "rp); 

47179| 
47180| 
47181| 

I "rp); 

47182| 
47183| 
47184| 

I "rp); 

47185| 
47186| 
47187| 

I "rp); 

47188| 



Status = PSManFlushDevice(DeviceObject, 



break; 

case OBJ ECT_VIRTUALDISK : 

Status = PSManFlushVDisk(DeviceObject, 



break; 

caseOBJECT_FS_OBJECT : 

Status = PSManFlushFSObject(DeviceObject, 



break; 

case OBJ ECT_FS_FILTER : 

Status = PSManFlushFSFilter(DeviceObject, 



break; 



47189| default: 

47190| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 
47191 1 lrp->loStatus. Information = 0 ; 
47192| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
47193| break; 
47194| } 

47195| return Status; 
47196| 

47197| } // end PSManFlush() 

47198| 

47199| 

47200| /* 



47201| STATIC NTSTATUS 

47202| PSManFlushObject( 

47203| IN PDEVICE_OBJECT DeviceObject, 

47204| IN PIRP Irp 

47205| ) 

47206| 

47207| /*++ 

47208| 

47209| Routine Description: 
47210| 

4721 1 1 This routine is called for a flush IRPs. These are 
| sent by the 

47212| system when the file system does a flush. 
47213| 

47214| Arguments: 
47215| 

4721 6| DriverObject - Pointer to device object to being 

| shutdown by system. 
47217| Irp - IRP involved. to being 

| shutdown by system. 
47218| 



47219| Return Value: 
47220| 

47221| NT Status 

47222| 

47223| -7 

47224| 

47225| { 

47226| NOT_REFERENCED(DeviceObject); 
47227| Debug(DEBUG_PROCCALL,("PSManFlushObject 
| Called\n")); 

47228| lrp->loStatus.Status = STATUS_SUCCESS; 

47229| lrp->loStatus. Information = 0; 

47230| 

47231 1 loCompleteRequest(lrp, IO_NO_INCREMENT); 

47232| Debug(DEBUG_PROCCALL,( M PSManFlushObject Done\n")); 

47233| return STATUS_SUCCESS; 

47234| 

47235| } //end PSManFlushObject() 

47236| 

47237| 

47238| /* 



47239| STATIC NTSTATUS 

47240| PSManFlushDevice( 

47241 1 IN PDEVICE_OBJECT DeviceObject, 

47242| IN PIRP Irp 

47243 1 ) 

47244| 

47245| /*++ 

47246| 

47247| Routine Description: 
47248| 

47249| This routine is called for a flush IRPs. These are 
| sent by the 

47250| system when the file system does a flush. 
47251 | 

47252 1 Arguments: 
47253 1 

47254| DriverObject - Pointer to device object to being 

| shutdown by system. 
47255| Irp - IRP involved. 
47256| 

47257| Return Value: 
47258| 

47259| NT Status 
47260 | 
47261 1 -7 
47262 1 
47263 | { 

47264| NTSTATUS Status; 



47265| /* 

47266| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
47267| TRACE( TRACEFLUSH, 
47268| 

| currentlrpStack->Parameters.Read.ByteOffset.HighPart, 
47269| 

| currentlrpStack->Parameters.Read.ByteOffset.LowPart, 
47270| currentlrpStack->Parameters. Read. Length, 

47271 1 currentlrpStack->Parameters. Read. Key, 

47272 1 ""); 
47273| #ifdef DEBUG 
47274 1 if (Psm Active) { 
47275| Debug(DEBUG_FLUSH | 

| DEBUG_PROCCALL,("PSManFlush Device Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
47276| } 
47277| #endif 
47278| 7 

47279| Status = PSManPassThru( DeviceObject, Irp ); 
47280 1 /* 

47281 1 #ifdef DEBUG 

47282 1 if (Psm Active) { 

47283| Debug(DEBUG_FLUSH | 

| DEBUG_PROCCALL,("PSManFlush Device Done Device=%p, 
| lrp=%p, Status=%08x\n M ,DeviceObject,lrp,Status)); 

47284| } 

47285| #endif 

47286| 7 

47287| return Status; 
47288| 

47289| } //end PSManFlushDeviceQ 
47290 | 
47291 | 

47292| /* 



47293| STATIC NTSTATUS PSManFlushVDisk( 
47294| IN PDEVICE_OBJECT DeviceObject, 
47295| IN PIRP Irp 
47296| ) 
47297| { 

47298| NTSTATUS Status=STATUS_SUCCESS; 
47299 | 

47300| Debug(DEBUG_PROCCALL | DEBUG_FLUSH,("PSManFlushVDisk 

| Called Dev=%p, I rp=%p\n", DeviceObject, Irp)); 
47301 1 lrp->loStatus. Information = 0; 
47302| lrp->loStatus. Status = Status; 
47303| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
47304| Debug(DEBUG_PROCCALL | DEBUG_FLUSH,("PSManFlushVDisk 

| Done\n")); 



47305| 

47306| return Status; 

47307| } 

47308| 

47309| 

47310| r 



4731 1 1 STATIC NTSTATUS 

47312| PSManFlushFSFilter( 

47313| IN PDEVICE_OBJECT DeviceObject, 

47314| INPIRPIrp 

47315| ) 

47316| 

47317| /*++ 

47318| 

47319| Routine Description: 
47320| 

47321 1 This routine is called for a flush IRPs. These are 
| sent by the 

47322| system when the file system does a flush. 
47323 1 

47324| Arguments: 
47325| 

47326| DriverObject - Pointer to device object to being 

| shutdown by system. 
47327| Irp - IRP involved. 
47328| 

47329| Return Value: 
47330 1 

47331 1 NT Status 
47332 1 
47333 1 --*/ 
47334| 
47335| { 

47336| NTSTATUS Status; 
47337| r 

47338| #ifdef DEBUG 

47339 1 if (Psm Active) { 

47340| Debug(DEBUG_FLUSH | 

| DEBUG_PROCCALL,("PSManFlushFSFilter Called Device=%p, 

| I rp=%p\n", DeviceObject, Irp)); 
47341 | } 
47342| #endif 
47343 1 7 

47344| Status = PSManFSPassThru( DeviceObject, Irp ); 
47345| r 

47346| #ifdef DEBUG 

47347| if(PsmActive) { 

47348| Debug(DEBUG_FLUSH | 

| DEBUG_PROCCALL,("PSManFlushFSFilter Done Device=%p, 



I lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 
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} 

#endif 

7 

return Status; 
} // end PSManFlushFSFilter() 



r 

7 

STATIC NTSTATUS PSManFlushFSObject( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

) 



{ 



NTSTATUS Status=STATUS_SUCCESS; 



Debug(DEBUG_PROCCALL | 
| DEBUG_FLUSH,("PSManFlushFSObject Called Dev=%p, 
| lrp=%p\n", DeviceObject, Irp)); 
47366| lrp->loStatus. Information = 0; 
47367| lrp->loStatus.Status = Status; 
47368| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
47369| Debug(DEBUG_PROCCALL | 

| DEBUG_FLUSH,("PSManFlushFSObject Done\n")); 
47370 1 

return Status; 



} 



File Listing: FLUSH. h 

r 

NTSTATUS 
PSManFlush( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManFlushObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManFlushDevice( 

IN PDEVICE_OBJECT DeviceObject, 
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IN PIRP Irp 

); 

STATIC NTSTATUS PSManFlushVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManFlushFSObject( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManFlushFSFilter( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 



File Listing: header.h 

#ifndef PSM_HEADER_DATA_STRUCTURES 

#define PSM_HEADER_DATA_STRUCTURES 3 

// a magic number which happens to be my birthday 
#define PSM HEADER SIGNATURE 0x03191972 
#define PSM_HEADER_MINOR_VERSION 0x1 0000000 
#define PSM_HEADER_MINOR_MASK OxfOOOOOOO 
#define PSM_HEADER_SIGNATURE_MASK OxOfffffff 



#define SIZE_OF_SNAPSHOT_BITMAP 
| (sizeof(RTL_BITMAP)+((MAX_NUMBER_OF_SNAPSHOTS+31) / 32) 
1*4) 

typedef struct skSnapShotMaster *pkSnapShotMaster; 



typedef struct sDisklnternalSnapShot { 

ULONG SequenceNumber; 

LARGEJNTEGER SnapShotTime; 

ULONG Externallnstance; 

ULONG GroupNumber; 

ULONG Status; 

ULONG NumToKeep; 

BYTE Priority; 

BYTE SnapShotFlags; 

BYTE Reserved 1; 

BYTE Reserved2; 

WCHAR UserSnapShotName[256]; 
} tDisklnternalSnapShot, *pDisklnternalSnapShot; 



47442| typedef struct slnternalSnapShot { 
47443| // The volatile, in-memory-only parts of a 

| snapshot... 
47444| LISTENTRY ListEntry; 
47445| pkSnapShotMaster SnapShotMaster; 
47446| ULONG ReferenceCount; 
47447| PVOID DllPrivateUse; 
47448| 

47449| // All the stuff that will be saved on disk 

| (but only if snapshot is persistent)... 
47450| tDisklnternalSnapShot Permanent; 
47451 1 } tlnternalSnapShot, *plnternalSnapShot; 
47452 1 
47453| 
47454| 

| // 

| 

47455| // Data types needed for header file: 
47456| 

47457| #pragma warning (push) 

47458| #pragma warning (disable:4200) 

47459| Hint -save -e437 

47460 1 typedef struct sHeader { 

47461| ULONG Version; 

47462| ULONG Size; 

47463| ULONG Signature; 

47464| ULONG GranuleSizelnBytes; 

47465| ULONG IndexLoadWheel; 

47466| ULONG HighestSnapNumber; 

47467| LARGEJNTEGER DateTimeWritten; 

47468| tRevertlnfo Revertlnfo; 

47469| tDisklnternalSnapShot SnapShotsQ; 

47470| } tHeader, *pHeader; 

47471 1 Hint -restore*/ 

47472| #pragma warning (pop) 

47473 1 

47474| #define PSM_INDEX_FLAG_NORMAL (0) 
47475| #define PSM_INDEX_FLAG_VIRTUAL_WRITE (1 ) 
47476| 

47477| typedef struct sDiskNode { 
47478| ULONG Volumeld; // volume this granule 
| applies to 

47479| ULONG DasdGranule; // granule number of 

| data's original location on dasd 
47480| ULONG SnapshotNumber; // unique 32-bit 

| snapshot number holding the cached data 
47481 1 ULONG CacheNode; // granule number in 

| cache file for this data granule 
47482| ULONG DataChecksum; // checksum of cached 

| data granule 



47483| ULONG Flags; // Flags of granule in 

| cache file (normal, virtual write, etc..) 
47484| } tDiskNode, *pDiskNode; 
47485| 

47486| typedef struct slndexSectorPrefix { 

47487| ULONG IndexChecksum; // checksum of 

| rest of structure (i.e. 512-4 = 508 bytes), 0=ignore 
47488| ULONG PrefixSize; // how big this 

| structure is (so it can be skipped to find disk nodes) 
47489| ULONG Version; //version 

| number for index file format 
47490| ULONG Sequence; //counter 

| incremented every time we write an index sector 
47491| LARGEJNTEGER DateTi me Written; //when 

| this index sector was written (or zero for 

| End-Of-lndex-File marker) 
47492| } tlndexSectorPrefix, *plndexSectorPrefix; 
47493| 

47494| #define PSM_INDEX_VERSION_2 (2) 
47495| #define PSM_HEADER_VERSION_2 (2) 
47496| #define PSM_HEADER_CURRENT_VERSION 

| PSM_HEADER_VERSION_2 
47497| #define PSM_INDEX_CURRENT_VERSION 

| PSM_INDEX_VERSION_2 
47498| #define DISK_NODES_PER_INDEX_SECTOR 

| ((51 2-sizeof (tlndexSectorPrefix)) / sizeof(tDiskNode)) 
47499 1 

47500| typedef struct slndexSectorlnfo { 
47501| tlndexSectorPrefix Prefix; 
47502| tDiskNode DiskNode 

| [DISK_NODES_PER_INDEX_SECTOR]; 
47503| } tlndexSectorlnfo, *plndexSectorlnfo; 
47504| 

47505| typedef union ulndexSector { 

47506| tlndexSectorlnfo Info; //the 

| actual data we care about 
47507| unsigned char Filler [51 2]; // pads the 

| structure to be 512 byte sector size 
47508| } tlndexSector, *plndexSector; 
47509 1 

4751 0| typedef struct sShared { 

47511| ULONG Count; 

47512| ERESOURCE TreeResource; 

47513| tTree Tree; 

47514| PRTL BITMAP Map; 

47515| PRTL_BITMAP MaplnTransform; 

47516| ULONG HighestSequence; 

47517| BOOLEAN RecycleNeeded; 

47518| key Type LastDirtyKey; 

4751 9| key Type HighestKeyKnownClean; 



47520| tTree VirtualWritesTree; 
47521 1 ULONG ClusterSize; 
47522| } tShared, *pShared; 
47523 1 
47524| 

47525| #endif /* PSM_HEADER_DATA_STRUCTURES 7 

47526| 

47527| /*— end of file header.h —7 
47528| 
47529 1 
47530 1 

47531| File Listing: lOCTL.h 
47532| 

47533| #include <devioctl.h> 
47534| 

47535| Hint -save -e437 
47536| // psm ioctls 

47537| #define IOCTL_GET_VERSION 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA0,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47538| #define IOCTL_TURNON_PSM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA1 ,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47539| #define IOCTL_TURNOFF_PSM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA2,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47540| #define I OCTL G ET E R RO R 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA3,METHOD_OUT_DIRECT,FIL 

I E_ANY_ACCESS) 
47541 1 //#def ine IOCTL_GET_STATS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA4,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47542| #define IOCTL_SET_WIN32_LINK 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA6,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47543| #define IOCTL_OPEN_EX 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA7,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47544| #define IOCTL_CLOSE_EX 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA8,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47545| #define lOCTL FREE VOLUME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA9,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47546| #define IOCTL FREE RANGES 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAB,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47547| #define IOCTL_GET_PROGRESS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAC,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 



47548| //#define IOCTL_GET_PSM_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAD,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47549| #define IOCTL_SET_FLUSH_ROUTINE 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAE,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47550| #define IOCTL_GET_VOLUME_STATS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAF,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47551 1 #def ine IOCTL_GET_VOLUME_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB0,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47552| #define IOCTL_GET_PERSISTENT_SNAPSHOTS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB1 ,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47553| #define IOCTL_GET_KERNEL_SNAPSHOT_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB2,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47554| #define IOCTL_GET_KERNEL_SNAPSHOT_VOLUMES 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB3,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47555| #define IOCTL_GET_USER_NAME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB4,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47556| #define IOCTL_SET_USER_NAME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB5,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47557| //vdisk ioctls 

47558| #define IOCTL_UNWRITE_PROTECT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB6,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47559| #define IOCTL_WRITE_PROTECT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB7,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47560| #define IOCTL_IS_PSM_VOLUME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB8,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47561 | 

47562| // back to internal ioctl codes 

47563| #define IOCTL_SET_KERNEL_SNAPSHOT_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC0,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47564| #define IOCTL_REVERT_TO_PRISTINE 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC1 ,METHOD_BUFFE RED, FILE 

| ANY_ACCESS) 
47565| #define IOCTL_REVERT_TO_SNAPSHOT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC2,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47566| #define IOCTL_INFORM_SYSTEM_READY 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC3,METHOD_BUFFERED,FILE_ 



I ANY_ACCESS) 
47567| #define IOCTL_LOG_EVENT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC4,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47568| #define IOCTL_GET_VOLUME_CACHE_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC5,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47569| #define IOCTL_GET_PSM_EVENT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC6,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47570| #define IOCTL_CREATE_FILES 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC7,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47571 | 

47572 1 #ifdef _DEBUG 

47573| #define IOCTL_TEST_FUNCTION 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xFFD,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
47574| #define IOCTL_BUG_CHECK 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xFFE,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47575| #endif 
47576| #if MEM DBG 

47577| #define I OCTL_G ET M E M O R Y_U SAG E 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xFFF,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
47578| #endif 
47579 1 

47580| typedef ULONG (*PUSER_MODE_ROUTINE)( PVOID Context ); 
47581 | 

47582 1 #define 

| RunlnRingO(Driver,Routine,Context,BytesReturned) 

| DeviceloControl(hDriver,IOCTL_RUN_IN_RING0,Context,sizeo 

| f(PVOID),Routine,sizeof(PVOID),BytesReturned) 

47583 1 

47584| #define PSM_IFLAG_NEW_SNAPSHOT 0x01 
47585| #define PSM_IFLAG_PERSISTENT 0x02 
47586| #define PSM_IFLAG_SAVE_TEMP_ON_EXIT 0x80 
47587| 

47588| #define LINK_SetLink 0 
47589| #define LINK_DeleteLink 1 
47590 1 

47591 1 #define PSM_EVENT_CLEAN_CLUSTER_REGISTRY 1 
47592| #define PSM_EVENT_VOLUME_ONLINE 2 
47593 1 

47594| #define LENGTH_OF_UNIQUE 

| (((1 6*sizeof (WCHAR))*2)+(sizeof(WCHAR)*2)) 
47595| 

47596| typedef struct sPSM_GetPSMEvent { 
47597| ULONG Event; 



47598| ULONG KernelSnapShotPointer; 

47599| WCHAR Uniqueld[LENGTH_OF_UNIQUE]; // string in the 

| form of '123456781234567812345678' 
47600| WCHAR VolumeGuid[200]; 
47601 1 WCHAR NTName[200]; 
47602 1 

47603| union { 

47604| struct { 

47605| ULONG Stuff; 

47606| } CleanClusterRegistry; 

47607| struct { 

47608| ULONG Stuff; 

47609| } VolumeOnline; 

47610| struct{ 

47611| char DoNotUse; 

47612| } DoNotUse; 

47613| }; 

47614| } tPSM_GetPSMEvent,*pPSM_GetPSMEvent; 
47615| 

47616| typedef struct sPSM_SetWin32Link { 

4761 7| ULONG Operation; 

4761 8| WCHAR Win32Link[256]; 

47619| WCHAR NTDeviceName[256]; 

47620| } tPSM_SetWin32Link,*pPSM_SetWin32Link; 

47621 | 

47622| typedef struct sPSM_GetVolumeCachelnfoln { 
47623| WCHAR VolumeName[256]; 
47624| } tPSM_GetVolumeCachelnfoln, 

| *pPSM_GetVolumeCachelnfoln; 
47625| 

47626| typedef struct sPSM_FreeVolume { 
47627| PVOID KernelSnapShotPointer; 
47628| WCHAR VolumeName[256]; 
47629| } tPSM_FreeVolume, *pPSM_FreeVolume; 
47630| 

47631 1 typedef struct sPSM_SnapShotPointer { 

47632| PVOID KernelSnapShotPointer; 

47633| } tPSM_SnapShotPointer, *pPSM_SnapShotPointer; 

47634| 

47635| typedef struct sPSM_RevertToSnapShotln { 
47636| PVOID KernelSnapShotPointer; 
47637| ULONG RevertFlags; 

47638| } tPSM_RevertToSnapShotln, *pPSM_RevertToSnapShotln; 
47639| 

47640| #define tPSM_GetKernelSnapShotlnfoln 

| tPSM_SnapShotPointer 
47641 1 #define sPSM_GetKernelSnapShotlnfoln 

| sPSM_SnapShotPointer 
47642| #define pPSM_GetKernelSnapShotlnfoln 

| pPSM_SnapShotPointer 



47643| 

47644| typedef struct sPSM_SetUserNameln { 

47645| PVOI D KernelSnapShotPointer; 

47646| WCHAR Name[256]; 

47647| } tPSM_SetUserNameln, *pPSM_SetllserNameln; 

47648| 

47649| typedef struct sPSM_SetKernelSnapShotlnfoln { 
47650| PVOID KernelSnapShotPointer; 
47651 1 tPSM_SetKernelSnapShotlnfo Info; 
47652| } tPSM_SetKernelSnapShotlnfoln, 

| *pPSM_SetKernelSnapShotlnfoln; 
47653 1 

47654| typedef struct sPSM_GetKernelSnapShotlnfoOut { 
47655| LARGE INTEGER SnapShotTime; // time snapshot 
| occured. 

47656| ULONG Instance; // instance number 

| for this snapshot for volume mapping 
47657| NTSTATUS Status; //status that 

| caused this snapshot to be canceled. 



47658| 


ULONG 


Persistent; 


47659 1 


PVOID 


DllPrivateUse; 


47660 1 


PVOID 


CallerPrivateUse; 


47661 | 


ULONG 


NumToKeep; 


47662 1 


BYTE 


Priority; 


47663 | 


BYTE 


SnapShotFlags; 


47664| 


BYTE 


Reserved 1; 


47665| 


BYTE 


Reserved2; // padding 


47666| 


WCHAR 


UserSnapShotName[256]; 



47667| } tPSM_GetKernelSnapShotlnfoOut, 

| *pPSM_GetKernelSnapShotlnfoOut; 
47668| 

47669| #pragma warning (push) 
47670| #pragma warning (disable:4200) 
47671 1 Hint -save -e43 -e1501 7 
47672 1 

47673| typedef struct sOpenTransactionlnlnternal { 



47674| 


DWORD 


Size; 


47675| 


WCHAR 


CacheFileName[256] ; 


47676| 


DWORD 


SizeOfCacheFileMB; 


47677| 


DWORD 


MaxSizeOfCacheFileMB; 


47678| 


DWORD 


Flags; 


47679 1 


DWORD 


InternalFlags; 


47680 1 


DWORD 


QuiescentWait; 


47681 | 


DWORD 


Qu iescentTi meo ut ; 


47682 1 


HANDLE 


ErrorEvent; 


47683 | 


HANDLE 


AbortEvent; 


47684| 


PVOID 


DllPrivateUse; 


47685| 


PVOID 


CallerPrivateUse; 


47686| 


ULONG 


NumToKeep; 


47687| 


BYTE 


Priority; 



47688| 
47689| 
47690| 
47691| 
47692| 



ULONG 
ULONG 



BYTE 



BYTE 



BYTE 



SnapShotFlags; 
Reservedl ; 
Reserved2; // padding 

N u mberOf Devices ; 

DeviceName[]; // offset from 



| beginning of this structure 
47693| } tOpenTransactionlnlnternal, 

| *pOpenTransactionlnlnternal; 
47694| 

47695| typedef struct sOpenTransactionOutlnternal { 

47696| PVOID KernelSnapShotPointer; // cant access kernel 

| mode addresses in user mode 
47697| LARGEJNTEGER SnapShotTime; // time snapshot 

| occured. 

47698| ULONG Instance; // instance number 

| for this snapshot for volume mapping 
47699| WCHAR CacheFileName[256]; //cache file 

| name being used 
47700| ULONG Persistent; 
47701| ULONG NumberOf Devices; 

47702| ULONG DeviceName[]; //offset from 

| beginning of this structure 
47703| } tOpenTransactionOutlnternal, 

| *pOpenTransactionOutlnternal; 
47704| 

47705| typedef struct sPSM_LogEvent { 

47706| ULONG Eventld; 

47707| ULONG Status; 

47708| ULONG NumStrings; 

47709| WCHAR *Strings[]; 

47710| } tPSM_LogEvent,*pPSM_LogEvent; 

4771 1 | 

47712| Hint -restore*/ 

47713| #pragma warning (pop) 

47714| 

47715| typedef struct sClosePSM Internal { 

4771 6| PVOID KernelSnapShotPointer; // cant access kernel 

| mode addresses in user mode 
47717| } tClosePSMInternal, *pClosePSMInternal; 
47718| 

47719| typedef struct sPSMVolumelnfoln { 

47720| unsigned short Size; 

47721 1 unsigned short Version; 

47722| WCHAR VolumeName[256]; 

47723| } tPSMVolumelnfoln, *pPSMVolumelnfoln; 

47724| 

47725| typedef struct sPSM_GetPersistentSnapShotsOut { 
47726| PVOID KernelPointers[MAX_NUMBER_OF_SNAPSHOTS]; 
47727| } tPSM_GetPersistentSnapShotsOut, 
| *pPSM_GetPersistentSnapShotsOut; 



47728 
47729 
47730 
47731 
47732 
47733 
47734 
47735 
47736 
47737 
47738 
47739 
47740 
47741 
47742 
47743 
47744 
47745 
I Fi 
47746 
47747 
47748 
47749 
47750 
47751 
47752 
47753 
47754 
47755 
47756 
47757 
47758 
47759 

I- 
47760 
47761 
47762 
47763 
47764 
47765 
47766 
47767 
47768 
47769 
47770 
47771 
47772 



47773 
47774 



typedef struct sPSMVolumelnfoOut { 

ULONG SectorsPerCluster; 

ULONG ClusterOOffset; 
} tPSMVolumelnfoOut, *pPSMVolumelnfoOut; 

#if MEMDBG 

typedef struct sGetMemoryUsageOut { 

ULONG MemTotalNonpagedAlloced; 

ULONG MemTotal Paged Alloced; 

ULONG MemMaxNonpagedAlloced; 

ULONG MemMax Paged Alloced; 
} tGetMemoryUsageOut, *pGetMemoryUsageOut; 

#endif 

typedef struct sSetFlushRoutine { 

NTSTATUS (*ZwFlushBuffersFile)( IN HANDLE 
leHandle, OUT PIO_STATUS_BLOCK loStatusBlock ); 
} tSetFlushRoutine,*pSetFlushRoutine; 

/*lint -restore*/ 



File Listing: iodirect.cpp 
#include "precomp.h" 

ULONG PSMDirectlOOptions=0; 

// 



void MapDirectlo::reset() 
{ 

Profile("MapDirectlo::reset M ); 
//Debug(DEBUG_DICT,("MapDirectlo::reset\n")); 
#if 0 

rbtree_lnit(&tree); 
#else 
_try{ 

tTreeLeaf *node = tree. Head Leaf; 
while ( node != tree.TailLeaf ) { 

key Type searchKey = node->Key; 

tTreeLeaf *delnode = rbtree_Delete(&tree, 



searchKey); 



ASSERT ( delnode != NULL ); 
if ( delnode != NULL ) { 



47775| ASSERT ( delnode->Key == searchKey ); 

47776| FreeNode (delnode); 

47777| } 

47778| node = tree.HeadLeaf; 

47779| } 

47780| rbtree_lnit(&tree); 
47781 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
47782| Debug(DEBUG_DICT,("Exception %08x in 

| MapDirectlo::reset\n",GetExceptionCode())); 
47783 1 } 
47784| #endif 
47785| } 
47786| 

47787| // 



47789| MapFileToDisk::MapFileToDisk(): 
47790| openFlag (false), 
47791 1 inverseMapFlag (false), 
47792| clusterSizelnBytes (0), 
47793| sectorSizelnBytes (0) 
47794| { 

47795| Profile("MapFileToDisk::MapFileToDisk"); 
47796| // 

| Debug(DEBUG_DICT,("MapFileToDisk::MapFileToDisk()\n")); 
47797| rbtreejnit (&tree); 
47798| } 
47799| 

47800 1 // 

| 

47801 | 

47802| MapFileToDisk::~MapFileToDisk() 
47803 1 { 

47804| Profile("MapFileToDisk::~MapFileToDisk"); 
47805| // 

| Debug(DEBUG_DICT,("MapFileToDisk::~MapFileToDisk\n")); 
47806| close(); 
47807| } 
47808| 

47809| // 

| 

47810| 

47811| void MapFileToDisk::close() 
47812| { 

4781 3| Prof ile("MapFileToDisk::close"); 

47814| // Debug(DEBUG_DICT,("MapFileToDisk::close 

| (open=%d)\n",openFlag)); 
47815| if ( openFlag ) { 
47816| reset(); 



4781 7| openFlag = false; 
47818| } 
47819| } 
47820| 

47821| // 



47822| 

47823| NTSTATUS MapFileToDisk::Setlnternal ( 
47824| PDEVICE_OBJECT DeviceObject, 
47825| PFILE_OBJECT FileObject, 
47826| RETRIEVAL_POINTERS_BUFFER *rp, 
47827| ULONG ClusterSizelnBytes, 
47828| ULONG SectorSize In Bytes, 

47829| bool ReverseMapping ) 

47830| { 

47831 1 NTSTATUS status = STATUS_SUCCESS; 
47832 1 

47833| Profile( M MapFileToDisk::Setlnternal M ); 

47834| Debug(DEBUG_DICT,("MapFileToDisk::Setlnternal\n")); 

47835| ASSERT ( !openFlag ); 

47836| ASSERT ( ReverseMapping == inverseMapFlag ); 
47837| 

47838| if ( openFlag ) { 

47839| status = STATUSJJNSUCCESSFUL; 
47840| Debug(DEBUG_DEVCON, ("Attempt to call 

| MapFileToDisk::Setlnternal on already open 

| object!\n")); 
47841 1 } else { 
47842 1 reset(); 

47843| LARGEJNTEGER CurrentVcn = rp->StartingVcn; 
47844| LARGEJNTEGER NumClusters = {0}; 
47845| for ( ULONG i=0; i < rp->ExtentCount; ++i ) { 
47846| NumClusters.QuadPart = 

| rp->Extents[i].NextVcn.QuadPart - CurrentVcn. QuadPart; 
47847| if ( ReverseMapping ) { 

47848| // Weirdness alert: when ReverseMapping 

| is true, we swap disk and file clusters 
47849| // in the mapping. This way we can ask 

| for a file offset given a disk offset. 
47850| status = insertExtent ( 

| rp->Extents[i].Lcn, CurrentVcn, NumClusters ); 
47851 1 } else { 

47852| status = insertExtent ( CurrentVcn, 

| rp->Extents[i].Lcn, NumClusters ); 



47853 1 
47854| 
47855| 
47856| 
47857| 
47858| 



CurrentVcn = rp->Extents[i].NextVcn; 



if ( status != STATUS_SUCCESS ) { 
break; 



47859| 

47860| if ( status == STATUS_SUCCESS ) { 

47861 1 openFlag = true; 

47862| deviceObject = DeviceObject; 

47863| fileObject = FileObject; 

47864| clusterSizelnBytes = ClusterSizelnBytes; 

47865| sectorSize In Bytes = SectorSizelnBytes; 

47866| } 



47867| } 
47868| 

47869 1 return status; 
47870 1 } 
47871 | 

47872 1 // 

| 

47873 1 

47874| NTSTATUS MapFileToDisk::insertExtent ( 
47875| LARGE_INTEGER FileClusterOffset, 
47876| LARGEINTEGER DiskClusterOffset, 
47877| LARGEJNTEGER NumClusters ) 
47878| { 

47879| NTSTATUS Status = STATUS_SUCCESS; 
47880| Profile("MapFjleToDisk::insertExtent M ); 
47881 | 

47882| #ifdef DEBUG 

47883| Debug(DEBUG_DEVCON,( M mftd::insertExtent: 
| FileCluster=%l64x, DiskCluster=%l64x, 
| NumClusters=%l64x\n", 

47884| FileClusterOffset. Quad Part, 

47885| DiskClusterOffset.QuadPart, 

47886| NumClusters. QuadPart)); 

47887| #endif r DEBUG*/ 

47888| 

47889| LARGE INTEGER ClustersLeft = NumClusters; 
47890| while ( ClustersLeft.QuadPart > 0 ) { 
47891 1 pTreeLeaf node = AllocNode(); 
47892 1 if ( node ) { 

47893| LARGEJNTEGER Clusters Encoded = 

| ClustersLeft; 
47894| if ( ClustersEncoded. QuadPart >= 

| IODIRECT_MAX_CLUSTER_RUN ) { 
47895| ClustersEncoded. QuadPart = 

| IODIRECT_MAX_CLUSTER_RUN - 1; 
47896| } 
47897| 

47898| // Now the weird part: rearranging the 

| bits we need into the rbtree node. 
47899| // Because we will later use 

| rbtree_SearchUpperBound, we have to encode the 
47900 1 // last cluster in the extent, not the 



I first. 

47901 1 node->Key = (FileClusterOffset.QuadPart + 

| ClustersEncoded.QuadPart - 1) « 
| (IODIRECT_BITS_PER_CLUSTER_RUN + 8); 

47902| node->Key |= ClustersEncoded.QuadPart « 8; 

47903| node->Key |= (DiskClusterOffset.QuadPart » 

|31)&0xff; 

47904| 

47905| ASSERT ( ((DiskClusterOffset.QuadPart » 

|31)&~_int64(0xff)) == 0 ); 
47906| 

47907| node->Pos = DiskClusterOffset.LowPart & 

| 0x7fffffff; 
47908| 

47909| #ifdef DEBUG 

47910| Debug(DEBUG_DEVCON,("mftd::insertExtent: 

| node->Key=%l64x, node->Pos=%x\n",node->Key,node->Pos)); 
4791 1 1 LARGEJNTEGER VerifyC lusters Encoded, 

| VerifyFileCluster, VerifyDiskCluster; 
47912| // Extract the information back out of the 

| node the same way we will later when performing I/O. 
4791 3| // Make sure we can get back exactly what 

| we put in. 

47914| VerifyClustersEncoded.QuadPart = (node->Key 

| » 8) & (IODIRECT_MAX_CLUSTER_RUN - 1); 
47915| VerifyFileCluster. QuadPart = node->Key » 

| (IODIRECT_BITS_PER_CLUSTER_RUN + 8); 
4791 6| VerifyFileCluster. QuadPart -= 

| (VerifyClustersEncoded.QuadPart - 1); 
4791 7| VerifyDiskCluster.QuadPart = ((node->Key & 

| Oxff) « 31) | int64(node->Pos); 

47918| ASSERT ( VerifyClustersEncoded.QuadPart == 

| ClustersEncoded.QuadPart ); 
47919| ASSERT ( VerifyFileCluster. Quad Part == 

| FileClusterOffset.QuadPart ); 
47920| ASSERT ( VerifyDiskCluster.QuadPart == 

| DiskClusterOffset.QuadPart ); 
47921| #endif /* DEBUG*/ 

47922| int result = rbtreejnsert ( &tree, node ); 

47923 1 ASS E RT(resu lt==0) ; 

47924| if ( result != 0 ) { 

47925| Debug(DEBUG_DEVCON,("M! 

| MapFileToDisk::insertExtent: Failure to insert rbtree 

| node\n M )); 

47926| Debug(DEBUG_DEVCON,("M! Key=%016l64x, 

| Pos=%08x\n", node->Key, node->Pos)); 
47927| FreeNode(node); 
47928| node = 0; 

47929| Status = STATUS_UNSUCCESSFUL; 

47930| break; 



47931| } 
47932| 

47933| ClustersLeft.QuadPart -= 

| ClustersEncoded. Quad Part; 
47934| FileClusterOffset.QuadPart += 

| ClustersEncoded. QuadPart; 
47935| DiskClusterOffset. QuadPart += 

| ClustersEncoded. QuadPart; 
47936| } else { 

47937| Status = STATUS_INSUFFICIENT_RESOURCES; 

47938| Debug(D EBUG_DEVCON, (" ! ! ! 

| MapFileToDisk::insertExtent: Could not allocate rbtree 

| node!\n")); 
47939| break; 
47940| } 
47941 1 } 
47942 1 

47943 1 return Status; 
47944| } 
47945 1 

47946| // 



47948| NTSTATUS MapFileToDisk::getDiskOffsetForFileOffset ( 
47949| LARGEJNTEGER File Off set In Bytes, 
47950| LARGE_INTEGER &DiskOffsetlnBytes, 
47951| LARGE_INTEGER &ExtentLengthlnBytes, 
47952| bool SuppressDebugErrors ) 

47953| { 

47954| NTSTATUS status = STATUS_NOT_FOUND; 

47955| DiskOffsetlnBytes. QuadPart = int64(-1 ); 

47956| ExtentLengthlnBytes.QuadPart = 0; 

47957| 

47958| 

| Profile("MapFileToDisk::getDiskOffsetForFileOffset M ); 
47959| ASSERT ( openFlag ); 
47960| ASSERT ( clusterSizelnBytes > 0 ); 
47961 1 ASSERT ( sectorSize In Bytes > 0 ); 
47962| ASSERT ( (sectorSize In Bytes & 

| (sectorSizelnBytes-1)) == 0 ); // make sure it's a 

| power of 2 

47963| ASSERT ( clusterSizelnBytes % sectorSize In Bytes == 
|0); 

47964| ASSERT ( clusterSizelnBytes >= sectorSize In Bytes ); 
47965| ASSERT ( FileOffsetln Bytes. Quad Part % 

| sectorSize In Bytes == 0 ); 
47966| 

47967| LARGE_INTEGER FileCluster; 
47968| FileCluster.QuadPart = FileOffsetlnBytes. QuadPart / 
| clusterSizelnBytes; 



47969| ULONG OffsetlntoCluster = ULONG 

| (FileOffsetlnBytes.QuadPart % clusterSizelnBytes); 
47970| 

47971 1 tTreeLeaf *node = rbtree_SearchUpperBound ( 
47972 1 &tree, 

47973| FileCluster.QuadPart « 

| (IODIRECT_BITS_PER_CLUSTER_RUN + 8) ); 
47974| 

47975| if ( node ) { 

47976| LARGEJNTEGER FileClusterFound; 
47977| FileClusterFound. QuadPart = node->Key » 

| (IODIRECT_BITS_PER_CLUSTER_RUN + 8); 
47978| ASSERT ( FileClusterFound. QuadPart >= 

| FileCluster.QuadPart); 
47979 1 

47980| LARGEJNTEGER NumClusters; 

47981 1 NumClusters. QuadPart = (node->Key » 8) & 

| (IODIRECT_MAX_CLUSTER_RUN - 1); 
47982| ASSERT ( NumClusters. QuadPart > 0 ); 
47983 1 

47984| LARGEJNTEGER DiskCluster; 

47985| DiskCluster.QuadPart = ((node->Key & Oxff) « 

| 31) | int64(node->Pos); 

47986| 

47987| // The file cluster we stored in the node is 

| actually the last cluster in the extent. 
47988| // Convert it to the first cluster. 
47989| FileClusterFound.QuadPart -= 

| (NumClusters.QuadPart - 1); 
47990 | 

47991 1 // The requested file offset had better be 

| within the extent we found... 
47992 1 // This means the extent we found must be at or 

| before the requested cluster, 
47993| // *and* it must end at or after the requested 

| cluster. 

47994| ULONG ExtentStartOk = FileClusterFound.QuadPart 

| <= FileCluster.QuadPart; 
47995| ULONG ExtentEndOk = FileClusterFound.QuadPart 

| + NumClusters.QuadPart > FileCluster.QuadPart; 
47996| if ( ExtentStartOk && ExtentEndOk ) { 
47997| status = STATUS_SUCCESS; // We ROCK!!! 

47998| 

47999| int64 Offsetlnto Extent = 

48000| (FileCluster.QuadPart - 

| FileClusterFound. QuadPart)*clusterSizelnBytes + 
48001| OffsetlntoCluster; 
48002| 

48003| ExtentLengthlnBytes. QuadPart = 

| NumClusters.QuadPart * clusterSizelnBytes; 



48004| ExtentLengthlnBytes.QuadPart -= 

| Offset Into Extent; 
48005| 

48006| DiskOffsetlnBytes.QuadPart = 

| DiskCluster.QuadPart * clusterSizelnBytes; 
48007| DiskOffsetlnBytes.QuadPart += 

| Offset Into Extent; 
48008| 

48009| if ( DiskOffsetlnBytes.QuadPart < 0 ) { 

48010| Debug(DEBUG_DEVCON,("!!! 

| mftd::getDiskOffsetForFileOffset: Negative 

| DiskOffsetlnBytes %016l64x (dec 

| %l64d)\n M ,DiskOffsetlnBytes.QuadPart,DiskOffsetlnBytes.Q 
| uadPart)); 

4801 1 1 Debug(DEBUG_DEVCON,("!!! 
| node->Key=%016l64x, node->Pos=%08x, 
| FileOffsetlnBytes=%016l64x, ClusterSize=%08x\n M , 

48012| node->Key, 

48013| node->Pos, 

48014| FileOffsetlnBytes.QuadPart, 

48015| clusterSizelnBytes)); 

4801 6| status = PSM_ERROR_UNSUCCESSFUL; 

48017| } 

48018| 

48019| ASSERT ( ExtentLengthlnBytes.QuadPart > 0 

I); 

48020| ASSERT ( DiskOffsetlnBytes.QuadPart >= 0 ); 

48021 1 ASSERT ( ExtentLengthlnBytes.QuadPart % 

| sectorSize In Bytes == 0 ); 
48022| ASSERT ( DiskOffsetlnBytes.QuadPart % 

| sectorSize In Bytes == 0 ); 
48023 1 } else { 
48024| if ( HnverseMapFlag ) { 

48025| // Only a problem if we are in forward 

| map mode: i.e. trying to read/write to file 
48026| Debug(DEBUG_DEVCON,("M! 

| MapFileToDisk::getDiskOffsetForFileOffset: file cluster 

| %016l64x is outside extent (start=%016l64x, 

| count=%016l64x)\n", 
48027| FileCluster.QuadPart, 
48028| FileClusterFound.QuadPart, 
48029| NumClusters.QuadPart)); 
48030| Debug(DEBUG_DEVCON,("!!! 

| ExtentStartOk=%S, ExtentEndOk=%S\n", 
48031 1 (ExtentStartOk?"TRUE":"FALSE"), 
48032| (ExtentEndOk?"TRUE":"FALSE M ))); 
48033| ASSERT (FALSE); 

48034| } 
48035| } 
48036| } else { 



48037| if ( linverseMapFlag && !SuppressDebugErrors ) 
|{ 

48038| // Only a problem if we are in forward map 

| mode: i.e. trying to read/write to file. 
48039| Debug(D EBUG_DEVCON, (" ! ! ! 

| MapFileToDisk::getDiskOffsetForFileOffset: Could not 

| find file offset %016l64x in 

| rbtree\n M ,FileOffsetlnBytes.QuadPart)); 



48040 
48041 
48042 
48043 
48044 
48045 
48046 



} 

} 

return status; 



//- 



NTSTATUS DirectAccessFile::Setlnternal ( 
PDEVICE_OBJECT Volume, 
PFILE_OBJECT FileObject, 
RETRIEVAL_POINTERS_BUFFER *rp, 
ULONG ClusterSizelnBytes, 
ULONG SectorSizelnBytes ) 



{ 



NTSTATUS Status = STATUS_SUCCESS; 
Profile("DirectAccessFile::Setlnternal M ); 



48047| 
48048| 
48049 1 
48050 1 
48051 1 
48052 1 
48053 1 
48054| 
48055| 
48056| 
48057| 
48058| 

| Debug(DEBUG_DICT,("DirectAccessFile::Setlnternal\n")); 
48059| ASSERT ( !isOpen ); 
48060 
48061 
48062 
48063 
48064 
48065 
48066 
48067 
48068 
48069 
48070 
48071 
48072 
48073 
48074 
48075 
48076 
48077 
48078 
48079 



Status = fileMap.Setlnternal ( 
Volume, 
FileObject, 
rp, 

ClusterSizelnBytes, 
SectorSizelnBytes, 
false ); 

if ( Status == STATUS_SUCCESS ) { 
Status = diskMap.Setlnternal ( 
NULL, 
NULL, 
rp, 

ClusterSizel nBytes, 
Secto rS i ze I n Bytes , 
true ); 

if ( Status == STATUS_SUCCESS ) { 
isOpen = true; 



48080| } 
48081 1 } 
48082 1 

48083 1 return Status; 

48084| } 

48085| 

48086| // 



48088| void DirectAccessFile::close() 
48089 1 { 

48090| Profile("DirectAccessFile::close M ); 

48091| Debug(DEBUG_DICT,("DirectAccessFile::close\n M )); 

48092| if(isOpen) { 

48093| fileMap.close(); 

48094| diskMap.closeQ; 

48095| isOpen = false; 

48096| } 

48097| } 

48098| 

48099| // 



48100| 

48101| NTSTATUS D irect Access File::perform_io ( 

48102| PVOID Buffer, 

481 03 1 LARGEJNTEGER File Offset In Bytes, 

48104| ULONG BytesTo Process, 

48 1 05 1 D i rect Access F i le : : I OTY P E loType, 

481 06| const char *loTypeString ) 

48107| { 

48108| Profile( M DirectAccessFile::perform_io M ); 
481 09 1 ASSERT ( loType==IOTYPE_READ || 

| loType==IOTYPE_WRITE ); 
481 1 0| ASSERT ( loTypeString != NULL ); 

481 1 1 1 if ( loType!=IOTYPE_READ && loType!=IOTYPE_WRITE ) 
|{ 

48112| Debug(DEBUG_DEVCON,("!!! 

| DirectAccessFile::perform_io: Invalid 

| loType=%08x\n",loType)); 
481 13| return STATUS_INVALID_PARAMETER; 
48114| } 
48115| 

481 1 6| NTSTATUS Status = STATUS_SUCCESS; 

48117| if ( isOpen ) { 

481 1 8| const ULONG SectorSize = 

| fileMap.getSectorSizelnBytes(); 
48119| ASSERT ( SectorSize > 0 ); 
48120| if ( BytesToProcess % SectorSize != 0 ) { 
48121 1 Status = STATUS_INVALID_PARAMETER; 

48122| Debug(DEBUG_DEVCON,("DirectAccessFile::%s: 



I Invalid 

| BytesToProcess=%08x\n",loTypeString,BytesToProcess)); 
48123| } else if ( FileOffsetlnBytes.QuadPart % 

| SectorSize != 0 ) { 
48124| Status = ST ATU S_l N VA L I D_P A R A METER; 

48125| Debug(DEBUG_DEVCON,("DirectAccessFile::%s: 

| Invalid 

| FileOffset=%01 6l64x\n M ,loTypeString,FileOffsetlnBytes.Qu 
| adPart)); 
48126| }else{ 

48127| LARGEJNTEGER DiskOffsetlnBytes = {0}; 

48128| LARGEJNTEGER ExtentLengthlnBytes = {0}; 

48129| ULONG Bytes LeftTo Process = BytesToProcess; 

481 30| char *BufferPointer = (char *) Buffer; 

48131| 

48132| while ( Bytes LeftTo Process > 0 ) { 

48133| Status = 

| fileMap.getDiskOffsetForFileOffset ( 
481 34| FileOffsetlnBytes, 
481 35| DiskOffsetlnBytes, 
48136| ExtentLengthlnBytes, 
48137| false); 
48138| 

48139| if ( Status == STATU S_SUCC ESS ) { 

48140| ULONG BytesToProcess = 

| Bytes LeftTo Process; 
481 41 1 if ( BytesToProcess > 

| ExtentLengthlnBytes.QuadPart ) { 
48142| BytesToProcess = 

| ULONG(ExtentLengthlnBytes.QuadPart); 
48143| } 
48144| 

48145| switch ( loType ) { 

481 46| case IOTYPE_READ: { 

48147| Status = Sblo_ReadDevice( 

48148| 

| ((PFILTERED_EXTENSION)(GetDeviceExtension(fileMap.GetDev 

| iceObject())))->TargetDeviceObject, 
48 1 49 1 & D iskOff set I n Bytes, 

481 50| BytesToProcess, 
48151| BufferPo inter ); 

48152| } break; 

48153| 

48154| case IOTYPE_WRITE: { 

481 55| Status = Sblo_WriteDevice( 

48156| 

| ((PFILTERED_EXTENSION)(GetDeviceExtension(fileMap.GetDev 

| iceObject())))->TargetDeviceObject, 
48 1 57 1 & D iskOff set I n Bytes, 

481 58 1 BytesToProcess, 



48159| (const char 

| *)BufferPointer); 
48160| } break; 

48161| 

481 62 1 default: { // should not be 

| possible to get here because we already check for this 

48163| ASSERT(FALSE); 

48164| Status = 

| STATUS_I N VALI D PARAM ETER; 

48165| } 

48166| } 

48167| 

481 68| if(!NT_SUCCESS(Status)) { 

48169| 

| Debug(DEBUG_DEVCON,("DirectAccessFile::%s: Error %08x 

| in disk l/0\n",loTypeString,Status)); 
48170| break; 
48171| } 
48172| 

481 73| BufferPointer += BytesTo Process; 

481 74 1 FileOffsetlnBytes.QuadPart += 

| BytesToProcess; 
481 75 1 BytesLeftToProcess -= 

| BytesToProcess; 
48176| }else{ 
48177| 

| Debug(DEBUG_DEVCON,("DirectAccessFile::%s: fileMap 

| returned %08x\n",loTypeString, Status)); 
48178| break; 
48179| } 
48180| }// while 

48181| } 
48182| }else{ 

481 83 1 Status = STATUSJJNSUCCESSFUL; 

48184| Debug ( D E B U G_D E VC O N , ( " D i rect Access File: :%s : I'm 

| not open!\n",loTypeString)); 
48185| } 
48186| 

48187| if ( !NT_SUCCESS(Status) ) { 

48188| Debug ( D E B U G_D E VC O N , ( " D i rect Access File: :%s : 

| returning %08x\n",loTypeString, Status)); 
48189| } 
48190| 

48191| return Status; 

48192| } 

48193| 

48194| // 



48195| 

48196| NTSTATUS DirectAccess File:: read ( 



48197| 
48198| 
48199| 



PVOID Buffer, 
LARGEJNTEGER File Offset In Bytes, 
ULONG BytesToRead ) 



48200| { 

48201 1 Profile( M DirectAccessFile::read M ); 

48202| return perform_io ( Buffer, FileOffsetlnBytes, 

| BytesToRead, IOTYPE READ, "read" ); 
48203 1 } 
48204| 

48205| // 



48207| NTSTATUS Direct Access File:: write ( 
48208| PCVOID Buffer, 
48209| LARGEJNTEGER FileOffsetlnBytes, 
48210| ULONG BytesToWrite ) 

48211| { 

482 1 2 1 Profilef'Di rect Access Fi le : :write") ; 
48213| return perform Jo ( (PVOID) Buffer, 

| FileOffsetlnBytes, BytesToWrite, IOTYPE_WRITE, "write" 

I); 

48214| } 
48215| 

48216| // 



48217| 

48218| NTSTATUS D i rect Access File::getFileOff set ( 
48219| LARGEJNTEGER DiskOffsetlnBytes, 
48220| LARGEJNTEGER &FileOffsetlnBytes, 
48221 1 LARGEJNTEGER &ExtentLengthlnBytes ) 
48222 1 { 

48223| // Wei rdness alert: we are using the diskMap 

| object in 'reverse mapping mode'. 
48224| // That means that we are passing in a disk offset, 

| though diskMap thinks it 
48225| // is a file offset, and vice versa. 
48226| 

48227| Profile("DirectAccessFile::getFileOffset"); 
48228| 

48229| NTSTATUS status = 

| diskMap.getDiskOffsetForFileOffset ( 
48230| DiskOffsetlnBytes, 
48231| FileOffsetlnBytes, 
48232| ExtentLengthlnBytes, 
48233| false ); 
48234| 

48235| if ( NT_SUCCESS(status) ) { 

48236| Debug(DEBUG_DEVCON,("diskMap.getFileOffset 
| returned success - in diskofs=%016l64x, out 
| fileofs=%016l64x, 



I extent=%01 6l64x\n",DiskOffsetlnBytes.QuadPart,FileOffset 
| lnBytes.QuadPart,ExtentLengthlnBytes.QuadPart)); 
48237| } else if ( status != STATUS_NOT_FOUND ) { 
48238| Debug(DEBUG_DEVCON,("!!! diskMap.getFileOffset 
| returned %08x - in 

| diskofs=%016l64x\n",status,DiskOffsetlnBytes.QuadPart)); 
48239 1 ASS E RT( F ALS E) ; 
48240 1 } 
48241 1 

48242 1 return status; 

48243 1 } 

48244| 

48245| // 

| 

48246| 

48247| NTSTATUS DirectAccessFile::getFileSizelnBytes ( 

| LARGEJNTEGER &SizelnBytes ) 
48248| { 

48249| NTSTATUS status = STATUSJJNSUCCESSFUL; 
48250| SizelnBytes.QuadPart = 0; 
48251 | 

48252 1 __try { 

48253| if ( readyForDirectlo() ) { 
48254 1 // traverse extents until there are no 

| more... 

48255| LARGEJNTEGER FileOffset In Bytes = {0}; 

48256| LARGEJNTEGER DiskOffset In Bytes = {0}; 

48257| LARGEJNTEGER ExtentLengthlnBytes = {0}; 

48258| 

48259| for(;;) { 

48260| NTSTATUS LookupStatus = 

| fileMap.getDiskOffsetForFileOffset ( 
48261 1 FileOffsetlnBytes, 
48262| DiskOffsetlnBytes, 
48263| ExtentLengthlnBytes, 
48264| true ); 

48265| 

48266| if ( LookupStatus == STATUS_SUCCESS ) { 

48267| // Try again with the next offset 

| after the current extent. 
48268| FileOffsetlnBytes.QuadPart += 

| ExtentLengthlnBytes. QuadPart; 
48269 1 

48270| // If extent length is reported as 

| zero, something is whacked!!! 
48271 1 // We really don't want to go into 

| an infinite loop, so look for this. 
48272| // Might as well check for 

| negatives too. 
48273| if ( ExtentLengthlnBytes.QuadPart 



I <= 0 ) { 
48274| 

| Debug(DEBUG_DEVCON,( M DirectAccessFile::getFileSizelnByte 
| s: Invalid non-positive extent length %016l64x\n", 
| ExtentLengthlnBytes.QuadPart)); 

48275| break; 

48276| } 

48277| } else if ( LookupStatus == 

| STATUS_NOT_FOUND ) { 
48278| // We are exactly at EOF. . . 

48279| SizelnBytes.QuadPart = 

| FileOffsetlnBytes.QuadPart; 
48280| status = STATUS_SUCCESS; 

48281 1 break; 
48282 1 } else { 

48283| // Something weird happened... 

48284| status = LookupStatus; 

48285| 

| Debug(DEBUG_DEVCON,("DirectAccessFile::getFileSizelnByte 
| s: Weird LookupStatus=%08x\n",LookupStatus)); 

48286| break; 

48287| } 

48288| } 

48289 1 } else { 

48290 | 

| Debug(DEBUG_DEVCON,("DirectAccessFile::getFileSizelnByte 

| s: this=%08x is not open!\n",this)); 
48291| } 
48292| 

48293| ASSERT(NT_SUCCESS(status)); 

48294| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
48295| status = GetExceptionCode(); 
48296| SizelnBytes.QuadPart = 0; 

48297| Debug(DEBUG_DEVCON,("!!! Exception %08x in 

| DirectAccessFile::getFileSizelnBytes\n",status)); 
48298| } 
48299| 
48300| 

| Debug(DEBUG_DEVCON,("DirectAccessFile::getFileSizelnByte 
| s: status=%08x, 

| Size=%01 6l64x\n",status,SizelnBytes.QuadPart)); 
48301| return status; 
48302| } 
48303| 

48304| // 



48306| static const int BITS_IN_KEY = 64; 
48307| static const int BITS_IN_POS = 31 ; 



48308| static const int BITS_PER_CLUSTER = 39; 
48309| static const int BITS_PER_ID = (BITS_IN_KEY 

| + BITS_IN_POS) - 2*BITS_PER_CLUSTER; 
48310| static const CLUSTERJNDEX MAXJDENTIFIER = 

| (CLUSTER_INDEX(1) « BITS_PER_ID) - 1; 
4831 1 1 static const CLUSTERJNDEX MAX_VIRGIN_CLUSTERS = 

| CLUSTERJNDEX(I) « BITS_PER_CLUSTER; 
48312| 

48313| // 



48314| 

48315| bool tVirginMap::isEmpty() const 
48316| { 

4831 7\ return tree. Head Leaf == tree.TailLeaf ; 

48318| } 

48319| 

48320| // 

| 

48321| 

48322| NTSTATUS tVirginMap::validateExtent ( 
48323| CLUSTERJNDEX firstCluster, 
48324| CLUSTERJNDEX numClusters ) const 
48325| { 

48326| NTSTATUS status = STATUS_SUCCESS; 
48327| Profile("tVirginMap::validateExtent M ); 
48328| 

48329| if ( numClusters<1 || 

| numClusters>MAX_VIRGIN_CLUSTERS ) { 
48330| status = STATUSJJNSUCCESSFUL; 
48331 1 ASSERT(numClusters>=1 ); 

48332| ASSERT(numClusters<=MAX_VIRGIN_CLUSTERS); 
48333| } else if ( firstCluster<0 || 

| firstCluster>=MAX_VIRGIN_CLUSTERS ) { 
48334| status = STATUSJJNSUCCESSFUL; 
48335| ASSERT(firstCluster>=0); 

48336| ASSERT(firstCluster<MAX_VIRGIN_CLUSTERS); 

48337| } else if ( totalClustersOnVolume != 0 ) { 

48338| // This means that the tVirginMap object knows 

| how big the volume's filesystem 
48339| // is, because it has been told by an outside 

| caller. This also means the 
48340 1 // client code wants this object to enforce 

| clusters to be within the valid range. 
48341 1 if ( firstCluster >= totalClustersOnVolume ) { 
48342| status = STATUSJNVALIDPARAMETER; 

48343| ASSERT(firstCluster < 

| totalClustersOnVolume); 
48344| } else if ( firstCluster+numClusters-1 >= 

| totalClustersOnVolume ) { 
48345| status = STATUSJNVALID_PARAMETER; 



48346| ASSERT(firstCluster+numClusters-1 < 

| totalClustersOnVolume); 
48347| } 
48348| } 
48349 1 

48350 1 return status; 

48351 1 } 

48352| 

48353 1 // 



48354| 

48355| NTSTATUS tVirginMap::insertExtent ( 
48356| CLUSTERJNDEX firstCluster, 
48357| CLUSTERJNDEX numClusters ) 
48358| { 

48359| NTSTATUS status = STATUS_SUCCESS; 
48360| Profile("tVirginMap::insertExtent"); 
48361 1 tTreeLeaf *node = AllocNode(); 
48362 1 if ( node ) { 

48363| bool NodeWas Inserted = false; 
48364| status = validateExtent (firstCluster, 

| numClusters); 
48365| if ( NT_SUCCESS(status) ) { 
48366| ULONG identifier = 0; 

48367| status = findNextldentifierForExtentLength 

| (numClusters, firstCluster, identifier); 
48368| if ( NT_SUCCESS(status) ) { 

48369| ULONG pos = 0; 

48370| status = encodeNumberslntoNode 

| (node->Key, pos, firstCluster, numClusters, 

| identifier); 

48371 1 if ( NT_SUCCESS(status) ) { 

48372 1 node->Pos = pos; 

48373| int insertResult = 

| rbtree_lnsert(&tree,node); 
48374| if ( insertResult == 0 ) { 

48375| NodeWas Inserted = true; 

48376| } else { 

48377| // This can happen when we run 

| out of identifiers for a given number of clusters. 
48378| // It's unfortunate, but not 

| that big a deal because if we have 1 28K nodes with the 
48379| // same extent length, chances 

| are that extent length is not very big anyway, so we 
48380| // are missing out on a small 

| amount of virgin space. 
48381 1 status = PSM_TREE_INSERT_ERROR; 

48382 1 

| Debug(DEBUG_DEVCON,("tVirginMap::insertExtent: 
| Insertion failure %08x for firstCluster=%016l64x, 



I numClusters=%01 6l64x\n",insertResult,firstCluster,numClu 

I sters)); 
48383 1 } 
48384| } 
48385| } 
48386| } 
48387| 

48388| if ( SNodeWaslnserted ) { 
48389| FreeNode(node); 
48390 1 } 
48391 1 } else { 

48392| status = STATUS_INSUFFICIENT_RESOURCES; 
48393 1 ASS E RT( FALSE) ; 
48394| } 

48395| return status; 

48396| } 

48397| 

48398| // 



48399 | 

48400| NTSTATUS tVirglnMap:: remove Any Extent ( 
48401| CLUSTERJNDEX &firstCluster, 
48402| CLUSTERJNDEX &numClusters ) 
48403| { 

48404| NTSTATUS status = STATUS_SUCCESS; 

48405| Profile("tVirginMap::removeAnyExtent"); 

48406| firstCluster = numClusters = 0; 

48407| tTreeLeaf *node = tree.HeadLeaf; 

48408| if ( node != tree.TailLeaf ) { 

48409| status = removeExtentByKey (node->Key, 

| firstCluster, numClusters); 
48410| }else{ 

4841 1 1 status = STATUSJJNSUCCESSFUL; // cannot 

| remove because tree is empty! 
48412| } 
48413| 

48414| return status; 

48415| } 

48416| 

48417| // 

| 

48418| 

48419| NTSTATUS tVirginMap::query Longest Extent ( CLUSTERJNDEX 

| &numClusters ) const 
48420| { 

48421 1 NTSTATUS status = STATUS_NOT_FOUND; 
48422| numClusters = 0; 
48423 1 

48424| Profile("tVirginMap::queryLongestExtent"); 
48425| tTreeLeaf *node = tree.HeadLeaf; 



48426| if ( node != tree.TailLeaf ) { 

48427| while ( node->Right != tree.TailLeaf ) { 

48428| node = node->Right; 

48429| } 

48430| 

48431 1 CLUSTERJNDEX firstCluster=0; 
48432| ULONG identifier=0; 

48433| status = decodeNumbersFromNode (node->Key, 

| node->Pos, firstCluster, numClusters, identifier); 
48434| } 
48435| 

48436| return status; 

48437| } 

48438| 

48439 1 // 



48440 1 

48441 1 NTSTATUS tVirginMap::removel_ongestExtent ( 
48442| CLUSTERJNDEX &firstCluster, 
48443| CLUSTERJNDEX &numClusters ) 
48444| { 

48445| NTSTATUS status = STATUS_SUCCESS; 
48446| Profile("tVirginMap::removeLongestExtent"); 
48447| 

48448| firstCluster = numClusters = 0; 

48449 1 tTreeLeaf *node = tree.HeadLeaf; 

48450| if ( node != tree.TailLeaf ) { 

48451 1 while ( node->Right != tree.TailLeaf ) { 

48452| node = node->Right; 

48453 1 } 

48454| 

48455| status = removeExtentByKey (node->Key, 

| firstCluster, numClusters); 
48456| } else { 

48457| status = STATUSJJNSUCCESSFUL; // cannot 

| remove because tree is empty! 
48458| } 
48459 1 

48460 1 return status; 

48461 1 } 

48462| 

48463 1 // 



48465| NTSTATUS tVirginMap::removeExtentByKey ( 
48466| keyType keyToRemove, 
48467| CLUSTERJNDEX &firstCluster, 
48468| CLUSTERJNDEX &numClusters ) 
48469 1 { 

48470| NTSTATUS status = STATUS_SUCCESS; 



48471| Profile( M tVirginMap::removeExtentByKey M ); 
48472| 

48473| tTreeLeaf *node = rbtree_Delete (&tree, 

| keyToRemove); 
48474| if ( node ) { 
48475| ULONG identifier = 0; 

48476| status = decodeNumbersFromNode (node->Key, 

| node->Pos, firstCluster, numClusters, identifier); 
48477| FreeNode(node); 
48478| } else { 

48479| // This should never happen if public callers 

| are working right. 
48480| // Because this member function is protected, 

| only member functions within 
48481 1 // tVirginMap will call it, and they are all 

| supposed to determine that 
48482 1 // 'keyToRemove' refers to a node that is 

| definitely within the tree. 
48483| status = STATUSJJNSUCCESSFUL; 
48484 1 ASS E RT( FALSE) ; 
48485| } 

48486 1 return status; 

48487| } 

48488| 

48489 1 // 



48491 1 NTSTATUS tVirginMap: :findNextldentifierForExtentLength 
l( 

48492| CLUSTERJNDEX numClusters, 
48493| CLUSTERJNDEX firstCluster, 
48494| ULONG &identifier ) 

48495| { 
48496| 

| Profile("tVirginMap::findNextldentifierForExtentLength") 

I ; 

48497| identifier = MAXJDENTIFIER; 
48498 1 keyType key = 0; 
48499| ULONG pos = 0; 

48500| NTSTATUS status = encodeNumberslntoNode (key, pos, 

| 0, numClusters, 0); 
48501 1 if ( NT_SUCCESS(status) ) { 
48502| CLUSTERJNDEX numClustersFound = 0; 
48503| CLUSTERJNDEX firstClusterFound = 0; 
48504| ULONG identifierFound = 0; 
48505| tTreeLeaf *node = rbtree_SearchUpperBound 

| (&tree, key); 
48506| if ( node ) { 

48507| status = decodeNumbersFromNode (node->Key, 

| node->Pos, firstClusterFound, numClustersFound, 



I identifierFound); 
48508| if ( NT_SUCCESS(status) && 

| numClustersFound==numClusters ) { 
48509| // If identifierFound==0, it means we 

| have run out of identifiers for this 
4851 0| // number of clusters. Just AND with 

| MAXJDENTIFIER to keep the value within 
4851 1 1 // the allowed range. In the 

| wraparound case, chances are the insersion about 
48512| // to happen will fail because of 

| duplicate key, but there are two cases where 
48513| //this will not happen: either the 8 

| high bits of the start cluster being 
4851 4| // different, or the extent that 

| already has id==MAX_IDENTIFIER having already 
4851 5| // been deleted due to discovered 

| fragmentation. 
4851 6| identifier = (identifierFound - 1 ) & 

| (ULONG)(MAX_IDENTIFIER); 
48517| 

4851 8| // Now check to make sure that this 

| node and all others with the same number of clusters 
| encoded 

4851 9| // have a different value for the start 

| cluster. If we find any node with the same pair 
48520| // (numClusters,firstCluster), it means 

| that the node about to be inserted doesn't make sense. 
48521 1 // The reason for doing this is that it 

| indicates a good chance that the caller is in an 
48522| // infinite loop (as is happening right 

| now as I debug pd::FindVirginSpace). 
48523 1 

48524| while ( node ) { 

48525| if ( firstClusterFound == 

| firstCluster ) { 
48526 1 status = 

| STATUS_DUPLICATE_OBJECTID; 
48527| 

| Debug(DEBUG_DICT,("tVirginMap::findNextldentifierForExte 
| ntLength: !!! Duplicate found: firstCluster=%08x, 
| numClusters=%08x\n",firstCluster,numClusters)); 



48528 1 ASS E RT ( F A LS E) ; 

48529 1 break; 

48530 1 } 
48531| 

48532| node = 

| rbtree_GetNextlnOrder(&tree,node); 

48533| if ( node ) { 

48534| status = decodeNumbersFromNode 



| (node->Key, node->Pos, firstClusterFound, 



I numClustersFound, identifierFound); 



48535| if ( !NT_SUCCESS(status) ) { 

48536| break; 
48537| } 
48538| 

48539| if ( numClustersFound != 

| numClusters ) { 
48540| break; 
48541 1 } 
48542 1 } 
48543 1 } 
48544| } 
48545| } 
48546| } else { 

48547| ASS E RT( FALSE) ; // this should never happen 
48548| } 



48549 1 return status; 
48550 1 } 
48551 | 

48552 1 // 



48554| NTSTATUS tVirginMap::decodeNumbersFromNode ( 

48555 1 key Type key, 

48556| ULONG pos, 

48557| CLUSTERJNDEX &firstCluster, 

48558| CLUSTERJNDEX &numClusters, 

48559| ULONG &identifier ) const 

48560 1 { 

48561 1 Profile("tVirginMap::decodeNumbersFromNode M ); 
48562| numClusters = CLUSTER_INDEX(1 ) + ((key » 

| (BITS_IN_KEY - BITS_PER_CLUSTER)) & 

| (MAX_VIRGIN_CLUSTERS - 1)); 
48563| identifier = ULONG((key » (BITS_IN_KEY - 

| BITS_PER_CLUSTER - BITS_PER_ID)) & ((1 « BITS_PER_ID) 

1-1)); 

48564| firstCluster = (key & ((keyType(1 ) « 

| (BITS_PER_CLUSTER - BITS_IN_POS)) - 1)) « BITS_IN_POS; 
48565| firstCluster |= keyType(pos); 
48566| NTSTATUS status = validateExtent (firstCluster, 

| numClusters); 
48567| return status; 
48568| } 
48569| 

48570 1 // 

| 

48571 1 

48572| NTSTATUS tVirginMap::encodeNumberslntoNode ( 
48573 1 keyType &key, 
48574| ULONG &pos, 



48575| CLUSTERJNDEX firstCluster, 
48576| CLUSTERJNDEX numClusters, 
48577| ULONG identifier ) const 

48578| { 

48579| Profile("tVirginMap::encodeNumberslntoNode"); 
48580| key = 0; 
48581| pos = 0; 

48582| NTSTATUS status = validateExtent(firstCluster, 

| numClusters); 
48583| if ( NT_SUCCESS(status) ) { 

48584| key = keyType(numClusters-1 ) « (BITS_IN_KEY - 

| BITS_PER_CLUSTER); 
48585| key |= keyType(identifier) « (BITS_IN_KEY - 

| BITS_PER_CLUSTER - BITS_PER_ID); 
48586| key |= keyType(firstCluster » BITS_IN_POS) & 

| ((keyType(1)«(BITS_PER_CLUSTER- BITS_IN_POS)) - 1); 
48587| pos = unsigned(firstCluster) & ((1u « 

| BITS_IN_POS) - 1); 
48588| } 
48589 1 

48590| #ifdef DEBUG 

48591 1 if ( NT_SUCCESS(status) ) { 

48592| // Self-debugging code: decode the numbers back 

| and make sure they match 
48593| // the inputs to the encoder. Initialize the 

| verification values to 
48594| // something that is definitely not the same as 

| the inputs, to catch 
48595| // references not being set by the decoder. 
48596| CLUSTERJNDEX verifyFirstCluster = 

| -firstCluster; 
48597| CLUSTERJNDEX verifyNumClusters = 

| -numClusters; 
48598| ULONG verify Identifier = 

| -identifier; 
48599 1 

48600| NTSTATUS verifyStatus = decodeNumbersFromNode 

| (key, pos, verifyFirstCluster, verifyNumClusters, 

| verify Identifier); 
48601 1 if ( verifyStatus!=STATUS_SUCCESS || 

| verifyFirstCluster!=firstCluster || 

| verifyNumClusters!=numClusters || 

| verifyldentifier!=identifier ) { 
48602 1 

| Debug(DEBUG_DICT,("tVirginMap::encodeNumberslntoNode:\n" 

I)); 

48603| Debug(DEBUG_DICT,(" key=%016l64x, 

| pos=%08x\n",key,pos)); 
48604| Debug(DEBUG_DICT,(" 

| verifyStatus=%08x\n",verifyStatus)); 



48605| Debug(DEBUG_DICT,(" 
| firstClusterln=%016l64x, 

| firstClusterOut=%01 6l64x\n M ,firstCluster,verifyFirstClus 
I ter)); 

48606| Debug(DEBUG_DICT,(" numClustersln= 

| %016l64x, numClustersOut= 

| %016l64x\n",numClusters,verifyNumClusters)); 
48607| Debug(DEBUG_DICT,(" identifierln= %16x, 

| identifierOut= %16x\n",identifier,verifyldentifier)); 
48608| 

48609| ASSERT (verifyStatus == STATUS_SUCCESS); 

4861 0| ASSERT (verifyFirstC luster == 

| firstCluster); 

4861 1 1 ASSERT (verifyNumClusters == numClusters); 

48612| ASSERT (verifyldentifier == identifier); 

48613| } 
48614| } 

48615| #endif TDEBUG7 
48616| 

48617| return status; 

48618| } 

48619| 

48620| // 



48621 1 void tVirginMap::debugDump() 
48622 1 { 

48623| #ifdef DEBUG 

48624| Debug(DEBUG_DICT,("tVirginMap::debugDumpO: 

| this=%08x\n",this)); 
48625| ULONG NumNodes = 0; 
48626| if ( tree.HeadLeaf != tree.TailLeaf ) { 
48627| NumNodes = debugDumpRecursive (tree.HeadLeaf, 

|0); 
48628| } 

48629| Debug(DEBUG_DICT,("tVirginMap::debugDump(): number 

| of nodes = %08x\n",NumNodes)); 
48630|#endif /*DEBUG7 
48631| } 
48632| 

48633| // 

| 

48634| 

48635| #ifdef DEBUG 

48636| ULONG tVirginMap::debugDumpRecursive ( tTreeLeaf *node, 

| ULONG depth ) 
48637| { 

48638| ULONG NumNodes = 1 ; 

48639| static CLUSTERJNDEX PrevNumClusters = 0; 
48640 1 

48641 1 if ( depth == 0 ) { 



48642| //We are starting to dump the tree. Time to 
| initialize PrevNumClusters to the smallest possible 
| value. 

48643| PrevNumClusters = 0; 

48644| } 

48645| 

48646| if ( depth < 32 ) { 

48647| if ( node->Left != tree.TailLeaf ) { 

48648| NumNodes += debugDumpRecursive (node->Left, 

| 1+depth); 
48649 1 } 
48650 1 

48651 1 CLUSTERJNDEX firstCluster = 0; 
48652| CLUSTERJNDEX numClusters = 0; 
48653| ULONG identifier = 0; 

48654| NTSTATUS decodeStatus = decodeNumbersFromNode 
| (node->Key, node->Pos, firstCluster, numClusters, 
| identifier); 

48655| if ( NT_SUCCESS(decodeStatus) ) { 
48656| Debug(DEBUG_DICT,(" depth=%02x: 

| firstCluster=%016l64x, numClusters=%016l64x, 
| identifier=%08x\n",depth,firstCluster,numClusters,identi 
I tier)); 

48657| if ( numClusters < PrevNumClusters ) { 

48658| Debug(DEBUG_DICT,(" ???? Why did 

| numClusters decrease ????\n M )); 
48659 1 ASS E RT( FALS E) ; 

48660 1 } 

48661 1 PrevNumClusters = numClusters; 

48662 1 } else { 

48663| Debug(DEBUG_DICT,("M! depth=%02x: INVALID 

| -key=%016l64x, 

| pos=%08x\n", depth, node->Key, node-> Pos)) ; 
48664| } 
48665| 

48666| if ( node->Right != tree.TailLeaf ) { 
48667| NumNodes += debugDumpRecursive 

| (node->Right, 1+depth); 
48668| } 
48669 1 } else { 
48670 1 ASS E RT( FALSE) ; 
48671 1 } 
48672 1 

48673 1 return NumNodes; 
48674| } 

48675| #endif /"DEBUG*/ 
48676| 

48677| // 



48679 
48680 
48681 
48682 
48683 
48684 
48685 
48686 
48687 
48688 
48689 
48690 
48691 
48692 

| 39 
48693 
48694 
48695 

| 2* 
48696 
48697 



/*— end of file iodirect.cpp —7 
File Listing: iodirect.h 

#define PSM_DIRECTIO_FLAG_ALWAYS_DO_DIRECT 1 

extern ULONG PSMDirectlOOptions; 

const ULONG RBTREE_KEY_BITS = 64; 

const ULONG RBTREE_POS_BITS = 31; 

const ULONG IODIRECT BITS PER CLUSTER INDEX = 



const ULONG IODIRECT_BITS_PER_CLUSTER_RUN 

(RBTREE_KEY_BITS + RBTREE_POS_BITS) - 
IODIRECT_BITS_PER_CLUSTER_INDEX; 



const ULONG IODIRECT_MAX_CLUSTER_RUN = 1 
| « IODIRECT_BITS_PER_CLUSTER_RUN; 
48698| 

48699I r 



48700 
48701 
48702 
| its 
48703 
48704 
48705 
48706 



48707 
48708 
48709 

I- 
48710 
48711 
48712 
48713 
48714 
48715 
48716 

I- 
48717 

48718 
48719 
48720 



We are solving two problems here: 

1 . Given a cluster offset into a file, determine 
location on 

disk so we can write directly to the disk. 
This is done with class MapFileToDisk. 

2. Given a cluster location on disk, determine 



| yes/no whether 



it resides within a PSM file. 

This is done with class MapDiskToFiles. 



7 



typedef struct sClusterRun { 

ULARGEJNTEGER FirstCluster; 

ULONG NumClusters; 
} tClusterRun, *pClusterRun; 



//- 



class MapDirectlo: public DeletableObject 
{ 

public: 



48721| MapDirectlo() { rbtree_lnit(&tree); } 
48722| ~MapDirectlo() { reset(); } 
48723| 

48724| void reset(); 
48725| 

48726| protected: 
48727| tTree tree; 
48728| }; 
48729| 

48730| // 



48731| 

48732| struct RETRIEVAL_POINTERS_BUFFER; 

48733| class MapFileToDisk: public MapDirectlo 

48734| { 

48735| public: 

48736| MapFileToDisk(); 

48737| ~MapFileToDisk(); 

48738| 

48739| NTSTATUS Setlnternal ( 
48740| PDEVICE_OBJECT Volume, 
48741 1 PFILE_OBJECT FileObject, 
48742| RETRIEVAL_POINTERS_BUFFER *rp, 
48743| ULONG ClusterSize In Bytes, 

48744| ULONG SectorSize In Bytes, 

48745| bool ReverseMapping ); 

48746| 

48747| ULONG getClusterSizelnBytes() const { return 

| clusterSizelnBytes; } 
48748| ULONG getSectorSizelnBytes() const { return 

| sectors ize In Bytes; } 
48749 1 

48750| PDEVICE_OBJECT GetDeviceObject() const { return 

| deviceObject; } 
48751 | 

48752| NTSTATUS getDiskOffsetForFileOffset ( 
48753| LARGEJNTEGER FileOffsetlnBytes, 
48754| LARGEJNTEGER &DiskOffsetlnBytes, 
48755| LARGEJNTEGER &ExtentLengthlnBytes, 
48756| bool SuppressDebugErrors ); 

48757| 

48758| void close(); 

48759| void setlnverseMapFlag() { inverse Map Flag = true; } 
48760 1 

48761| protected: 

48762| NTSTATUS i nsert Extent ( 

48763| LARGEJNTEGER FileClusterOffset, 

48764| LARGEJNTEGER DiskClusterOffset, 

48765| LARGEJNTEGER NumClusters ); 

48766| 



48767| 


private: 




48768| 


boo I 


open Flag; 


48769| 


boo I 


inverseMapFlag; 


48770| 


ULONG 


clusterSizelnBytes; 


48771 1 


ULONG 


sectors ize In Bytes; 


48772 1 


P F I L E_0 B J ECT f i leObject ; 


48773 1 


PDEVICE_OBJECT deviceObject; 


48774| 


}; 




48775| 






48776| 


// 





48777 1 // class Direct Access File 
48778| // 

48779| // Allows reads and writes directly to a file without 

| using the filesystem. 
48780 1 // 

48781 1 // Must open the file while the filesystem is still 
| mounted. 

48782 1 // Can read, write, and close with or without the 
| filesystem. 

48783| // All I/O must be done in integer multiples of 

| sectors. 
48784| // 

48785| // NOTE: When writing, cannot change the size of the 
| file. 

48786| // Can only modify the data that's already 
| there! 

48787| // 

| 

48788| class Direct Access File: public DeletableObject 
48789 1 { 
48790| public: 

48791 1 DirectAccessFile(): isOpen(false) 
48792 1 { 

48793| diskMap.setlnverseMapFlagQ; 

48794| } 

48795| 

48796| ~DirectAccessFile() { close(); } 
48797| 

48798| // NTSTATUS open ( WCHAR *FileName ); 
48799 1 
48800 1 

48801 1 bool readyForDirectlo() const { return isOpen; } 
48802 1 

48803 1 NTSTATUS Setlnternal ( 
48804| PDEVICE_OBJECT Volume, 
48805| PFILE_OBJECT FileObject, 
48806| RETRIEVAL_POINTERS_BUFFER *rp, 
48807| ULONG ClusterSizelnBytes, 
48808| ULONG Sectors ize In Bytes 



I); 

48809| 

48810| NTSTATUS read ( 

48811| PVOID Buffer, //whereto 

| put the data 

48812| LARGEJNTEGER FileOffset In Bytes, // must be 

| multiple of sector size 
48813| ULONG BytesToRead ); // must be 

| multiple of sector size 
48814| 

4881 5| NTSTATUS write ( 
4881 6| PCVOID Buffer, // data to 

| write 

48817| LARGEJNTEGER FileOffset In Bytes, // must be 

| multiple of sector size 
48818| ULONG BytesTo Write ); // must be 

| multiple of sector size 
48819| 

48820| voidclose(); // It cannot fail! HAH! 
48821 | 

48822| ULONG getClusterSizelnBytes() const { return 

| fileMap.getClusterSizelnBytes(); } 
48823| ULONG getSectorSizelnBytes() const { return 

| fileMap.getSectorSizelnBytes(); } 
48824| 

48825| NTSTATUS getFileOffset ( 
48826| LARGEJNTEGER DiskOffset In Bytes, 
48827| LARGEJNTEGER & FileOffset In Bytes, 
48828| LARGEJNTEGER &ExtentLengthlnBytes ); 
48829 1 

48830| NTSTATUS getFileSizelnBytes ( LARGEJNTEGER 

| &SizelnBytes ); 
48831| 

48832| protected: 

48833| enum IOTYPE {IOTYPE_UNDEFINED=0, IOTYPE_READ=1 , 

| IOTYPE_WRITE=2}; 
48834| 

48835| NTSTATUS perform Jo ( 

48836| PVOID Buffer, 

48837| LARGEJNTEGER FileOffset In Bytes, 

48838| ULONG BytesTo Process, 

48839| IOTYPE loType, 

48840| const char *loTypeString ); 

48841 | 

48842 1 private: 

48843 1 boo I isOpen; 

48844| MapFileToDisk fileMap; 

48845| MapFileToDisk diskMap; 

48846| }; 

48847| 



48848| 
48849| //- 



48851 1 #ifdef DEBUG 

48852| void TestDirectReadQ; 

48853 1 #endif 

48854| 

48855| typedef __int64 CLUSTERJNDEX; 
48856| 

48857| class tVirginMap: public MapDirectlo 

48858| { 

48859| public: 

48860| tVirginMap(): 

48861 1 MapDirectlo(), 

48862 1 totalClustersOnVolume(O) 

48863 1 {} 

48864| 

48865| bool isEmptyQ const; 
48866| 

48867| NTSTATUS insertExtent ( 
48868| CLUSTERJNDEX firstCluster, 
48869| CLUSTERJNDEX numClusters ); 
48870 1 

48871 1 NTSTATUS removeAnyExtent ( 
48872| CLUSTERJNDEX &firstC luster, 
48873| CLUSTERJNDEX &numClusters ); 
48874| 

48875| NTSTATUS remove Longest Extent ( 
48876| CLUSTERJNDEX &firstC luster, 
48877| CLUSTERJNDEX &numClusters ); 
48878| 

48879| void debugDump(); 
48880 1 

48881 1 NTSTATUS queryLongestExtent ( CLUSTERJNDEX 

| &numClusters ) const; 
48882 1 

48883| void enforceClusterLimit ( CLUSTERJNDEX 
| JotalClustersOn Volume ) { totalClustersOnVolume = 
| JotalClustersOnVolume; } 

48884| CLUSTERJNDEX queryTotalClusters() const { return 
| totalClustersOnVolume; } 

48885| 

48886| NTSTATUS validateExtent ( 
48887| CLUSTERJNDEX firstCluster, 
48888| CLUSTERJNDEX numClusters ) const; 
48889 1 

48890 1 protected: 

48891 1 NTSTATUS findNextldentifierForExtentLength ( 

| CLUSTERJNDEX numClusters, CLUSTERJNDEX firstCluster, 



I ULONG &Nextldentifier); 
488921 

NTSTATUS remove Extent By Key ( 
key Type key To Remove, 
CLUSTERJNDEX &firstC luster, 
CLUSTERJNDEX &numClusters ); 



48893 
48894 
48895 
48896 
48897 
48898 
48899 



depth ); 



48900 
48901 
48902 
48903 
48904 
48905 
48906 
48907 
48908 
48909 
48910 
48911 
48912 
48913 
48914 
48915 
48916 
48917 
48918 



48919 
48920 
48921 
48922 
48923 
48924 
48925 
48926 
48927 
48928 
48929 
48930 
48931 
48932 
48933 
48934 
48935 
48936 
48937 
48938 



#ifdef DEBUG 

ULONG debugDumpRecursive ( tTreeLeaf *node, ULONG 



#endif TDEBUG7 
protected: 

NTSTATUS decodeNumbersFromNode ( 
keyType key, 
ULONG pos, 
CLUSTERJNDEX &firstC luster, 
CLUSTERJNDEX &numClusters, 
ULONG &identifier ) const; 

NTSTATUS encodeNumberslntoNode ( 
keyType &key, 
ULONG &pos, 
CLUSTERJNDEX firstCluster, 
CLUSTERJNDEX numClusters, 
ULONG identifier ) const; 

private: 

CLUSTERJNDEX totalClustersOnVolume; //if 



| not zero, indicates total number of clusters on volume 



}; 



#ifdef DEBUG 

void TestVirginMap(void *); 

#endif TDEBUG7 

/*— end of file iodirect.h —7 



File Listing: IRP.cpp 

#include "precomp.h" 

#ifndef IRP_DEBUG 

#define MAX_STACK_LOCATIONS 32 

STATIC LIST ENTRY lrpFreeList[MAX_STACK_LOCATIONS]={0}; 
STATIC KSPIN_LOCK lrpFreeListLock={0}; 
STATIC ULONG lrplnited=0; 
#endif 



48939| 
48940| 
48941 1 
48942| /* 



48943| VOID lrplnit( VOID ) { 
48944| #ifndef IRP_DEBUG 
48945| int i; 
48946| 

48947| for (i=0;i<MAX_STACK_LOCATIONS;i++) 
48948| lnitializeListHead(&lrpFreeList[i]); 
48949 1 

48950| KelnitializeSpinLock(&lrpFreeListLock); 
48951 | 

| pmRegisterObject(&lrpFreeListLock,"lrpFreeListLock",pmSp 

| inLock); 
48952| Irplnited = TRUE; 
48953 1 #endif 
48954 1 return; 
48955| } 
48956| 

48957| /* 



48958| VOID lrpDelnit( VOID ) { 

48959| #ifndef IRP_DEBUG 

48960| int i; 

48961| KIRQL oldlrql; 

48962| 

48963| pmAcquireSpinLock(&lrpFreeListLock, &oldlrql); 
48964| 

48965| for (i=0;i<MAX_STACK_LOCATIONS;i++) { 
48966| 

48967| while (NsListEmpty(&lrpFreel_ist[i])) { 
48968| PLIST ENTRY listEntry; 

48969| PIRP newlrp; 

48970| 

48971 1 // Remove the head of the list. 

48972 1 listEntry = 

| RemoveHeadList(&lrpFreeList[i]); 
48973 1 

48974| if((listEntry) && 

| (HstEntry!=&lrpFreel_ist[i])) { 
48975| // Convert into an IRP pointer. 

48976| 

48977| Hint -save -e41 3 7 

48978| newlrp = CONTAINING_RECORD(listEntry, 

| IRP, Tail.Overlay.ListEntry); 
48979 1 Hint -restore 7 

48980| FREE_POINTER( newlrp ); 

48981 1 } else { 



48982| Debug(DEBUG_INIT,("lrpDelnit: ListEntry 

| is empty\n")); 
48983| } 
48984| } 
48985| } 
48986| 

48987| Irplnited = FALSE; 

48988| pmReleaseSpinLock(&lrpFreeListLock, oldlrql); 
48989| pmDeRegisterObject(&lrpFreeListLock); 
48990| #endif 
48991 1 return; 
48992 1 } 
48993 | 

48994| /* 



48995| PIRP lrpAllocatelrp( ULONG StackSize ) { 
48996| #ifndef IRP_DEBUG 
48997| KIRQL oldlrql; 
48998| PIRP newlrp = NULL; 
48999 | 

49000| ASSERT(StackSize < MAX_STACK_LOCATIONS); 
49001| 

49002| if((lrplnited) && (StackSize<MAX_STACK_LOCATIONS)) 

|{ 
49003| 

49004| pmAcquireSpinLock(&lrpFreeListLock, &oldlrql); 
49005| 

49006| if(lrplnited) { 

49007| if (!lsListEmpty(&lrpFreeList[StackSize])) 

|{ 

49008| PLIST_ENTRY listEntry; 

49009| 

4901 0| // Remove the head of the list. 

49011| listEntry = 

| RemoveHeadList(&lrpFreeList[StackSize]); 
49012| 

49013| if ((listEntry) && 

| (HstEntry!=&lrpFreeList[StackSize])) { 
49014| // Convert into an IRP pointer. 

49015| Hint -save -e41 3 7 

49016| newlrp = 

| CONTAINING_RECORD(listEntry, IRP, 

| Tail. Overlay. ListEntry); 
49017| Hint -restore 7 

49018| }else{ 

49019| Debug(DEBUG_INIT,("lrpAllocatelrp: 

| ListEntry is empty\n")); 
49020| } 
49021| } 
49022| } else { 



49023| Debug(DEBUG_INIT,("lrpAllocatelrp: 

| Irplnited set to false after we acquired spinlock\n")); 
49024| ASSERT(FALSE); 
49025| } 
49026| 

49027| pmReleaseSpinLock(&lrpFreeListLock, oldlrql); 

49028| } 

49029| 

49030| // if none on the list, allocate one 
49031| if (!newlrp){ 
49032| newlrp = (PIRP) 

| MemAllocatePoolWithTag(NonPagedPool, 

| loSizeOflrp(StackSize), IRPTAG); 
49033| 

49034| /* 

49035| At this point, we could allocate from the 

| XXXMustSucceed pool, but 
49036| it is limited., instead, we will just return 

| null, and eventually, 
49037| the backup will be aborted (The higher level 

| code checks for NULL) 
49038| 7 
49039| } 
49040| 

49041 1 // init the irp (if there is one) 
49042| if(newlrp) { 

49043| lolnitializelrp(newlrp, loSizeOflrp(StackSize), 

| (CHAR)StackSize); 
49044| } 
49045| 

49046| return newlrp; 
49047| #else 

49048| return loAllocatelrp((CHAR)StackSize & Oxff, FALSE); 
49049 1 #endif 
49050 1 } 
49051 | 

49052| /* 



49053| VOID lrpFreelrp( PIRP Irp ) { 
49054| KIRQL oldlrql; 

49055| ASSERT(lrp); // 
| not NULL 

49056| ASSERT(lrp->Type == IO_TYPE_IRP); // 

| is an IRP 
49057| 

49058| #ifndef IRP_DEBUG 

49059| ASSERT(lrp->StackCount < MAX_STACK_LOCATIONS); // 

| Not greater than we can handle 
49060| // ASSERT(lrp->CurrentLocation<=lrp->StackCount); 

| // no overflow.. 



49061 1 // init it so we can tell its free when using the 
| debugger 

49062| // but this is really redundant as the alloclrp 

| code does it also 
49063| #ifdef DEBUG 

49064| // verify Irp is not corrupt since we never free 

| them 
49065| #if MEMDBG 
49066| Hint -save -e522 7 
49067| MemCheckPool(lrp); 
49068| Hint -restore */ 
49069 1 #endif 
49070| 

49071 1 lolnitializelrp(lrp, loSizeOflrp(lrp->StackCount), 

| lrp->StackCount); 
49072| #endif 
49073 1 

49074| pmAcquireSpinLock(&lrpFreeListLock, &oldlrql); 
49075| if((lrplnited) && 

| (lrp->StackCount<MAX_STACK_LOCATIONS)) { 
49076| // put it on the free list. 
49077| 

| lnsertTailList(&lrpFreeList[lrp->StackCount],&lrp->Tail. 

| Overlay. List Entry); 
49078| pmReleaseSpinLock(&lrpFreeListLock, oldlrql); 
49079 1 } else { 

49080| pmReleaseSpinLock(&lrpFreeListLock, oldlrql); 

49081 1 MemFreePool(lrp); 

49082 1 } 

49083 1 #else 

49084| loFreelrp(lrp); 

49085| #endif 

49086| return; 

49087| } 

49088| 

49089 1 

49090| 

49091| File Listing: IRP.h 
49092| 

49093| VOID lrplnit( VOID ); 

49094| PIRP lrpAllocatelrp( ULONG StackSize ); 

49095| VOID lrpFreelrp( PIRP Irp ); 

49096| VOID lrpDelnit( VOID ); 

49097| 

49098| 

49099| 

49100| File Listing: LOG.cpp 
49101| 

49102| #include "precomp.h" 
49103| 



49104 
49105 
49106 
49107 
49108 
49109 
49110 
49111 
49112 
49113 
49114 
49115 
49116 
49117 
49118 
49119 
49120 
49121 
49122 
49123 
49124 
49125 



| add in null character 



49126 
49127 
49128 
49129 



49131 
49132 
49133 
49134 
49135 
49136 
49137 
49138 
49139 
49140 
49141 
49142 
49143 
49144 
49145 
49146 
49147 
49148 
49149 
49150 
49151 



NTSTATUS LogError( PDEVICE_OBJECT DeviceObject, 
PIRP Irp, 

ULONG Messageld, 

NTSTATUS Error, 

PVOID DumpData, 

ULONG DumpDataSize, // in bytes!!! 

WCHAR *Strings[], 

ULONG NumStrings ) 



{ 



PIO_ERROR_LOG_PACKET errorLogEntry=NULL; 
PIO_ERROR_LOG_PACKET LogEntry=NULL; 
PWCHAR insertionString=NULL; 
USHORT Strlens=0; 
ULONG i; 

NTSTATUS Status=STATUS_SUCCESS; 
USHORT LogSize=0; 
USHORT SafeDumpSize=0; 
USHORT DumpOffset=0; 

for(i=0;i<NumStrings;i++) { 

Strlens+=NumBytes(Strings[i])+sizeof(WCHAR); // 



} 



// round up to nearest dword length 
SafeDumpSize = ((USHORT)((DumpDataSize+3) / 
| sizeof(ULONG)) * sizeof(ULONG)); 
491301 

/* 

typedef struct _IO_ERROR_LOG_PACKET { 
UCHAR MajorFunctionCode; //0 
UCHAR RetryCount; 1 
USHORT DumpDataSize; 2 
USHORT NumberOfStrings; 4 
USHORT StringOffset; 6 
USHORT EventCategory; 8 
NTSTATUS ErrorCode; c 
ULONG UniqueErrorValue; 10 
NTSTATUS FinalStatus; 14 
ULONG SequenceNumber; 18 
ULONG loControlCode; 1c 
LARGEJNTEGER DeviceOffset; 20 
ULONG DumpData[1]; 28 
2c 

}IO_ERROR_LOG_PACKET, *PIO_ERROR_LOG_PACKET; 

7 



Hint -save -e734 -e545 7 
DumpOffset = 



I (USHORT)FIELD_OFFSET(IO_ERROR_LOG_PACKET,DumpData); 
49152| /*lint -restore 7 
49153| 

491 54 1 LogSize = DumpOffset; // Have it start 

| here(28) instead of after (30) 
491 55 1 LogSize += SafeDumpSize; // number of bytes 

| needed rounded to dword 
491 56| LogSize += Strlens; // length of strings 
49157| 

491 58 1 // can get bigger than a byte (255) 

49159| ASSERT(LogSize<=ERROR_LOG_MAXIMUM_SIZE); 

49160| 

491 61 1 // make sure at least as big as structure (its 

| aligned funny) 
491 62 1 if(LogSize<sizeof(IO_ERROR_LOG_PACKET)) { 
491 63 1 LogSize = sizeof(IO_ERROR_LOG_PACKET); 
49164| } 
49165| 

491 66| errorLogEntry = (PIO_ERROR_LOG_PACKET) 

| MemAllocatePoolWithTag( PagedPool, LogSize, EVENTT AG); 
49167| 

491 68 1 if (errorLogEntry) { 
49169| //manditory 

49170| errorLogEntry->ErrorCode = Messageld; 
49171| 

49172| //optional 

491 73 1 errorLogEntry->StringOffset = NumStrings>0 ? 

| DumpOffset+(USHORT)(SafeDumpSize) : 0; 
49174| errorLogEntry->NumberOfStrings = 

| (USHORT)NumStrings; 
491 75| errorLogEntry->DumpDataSize = 

| (USHORT)SafeDumpSize; 
491 76| errorLogEntry->SequenceNumber = 0; 
491 77| errorLogEntry->RetryCount = 0; 
49178| errorLogEntry->UniqueErrorValue = 0; 
49179| errorLogEntry->FinalStatus = Error; 
49180| errorLogEntry->EventCategory = 0; 
49181| 

49182| if(lrp) { 

491 83 1 PIO_STACK_LOCATION IrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
49184| 

49185| errorLogEntry->MajorFunctionCode = 

| lrpStack->MajorFunction; 
49186| 

49187| if( (lrpStack->MajorFunction == 

I IRP_MJ_DEVICE_CONTROL) || 
49188| (lrpStack->MajorFunction == 

I IRP_MJ_INTERNAL_DEVICE_CONTROL) || 
49189| (lrpStack->MajorFunction == 



I IRP_MJ_SCSI) ) { 
49190| 

49191 1 errorLogEntry->loControlCode = 

| lrpStack->Parameters.DeviceloControl.loControlCode; 

49192| errorLogEntry->DeviceOffset.QuadPart = 

10; 

49193| }else{ 

49194| errorLogEntry->DeviceOffset = 

| lrpStack->Parameters.Read.ByteOffset; 
49195| errorLogEntry->loControlCode = 0; 

49196| } 
49197| }else{ 

49198| errorLogEntry->MajorFunctionCode = 0 ; 

491 99| errorLogEntry->loControlCode = 0; 

49200| errorLogEntry->DeviceOffset.QuadPart = 0; 

49201| } 
49202| 

49203| if(DumpDataSize>0) { 
49204| 

| RtlZeroMemory(errorLogEntry->DumpData,SafeDumpSize); 
49205| 

| RtlMoveMemory(errorLogEntry->DumpData,DumpData,DumpDataS 

I ize); 
49206| } 
49207| 

49208| insertionString = 

| (PWSTR)((PCHAR)(errorLogEntry) + 

| errorLogEntry->StringOffset); 
49209| 

49210| for(i=0;i<NumStrings;i++) { 

4921 1 1 RtlCopyMemory(insertionString, Strings[i], 

| NumBytes(Strings[i])+sizeof(WCHAR)); 
4921 2| insertionString+=NumChars(Strings[i])+1 ; // 

| in WCHARs 
49213| } 
49214| 

4921 5| // we do this so we can check we dont overwrite 
| our buffers. 

4921 6| LogEntry = (PIO_ERROR_LOG_PACKET) 

| loAllocateErrorl_ogEntry( DeviceObject, (UCHAR)LogSize); 
49217| if(LogEntry) { 
49218| 

| RtlMoveMemory(LogEntry,errorLogEntry,LogSize); 
49219| loWriteErrorLogEntry (LogEntry); 

49220| } else { 

49221 1 Debug(DEBUG_INIT,("Error allocating error 

| log entry\n")); 

49222| Status = STATUS_INSUFFICIENT_RESOURCES; 

49223 1 } 

49224| 



49225| FREE_POINTER(errorLogEntry); 
49226| Status=STATUS_SUCCESS; 
49227| } else { 

49228| Debug(DEBUG_INIT,("Error allocating error log 

| entry memory\n M )); 
49229| Status = STATUS_INSUFFICIENT_RESOURCES; 



49230| } 

49231 1 return Status; 

49232 1 } 

49233| 

49234| 

49235| 

49236| File Listing: LOG.h 
49237| 

49238| NTSTATUS LogError( PDEVICE_OBJECT DeviceObject, 



49239| PIRP Irp, 

49240| ULONG Messageld, 

49241 1 NTSTATUS Error, 

49242| PVOID DumpData, 

49243| ULONG DumpDataSize, // in bytes 

49244| WCHAR *Strings[], 

49245| ULONG NumStrings ); 

49246| 

49247| 

49248| 



49249| File Listing: MEM.cpp 
49250 1 

49251 1 #include "precomp.h" 
49252 1 

49253| ZONE_HEADER Zone; 

49254| ULONG Zone I ncrementln Nodes = 64*1024; // if we 

| call AllocNode but there is no memory left in the zone, 

| this is how much we extend by 
49255| ULONG Zonelnitialized = FALSE; // so we 

| know to initialize the zone only once. 
49256| ULONG ZoneUsageCount = 0; // how many 

| entities are referring to the zone (1 for DirectIO, 

| plus 1 for every active volume) 
49257| ULONG Zone Meg abytesTotal = 0; // number 

| of megabytes allocated to zone 
49258| ULONG Zone Megabytes Unused = 0; // how many 

| megabytes in the zone are sitting idle 
49259| ULONG ZonePrivateAccess = 1 ; // used in 

| CMPXCHG for pseudo-spinlock 
49260| ULONG ZoneLoggedOutOfMemory = FALSE; // if 

| AllocNode ever reports out-of-memory, it logs an event, 

| but only once. 
49261 1 

49262| const ULONG MIN_RECURSIVE_BLOCK_BYTES = 1 024 * 
| 1 024; // smallest number of bytes we will 



I allocate in MemoryAllocationFunction 
49263| 

49264| // turn off for testing new zone stuff 
49265| #undef _USE_MEM_CHECK_ 
49266| 
49267| /* 

49268| We protect ourselves by using these functions 

| instead of spinlocks. 
49269| This is done because spinlocks change the irql to 

| DISPATCH_LEVEL you 
49270| can not access paged memory at that level. If the 

| memory holding the 
49271 1 node to add is paged then a bugcheck can occur (it 

| will if driver verifier 
49272| is running on windows 2000). 
49273 1 7 
49274| 
49275| /* 

49276| Get exclusive access to private region 
49277| IRQL remains the same 
49278| Thread switching will still occur 
49279| Multiple processor safe 
49280 1 7 

49281 1 void MyGetPrivateAccess( PLONG PAccess, ULONG *Save ) 
49282 1 { 

49283| ULONG X=0; 
49284| 

49285| while( X==0 ) { 

49286| #if _WIN32_WINNT>=0x0500 

49287| X = (ULONG)lnterlockedCompareExchange( 

| (PLONG)PAccess,0,(LONG)1 ); 
49288| #else 

49289| X = (ULONG)lnterlockedCompareExchange( (PVOID 

| *)PAccess,0,(PVOID)1 ); 
49290 1 #endif 

49291 1 // Give up reset of quantum if we can 
49292| if( (!X) && (KeGetCurrentlrql() < 

| D I S P ATC H_L E V E L) ) { 
49293| pmThreadSwitch(); 
49294| } 
49295| } 
49296| *Save=X; 
49297| } 
49298| 
49299 1 

49300| void MyReleasePrivateAccess( PLONG PAccess, ULONG Save 
I) 

49301| { 

49302| ASSERT(Save!=0); 
49303| 



49304| lnterlockedExchange( PAccess, Save ); 

49305| } 

49306| 

49307| // 

| 

I 

49308| 

49309| struct tNodeBlockHeader { 

49310| tNodeBlockHeader *next; //pointer 

| to next tNodeBlockHeader in list 
49311| tNodeBlockHeader *tail; //pointer 

| to final tNodeBlockHeader in list 
49312| ULONG sizelnBytes; //size of 

| this block in bytes (excluding ZONE SEGMENT HEADER) 
49313| }; 
49314| 

4931 5| typedef tNodeBlockHeader 'pNodeBlockHeader; 
49316| 

49317| // 

I 
| 

49318| 

49319| void FreeMemory Function ( PVOID SNodeBlock ) 
49320| { 

49321 1 while ( NodeBlock ) { 
49322 1 PVOID NextBlock = 

| pNodeBlockHeader(NodeBlock)->next; 
49323| FREE_POINTEFt(NodeBlock); 
49324| NodeBlock = NextBlock; 
49325| } 
49326| } 
49327| 

49328| // 

| 
| 

49329| 

49330| #ifdef DEBUG 
49331 | 

49332| int ListLength ( pNodeBlockHeader Node ) 
49333 1 { 

49334| int count = 0; 
49335| 

49336| ASSERT (Node != NULL); 
49337| if ( Node != NULL ) { 

49338| const pNodeBlockHeader CheckTail = Node->tail; 
49339| ASSERT(CheckTail != NULL); 
49340 1 

49341 1 while ( Node ) { 

49342| ++count; 

49343 1 if ( Node->next == NULL ) { 



49344| ASSERT (CheckTail == Node); 

49345| } 

49346| Node = Node->next; 

49347| } 
49348| } 
49349| 

49350| return count; 
49351 1 } 
49352 1 

49353| #endif /"DEBUG*/ 
49354| 

49355| // 

| 

| 

49356| 

49357| static const ULONG ALLOC_MAX_RECURSION_DEPTH = 30; 
49358| 

49359| NTSTATUS AllocateMemory Function ( 
49360| ULONG NumNodesNeeded, 
49361| PVOID &NodeBlock, 
49362| ULONG Recursion Depth ) 
49363| { 

49364| NTSTATUS Status = STATUS_INSUFFICIENT_RESOURCES; 

| // assume failure until success is proven 
49365| NodeBlock = NULL; 
49366| 

49367| ULONG Num Bytes Needed = 

| NumNodesNeeded*sizeof(tTreeLeaf) + 

| sizeof (ZON E_SEG M ENT_H E AD E R) ; 
49368| Debug(DEBUG_MEMORY,("[ZONE] AllocateMemoryFunction: 

| NodesNeeded=%08x, BytesNeeded=%08x, 

| RecursionDepth=%08x\n", NumNodesNeeded, NumBytesNeeded,Rec 
| ursionDepth)); 
49369| 

49370| if ( NumBytesNeeded < MIN_RECURSIVE_BLOCK_BYTES ) { 
49371| // Recursion Stopper #1 : We never allow an 

| allocation less than 1MB. 
49372| Status = STATUS_INSUFFICIENT_RESOURCES; 
49373| } else if ( RecursionDepth > 

| ALLOC_M AX_R EC U RS I ON_D E PTH ) { 
49374| // Recursion Stopper #2: Never let recursion 

| get too deep. 

49375| Status = STATUS_INSUFFICIENT_RESOURCES; 
49376| ASSERT (RecursionDepth <= 
| A L LOC_M AX R E C U RS I ON D E PTH ) ; 
49377| } else { 

49378| // try to allocate the block requested 

| directly... 
49379| NodeBlock = 

| MemAllocatePoolWithTag(PagedPool,NumBytesNeeded,NODEMEMT 



I AG); 

49380| if ( NodeBlock ) { 

49381 1 // Recursion Stopper #3: We successfully 

| allocated a contiguous chunk of the desired size! 

49382| // Make the block be a linked list having a 

| length of one node. 

49383| pNodeBlockHeader(NodeBlock)->next 
| = NULL; 

49384| pNodeBlockHeader(NodeBlock)->tail 
| = pNodeBlockHeader(NodeBlock); 

49385| pNodeBlockHeader(NodeBlock)->sizelnBytes 

| = NumBytesNeeded - sizeof(ZONE_SEGMENT_HEADER); // 
| store space usable for nodes only (for math reasons) 

49386| Status = STATUS_SUCCESS; 

49387| } else { 

49388| // Here's where we need recursion: We 

| could not allocate a contiguous chunk of the desired 
| size. 

49389| // We we will recursively split this 

| request into a request for N/2 and one for (N - N/2), 
49390| // which always adds up to N. 

49391| // 

49392| // Important: Note that if N is odd, then 

| N/2 will be smaller than (N - N/2). 
49393| // Example: If N=7, then N/2=3, and (N - 

| N/2)=4. 

49394| // Also, 3+4=7, so number of nodes is 

| preserved exactly. 
49395| // (If N is even, the two expressions are 

| equal.) 
49396| // 

49397| // We prefer to allocate the smaller of the 

| two first, because if it is too small, 
49398| // the recursive call will return a failure 

| status, and we won't even try to allocate 
49399| // the bigger size. 

49400| 

49401 1 PVOID LeftBlock = NULL; // first 

| sublist to allocate 
49402| Status = AllocateMemoryFunction ( 

| (NumNodesNeeded/2), LeftBlock, 1+RecursionDepth ); 
49403| if ( NT_SUCCESS(Status) ) { 

49404| PVOID RightBlock = NULL; // second 

| sublist to allocate 
49405| Status = AllocateMemoryFunction ( 

| NumNodesNeeded-(NumNodesNeeded/2), RightBlock, 

| 1+RecursionDepth ); 
49406| if ( NT_SUCCESS(Status) ) { 

49407| // We successfully allocated both 

| the left and right sublists. 



49408| 

49409| #ifdef DEBUG 

4941 0| // Remember how many blocks 

| there are in each sublist. 
4941 1 1 const int LeftLength = 

| ListLength(pNodeBlockHeader(LeftBlock)); 
49412| const int RightLength = 

| ListLength(pNodeBlockHeader(RightBlock)); 
49413| #endif /*DEBUG7 

49414| 

49415| // We need to concatenate LeftBlock 

| list and RightBlock list 
4941 6| // so as to make NodeBlock a single 

| longer list containing all the nodes 
49417| //of both sublists. 

49418| 

| pNodeBlockHeader(LeftBlock)->tail->next 

| pNodeBlockHeader(RightBlock); 
4941 9| pNodeBlockHeader(LeftBlock)->tail 

| = pNodeBlockHeader(RightBlock)->tail; 
49420| NodeBlock = LeftBlock; 

49421 | 

49422| #ifdef DEBUG 

49423| // Make sure the combined list 

| has exactly the right number of nodes... 
49424| const int TotalLength = 

| ListLength(pNodeBlockHeader(NodeBlock)); 
49425| ASSERT ( LeftLength + 

| RightLength == TotalLength ); 
49426| #endif TDEBUG7 

49427| } else { 

49428| // We already allocated the left 

| sublist successfully, 
49429| // but failed in the right sublist. 

49430 1 // We need to guarantee that every 

| single allocated block 
49431 1 // of memory is freed. Any time 

| this function returns 
49432 1 // a failure code, it is guaranteed 

| to not have orphaned 
49433 1 // any memory. Therefore, all we 

| need to do is to free the 
49434| // left sublist. 

49435| 

49436| FreeMemory Function (LeftBlock); 

49437| } 

49438| } 

49439| } 

49440 1 } 

49441 1 



49442| #ifdef DEBUG 

49443| // Postcondition sanity checks... 

49444| if ( NT_SUCCESS(Status) ) { 

49445| // If we are returning success, we are supposed 

| to have allocated and linked a valid list of blocks... 
49446| ASSERT (NodeBlock != NULL); 
49447| if ( NodeBlock != NULL ) { 

49448| ASSERT (pNodeBlockHeader(NodeBlock)->tail 

| != NULL); 

49449| if ( pNodeBlockHeader(NodeBlock)->tail != 

| NULL){ 
49450| ASSERT 

| (pNodeBlockHeader(NodeBlock)->tail->next == NULL); 
49451 1 } 
49452 1 } 
49453 1 } else { 

49454| // If we are returning failure, we should have 

| left NodeBlock==NULL... 
49455| ASSERT (NodeBlock == NULL); 
49456| } 

49457| #endif TDEBUG7 
49458| 

49459| ASSERT (Status==STATUS_SUCCESS || 
| Status==STATUS_INSUFFICIENT_RESOURCES); 

49460| Status = NT_SUCCESS(Status) ? STATUS_SUCCESS : 
| STATUS_INSUFFICIENT_RESOURCES; 

49461| return Status; 

49462| } 

49463| 

49464| // 

| 
| 

49465| 

49466| NTSTATUS ExtendZoneWithNodeBlockList ( 

49467| PZONE_HEADER Zone, 

49468| PVOID NodeBlockList, 

49469| ULONG IncrementSteplnNodes ) 

49470| { 

49471 1 NTSTATUS Status = STATUS_INSUFFICIENT_RESOURCES; 
49472 1 

49473| Debug(DEBUG_MEMORY,("ExtendZoneWithNodeBlockList: 
| Zone=%08x, NodeBlockList=%08x, 

| lncrementNodes=%08x\n",Zone,NodeBlockList,lncrementStepl 
| nNodes)); 
49474| 

49475| ULONGLONG TotalBytes = 0; 
49476| ULONG NumNodeslnList = 0; 
49477| PVOID Node = NodeBlockList; 
49478| while ( Node ) { 
49479| ++NumNodeslnList; 



49480| tNodeBlockHeader BlockHeader = 

| *pNodeBlockHeader(Node); // make safe copy because 
| we will use after inserting into zone, thus destroying 
lit. 

49481 | 

49482 1 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 
| NodeBlockLoop - Node=%08x, Size=%08x, Next=%08x, 
| Tail=%08x\n M , 

49483 1 Node, 

49484| BlockHeader.sizelnBytes, 

49485| BlockHeader. next, 

49486| BlockHeader.tail)); 

49487| 

49488| if (Zonelnitialized ) { 

49489| ASSERT(BlockHeader.sizelnBytes >= 

| MIN_RECURSIVE_BLOCK_BYTES); 
49490 1 Status = 

| ExExtendZone(Zone,Node,BlockHeader.sizelnBytes + 

| sizeof (ZON E_SEG M ENT_H E AD E R)) ; 
49491 1 if ( !NT_SUCCESS(Status) ) { 

49492 1 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 

| Error %08x extending zone\n", Status)); 
49493| ASSERT(NT_SUCCESS(Status)); 
49494| } 
49495| } else { 
49496| Status = 

| ExlnitializeZone(Zone,sizeof(tTreeLeaf),Node,BlockHeader 

| .sizelnBytes); 
49497| if ( NT_SUCCESS(Status) ) { 

49498| Zonelnitialized = TRUE; 

49499| ZoneUsageCount =0; // 

| will be incremented below 
49500| ZonelncrementlnNodes = 

| IncrementSteplnNodes; 
49501| 
49502| 

| Debug(DEBUG_MEMORY,("ExtendZoneWithNodeBlockList: Just 
| initialized Zone\n M )); 
49503| } else { 

49504| /*FreeMemoryFunction (Node);*/ // 

| not sure this is wise - may be better to leak memory! 
49505| 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 

| Error %08x initializing zone\n", Status)); 
49506| ASSERT(NT_SUCCESS(Status)); 
49507| } 
49508| } 
49509| 



4951 0| if ( NT_SUCCESS(Status) ) { 
4951 1 1 const ULONG NodeBytes = 

| BlockHeader.sizelnBytes; 
49512| 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 
| NodeBytes=%08x, Remainder=%08x\n",NodeBytes, 
| (NodeBytes % sizeof(tTreeLeaf)) )); 
4951 3| ASSERT (NodeBytes % sizeof (tTreeLeaf) == 

|0); 

49514| ASSERT ( NodeBytes >= 

| MIN_RECURSIVE_BLOCK_BYTES ); 
49515| TotalBytes += NodeBytes; 

49516| }else{ 
49517| break; 
49518| } 
49519| 

49520| Node = BlockHeader.next; 

49521| } 

49522| 

49523| if ( NT_SUCCESS(Status) ) { 
49524| 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 

| Finished adding list of %08x blocks - 

| TotalBytes=%016l64x\n", NumNodeslnList, TotalBytes)); 
49525| ULONGLONG NumMegabytes_Long = TotalBytes / 

| ULONGLONG(1 024*1 024); 
49526| ULONG Num Megabytes = ULONG(NumMegabytes_Long & 

| Oxffffffff); 
49527| 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 
| Bytes=%016l64x, NumMegabytes=%08x, 

| NumMegabytes_Long=%016l64x\n",TotalBytes,NumMegabytes,Nu 

| mMegabytes_Long)); 
49528| ASSERT (Num Megabytes == NumMegabytes_Long); 
49529| ZoneMegabytesTotal += NumMegabytes; 
49530 1 

| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: Loop 

| finished successfully - %08l64x bytes, %08x MB, 

| TotalMB=%08x, ldleMB=%08x\n", 
49531 1 TotalBytes, 
49532 1 Num Megabytes , 

49533| ZoneMegabytesTotal, 
49534| ZoneMegabytesUnused)); 
49535| } 
49536| 

49537| ASSERT (Status==STATUS_SUCCESS || 
| Status==STATUS_INSUFFICIENT_RESOURCES); 

49538| Status = NT_SUCCESS(Status) ? STATUS_SUCCESS : 
| STATUS_INSUFFICIENT_RESOURCES; 

49539| Debug(DEBUG_MEMORY,( M ExtendZoneWithNodeBlockList: 



I Returning Status=%08x 

I \n", Status)); 

49540| return Status; 
49541 1 } 
49542 1 

49543 1 // 



49545| NTSTATUS IncreaseNodeMemory ( 
49546| ULONG Additional Megabytes Needed, 
49547| ULONG IncrementSteplnNodes ) 
49548| { 

49549| #ifdef _USE_MEM_CHECK 

49550| #error Cannot compile IncreaseNodeMemoryO with 

| _USE_MEM_CHECK defined 
49551 1 #endif /*_USE_MEM_CHECK7 
49552 1 

49553| NTSTATUS Status = STATUS_INSUFFICIENT_RESOURCES; 
49554| Debug(DEBUG_MEMORY,("[Zone] IncreaseNodeMemory: 

| AdditionalNeeded=%08x MB, lncrementSteplnNodes=%08x 

| nodes, Zonelnitialized=%s\n M , 
49555| AdditionalMegabytesNeeded, 
49556| IncrementSteplnNodes, 
49557| (Zonelnitialized?"TRUE":"FALSE") )); 
49558| 

49559| Debug(DEBUG_M EMORY, ("[Zone] IncreaseNodeMemory: 
| ZoneMegabytesTotal=%08x, 

| ZoneMegabytesUnused=%08x\n",ZoneMegabytesTotal,ZoneMegab 
| ytesUnused)); 
49560 1 

49561 1 __try { 

49562 1 if ( AdditionalMegabytesNeeded > 

| ZoneMegabytesUnused ) { 
49563| // We need to allocate the difference in 

| megabytes and extend the zone with the new memory. 
49564| ULONG NumMegsToAllocate = 

| AdditionalMegabytesNeeded - ZoneMegabytesUnused; 
49565| Debug(DEBUG_MEMORY,("[Zone] 

| IncreaseNodeMemory: Need to allocate %08x 

| MB\n",NumMegsToAllocate)); 
49566| 

49567| const ULONGLONG BytesNeeded_Long = 

| ULONGLONG(NumMegsToAllocate) * ULONGLONG(1 024*1 024); 

49568| const ULONG BytesNeeded = 

| ULONG(BytesNeeded_Long & Oxffffffff); 

49569| ASSERT (BytesNeeded == Bytes Needed_Long); 

49570| const ULONG NodesNeeded = (BytesNeeded + 

| sizeof(tTreeLeaf) - 1) / sizeof(tTreeLeaf); 

49571 1 Debug(DEBUG_MEMORY,("[Zone] 



I IncreaseNodeMemory: \n")); 
49572| 

49573| PVOID BlockList = NULL; 

49574| Status = AllocateMemoryFunction 

| (NodesNeeded, BlockList, 0); 
49575| if ( NT_SUCCESS(Status) ) { 

49576| Status = ExtendZoneWithNodeBlockList 

| (&Zone, BlockList, IncrementSteplnNodes); 
49577| if ( NT_SUCCESS(Status) ) { 

49578| ZoneMegabytesUnused = 0; // there 

| is nothing idle now! 
49579| } 
49580| } 
49581 1 } else { 

49582| // We don't need to allocate more memory. 

49583| // We just need to deduct from our current 

| number of idle megabytes in the zone. 
49584| 

49585| ZoneMegabytesUnused -= 

| AdditionalMegabytesNeeded; 
49586| Debug (DEBUG_M EMORY, ("[Zone] 

| IncreaseNodeMemory: Subtracted from idle megabyte 

| tally : 

| ZoneMegabytesUnused=%08x\n",ZoneMegabytesUnused)); 
49587| Status = STATUS_SUCCESS; 

49588| } 
49589 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
49590| NTSTATUS ExceptionCode = GetExceptionCode(); 
49591 1 Debug(DEBUG_DICT,("[Zone] Exception %08x in 

| IncreaseNodeMemoryVn", ExceptionCode)); 
49592| Status = STATUS_INSUFFICIENT_RESOURCES; 
49593 1 } 
49594| 

49595| if ( NT_SUCCESS(Status) ) { 
49596| ++ZoneUsageCount; 

49597| Debug(DEBUG_MEMORY,("[Zone] IncreaseNodeMemory: 

| ZoneUsage=%08x, returning SUCCESS\n",ZoneUsageCount)); 
49598| } else { 

49599| Debug(DEBUG_MEMORY,("[Zone] IncreaseNodeMemory: 

| Status=%08x !!!!!! OUT OF MEMORY 

| !!!!!!\n",Status)); 
49600| Hint -save -e740 7 
49601| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_OUT_OF_MEMORY,Status,NULL,0,NULL,0); 
49602| Hint -restore 7 
49603 1 ASS E RT( F ALS E) ; 
49604| } 
49605| 



49606| ASSERT (Status==STATUS_SUCCESS || 

| Status==STATUS_INSUFFICIENT_RESOURCES); 
49607| return Status; 
49608| } 
49609| 

49610| // 



49611| void ReclaimNodeMemory ( ULONG NumMegabytesToReclaim ) 
49612| { 

49613| // We never actually remove memory blocks from the 
| zone. 

4961 4 1 // We just keep track of how many megabytes are 
| theoretically 

49615| // needed for each volume (plus initial allocation 

| for Direct IO). 
4961 6| // We also keep track of the total number of 

| megabytes in the zone. 
49617| 

49618| Debug (DEBUG_MEMORY,("[Zone] ReclaimNodeMemory: 
| Count=%08x, MB To Reclaim=%08x, MB Total=%08x, MB 
| ldle=%08x\n M , 

4961 9| ZoneUsageCount, 

49620 1 N u mMegabytesTo Reclai m , 

49621 1 ZoneMegabytesTotal, 

49622| ZoneMegabytesUnused)); 

49623 1 

49624| ASSERT (ZoneUsageCount > 1 ); 

| // Should never reclaim the first alloc (for DirectIO). 
49625| ASSERT (ZoneMegabytesTotal > 0); 

| // Should never reclaim if there is nothing allocated. 
49626| ASSERT (ZoneMegabytesTotal > ZoneMegabytesUnused); 

| // There should always be some memory claimed. 
49627| 

49628| ULONG ZoneMegabyteslnUse = ZoneMegabytesTotal - 

| ZoneMegabytesUnused; 
49629| ASSERT (NumMegabytesToReclaim < 

| ZoneMegabyteslnUse); // We should never reclaim 

| more than is currently claimed. 
49630 1 

49631 1 if ( ZoneUsageCount > 1 ) { // never 

| unclaim the last entity using the zone 
49632| --ZoneUsageCount; 

49633| ZoneMegabytesUnused += NumMegabytesToReclaim; 
49634| } 
49635| } 
49636| 

49637| // 



49638| void FreeNode( tTreeLeaf *ptr ) 
49639| { 



49640| #ifndef _USE_MEM_CHECK_ 

49641 1 // ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
49642| ASSERT(Zonelnitialized); 
49643| ULONGoldlrql; 

49644| MyGetPrivateAccess((PLONG) &ZonePrivateAccess, 

| &oldlrql); 
49645| ExFreeToZone(&Zone,ptr); 
49646| MyReleasePrivateAccess((PLONG) 

| &ZonePrivateAccess,oldlrql); 
49647| #else 

49648| MemFreePool(ptr); 
49649 1 #endif 
49650 1 } 
49651 | 

49652| // 



49653| tTreeLeaf *AllocNode() 
49654| { 

49655| #ifndef _USE_MEM_CHECK_ 

49656| // ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
49657| 

49658| ULONG oldlrql = 0; 

49659| MyGetPrivateAccess((PLONG) &ZonePrivateAccess, 

| &oldlrql); 
49660 1 

49661 1 ULONG Amount = ZonelncrementlnNodes; 
49662| ASSERT(Zonelnitialized); 
49663 1 pTreeLeaf Node = 

| (pTreeLeaf)ExAllocateFromZone(&Zone); 
49664| 

49665| if(INode) { 
49666| ULONG Size; 
49667| PVOID Mem; 
49668| 

49669 1 r 

49670| ZonelncrementlnNodes is the number of 

| tTreeLeafs to allocate. 
49671 | 

49672| We will attempt to allocate the entire 

| increment size. 
49673| If that fails, then we will keep dividing 

| by 2 until 

49674| we get a successful allocation or the 

| number of node bytes 
49675| is less than 64k. 

49676| 7 
49677| 

49678| Try Again: 



49679| // dont use Increment directly as we want to 

| retry getting that 
49680| // big of a block the next time, incase memory 

| has freed up. 
49681 1 Size = 

| Amount*sizeof(tTreeLeaf)+sizeof(ZONE_SEGMENT_HEADER); 
49682 1 

49683 1 Mem = 

| MemAllocatePoolWithTag(PagedPool,Size,NODEMEMTAG); 
49684| if(Mem) { 

49685| Debug (DEBUG_M EMORY, ("AllocNode: Allocated 

| another Zone %d size\n",Size)); 
49686| 
49687| 

| if(NT_SUCCESS(ExExtendZone(&Zone,Mem,Size))) { 
49688| Node = 

| ( pTree Leaf ) Ex A I lo cate F ro m Zo ne (&Zo ne) ; 
49689 1 } else { 

49690| Debug(DEBUG_MEMORY,("AllocNode: Error 

| extending zone!!!!!\n M )); 
49691| ASSERT(FALSE); 
49692| MemFreePool(Mem); 
49693| } 
49694| } else { 

49695| Debug(DEBUG_MEMORY, ("AllocNode: Allocating 

| another Zone %d size failed\n",Size)); 
49696| 

49697| Amount/=2; 
49698| 

49699| if(Amount>=(65536 / sizeof(tTreeLeaf))) { 

49700| goto Try Again; 

49701| } 
49702| 

49703| Debug(DEBUG_MEMORY,("[Zone] AllocNode: 

| Error! Out of memory!!!!!\n")); 
49 704 1 ASS E RT ( F A LS E) ; 

49705| } 
49706| } 
49707| 

49708| MyReleasePrivateAccess((PLONG) 

| &ZonePrivateAccess,oldlrql); 
49709| 

49710| if ( !Node){ 

4971 1 1 if ( IZoneLoggedOutOfMemory ) { 

49712| ZoneLoggedOutOf Memory = TRUE; // 

| because we don't want to log zillions of events! 
49713| Hint -save -e740 7 

49714| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_ERRO 

| R_OUT_OF_MEMORY,PSM_ERROR_OUT_OF_MEMORY,NULL,0,NULL,0); 



49715| 
497161 



/*lint -restore 7 

Debug(DEBUG_MEMORY,("[Zone] AllocNode: 



497171 



!! OUT OF MEMORY !!!!!!\n")); 
ASSERT(FALSE); 



49718| } 
49719| } 
49720| 

49721 1 return Node; 
49722 1 #else 
49723 1 return 

| (pTreeLeaf)MemAllocatePoolWithTag(PagedPool,sizeof(tTree 

| Leaf),NODETAG); 
49724| #endif 
49725| } 
49726| 

49727| /*— end of file mem.cpp —7 
49728| 
49729 1 
49730 | 

49731| File Listing: MEM. h 
49732| 

49733| NTSTATUS IncreaseNodeMemory ( 
49734| ULONG AdditionalMegabytesNeeded, 
49735| ULONG IncrementSteplnNodes ); 
49736| 

49737| void ReclaimNodeMemory ( ULONG NumMegabytesToReclaim ); 
49738| 

49739| void FreeNode ( tTreeLeaf *ptr ); 
49740| tTreeLeaf *AllocNode(); 
49741 | 
49742 | 
49743 | 

49744| File Listing: MEMTRACK.cpp 
49745| 

49746| #include "precomp.h" 
49747| 

49748| #define MEM LOOKASIDE 100 
49749| #def ine MEM_LARGE 1 01 
49750 1 #define MEM_SMALL 102 
49751 | 

49752| #undef PSM_HEADER_DATA_STRUCTURES 

49 753 1 namespace pd { 

49754| #include "header.h" 

49755| } 

49756| 

49757| 

49758| #define USE_PAGED_FOR_BUFF 0 
49759 1 

49760| #ifdef DEBUG 

49761 1 //#define DEBUG_MEM 



49762 
49763 
49764 
49765 
49766 
49767 
49768 
49769 
49770 
49771 
49772 
49773 
49774 
49775 
49776 
49777 
49778 
49779 
49780 
49781 
49782 
49783 
49784 
49785 
49786 
49787 
49788 
49789 
49790 
49791 
49792 
49793 
49794 
49795 



49799 
49800 
49801 
49802 
49803 
49804 
49805 
49806 
49807 
49808 
49809 



#endif 

PAG E D_LOOKAS I D E_LI ST I nternalSnapShot; 

N PAG E DLO O K A S I D EL I ST MasterSnapShot; 

N PAG E D_LOOKASI D E_LI ST SnapShotEntry; 

PAG E D LOO K AS I D E_L I ST Node; 

N PAG E D_LO O K AS I D E_L I ST ReadOnly; 

N PAG E D_LO O K AS I D E_L I ST Shared; 

N PAG E DLOOKASI D ELI ST Requests; 



ULONG Memlnited = FALSE; 

#pragma pack(1) 

typedef struct sMemHead { 

ULONG Tag; 

WORD HeaderSize; 

BYTE Type; 

BYTE Reserved; 
} tMemHead, *pMemHead; 
#pragma pack() 



#ifdef DEBUG_MEM 
PVOID 
DebugAlloc ( 

IN POOL_TYPE PoolType, 
IN ULONG NumberOfBytes, 
IN ULONG Tag 

) 
{ 

PVOID Parent=0, Grand Parent=0; 
RtlGetCallersAddress (&Parent, &GrandParent); 
Debug(DEBUG_MEMORY,("NEWMEM: AllocL: p=%08x gp=%08x 
| - pool=%08x, size=%08x, Tag=%08x\n", 
49796| Parent,GrandParent, 
49797| PoolType,NumberOfBytes,Tag)); 
49798I return 



ExAllocatePoolWithTag(PoolType,NumberOfBytes,Tag); 



} 

#define DEBUG_ALLOC DebugAlloc 
#endif 



#ifndef DEBUG_MEM 
#define DEBUG_ALLOC NULL 
#endif 

void InitGeneralLookaside ( 



PGENERAL_LOOK ASIDE Lookaside, 
IN PALLOCATE_FUNCTION Allocate, 
IN PFREE_FUNCTION Free, 
IN ULONG Flags, 
IN ULONG Size, 
IN ULONG Tag, 
IN USHORT Depth, 
POOL_TYPE Type 



RtlZeroMemory(Lookaside,sizeof(GENERAL_LOOKASIDE)); 

Lookaside->Type=Type; 
Lookaside->Tag=Tag; 
Lookaside->Size=Size; 
Lookaside->Depth= Depth; 
if(Allocate) { 

Lookaside->Allocate=Allocate; 
} else { 

Lookaside->Allocate=ExAllocatePoolWithTag; 

} 

if(Free) { 

Lookaside->Free=Free; 
} else { 

Lookas ide-> Free= Ex F ree Poo I ; 

} 



49810 
49811 
49812 
49813 
49814 
49815 
49816 
49817 
49818| ) 
49819| { 
49820 
49821 
49822 
49823 
49824 
49825 
49826 
49827 
49828 
49829 
49830 
49831 
49832 
49833 
49834 
49835 
49836 
49837 

49838| // note: Lookaside->Lock is a mutex, but it is 

| never used 
49839| // so we will not initialize. 
49840| ExlnitializeSListHead(&Lookaside->ListHead); 
49841 | 
49842 | 
49843 | 
49844| 
49845| 
49846| 
49847| 
49848 1 
49849 1 
49850 1 
49851 1 
49852 1 
49853 1 
49854| 
49855| 
49856| 

| RtlZeroMemory(Lookaside,sizeof(PAGED_LOOKASIDE_LIST)); 
49857| 



lnitializeListHead(&Lookaside->ListEntry); 

} 

void MylnitializePagedLookasideList( 

IN PPAGED_LOOKASIDE_LIST Lookaside, 

IN PALLOCATE_FUNCTION Allocate, 

IN PFREE_FUNCTION Free, 

IN ULONG Flags, 

IN ULONG Size, 

IN ULONG Tag, 

IN USHORT Depth 

) 

{ 

ASSERT(Size >= sizeof(PVOID)); 



I lnitGeneralLookaside(&Lookaside->L,Allocate,Free, Flags, S 
| ize,Tag, Depth, PagedPool); 
49858| 

49859| ExlnitializeFastMutex(&Lookaside->Lock); 
49860| 

49861 1 // populate the list 

49862 1 // fixfixfix do we want the maximum allocated or 

| some 
49863 1 // percentage? 
49864| 

49865| // Do this in two phases: first allocate 'Depth' 

| nodes and put into 
49866| // linked list. 
49867| PVOID AllocList=0; 
49868| PVOID Ptr=0; 
49869| ULONG NumAllocated=0; 
49870| for(USHORT i=0;i<Depth;i++) { 
49871 1 Ptr = 

| ExAllocateFromPagedLookasideList(Lookaside); 
49872| if(Ptr) { 
49873| ++NumAllocated; 
49874| *((void**)Ptr) = AllocList; 

49875| AllocList = Ptr; 

49876| } else { 

49877| KdPrint(("NewMem: Init: Error! out of 

| memory for list\n")); 
49878| break; 
49879 1 } 
49880 1 } 
49881 | 

49882| // Second phase: remove nodes from linked list one 

| by one and insert into lookaside list. 
49883| USHORT Numlnserted = 0; 
49884| while (AllocList) { 
49885| Ptr = AllocList; 
49886| AllocList = *((void**)AllocList); 
49887 1 + + N u m I nse rted ; 
49888| ASSERT(Numlnserted<=Depth); 
49889| ExFreeToPagedLookasideList(Lookaside,Ptr); 
49890 1 } 
49891| 

49892| ASSERT(Numlnserted==NumAllocated); 

49893| } 

49894| 

49895| void MylnitializeNPagedLookasideList( 

49896| IN P N PAG E D_LOOK AS I D E_L I ST Lookaside, 

49897| IN PALLOCATE_FUNCTION Allocate, 

49898| IN PFREE_FUNCTION Free, 

49899| IN ULONG Flags, 

49900| IN ULONG Size, 



49901| IN ULONG Tag, 
49902| IN USHORT Depth 
49903| ) 
49904| { 
49905| 

| RtlZeroMemory(Lookaside,sizeof(NPAGED_LOOKASIDE_LIST)); 
49906| 

| lnitGeneralLookaside(&Lookaside->L,Allocate,Free, Flags, S 
| ize,Tag, Depth, NonPagedPool); 
49907| 

49908| KelnitializeSpinLock(&Lookaside->Lock); 
49909| 

4991 0| // populate the list 

4991 1 1 // fixfixfix do we want the maximum allocated or 

| some 
49912| //percentage? 
49913| 

49914| // Do this in two phases: first allocate 'Depth' 

| nodes and put into 
49915| //linked list. 
49916| PVOID AllocList=0; 
49917| PVOID Ptr=0; 
49918| ULONG NumAllocated=0; 
49919| for(USHORT i=0;i<Depth;i++) { 
49920| Ptr = 

| ExAllocateFromNPagedLookasideList(Lookaside); 
49921| if(Ptr) { 
49922 1 ++ N u m Al located ; 

49923| *((void**)Ptr) = AllocList; 

49924| AllocList = Ptr; 

49925| } else { 

49926| KdPrint(("NewMem: Init: Error! out of 

| memory for list\n")); 
49927| break; 
49928| } 
49929| } 
49930| 

49931 1 // Second phase: remove nodes from linked list one 

| by one and insert into lookaside list. 
49932| USHORT Numlnserted = 0; 
49933| while (AllocList) { 
49934| Ptr = AllocList; 
49935| AllocList = *((void**)AllocList); 
49936| ++Numlnserted; 
49937| ASSERT(Numlnserted<=Depth); 
49938| ExFreeToNPagedLookasideList(Lookaside,Ptr); 
49939 1 } 
49940 1 

49941 1 ASSERT(Numlnserted==NumAllocated); 
49942| } 



49943| 

49944| // to determine if the look aside list needs to be 

| increased/trimmed 
49945| void Adjustl_ookasidel_istDepth( PGENERAL LOOKASIDE 

| Lookaside ) 
49946| { 
49947| } 
49948| 
49949| 

49950| void MemTracklnit( PUNICODE_STRING RegistryPath ) 
49951 1 { 

49952| ULONG Size = sizeof(tMemHead); 
49953| ULONG SnapShotDepth; // number of concurrent 
| snapshos 

49954| ULONG RequestDepth; // number of concurrent 

| requests (read and write) 
49955| ULONG ReadOnlyDepth; // number of concurrent open 

| files on virtual volumes 
49956| ULONG VolumeDepth; // number of concurrent volumes 

| that will be snapped 
49957| RTL_QUERY_REGISTRY_TABLE paramTable[8]={0}; 
49958| 

49959| // this routine is called BEFORE the registry has 
| been read 

49960| // and before we determine if debug mode is enabled 
49961 1 // if you need to print something to the debug port 
49962| // use KdPrint, but keep in mind that it will not 
I go to 

49963| // the debug log file. 
49964| 

49965| if(MmlsThisAnNtAsSystem()) { 
49966| // server 
49967| SnapShotDepth=0x20; 
49968| RequestDepth=0x200 ; 
49969| ReadOnlyDepth=0x20; 
49970| VolumeDepth=Oxa; 
49971 1 } else { 

49972 1 // not server, use less memory 
49973| SnapShotDepth=Oxa; 
49974| VolumeDepth = 0x2; 
49975| ReadOnlyDepth = 0x4; 
49976| RequestDepth=0x20; 
49977| } 
49978| 

49979| RtlZeroMemory( &paramTable[0], sizeof(paramTable) 

I); 

49980 1 

49981 1 paramTable[0]. Flags = RTL_QUERY_REGISTRY_DIRECT; 

49982| paramTable[0].Name = U'SnapShotDepth"; 

49983| paramTable[0].EntryContext = &SnapShotDepth; 



49984| paramTable[1]. Flags = RTL_QUERY_REGISTRY_DIRECT; 

49985| paramTable[1].Name = U'RequestDepth"; 

49986| paramTable[1].EntryContext = &RequestDepth; 

49987| paramTable[2]. Flags = RTLQUERYREGISTRYDIRECT; 

49988| paramTable[2].Name = U'ReadOnlyDepth"; 

49989| paramTable[2].EntryContext = &ReadOnlyDepth; 

49990| paramTable[3]. Flags = RTL_QUERY_REGISTRY_DIRECT; 

49991 1 paramTable[3].Name = U'VolumeDepth"; 

49992| paramTable[3].EntryContext = &VolumeDepth; 

49993 | 

49994| RtlQueryRegistryValues( 



49995| RTL_REGISTRY_ABSOLUTE | 

| RTL_REGISTRY_OPTIONAL, 

49996| RegistryPath->Buffer, 

49997| &paramTable[0], 

49998| NULL, 

49999| NULL 

50000| ); 
50001| 
50002| 



50003| /* 

50004| Zone routines are useful for allocating a large 

| number of fixed size 
50005| small blocks. Look-aside lists are useful for 

| allocating larger blocks 
50006| where there is a substantial difference between the 

| high and low 
50007| watermarks. 
50008| 7 
50009| 
50010| /* 

5001 1 1 We use our own lookaside lists for the following 
| reasons: 

50012| 1 . NT ignores the maximum depth parameter 
50013| 2. Its algorithm for increasing/decreasing the 

| depth works by 
50014| looking the ratio of alloc misses to alloc 

| requests since the 
50015| last time the function was called (every 2 

| seconds). If less 
5001 6| than 1 0%, the depth is decreased by 1 0 (but not 

| below 4). 

50017| if larger, then it is increased by 

| (Ratio/2)*max_depth 
50018| 3. We want to keep some extra on the list for low 

| memory 

50019| usage (though we could have a seperate list) 

50020| 4. I was seeing a LOT of calls to Alloc/Free 

50021| 

50022| A better usage would be to look at the amount of 



I times an 

50023| Alloc/Free pair could have been avoided in the last 

| X seconds. 
50024| 

50025| For now, we will hardcode the values, but later on 

| we could have a 
50026| timer event executing every 2 seconds to 

| increase/trim the depth. 
50027| 7 
50028| 
50029| 

| MylnitializePagedLookasideList(&lnternalSnapShot,DEBUG_A 
| LLOC,NULL,0,sizeof(pd::tlnternalSnapShot)+Size,PSM_INTER 
| NAL_SNAPSHOT,(USHORT)SnapShotDepth); 
50030| 

| MylnitializeNPagedLookasideList(&MasterSnapShot,DEBUG_AL 

| LOC,NULL,0,sizeof(tkSnapShotMaster)+Size,PSM_MASTER_SNAP 

| SHOT,(USHORT)SnapShotDepth); 
50031 1 ASSERT((SnapShotDepth*VolumeDepth)<0x10000); // 

| make sure less than a USHORT 
50032| 

| MylnitializeNPagedLookasideList(&SnapShotEntry,DEBUG_ALL 
| OC,NULL,0,sizeof(tkSnapShotEntry)+Size,PSM_SNAPSHOT_ENTR 
| Y,(USHORT)SnapShotDepth*(USHORT)VolumeDepth); 
50033| 

| MylnitializePagedLookasideList(&Node,DEBUG_ALLOC,NULL,0, 
| sizeof(tTreeLeaf)+Size,NODETAG,0x1 00); 
50034| 

| MylnitializeNPagedLookasideList(&ReadOnly,DEBUG_ALLOC,NU 
| LL,0,sizeof(tOpenSnapShotFiles)+Size,PSM_READONLY_FILE_T 
| AG,(USHORT)ReadOnlyDepth); 
50035| 

| MylnitializeNPagedLookasideList(&Shared,DEBUG_ALLOC,NULL 
| ,0,sizeof(pd::tShared)+Size,PSM_DICT_SHARED_TAG,(USHORT) 
| VolumeDepth); 
50036| 

| ASSERT(sizeof(tWriteRequest)==sizeof(tReadRequest)); 
50037| 

| MylnitializeNPagedLookasideList(&Requests,DEBUG_ALLOC,NU 
| LL,0,sizeof(tWriteRequest)+Size,WRITEREQUESTTAG, (USHORT) 
| Request Depth); 
50038| 

50039 1 return; 
50040| } 
50041 | 

50042| void MemTrackDelnit() 
50043 1 { 

50044| // never called 
50045| ASSERT(FALSE); 
50046| } 



50047| 

50048| void *MemAllocatePoolWithTag( POOL_TYPE PoolType, ULONG 

| Size, ULONG Tag ) 
50049| { 
50050| #if 0 

50051 1 PVOID Parent=0, Grand Parent=0; 

50052| RtlGetCallersAddress (&Parent, &GrandParent); 

50053| Debug(DEBUG_MEMORY,("NEWMEM: Alloc: p=%08x gp=%08x 

| - pool=%08x, size=%08x, Tag=%08x\n", 
50054| Parent,GrandParent, 
50055| PoolType,Size,Tag 
50056| )); 
50057| #endif 
50058| 

50059| WORD AllocSize; 

50060| pMemHead Ptr; 

50061 1 #define TYPE LOOKASI DE 0 

50062| #define TYPE_DIRECT 1 

50063| ULONG Ty pe=TY P ELOO K AS IDE; 

50064| WORD HeaderSize=sizeof(tMemHead); 

50065| NTSTATUS Status=0; 

50066| ULONG MySize; 

50067| 

50068| switch(Tag) { 

50069 1 // memory that vdisk read/write use to double 
| buffer 

50070| case PSM VDISK BUFFER TAG : // 'PSvb' 1 
50071 1 // memory to hold original data 
50072| case BUFFTAG : // 'PSbu' 5 

50073| #if USE_PAGED_FOR_BUFF 

50074| ASSERT(PoolType == PagedPoolCacheAligned); 

50075| HeaderSize = PAGE_SIZE; 

50076| Type = TYPE_DIRECT; 

50077| Ptr = (pMemHead)ExAllocatePoolWithTag( 

| PoolType, Size+HeaderSize, Tag ); 
50078| // move pointer to be under aligned page 

50079 1 Ptr = 

| (pMemHead)(((PCHAR)Ptr)+HeaderSize-sizeof(tMemHead)); 
50080 1 #else 

50081 1 HeaderSize = PAGE_SIZE; 

50082| Type = TYPE_DIRECT; 

50083| MySize = Size+HeaderSize; 

50084| Ptr = NULL; 

50085| 

50086| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
50087| Status = ZwAllocateVirtualMemory( 

50088| NtCurrentProcess(), // IN HANDLE 

| ProcessHandle, 
50089| (void**)&Ptr, // IN OUT PVOID 



I *BaseAddress, 
50090| 0, // IN ULONG ZeroBits, 

50091 1 &MySize, // IN OUT PSIZE_T 

| RegionSize, 

50092| MEM_RESERVE | MEM_COMMIT, // IN 

| ULONG AllocationType, 
50093| PAGE_READWRITE// IN ULONG Protect 

50094| ); 

50095| //Debug(DEBUG_MEMORY,("NewMem: 

| AllocVirtual=%08x\n'\Status)); 
50096| if(NT_SUCCESS(Status)) { 

50097| ASSERT(Ptr); 
50098| ASSERT(MySize>=Size); 
50099| HeaderSize = (WORD)(MySize-Size); 

50100| Ptr = 

| (pMemHead)(((PCHAR)Ptr)+HeaderSize-sizeof(tMemHead)); 
50101| }else{ 
50102| ASSERT(IPtr); 
50103| } 
50104| #endif 
50105| break; 
50106| 

501 07| // memory holding snapshots 

50108| case PSM INTERNAL SNAPSHOT : // 'PSis' 1 

50109| Ptr = 

| (pMemHead)ExAllocateFromPagedLookasideList(&lnternalSnap 

| Shot); 
50110| break; 
50111| 

501 12| // memory holding masters 

501 1 3| case PSM_MASTER_SNAPSHOT : // 'PSma' 0 
50114| Ptr = 

| (pMemHead)ExAllocateFromNPagedLookasideList(&MasterSnapS 

I hot); 
50115| break; 
50116| 

501 1 7| // snapshot entrys 

501 1 8| case PSM_SNAPSHOT_ENTRY : // 'PSss' 0 
50119| Ptr = 

| (pMemHead)ExAllocateFromNPagedLookasideList(&SnapShotEnt 

I ry); 

50120| break; 
50121| 

50122| //tTreeLeafs 

50123| case NODETAG : // 'PSno' 1 

50124| Ptr = 

| (pMemHead)ExAllocateFromPagedLookasideList(&Node); 
50125| break; 
50126| 

501 27| // files that are marked as readonly 



50128| case PSM_READONLY_FILE_TAG : // 'PSro' 0 

50129| Ptr = 

| (pMemHead)ExAllocateFromNPagedLookasideList(&ReaclOnly); 

50130| break; 
50131| 

50132| // requests coming in 

50133| case READREQUESTTAG : // 'PSrr' 0 

50134| case WRITEREQUESTTAG : // 'PSwr' 0 

50135| Ptr = 

| (pMemHead)ExAllocateFromNPagedLookasideList(&Requests); 

50136| break; 
50137| 

50138| case DEBUG_ENTRY_TAG: 

50139| case FILENAMETAG: 

501 40| // dont want prints on this debug stuff 

50141 1 Ptr = (pMemHead)ExAllocatePoolWithTag( 

| PoolType, Size+sizeof(tMemHead), Tag ); 

50142| Type = TYPE_DIRECT; 

50143| break; 
50144| 

501 45| // memory to access registry 

50146| case REGISTRYTAG : // 'PSrt' 1 

50147| 

501 48| // memory for shared volumes 

501 49 1 case PSM_DICT_SHARED_TAG : // 'PSsh' 0 

50150| 

50151 1 // memory required for strings 

50152| case STRINGTAG : // 'PSsf 1 

50153| 

501 54| // temp memory 

50155| case THREADTAG : // 'PSth' 1 

50156| 

501 57| // memory holding the free space bitmap 

50158| case P S M_ F R E E_S P A C E_T AG : // 'PSfs' 1 
50159| 

501 60| // memory holding headers 

501 61 1 case PSM DICT HEADER TAG : // 'PShe' 1 

50162| 

501 63| // memory in release build that holds a Block 

| of memory so 

501 64| // we can suballocate it (see mem.cpp), this is 

| subdivided 

50165| // into tTreeLeafs 

501 66| case NODEMEMTAG : // 'PSnm' 1 

50167| 

50168| default: 

50169| #ifdef DEBUG_MEM 

50170| { 

501 71 1 PVOID Parent=0, GrandParent=0; 

501 72 1 RtlGetCallersAddress (&Parent, 



I &GrandParent); 

50173| Debug (DEBUG_M EMORY, ("NEWM EM: Alloc : p=%08x 

| gp=%08x - pool=%08x, size=%08x, Tag=%08x\n M , 
501 74 1 Parent,GrandParent, 
501 75| PoolType,Size+sizeof(tMemHead),Tag)); 
50176| } 
50177| #endif 

501 78 1 Ptr = (pMemHead)ExAllocatePoolWithTag( 

| PoolType, Size+sizeof(tMemHead), Tag ); 
501 79 1 Type = TYPE_DIRECT; 
50180| } 
50181| 
50182| 

50183| if (Ptr) { 

501 84| // os had memory to give us 

501 85| Ptr->Type = (BYTE)Type; 

50186| Ptr->Tag = Tag; 

50187| Ptr->HeaderSize = HeaderSize; 

50188| Ptr++; 

50189| } 

50190| 

50191 1 // Suppress the assert because now at least one caller 

| will handle a fail by re-asking for less 
50192| // ASSERT(Ptr); 
50193| 

50194| return Ptr; 

50195| } 

50196| 

50197| VOID MemFreePool( PVOID Buffer) 
50198| { 

50199| ASSERT(Buffer); 

50200| pMemHead Ptr=(pMemHead)Buffer; 

50201| Ptr-; 

50202| 

50203| PVOID RealPtr=((PCHAR)(Ptr+1))-Ptr->HeaderSize; 
50204| NTSTATUS Status; 
50205| ULONG Size; 
50206| 

50207| switch(Ptr->Tag) { 

50208| // memory that vdisk read/write use to double 
| buffer 

50209| case PSM VDISK BUFFER TAG : // 'PSvb' 1 

5021 0| // memory to hold original data 

5021 1 1 case BUFFTAG : // 'PSbu' 5 

50212| // os supplied buffer 

50213| #if USE_PAGED_FOR_BUFF 

50214| ExFreePool(RealPtr); 

50215| #else 

50216| Size=0; 

5021 7| ASSERT(GlobalSystemProcessld == 



I PsGetCurrentProcess()); 
50218| Status = ZwFreeVirtualMemory( 

50219| NtCurrentProcess(),// IN HANDLE 

| ProcessHandle, 
50220| &RealPtr, // IN OUT PVOID 

| *BaseAddress, 
50221 1 &Size, // IN OUT PSIZE_T RegionSize, 

50222| MEM_RELEASE // IN ULONG FreeType 

50223 1 ); 

50224| if(!NT_SUCCESS(Status)) { 

50225| Debug(DEBUG_MEMORY,("NewMem: Error %08x 

| freeing virtual memory\n", Status)); 
50226| } 
50227| 

50228| #endif 
50229 1 break; 
50230| 

50231 1 // memory holding snapshots 

50232| case PSM INTERNAL SNAPSHOT : // 'PSis' 1 

50233 | 

| ExFreeToPagedLookasideList(&lnternalSnapShot,RealPtr); 
50234| break; 
50235| 

50236| // memory holding masters 

50237| case PSM_MASTER_SNAPSHOT : // 'PSma' 0 
50238| 

| ExFreeToNPagedLookasideList(&MasterSnapShot,RealPtr); 
50239 1 break; 
50240 1 

50241 1 // snapshot entrys 

50242| case PSM_SNAPSHOT_ENTRY : // 'PSss' 0 
50243 1 

| ExFreeToNPagedLookasideList(&SnapShotEntry,RealPtr); 
50244| break; 
50245| 

50246| //tTreeLeafs 

50247| case NODETAG : // 'PSno' 1 

50248| ExFreeToPagedl_ookasidel_ist(&Node,RealPtr); 

50249 1 break; 

50250 1 

50251 1 // files that are marked as readonly 

50252| case PSM READONLY FILE TAG : // 'PSro' 0 

50253 1 

| ExFreeToNPagedl_ookasidel_ist(&ReadOnly,RealPtr); 
50254| break; 
50255| 

50256| // requests coming in 

50257| case READREQUESTTAG : // 'PSrr' 0 
50258| case WRITEREQUESTTAG : // 'PSwr' 0 
50259| 



I ExFreeToNPagedLookasideList(&Requests,RealPtr); 
50260| break; 
50261 1 

50262| // memory to access registry 

50263| case REGISTRYTAG : // 'PSrt' 1 

50264| 

50265| // memory for shared volumes 

50266| case PSM_DICT_SHARED_TAG : // 'PSsh' 0 

50267| 

50268| // memory required for strings 
50269| case STRINGTAG : // 'PSsf 1 

50270 1 

50271 1 // temp memory 

50272| case THREADTAG : // 'PSth' 1 

50273 1 

50274| // memory holding the free space bitmap 
50275| case P S M_ F R E E_S P AC E_T AG : // 'PSfs' 1 
50276| 

50277| // memory holding headers 

50278| case PSM_DICT_HEADER_TAG : // 'PShe' 1 

50279 1 

50280| // memory in release build that holds a Block 

| of memory so 
50281 1 // we can suballocate it (see mem.cpp), this is 

| subdivided 
50282 1 // into tTreeLeafs 

50283| case NODEMEMTAG : // 'PSnm' 1 

50284| 

50285| default: 

50286| // os supplied buffer 

50287| ExFreePool(((PCHAR)(Ptr+1))-Ptr->HeaderSize); 

50288| } 

50289 1 } 

50290| 

50291| 

50292| 

50293| File Listing: MEMTRACK.h 
50294| 

50295| PVOID MemAllocatePoolWithTag( IN POOL_TYPE PoolType, IN 

| ULONG NumberOfBytes, IN ULONG Tag ); 
50296| VOID MemFreePool( PVOID Buffer); 
50297| #define MemAllocatePool(t,s) 

| MemAllocatePoolWithTag(t,s,DEFAULT_MEM_TAG) 
50298| 

50299| #define D E F A U LT M E M_T AG 0x50534d4d 
50300| 

50301 1 #define MemCheckPool(x) 1 
50302| #define MemTrackPrintStats(x) 
50303| #define MemShowUsage() 
50304| 



50305| void MemTracklnit( PUNICODE_STRING Registry ); 
50306| 

50307| #define MemAllocateString(n) 

| (WCHAR*)MemAllocatePoolWithTag(PagedPool,(n)*sizeof(WCHA 

| R),STRINGTAG) 
50308| #define MemAllocateStringByBytes(b) 

| (WCHAR*)MemAllocatePoolWithTag(PagedPool,(b),STRINGTAG) 
50309| #define MemFreeString Mem Free Poo I 
50310| 
50311| 
50312| 

50313| File Listing: MISC.cpp 
50314| 

50315| #include "precomp.h" 

50316| 

50317| I* 

50318| Kernel mode APC's can NOT be disabled (Fast mutexes 

| disable them) as the 
50319| IO manager uses them to deliver events 
50320| 
50321 1 7 
50322 | 

50323| /* 



50324| NTSTATUS AcquireOpenCloseResource( void ) 
50325| { 

50326| PVOID ObjectTable[2] = { &PSMOpenCloseSemaphore, 

| &PSManExitingEvent }; 
50327| 

50328| ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50329| return pmWaitForMultipleObjects( ObjectTable,2,NULL 

I); 

50330 1 } 
50331 | 

50332| NTSTATUS AcquireOpenCloseResourceOnly( PKEVENT 

| AbortEvent ) 
50333 1 { 

50334| PVOID ObjectTable[2] = { &PSMOpenCloseSemaphore, 

| AbortEvent}; 
50335| 

50336| ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50337 1 return 

| pmWaitForMultipleObjects(ObjectTable,AbortEvent ? 2 : 

I 1,NULL); 
50338| 
50339 1 } 
50340| 

50341 1 /* 



50342| void ReleaseOpenCloseResource( void ) 



50343| { 

50344| ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 

50345| pmSignalSemaphore( &PSMOpenCloseSemaphore); 

50346| 

50347| } 

50348| 

50349| /* 



50350| NTSTATUS AcquireVDiskResource( void ) 
50351 1 { 

50352| // ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50353| return pmAcquireSemaphore( 

| &PSMVDiskSemaphore,NULL); 
50354| } 
50355| 

50356| I* 



50357| void ReleaseVDiskResource( void ) 
50358| { 

50359| // ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50360| pmSignalSemaphore( &PSMVDiskSemaphore); 
50361 1 
50362 1 } 
50363 1 

50364| #ifdef DEBUG_SNAPSHOTS 

50365| NTSTATUS AcquireSnapShotResource( void ) 

50366| { 

50367| #if 0 

50368| ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50369| if(pmExamineSemaphore(&PSMSnapShotSemaphore)<1 ) { 
50370| Debug(DEBUG_MISC,("SnapShot already Acquired! 

| %d\n^pmExamineSemaphore(&PSMSnapShotSemaphore))); 
50371 1 DbgBreakPoint(); 
50372 1 } 
50373 1 #endif 
50374| #ifdef DEBUG 
50375| if(lsGlobalDeviceAcquired()) { 

50376| Debug(DEBUG_MISC,("AcquireSnapShotResource: 
| ERROR!!!! Global resource acquired before snapshot! 
| this WILL cause a deadlock!\n M )); 

50377| DbgBreakPoint(); 

50378| } 

50379 1 

50380 1 #endif 

50381 1 return pmAcquireSemaphore( 
| &PSMSnapShotSemaphore,NULL); 
50382 1 } 
50383| 

50384| I* 



50385| void ReleaseSnapShotResource( void ) 
50386| { 
50387| #if 0 

50388| ASSERT(KeGetCurrentlrql() == PASSIVE_LEVEL); 
50389| if(pmExamineSemaphore(&PSMSnapShotSemaphore)>0) { 
50390| Debug(DEBUG_MISC,("SnapShot not acquired! 

| %d\n",pmExamineSemaphore(&PSMSnapShotSemaphore))); 
50391 1 DbgBreakPoint(); 
50392 1 } 
50393| #endif 

50394| pmSignalSemaphore( &PSMSnapShotSemaphore); 

50395| 

50396| } 

50397| #endif 

50398| 

50399| #ifdef DEBUG 

50400| I* 



50401 1 void DumpBootSector( char *Buffer ) 
50402 1 { 
50403 1 
50404| if 

| (strncmp(((PNTFS_BOOT_SECTOR)Buffer)->Oemld,"NTFS",4)==0 
l){ 

50405| PNTFS_BOOT_SECTOR 

| Ntfs=(PNTFS_BOOT_SECTOR)Buffer; 
50406| 

50407| Debug(DEBUG_INFO,("NTFS Boot Sector\n")); 
50408| Debug(DEBUG_INFO,(" BytesPerSector 

| %04x\n",Ntfs->BytesPerSector)); 
50409| Debug(DEBUG_INFO,(" SectorsPerC luster 

| %02x\n",Ntfs->SectorsPerCluster)); 
50410| Debug(DEBUG_INFO,(" MedialD 

| %02x\n",Ntfs->MedialD)); 
50411| Debug(DEBUG_INFO,(" Sectors PerTrack 

| %04x\n",Ntfs->SectorsPerTrack)); 
50412| Debug(DEBUG_INFO,(" Heads 

| %04x\n",Ntfs->Heads)); 
50413| Debug(DEBUG_INFO,(" HiddenSectors 

| %08x\n",Ntfs->HiddenSectors)); 
50414| Debug(DEBUG_INFO,(" LargeSectors 

| %08x\n",Ntfs->LargeSectors)); 
50415| Debug(DEBUG_INFO,(" Drive 

| %02x\n",Ntfs->Drive)); 
50416| Debug(DEBUG_INFO,(" DirtyVolume 

| %02x\n",Ntfs->DirtyVolume)); 
50417| Debug(DEBUG_INFO,(" Reserved 

| %04x\n",Ntfs->Reserved)); 
50418| Debug(DEBUG_INFO,(" TotalSectors 

| %01 6l64x\n",Ntfs->TotalSectors)); 



50419| Debug(DEBUG_INFO,(" ClusterToMFT 

| %01 6l64x\n",Ntfs->ClusterToMFT)); 
50420| Debug(DEBUG_INFO,(" ClustersToMFTMirror 

| %01 6l64x\n",Ntfs->ClustersToMFTMirror)); 
50421| Debug(DEBUG_INFO,(" ClustersPerFRS 

| %08x\n",Ntfs->ClustersPerFRS)); 
50422| Debug(DEBUG_INFO,(" ClustersPerlndexBlock 

| %08x\n",Ntfs->ClustersPerlndexBlock)); 
50423| Debug(DEBUG_INFO,(" SerialNumber 

| %01 6l64x\n",Ntfs->SerialNumber)); 
50424| Debug(DEBUG_INFO,(" SectorChecksum 

| %08x\n",Ntfs->SectorChecksum)); 
50425| Debug(DEBUG_INFO,(" Unknownl 

| %08x\n",Ntfs->Unknown1)); 
50426| Debug(DEBUG_INFO,(" Unknown2 

| %08x\n",Ntfs->Unknown2)); 
50427| Debug(DEBUG_INFO,(" Unknown3 

| %02x\n",Ntfs->Unknown3)); 
50428| } else 
50429 1 if 

| (strncmp(((PFAT_BOOT_SECTOR)Buffer)->FileSysType,"FAT",3 
I )==0) { 

50430| PFAT_BOOT_SECTOR Fat=(PFAT_BOOT_SECTOR)Buffer; 
50431 | 

50432| Debug(DEBUG_INFO,("Fat Boot Sector\n")); 
50433| Debug(DEBUG_INFO,(" BytesPerSector 

| %04x\n",Fat->BytesPerSector)); 
50434| Debug(DEBUG_INFO,(" SectorsPerC luster 

| %02x\n",Fat->SectorsPerCluster)); 
50435| Debug(DEBUG_INFO,(" ReservedSectors 

| %04x\n",Fat->ReservedSectors)); 
50436| Debug(DEBUG_INFO,(" NumberOfFats 

| %02x\n",Fat->NumberOfFats)); 
50437| Debug(DEBUG_INFO,(" RootDirectory 

| %04x\n",Fat->RootDirectory)); 
50438| Debug(DEBUG_INFO,(" SmallSectors 

| %04x\n",Fat->SmallSectors)); 
50439| Debug(DEBUG_INFO,(" MedialD 

| %02x\n",Fat->MedialD)); 
50440| Debug(DEBUG_INFO,(" SectorsPerFat 

| %04x\n",Fat->SectorsPerFat)); 
50441| Debug(DEBUG_INFO,(" Sectors PerTrack 

| %04x\n",Fat->SectorsPerTrack)); 
50442| Debug(DEBUG_INFO,(" Heads 

| %04x\n",Fat->Heads)); 
50443| Debug(DEBUG_INFO,(" HiddenSectors 

| %08x\n",Fat->HiddenSectors)); 
50444| Debug(DEBUG_INFO,(" LargeSectors 

| %08x\n",Fat->LargeSectors)); 
50445| Debug(DEBUG_INFO,(" Drive 



I %02x\n",Fat->Drive)); 
50446| Debug(DEBUG_INFO,(" DirtyVolume 

| %02x\n",Fat->DirtyVolume)); 
50447| Debug(DEBUG_INFO,(" BootSignature 

| %02x\n",Fat->BootSignature)); 
50448| Debug(DEBUG_INFO,(" VolumelD 

| %08x\n",Fat->VolumelD)); 
50449| Debug(DEBUG_INFO,(" VolumeLabel 

| %-1 1 .1 1s\n",Fat->Volumel_abel)); 
50450 1 Debug(DEBUG_INFO,(" FileSysType 

| %-8.8s\n",Fat->FileSysType)); 
50451 1 } else 
50452 1 if 

| (strncmp(((PFAT32_BOOT_SECTOR)Buffer)->FileSysType,"FAT3 

I 2",3)==0) { 
50453 1 PFAT32_BOOT_S ECTOR 

| Fat=(PFAT32_BOOT_SECTOR)Buffer; 
50454| 

50455| Debug(DEBUG_INFO,("Fat32 Boot Sector\n")); 
50456| Debug(DEBUG_INFO,(" BytesPerSector 

| %04x\n",Fat->BytesPerSector)); 
50457| Debug(DEBUG_INFO,(" SectorsPerCluster 

| %02x\n",Fat->SectorsPerCluster)); 
50458| Debug(DEBUG_INFO,(" ReservedSectors 

| %04x\n",Fat->ReservedSectors)); 
50459| Debug(DEBUG_INFO,(" NumberOfFats 

| %02x\n",Fat->NumberOfFats)); 
50460| Debug(DEBUG_INFO,(" RootDirectory 

| %04x\n",Fat->RootEntries)); 
50461| Debug(DEBUG_INFO,(" SmallSectors 

| %04x\n",Fat->SmallSectors)); 
50462| Debug(DEBUG_INFO,(" MedialD 

| %02x\n",Fat->MedialD)); 
50463| Debug(DEBUG_INFO,(" SectorsPerFat 

| %04x\n",Fat->SectorsPerFat)); 
50464| Debug(DEBUG_INFO,(" Sectors PerTrack 

| %04x\n",Fat->SectorsPerTrack)); 
50465| Debug(DEBUG_INFO,(" Heads 

| %04x\n",Fat->Heads)); 
50466| Debug(DEBUG_INFO,(" HiddenSectors 

| %08x\n",Fat->HiddenSectors)); 
50467| Debug(DEBUG_INFO,(" LargeSectors 

| %08x\n",Fat->LargeSectors)); 
50468| 

50469| Debug(DEBUG_INFO,(" LargeSectors Fat 

| %08x\n",Fat->LargeSectorsPerFat)); 
50470| Debug(DEBUG_INFO,(" Extended Flags 

| %04x\n",Fat->ExtendedFlags)); 
50471| Debug(DEBUG_INFO,(" FsVersion 

| %04x\n",Fat->FsVersion)); 



50472| Debug(DEBUG_INFO,(" RootDirCluster 

| %08x\n",Fat->RootDirFirstCluster)); 
50473| Debug(DEBUG_INFO,(" FslnfoSector 

| %04x\n",Fat->FslnfoSector)); 
50474| Debug(DEBUG_INFO,(" BackupBootSector 

| %04x\n",Fat->BackupBootSector)); 
50475| 

50476| Debug(DEBUG_INFO,(" Drive 

| %02x\n",Fat->Drive)); 
50477| Debug(DEBUG_INFO,(" DirtyVolume 

| %02x\n",Fat->DirtyVolume)); 
50478| Debug(DEBUG_INFO,(" BootSignature 

| %02x\n",Fat->BootSignature)); 
50479| Debug(DEBUG_INFO,(" VolumelD 

| %08x\n",Fat->VolumelD)); 
50480| Debug(DEBUG_INFO,(" VolumeLabel 

| %-1 1 .1 1s\n",Fat->VolumeLabel)); 
50481| Debug(DEBUG_INFO,(" FileSysType 

| %-8.8s\n",Fat->FileSysType)); 
50482| } else { 

50483| Debug(DEBUG_INFO,("Unknown boot sector\n")); 

50484| DumpSector(Buffer,512); 

50485| } 

50486| 

50487| 

50488| } 

50489 1 

50490| r 



50491 1 void DumpSector( char "Buffer, ULONG Size ) 

50492 1 { 

50493| ULONG i,j; 

50494| UCHAR *UBuffer = (UCHAR*)Buffer; 

50495| char s[80]; 

50496| char *t; 
50497| 

50498| // 00: 0000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 

| 00 00 

50499 1 

50500| // no need to even try if debugging is not on.. 

50501| if(IDebugLevel) { 

50502| return; 

50503| } 

50504| 

50505| for(i=0;i<Size;i+=16) { 
50506| 

50507| t=s; 
50508| 

50509| t+=sprintf(t,"%02x: %04x : ",i / 512,i); 
50510| 



50511 
50512 
50513 
50514 
50515 
50516 
50517 
50518 
50519 
50520 
50521 
50522 
50523 
50524 
50525 
50526 
50527 
50528 
50529 
50530 
50531 
50532 
50533 
50534 
50535 

I- 
50536 
50537 
50538 
50539 
50540 
50541 
50542 
50543 
50544 
50545 
50546 
50547 
50548 
50549 
50550 
50551 
50552 

I- 
50553 
50554 
50555 
50556 
50557 
50558 



for(j=i;j-i<16;j++) { 
if (j<Size) { 

t+=sprintf(t,"%02x ",UBuffer[j]); 
} else { 

t+=sprintf(t," "); 

} 

} 

for(j=i;j-i<16;j++) { 
if G>=Size) { 
break; 

} 

if ((UBuffer[j]>31) && (UBuffer[j]<128)) { 

*t++ = UBuffer[j]; 
} else { 

*t++ = 

} 

} 

*t=0; 

Debug(DEBUG_INFO, ("%s\n",s)) ; 

} 

} 

#endif 

I* 

• 7 

USHORT NumChars( const WCHAR 'string ) 
{ 

const WCHAR *p=string; 

whilefp != '\0') { 
P++; 

} 

return (USHORT)(p-string); 

} 

USHORT NumBytes( const WCHAR 'string ) 
{ 

return NumChars(string)*sizeof (WCHAR); 

} 

// 0-15 if one, -1 if not a hex char 

r 

7 

int NumDigit( char ch, int Base ) 
{ 

int Value=0; 

if(isdigit(ch)) { 
Value = ch-'O'; 



50559 
50560 
50561 
50562 
50563 
50564 
50565 
50566 
50567 



base=%d, returning %d\n",ch, Base, Value)); 



50568 
50569 
50570 
50571 



| returning -1\n",ch,Base)); 



50572 
50573 
50574 
50575 

I- 
50576 
50577 
50578 
50579 
50580 
50581 
50582 
50583 
50584 
50585 
50586 
50587 



50588 
50589 
50590 
50591 
50592 
50593 
50594 
50595 
50596 
50597 
50598 
50599 
50600 
50601 
50602 
50603 
50604 



} else 

if((toupper(ch)>='A') && (toupper(ch)<= , Z')) { 

Value = toupper(ch)-'A'+10; 
} else { 

Value = Base+1 ; // error out 

} 

if(Value<=Base) { 
//Debug(DEBUG_INFO,("NumDigit: ch= , %c 1 , 



return Value; 

} 

//Debug(DEBUG_INFO,("NumDigit: ch='%c\ base=%d, 



return -1 ; 

} 

r 



int _iswdigit( wint_t ch ) 
{ 

if((ch>=L'0') && (ch<=L'9')) { 

return TRUE; 
} else { 

return FALSE; 

} 

} 

// 0-15 if one, -1 if not a hex char 

r 

• 7 

int WNumDigit( WCHAR ch, int Base ) 
{ 

int Value=0; 

if(_iswdigit(ch)) { 

Value = ch-L'O'; 
} else 

if((towupper(ch)>=L'A') && (towupper(ch)<=L'Z')) { 

Value = towupper(ch)-L'A'+10; 
} else { 

Value = Base+1 ; // error out 

} 

if(Value<=Base) { 
return Value; 

} 



50605 
50606 
50607 
50608 



50609 
50610 
50611 
50612 
50613 
50614 
50615 
50616 
50617 



| (ch==L'\rV) || (ch==LV)) { 



50618 
50619 
50620 
50621 
50622 
50623 
50624 
50625 
50626 
50627 
50628 
50629 
50630 
50631 
50632 
50633 
50634 
50635 
50636 
50637 
50638 



50639 
50640 
50641 
50642 
50643 
50644 
50645 
50646 
50647 
50648 
50649 
50650 
50651 



return -1 ; 

} 

/* 

7 

ULONG WAsciiTolnt( WCHAR **Line, int Base ) 
{ 

int Accum = 0; 
int Digit; 
int Times=1 ; 

while((**Line)) { 
WCHAR ch=**Line; 
if((ch==LV) || (ch==L") || (ch==L'\f) || 



(*Line)++; 
} else { 
break; 

} 

} 

if(**Line==L'-') { 
Times = -1 ; 
(*Line)++; 

} 

while((Digit=WNumDigit(**Line,Base))>=0) { 
(*Line)++; 
Accum *= Base; 
Accum += Digit; 

} 

return (ULONG)(Accum * Times); 



} 



WCHAR *_ltow( ULONG Value, WCHAR *String, ULONG Base, 



| ULONG StrLen ) 



{ 

UNICODE_STRING Uni; 
RtllnitUnicodeString(&Uni,String); 
Uni. Length = 0; 

Uni.MaximumLength = (USHORT)StrLen; 
Rtl I ntegerToU n icodeString( Value, Base, &Un i) ; 
return String; 

} 



#ifdef DEBUG 

#define DEBUGEXCEPTION 
#endif 



50652| 

50653| typedef struct sMyExceptionlnfo { 
50654| PVOID DriverStart; 
50655| ULONG DriverSize; 

50656| EXCEPTION_RECORD Exception Record; 

50657| } My Exception Info; 

50658| 

50659| DWORD ExceptionFilter( EXCEPTION_POINTERS *ep ) 
50660| { 

50661 1 MyExceptionlnfo Local; 
50662 1 

50663| Debug(DEBUG_INFO, ("Exception occured, ep=%08x, 

| '.cxr %08x' to switch to 

| context\n",ep,ep->ContextRecord)); 
50664| Debug(DEBUG_INFO,(" Exception: 

| %08x\n",ep->ExceptionRecord->ExceptionCode)); 
50665| Debug(DEBUG_INFO,(" Flags : 

| %08x\n",ep->ExceptionRecord->ExceptionFlags)); 
50666| Debug(DEBUG_INFO,(" Address : 

| %08x\n",ep->ExceptionRecord->ExceptionAddress)); 
50667| Debug(DEBUG_INFO,(" Base 

| %08x\n",PSManDriverObject->DriverStart)); 
50668| Debug(DEBUG_INFO,(" Size 

| %08x\n",PSManDriverObject->DriverSize)); 
50669 1 
50670 1 

| ASSERT(sizeof(*ep->ExceptionRecord)==sizeof(EXCEPTION_RE 
I CORD)); 
50671 | 

| memcpy(&Local.ExceptionRecord,ep->ExceptionRecord,sizeof 

| (*ep->ExceptionRecord)); 
50672| Local. DriverStart = PSManDriverObject->DriverStart; 
50673| Local. DriverSize = PSManDriverObject->DriverSize; 
50674| 

50675| Hint -save -e740 7 
50676| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_EXCE 
| PTION_OCCURED,0,&Local,sizeof(Local),NULL,0); 

50677| /*lint -restore 7 

50678| 

50679| switch ( ep->ExceptionRecord->ExceptionCode ) { 
50680 1 

50681 1 case STATUS_ACCESS_VIOLATION: 
50682| Debug(D EBUG_IN FO, ("The instruction at 

| \"0x%08lx\" referenced memory at \"0x%08lxY\ The 

| memoryVn" 

50683| "could not be \"%s\".\n", 

50684| 

| ep->ExceptionRecord->ExceptionAddress, 
50685| 



I ep->ExceptionRecord->Exceptionlnformation[1], 
50686| 

| ep->ExceptionRecord->Exceptionlnformation[0] ? 

| "written" : "read" 
50687| )); 
50688| 

50689| #ifdef DEBUGEXCEPTION 
50690| if(KdDebuggerEnabled) { 

50691| DbgBreakPoint(); 
50692| } 
50693| #endif 

50694| return (EXCEPTION_EXECUTE_HANDLER); 

50695| case STATU S_l N_P AG E_E R RO R : 

50696| Debug(D EBUG_IN FO, ("The instruction at 

| \"0x%08lx\" referenced memory at \"0x%08lx\". The 

| required\n" 

50697| "data was not placed into 

| memory because of an I/O error status of 

| \"0x%08lx\"\n", 
50698| 

| ep->ExceptionRecord->ExceptionAddress, 
50699| 

| ep->ExceptionRecord->Exceptionlnformation[0], 
50700| 

| ep->ExceptionRecord->Exceptionlnformation[1] 
50701| )); 
50702| 

50703| #ifdef DEBUGEXCEPTION 
50704| if(KdDebuggerEnabled) { 

50705| DbgBreakPoint(); 
50706| } 
50707| #endif 

50708| return (EXCEPTION_EXECUTE_HANDLER); 

50709| 

50710| default: 

5071 1 1 #ifdef DEBUGEXCEPTION 
50712| if(KdDebuggerEnabled) { 

50713| DbgBreakPoint(); 
50714| } 
50715| #endif 

5071 6| // pass to debugger or system 

50717| return (EXCEPTION_CONTINUE_SEARCH); 

50718| // EXCEPTION_CONTINUE_SEARCH = continue looking 

| for a error handler 
50719| // EXCEPTION EXECUTE HANDLER = execute 

| exception handler 
50720| // EXCEPTION_CONTINUE_EXECUTION = continue as 

| though nothing happened 
50721| 
50722| } 



50723| 
50724| } 
50725| 

50726| void DumpObject( PDEVICE_OBJECT DevObj ) 
50727| { 

50728| switch(PsmGetObjectType(DevObj)) { 

50729| case OBJECT_FS_OBJECT : { 

50730| Debug(DEBUG_VDISK,("%08x: FileSystem 

| Object\n", DevObj)); 
50731 1 break; 
50732 1 } 

50733| case OBJECT_FS_FILTER : { 

50734| Debug(DEBUG_VDISK ! ("%08x: FileSystem 

| Filter\n",DevObj)); 
50735| break; 
50736| } 

50737| case OBJECT_VIRTUALDISK: { 
50738| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
50739| Debug(DEBUG_VDISK,("%08x: Virtual Disk for 

| '%S':%d\n",DevObj,DevExt->Name,DevExt->lnstance)); 
50740| Debug(DEBUG_VDISK,(" PSMDevice = 

| %08x\n",DevExt->PSMDevice)); 
50741 1 Debug(DEBUG_VDISK,(" Number of reads = %d 

| (%d), Write = %d 

| (%d)\n", DevExt->NumberOf ReadRequests, DevExt->SectorsRead 
| ,DevExt->NumberOfWriteRequests, 
| DevExt->SectorsWritten)); 
50742| Debug(DEBUG_VDISK,(" Cyls=%l64d, Heads=%d, 

| SPT=%d\n",DevExt->Cylinders, DevExt->Heads, DevExt->SPT 

I)); 

50743| Debug(DEBUG_VDISK,(" !Ready=%d, 

| Active=%d\n",DevExt->DriveNotReady,DevExt->PartitionActi 
I ve)); 

50744| Debug(DEBUG_VDISK,(" DiskChangeCount=%d, 

| LockCount=%d, 

| Keep=%d\n",DevExt->DiskChangeCount,DevExt->LockCount,Dev 
| Ext->KeepWritelnMemory)); 
50745| Debug(DEBUG_VDISK,(" SnapShot=%08x, 

| Master=%08x\n",DevExt->SnapShot,DevExt->MasterSnapShot)) 

I ; 

50746| break; 
50747| } 

50748| case OBJECT_FILTEREDDISK: { 
50749| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
50750| Debug(DEBUG_VDISK,("%08x: Filtered Disk for 

| %S\n",DevObj,DevExt->Name)); 
50751| Debug(DEBUG_VDISK,( 
50752| " TargetDeviceObject %08x\n" 



50753| " NumReads %d, %d, NumWrites %d, %d\n" 

50754| " ChangeCount%d, CacheWrites %d, 

| PSMed %d, SR %d, SW %d, OpenCount %d\n" 

50755| " Snapshots %08x\n", 
50756| 

50757| DevExt->TargetDeviceObject, 

50758| DevExt->NumberOfReadRequests, 

50 759 1 Dev Ext->Secto rs Read , 

50760| DevExt->NumberOfWriteRequests, 

50761 1 DevExt->SectorsWritten, 

50762| DevExt->ChangeCount, 

50763| DevExt->CacheWrites, 

50764| DevExt->PSMed, 

50765| DevExt->SignalRead, 

50766| DevExt->SignalWrite, 

50767| DevExt->OpenCount, 

50768| &DevExt->SnapShots 

50769| )); 

50770| 

50771 1 Debug(DEBUG_VDISK,( 

50772 1 " Logical: Start %08x%08x Length 

| %08x%08x Hidden %d, Type %d\n M , 

50773| // logical devices only 

50774| DevExt->Pi.StartingOffset.HighPart, 

50775| DevExt->Pi.StartingOffset.LowPart, 

50776| DevExt->Pi.PartitionLength.HighPart, 

50777| DevExt->Pi.PartitionLength.LowPart, 

50778| DevExt->Pi.HiddenSectors, 

50779| DevExt-> Pi . PartitionType 

50780| )); 

50781 1 Debug(DEBUG_VDISK,( 

50782| " Physical: Sig %08x, Last %d, Cyls 

| %08x%08x Heads %d, SPT %d, BPS %d\n M , 

50783| // physical devices only!!!! 

50784| DevExt-> Physical. Sig nature, 

50785| DevExt->Physical.LastPartitionNumber, 

50786| DevExt->Cylinders.HighPart, 

50787| DevExt->Cylinders.LowPart, 

50788| DevExt->TracksPerCylinder, 

50789| DevExt->SectorsPerTrack, 

50790| DevExt->BytesPerSector 

50791| )); 
50792| 

50793| break; 

50794| } 

50795| case OBJECTJNTERNAL: { 

50796| PSBPSMAN_EXTENSION 

| DevExt=(PSBPSMAN_EXTENSION)GetDeviceExtension(DevObj); 

50797| Debug(DEBUG_VDISK,("%08x: Internal 



| Object\n")); 



50798| Debug(DEBUG_VDISK,(" Psm Users=%08x, Num 

| Active=%d\n",DevExt->PSMUsers,DevExt->NumActive)); 



50799 
50800 
50801 
50802 
50803 
50804 
50805 
50806 



void DumpAIIDisksO 
{ 

PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
50807I 

while(DevObj!=NULL) { 
DumpObject(DevObj); 
DevObj=DevObj->NextDevice; 



50808 
50809 
50810 
50811 
50812 
50813 
50814 

I- 
50815 
50816 
50817 
50818 
50819 
50820 
50821 
50822 
50823 
50824 



50825 
50826 
50827 
50828 
50829 
50830 
50831 
50832 
50833 
50834 
50835 
50836 
50837 
50838 

I- 
50839 
50840 
50841 
50842 



break; 

} 

} 



} 



} 



#ifdef DEBUG 

bool ProfilerResourcelnitialized = false; 

bool ProfilerEnabled = true; 

ERESOURCE ProfilerResource = {0}; 

KSPIN_LOCK ProfilerSpinLock = {0}; 

ProfileNode *Profilel_ist = 0; 

ProfileNode *ProfileFreel_ist = 0; 

ProfileChunk *ProfileChunkl_ist = 0; 

const int PROFILE_NODES_PER CHUNK = 4000 / 



sizeof( ProfileNode); 



ULONG ProfileNumNodes = 0; 
ULONG ProfileNumChunks = 0; 

void lnitProfiler() 
{ 

if ( IProfilerResourcelnitialized ) { 

ExInitializeResourceLite (&ProfilerResource); 
KelnitializeSpinl_ock(&ProfilerSpinl_ock); 
ProfilerResourcelnitialized = true; 

} 

} 

#endif TDEBUG7 



II- 



#ifdef DEBUG 

ProfileNode *AllocProfileNode() 
{ 



50843| 
50844| 
50845| 
50846| 
50847| 
50848| 



ProfileNode *node = 0; 



ASSERT(ProfilerEnabled); 
if ( ProfilerEnabled ) { 
if ( ! ProfileFreeList ) { 

ProfileChunk *chunk = (ProfileChunk *) 
| MemAllocatePoolWithTag (PagedPool, 
| sizeof(ProfileChunk), TEMPTAG); 
50849| if ( chunk ) { 

50850| chunk->array = (ProfileNode *) 

| MemAllocatePoolWithTag (NonPagedPool, 

| sizeof(ProfileNode)*PROFILE_NODES_PER_CHUNK, TEMPTAG); 
50851 1 if ( chunk- >array ) { 

50852| ProfileNode *prevNode = 0; 

50853| for ( int i=0; 

| i<PROFILE_NODES_PER_CHUNK; ++i ) { 



50854| 

| prevNode; 
50855| 



chunk->array[i].next = 



prevNode = & (chunk- >array[i]); 



} 



} 



} 



50856| 
50857| 
50858| 
50859 1 
50860 1 
50861 | 
50862 1 
50863 1 
50864| 
50865| 
50866| 
50867| 
50868| 
50869 1 
50870 1 
50871 | 
50872 1 
50873 1 
50874| 
50875| 
50876| 
50877| } 

50878| #endif r DEBUG*/ 
50879 1 

50880 1 // 



ProfileFreeList = prevNode; 
chunk->next = ProfileChunkList; 
ProfileChunkList = chunk; 
++ProfileNumChunks; 
} else { 

MemFreePool(chunk); 
chunk = 0; 

} 



if ( ProfileFreeList ) { 
node = ProfileFreeList; 
ProfileFreeList = ProfileFreeList->next; 
node->next = 0; 
++ProfileNumNodes; 

} 



} 



return node; 



50881 1 

50882| #ifdef DEBUG 

50883| void ProfileFunc ( 

50884| const char *name, 

50885| PROFILE_COUNT *&counter, 



50886| const char *sourceFileName, 
50887| int sourceLineNumber ) 

50888| { 
50889| __try { 

50890| if ( ProfilerEnabled ) { 

50891 1 ASSERT(ProfilerResourcelnitialized); 

50892| if ( ProfilerResourcelnitialized ) { 

50893| if ( !counter ) { 

50894| 

| MyAcquireResourceExclusiveLite(&ProfilerResource, 

I TRUE); 
50895| __try { 

50896| // Test 'counter' again, 

| because it may have been initialized by another thread 

| before we acquired resource 
50897| if ( Scounter ) { 

50898| //WARNING: All strings 

| passed in must be static, hardcoded strings! No 

| stack/dynamic variables, please! 
50899| // NOTE: Allocate from 

| non-paged pool because we will access memory while 

| holding spin lock. 
50900| ProfileNode *node = 

| AllocProfileNodeQ; 
50901| if ( node) { 

50902| node->initialize (name, 

| sourceFileName, sourceLineNumber); 
50903| counter = 

| &(node->counter); 
50904| node->next = 

| ProfileList; 
50905| ProfileList = node; 

50906| } 
50907| } 

50908| } ^finally { 

50909| 

| MyReleaseResourceForThreadLite(&ProfilerResource); 
50910| } 
50911| } 
50912| 

50913| if (counter ) { 

50914| KIRQL oldlrql; 

50915| pmAcquireSpinLock 

| (&ProfilerSpinLock, &oldlrql); 
50916| ++(*counter); 
5091 7| pmReleaseSpinLock 

| (&ProfilerSpinLock, oldlrql); 
50918| } 
50919| } 
50920| } 



50921 1 } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
50922| NTSTATUS Status = GetExceptionCode(); 
50923| Debug(DEBUG_MISC,("!!! ProfileFunc: Exception 

| %08x\n M ,Status)); 
50924| } 
50925| } 

50926| #endif TDEBUG7 
50927| 

50928| // 



50929 | 

50930| #ifdef DEBUG 
50931| void DumpProfilelnfo() 
50932| { 

50933| __try { 

50934| if ( ProfilerEnabled && 

| ProfilerResourcelnitialized ) { 
50935| 

| MyAcquireResourceExclusiveLite(&ProfilerResource,TRUE); 
50936| __try { 

50937| Debug(DEBUG_MISC,( M Profiler stats: 

| nodes=%08x, 

| chunks=%08x\n", Prof NeNumNodes, Prof ileNumChunks)); 
50938| Debug(DEBUG_MISC,( M Profiler Dump Begins 



I ")); 

50939| 

50940| // First find maximum length of any 

| counter... 

50941 1 int MaxCountLen = 0; 

50942| int MaxNameLen = 0; 

50943| ProfileNode *node; 

50944| for ( node=Profilel_ist; node; 

| node=node->next ) { 

50945| char temp [32]; 
50946| 

| sprintf(temp,"%l64x",node->counter); 

50947| int len = strlen(temp); 

50948| if ( len > MaxCountLen ) { 

50949| MaxCountLen = len; 

50950 1 } 
50951 | 

50952| len = strlen(node->name); 

50953| if ( len > MaxNameLen ) { 

50954| MaxNameLen = len; 

50955| } 

50956| } 
50957| 

50958| for ( node=ProfileList; node; 



I node=node->next ) { 



50959| Debug(DEBUG_MISC,(" %*l64x: %-*s | 

| %s[%d]\n", 

50960| MaxCountLen, 

50961 1 node->counter, 

50962| MaxNameLen, 

50963| node->name, 

50964| node->sourceFileName, 

50965| node->sourceLineNumber)); 

50966| } 

50967| Debug(DEBUG_MISC,("Profiler Dump Ends 



I ")); 

50968| } ^finally { 

50969 1 

| MyReleaseResourceForThreadLite(&ProfilerResource); 
50970 1 } 
50971 | } 
50972 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
50973| NTSTATUS Status = GetExceptionCode(); 
50974| Debug(DEBUG_MISC,("M! DumpProfilelnfo: 

| Exception %08x\n",Status)); 
50975| } 
50976| } 

50977| #endif /*DEBUG7 
50978| 

50979 1 // 

I 

50980 1 

50981 1 void DumpProfilelnfo_Thread ( void * ) 
50982 1 { 

50983| DumpProfilelnfoQ; 

50984| } 

50985| 

50986| // 

| 

50987| // Stopwatch code starts.... 
50988| 

50989| #ifdef DEBUG 
50990 1 

50991| PSM_StopWatch *PSM_StopWatch::AII = 0; 
50992| 

50993| PSM_StopWatch::PSM_StopWatch ( const char *_name ): 
50994| name(_name) 
50995| { 

50996| KIRQL Oldlrql = 0; 
50997| 

50998| KelnitializeSpinLock (SspinLock); 
50999| KeAcquireSpinLock (SspinLock, &Oldlrql); 



51000| totalTime = minTime = maxTime = 0; 

51001| callCount = 0; 

51 002| nestingLevel = 0; 

51003| next = All; 

51004| All = this; 

51 005| KeReleaseSpinLock (&spinLock, Oldlrql); 

51006| } 

51007| 

51008| void PSM_StopWatch::start() 

51009| { 

51010| KIRQL Oldlrql = 0; 

51 01 1 1 KeAcquireSpinLock ( &spinl_ock, &Oldlrql ); 

51012| if ( nestingl_evel++ == 0 ) { 

51013| ++callCount; 

51014| startTime = ULONGLONG 

| (KeQueryPerformanceCounter(NULL).QuadPart); 

51015| } 

51016| KeReleaseSpinLock ( &spinl_ock, Oldlrql ); 

51017| } 

51018| 

51019| void PSM_StopWatch::pause() 

51020| { 

51021| KIRQL Oldlrql = 0; 

51 022| KeAcquireSpinLock ( &spinLock, &Oldlrql ); 

51 023| if ( --nestingLevel == 0 ) { 

51 024| LARGEJNTEGER timerTicksPerSecond; 

51 025| ULONGLONG finishTime = 

| KeQueryPerformanceCounter(&timerTicksPerSecond).QuadPart 

I ; 

51 026| ULONGLONG timerTicks Elapsed = finishTime - 

| startTime; 
51027| 

51 028| // We want the number of microseconds. 
51 029| // 'timerTicks Elapsed' holds how many timer 

| ticks happened between starting and stopping. 
51030| // 'timerTicksPerSecond' holds how many timer 

| ticks happen every second. 
51 031 1 // ticks / ticks-per-second = seconds, but then 

| multiply by a million to get microseconds. 
51032| 

51 033| ASSERT(timerTicksPerSecond.QuadPart > 0); 
51 034| ULONGLONG interval = timerTicks Elapsed * 

| ULONGLONG(1 000000) / timerTicksPerSecond. Quad Part; 

| // convert to microseconds 
51035| 

51 036| totalTime += interval; 

51037| if ( callCount==1 || interval>maxTime ) { 

51 038| maxTime = interval; 

51039| } 

51040| if ( callCount==1 || intervakminTime ) { 



51 041 1 minTime = interval; 

51042| } 
51043| } 

51 044| KeReleaseSpinLock ( &spinl_ock, Oldlrql ); 

51045| } 

51046| 

51047| void PSM_StopWatch::reset() 
51048| { 

51049| KIRQL Oldlrql = 0; 

51 050| KeAcquireSpinLock ( &spinl_ock, &Oldlrql ); 
51 051 1 if ( nestingLevel == 0 ) { 

51052| startTime = totalTime = minTime = maxTime = 0; 
51053| callCount = 0; 
51054| } 

51055| KeReleaseSpinLock ( &spinl_ock, Oldlrql ); 

51056| } 

51057| 

51058| void PSM_StopWatch::dump() 
51059| { 

51060| if ( callCount > 0 ) { 

51061| Debug(DEBUG_MISC,("StopWatch: avg=%10l64d : 
| total=%10l64d : count=%1 OI64d : min=%10l64d : 
| max=%10l64d : %s\n", 

51 062| totalTime / callCount, 

51063| totalTime, 

51064| callCount, 

51065| minTime, 

51066| maxTime, 

51067| name)); 

51068| }else{ 

51069| Debug(DEBUG_MISC,("StopWatch: 

| : : count= 0 : 

I : : o /oS \ n « 3 n ame)); 

51070| } 
51071| } 
51072| 

51073| void PSM_StopWatch::DumpAII() 
51074| { 

51 075| Debug(DEBUG_M ISC, ("Begin StopWatch Report (all 

| times in microseconds) \n")); 

51 076| int numStopWatches = 0; 

51 077| for ( PSM_StopWatch *node=AII; node; 

| node=node->next ) { 
51 078| ++numStopWatches; 
51 079| node->dump(); 
51080| } 
51081| 

51082| Debug(DEBUG_MISC,("End StopWatch Report (%d found) 

I \n",numStopWatches)); 

51083| } 



51084| 

51085| void PSM_StopWatch::ResetAII() 
51086| { 

51 087| for ( PSM_StopWatch *node=AII; node; 

| node=node->next ) { 
51088| node->reset(); 
51089| } 
51090| } 
51091| 

51092| #endif /"DEBUG*/ 
51093| 

51094| // ... Stopwatch code ends 

51095| // 

51096| 
51097| 
51098| 

51099| File Listing: MISC.h 
51100| 

51101| inline ULONG IsValidHandle ( HANDLE Handle ) 
51102| { 

51103| return (Handle!=(void*)0) && (Handle!=(void*)(-1 )); 

51104| } 

51105| 

51106| NTSTATUS ValidateKernelSnapShotPointer ( PVOID 

| KernelPointer ); 
51107| 

51108| void TdGetRegistrySettings ( IN PUNICODE_STRING 
| Registry Path ); 

51109| void *AllocBufferBelow16Meg( size_t size, ULONG Align 

I); 

51 1 10| void FreeBufferBelow16Meg( void *Buffer ); 

51 1 1 1 1 //NTSTATUS AcquireTapeResource( void ); 

51 1 12| //void ReleaseTapeResource( void ); 

51113| USHORT NumChars( const WCHAR "string ); 

511 14| USHORT NumBytes( const WCHAR *string ); 

51 1 15| NTSTATUS AcquireOpenCloseResource( void ); 

51116| NTSTATUS AcquireOpenCloseResourceOnly( PKEVENT 

| AbortEvent ); 
51 1 17| void ReleaseOpenCloseResource( void ); 
51 1 18| NTSTATUS AcquireVDiskResource( void ); 
51 1 19| void ReleaseVDiskResource( void ); 
51120| 

51121| #ifdef DEBUG 

51 122| void DumpSector( char *Buffer, ULONG Size ); 
51 123| void DumpBootSector( char *Buffer ); 
51124| #else 

51125| #define DumpSector(b,s) 
51126| #define DumpBootSector(b) 
51127| #endif 



51128| 

51129| DWORD Exception Filter( EXCEPTION_POINTERS *ep ); 
51130| void DumpObject( PDEVICE_OBJECT DevObj ); 
51131| void DumpAIIDisks(void); 
51132| //fortestig 

51133| #ifdef DEBUG_SNAPSHOTS 

51 134| void ReleaseSnapShotResource( void ); 

51 135| NTSTATUS AcquireSnapShotResource( void ); 

51136| #endif 

51137| 

51138| ULONG AsciiTolnt( WCHAR **Line, int Base ); 

51 139| ULONG WAsciiTolnt( WCHAR **Line, int Base ); 

51140| WCHAR *_ltow( ULONG Value, WCHAR *String, ULONG Base, 

| ULONG StrLen ); 
51 141 1 NTSTATUS GetNumActiveSnapShots ( ULONG &count ); 
51142| 

51143| // 

| 

I- 

51 144| // This block of code implements a simple profiler. 

| This is not for timing things! It is for 
51 145| // counting up how many times a particular line of 

| code is executed. 
51 146| // If you want to time things, use class StopWatch, 

| below. 
51147| #ifdef DEBUG 

51 148| typedef int64 PROFILE_COUNT; 

51149| 

51 1 50| struct Prof ileNode { 

51151| Prof ileNode *next; //link to 

| next node in list 
51152| PROFILE_COUNT counter; // how many 

| times this place in the code has been executed 
51 1 53| const char *name; // symbolic 

| name associated with the place in the code being 

| profiled 

51 154| const char *sourceFileName; // name of 

| source file where this entry resides 
51155| int sourceLineNumber; //line 

| number in source file where this entry resides 
51156| 

51 157| void initialize ( const char *_name, const char 

| *_sourceFileName, int _sourceLineNumber ) 
51158| { 
51159| next = 0; 

51160| counter =0; 

51161| name = _name; 

51 1 62| sourceFileName = _sourceFileName; 

51 1 63| sourceLineNumber = _sourceLineNumber; 

51164| } 



51165| }; 
51166| 

51 1 67| struct Prof ileChunk { 
51 1 68| Prof ileNode *array; 
51 1 69| ProfileChunk *next; 
51170| }; 
51171| 

51172| void InitProfilerQ; 

51 1 73 1 void ProfileFunc ( const char *name, PROFILE_COUNT 

| *&counter, const char *sourceFileName, int 

| sourceLineNumber ); 
51174| void DumpProfilelnfo(); 
51175| 

51 1 76| #define Prof ile(name) {static PROFILE_COUNT 
| *counter=0; 

| ProfileFunc((name), counter, FILE , LINE );} 

51177| #else /"DEBUG*/ 

51 178| #define lnitProfiler() ((void)(0)) 
51 1 79 1 #define Prof ile(name) ((void)(0)) 
51180| #define DumpProfilelnfo() ((void)(0)) 
51181| #endif /"DEBUG*/ 

51182| // 

| 

I- 
51183| 
51184| 

51185| // 

| 

I- 

51 186| // This block of code implements class StopWatch. 

| This class is for adding up the amount of time 
51 1 87| // that certain ranges of code use up. 
51188| // 

| 

I- 
51189| 

51190| #ifdef DEBUG 

51191| class PSM_StopWatch 

51192| { 

51193| public: 

51194| PSM_StopWatch ( const char *_name ); 

51 195| // ~PSM_StopWatch() {ASSERT(FALSE);} // 

| These objects should never be destructed! 
51196| 

51197| void reset(); 
51198| voidstart(); 
51199| void pause(); 
51200| voiddump(); 
51201| 

51202| static void DumpAII(); 



51203| static void ResetAII(); 
51204| 

51205| private: 

51206| ULONGLONG startTime; 
51207| ULONGLONG totalTime; 
51208| ULONGLONG minTime; 
51209| ULONGLONG maxTime; 
51210| PSM_StopWatch *next; //for 

| implementing list 'AN'. 
51 21 1 1 KSPIN_LOCK spinLock; 
51212| int nestingLevel; 
51213| const char * const name; 
51214| ULONGLONG callCount; 
51215| 

51216| static PSM_StopWatch *AII; 

51217| }; 

51218| 

51219| #define DECLARE_STOPWATCH(name) static 

| PSM_StopWatch *_PSM_StopWatch_##name = 0; 
51220| 

51221 1 #define START_STOPWATCH(name) 

|\ 

51222| ((_PSM_StopWatch_##name ? 0 : 

| (_PSM_StopWatch_##name = new PSM_StopWatch(#name))), \ 
51 223| (_PSM_StopWatch_##name ? 

| _PSM_StopWatch_##name->start() : 0)) 
51224| 

51 225| #define PAUSE_STOPWATCH(name) 

| (_PSM_StopWatch_##name->pause()) 
51226| #define RESET_STOPWATCH(name) 

I (_PSM_StopWatch_##name->reset()) 
51227| #define DUMP STOPWATCH(name) 

I (_PSM_StopWatch_##name->dump()) 
51228| #define STOPWATCH_DUMPALL() 

| (PSM_StopWatch::DumpAII()) 
51 229| #define STOPWATCH_RESETALL() 

| (PSM_StopWatch::ResetAII()) 
51230| #else /*DEBUG7 

51231 1 #define DECLARE_STOPWATCH(name) 
51232| #define START_STOPWATCH(name) ((void)0) 
51233| #define PAUSE_STOPWATCH(name) ((void)0) 
51234| #define RESETSTOPWATCH(name) ((void)0) 
51235| #define DUMP_STOPWATCH(name) ((void)0) 
51236| #define STOPWATCH_DUMPALL() ((void)0) 
51237| #define STOPWATCH_RESETALL() ((void)0) 
51238| #endif TDEBUG7 
51239| 

51240| void DumpProfilelnfo_Thread (void *); 

51241| 

51242| 



51243| 

51244| File Listing: NTFS.h 
51245| 

51246| typedef CSHORT NODETYPECODE; 

51247| typedef NODE_TYPE_CODE *PNODE_TYPE_CODE; 

51248| 

51249| #define NTC_UNDEFINED 

| ((NODE_TYPE_CODE)0x0000) 
51250| 

51251| #define NTFS_NTC_DATA_HEADER 

| ((NODE_TYPE_CODE)0x0700) 
51252| #define NTFS_NTC_VCB 

| ((NODE_TYPE_CODE)0x0701) 
51253| #define NTFS_NTC_FCB 

| ((NODE_TYPE_CODE)0x0702) 
51254| #define NTFS_NTC_DCB 

| ((NODE_TYPE_CODE)0x0703) 
51255| #define NTFS_NTC_0703 

| ((NODE_TYPE_CODE)0x0703) //deb 
51256| #define NTFS_NTC_0704 

| ((NODE_TYPE_CODE)0x0704) // root index 
51257| #define NTFS_NTC_0705 

| ((NODE_TYPE_CODE)0x0705) //data 
51258| #define NTFS_NTC_0706 

| ((NODE_TYPE_CODE)0x0706) // mft 
51259| #define NTFS_NTC_CCB 

| ((NODE_TYPE_CODE)0x0707) 
51260| #define NTFS_NTC_IRP_CONTEXT 

| ((NODE_TYPE_CODE)0x0708) 
51261| 

51262| typedef CSHORT NODE_BYTE_SIZE; 

51263| 

51264| // 

51265| // So all records start with 
51266| // 

51267| // typedef struct _RECORD_NAME { 
51268| // NODE TYPE CODE NodeTypeCode; 
51 269| // NODE_BYTE_SIZE NodeByteSize; 
51270| // 

51271| // } RECORD_NAME; 

51272| // typedef RECORD_NAME *PRECORD_NAME; 

51273| // 

51274| 

51275| #define NodeType(Ptr) (*((PNODE_TYPE_CODE)(Ptr))) 
51276| 

51277| //from ntifs.h 

I ******************************************************** 

i * 

51278| 

51279| typedef ULONG LBN; 



51280| typedef LBN *PLBN; 
51281| 

51282| typedef ULONG VBN; 

51283| typedef VBN *PVBN; 

51284| 

51285| 

51286| // 

51287| // Every file system that uses the cache manager must 

| have FsContext 
51288| // of the file object point to a common fcb header 

| structure. 
51289| // 

51290| #ifndef FSRTL_FLAG_FILE_MODIFIED 

51291 1 typedef enum _FAST_IO_POSSIBLE { 

51292| FastlolsNotPossible = 0, 

51293| FastlolsPossible, 

51294| FastlolsQuestionable 

51295| } FAST_IO_POSSIBLE; 

51296| 

51297| 

51298| #pragma pack() 

51299| typedef struct _FSRTL_COMMON_FCB_HEADER { 
51300| 

51301 1 CSHORT NodeTypeCode; 
51302| CSHORT NodeByteSize; 
51303| 
51304| // 

51305| // General flags available to FsRtl. 

51306| // 

51307| 

51308| UCHAR Flags; 

51309| 

51310| // 

5131 1 1 // Indicates if fast I/O is possible or if we 

| should be calling 
51 31 2| // the check for fast I/O routine which is found 

| via the driver 
51313| // object. 
51314| // 
51315| 

51 31 6| UCHAR IsFastloPossible; // really type 

| FAST_IO_POSSIBLE 
51317| 
51318| // 

51319| // Second Flags Field 

51320| // 

51321| 

51322| UCHAR Flags2; 

51323| 

51324| // 



51325| // The following reserved field should always be 0 

51326| // 

51327| 

51328| UCHAR Reserved; 
51329| 

51330| PERESOURCE Resource; 
51331| 

51332| PERESOURCE PagingloResource; 
51333| 

51334| LARGEJNTEGER AllocationSize; 
51335| LARGEJNTEGER FileSize; 
51336| LARGEJNTEGER ValidDataLength; 
51337| 

51338| } FSRTL COMMON FCB HEADER; 
51339| typedef FSRTL_COMMONJ r CBJHEADER 

| *PFSRTL_COMMONJ = CBJHEADER; 
51340| #endif 
51341| // 

51342| // Define FsRtl common header flags 

51343| // 

51344| 

51345| #define FSRTL_FLAG_FILE_MODIFIED (0x01) 
51346| #define FSRTL_FLAGJ = ILEJ_ENGTH_CHANGED (0x02) 
51347| #define FSRTL FLAGJ-I MIT MODI FIED P AGES (0x04) 
51348| 
51349| // 

51350| // Following flags determine how the modified page 
| writer should 

51351 1 // acquire the file. These flags can't change while 

| either resource 
51352| // is acquired. If neither of these flags is set then 

| the 

51353| // modified/mapped page writer will attempt to acquire 

| the paging io 
51354| // resource shared. 
51355| // 
51356| 

51357| #define FSRTL_FLAG_ACQUIRE_MAIN_RSRCJEX (0x08) 
51358| #define FSRTLJ r LAG_ACQUIRE_MAINJRSRC_SH (0x10) 
51359| 
51360| // 

51361 1 // This flag will be set by the Cache Manager if a 

| view is mapped 
51362| // to a file. 
51363| // 
51364| 

51365| #define FSRTL FLAGJJSER MAPPED FILE (0x20) 
51366| 

51367| // This flag determines whether there currently is an 
| Eof advance 



51368| // in progress. All such advances must be serialized. 

51369| // 

51370| 

51371 1 #define FS RTL F L AG_EO F A D VAN C E ACT I VE (0x80) 

51372| 

51373| // 

51374| // Flag values for Flags2 
51375| // 
51376| 
51377| // 

51378| // If this flag is set, the Cache Manager will allow 

| modified writing 
51379| // in spite of the value of FsContext2. 
51380|// 
51381| 

51382| #define FSRTL_FLAG2_DO_MODIFIED_WRITE (0x01) 

51383| 

51384| // 

51385| // The following constants are used to block top level 

| Irp processing when 
51386| // (in either the fast io or cc case) file system 

| resources have been 
51387| // acquired above the file system, or we are in an Fsp 

| thread. 
51388| // 
51389| 

51390| #define FSRTL_FSP_TOP_LEVEL_IRP 0x01 
51391 1 #define FSRTL_CACHE_TOP_LEVEL_IRP 0x02 
51392| #define FSRTL_MOD_WRITE_TOP_LEVEL_IRP 0x03 
51393| #define FSRTL_FAST_IO_TOP_LEVEL_IRP 0x04 
51394| #define FSRTL_MAX_TOP_LEVEL_IRP_FLAG 0x04 
51395| 
51396| 

51397| #pragma pack() 

51398| typedef struct _NTFS_0705 { 

51399| 

51400| FSRTL COMMON FCB HEADER VolumeFileHeader; // size 
| = 0x0028 

51401 1 ULONG Unknownl ; // size 

| = 0x0140 
51402| ULONG Unknown2; 
51403| ULONG Unknown3; 
51404| ULONG Unknown4; 
51405| ULONG Unknown5; 
51406| ULONG Unknown6; 
51407| struct _NTFS_FCB *Fcb; 
51 408| struct _NTFS_VCB *Vcb; 
51 409| ULONG Unknown8[0x1 2]; 
51410| struct _NTFS_SCB *Scb; 
5141 1 1 CHAR Unknown9[0xac]; // 0x0094 



51412 
51413 
51414 
51415 
51416 
51417 
51418 
51419 



| = 0x0028 



51420 



| = 0x0168 



51421 
51422 
51423 
51424 
51425 
51426 
51427 
51428 
51429 
51430 
51431 
51432 
51433 
51434 
51435 
51436 
51437 
51438 



51439 



51440 
51441 
51442 
51443 
51444 
51445 
51446 
51447 
51448 
51449 
51450 
51451 
51452 
51453 
51454 
51455 
51456 
51457 



} NTFS_0705; 

typedef NTFS_0705 *PNTFS_0705; 

#pragma pack() 

typedef struct _NTFS_0706 { 

FSRTL_COMMON_FCB_HEADER VolumeFileHeader; // size 



ULONG Unknownl ; // size 



ULONG Unknown2; 

ULONG Unknown3; 

ULONG Unknown4; 

ULONG Unknown5; 

ULONG Unknown6; 

struct _NTFS_FCB *Fcb; 

struct _NTFS_VCB *Vcb; 

ULONG Unknown8[0x12]; 

struct _NTFS_SCB *Scb; 

CHAR Unknown9[0xd4]; // 0x0094 

} NTFS_0706; 

typedef NTFS_0706 *PNTFS_0706; 

#pragma pack() 

typedef struct _NTFS_0704 { 



FSRTL_COMMON_FCB_HEADER VolumeFileHeader; // size 
0x0028 



ULONG Unknownl ; // size 



| = 0x0180 



ULONG Unknown2; 

ULONG Unknown3; 

ULONG Unknown4; 

ULONG Unknown5; 

ULONG Unknown6; 

struct _NTFS_FCB*Fcb; 

struct _NTFS_VCB *Vcb; 

ULONG Unknown8[0x12]; 

struct _NTFS_SCB *Scb; 

CHAR Unknown9[0xec]; // 0x0094 

} NTFS_0704; 

typedef NTFS_0704 *PNTFS_0704; 



#pragma pack() 

typedef struct _NTFS_FCB { 

CSHORT NodeTypeCode; // == 0702 



51458 
51459 
51460 
51461 
51462 
51463 
51464 
51465 
51466 
51467 
51468 
51469 
51470 
51471 
51472 
51473 
51474 
51475 
51476 
51477 
51478 
51479 
51480 
51481 
51482 
51483 
51484 
51485 
51486 
51487 
51488 
51489 
51490 
51491 
51492 
51493 
51494 
51495 
51496 
51497 
51498 
51499 
51500 
51501 
51502 
51503 
51504 
51505 
51506 
51507 



CSHORT NodeByteSize; 
PVOID Vcb; 

ULONG Unknownl ; 
USHORT Unknown2; 
USHORT Unknown3; 



// == OObO 



// == 00000002 
// == 0000 
// == 0002 



ULONG CleanupCount; //offset 10 

ULONG CloseCount; //offset 14 

ULONG ReferenceCount; //offset 18 

ULONG FcbState; //offset 1c 

ULONG FcbDenyDelete; //offset 20 

ULONG FcbDeleteFile; //offset 24 

CHAR Unknown4[0x1c]; 

USHORT BaseExclusiveCount; //offset 44 
USHORT EaModificationCount; //offset 46 

ULONG Unknown5; 

ULONG InfoFlags; //offset 4c 

CHAR Unknown6[0x38]; 

USHORT LinkCount; //offset 88 

USHORT TotalLinks; //offset 8a 

ULONG CurrentLast Access; //offset 0 

CHAR Unknown7[0xa]; 

ULONG CreateSecurityCount; //offset 9c 

ULONG Unknown8; 

ULONG DelayedCloseCount; //offset a4 

ULONG Unknown9; 
ULONG Unknownl 0; 
} NTFS_FCB; 

typedef NTFS_FCB *PNTFS_FCB; 

#define FCB_FLAG_NON_PAGED 0x0002 
#define FCB_FLAG_DUP_INITIALIZED 0x0008 

#define FCB_FLAG_IN_FCB_TABLE 0x0040 

#define FCB_FLAG_SYSTEM_FILE 0x0100 
#define FCB_FLAG_COMPOUND_INDEX 0x0400 

#pragma pack() 

typedef struct _NTFS_VCB { 



51508 
51509 
51510 
51511 
51512 
51513 
51514 
51515 
51516 
51517 
51518 
51519 
51520 
51521 
51522 
51523 
51524 
51525 
51526 
51527 
51528 
51529 
51530 
51531 
51532 
51533 
51534 
51535 
51536 
51537 
51538 
51539 
51540 
51541 
51542 
51543 
51544 

I «o 
51545 
51546 
51547 
51548 
51549 
51550 
51551 
51552 
51553 
51554 
51555 
51556 



CSHORT NodeTypeCode; 
CSHORT NodeByteSize; 



// == 0701 
// == 03c8 



ULONG 
ULONG 
ULONG 

PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 
PVOID 



Unknownl; 
Unknown2; 
Unknown3; 



// 
// 
// 



MftScb; //10 
Mft2Scb; //14 
LogFileScb; //18 
VolumeDasdScb; // 1c 
RootlndexScb; // 20 
BitmapScb; // 24 

AttributeDefTableScb; // 28 
UpcaseTableScb; // 2c 
BadClusterFileScb; // 30 
QuotaTableScb; // 34 
OwnerldTableScb; // 38 
MftBitmapScb; // 3c 



CHAR Unknown4[0x14]; 

ULONG CleanupCount; // 54 

ULONG CloseCount; // 58 

ULONG ReadOnlyCloseCount; //5c 

ULONG SystemFileCloseCount; //60 

CHAR Unknown5[0x4c]; 

PVOID RootLcb; // bO 

CHAR Unknown6[0x31 4]; 

} NTFS_VCB; 

typedef NTFS_VCB *PNTFS_VCB; 

// The first 1 6 files entries are reserved for the 
lowing 

#define FILE_MFT 0 
#define FILE_MFTMirror 1 
#define FILE_LogFile 2 
#define FILE_Volume 3 
#define FILE_AttrDef 4 
#define FILE_Rootlndex 5 
#define FILE BitMap 6 
#define FILE_Boot 7 
#define FILE_BadCluster 8 
#define FILE_Quota 9 
#define FILE_UpCase 1 0 



51557 
51558 
51559 
51560 
51561 
51562 
51563 
51564 
51565 
51566 
51567 
51568 
51569 
51570 
51571 
51572 
51573 
51574 
51575 
51576 
51577 
51578 
51579 
51580 
51581 
51582 
51583 
51584 
51585 
51586 
51587 
51588 
51589 
51590 
51591 
51592 
51593 
51594 
51595 
51596 
51597 

|0 
51598 

|3 
51599 

I 11 
51600 

I 13 
51601 



// 11-15 is reserved 
// my types!!! 

#define FILE Reserved 1 1 
#define FILE_Ownerld 12 
#define FILE_MFTBitMap 13 
#define FILE_Rootl_cb 14 
#define FILE_Other 15 

#pragma pack() 



File Listing: ONDISK.h 

#pragma pack(1) 
typedef struct sPartRec { 

UCHAR Bootable; 

UCHAR BeginHead; 

UCHAR BeginSector; 

UCHAR BeginCyl; 

UCHAR SystemType; 

UCHAR EndHead; 

UCHAR EndSector; 

UCHAR EndCyl; 

ULONG StartSector; 

ULONG NumberOfSectors; 

} tPartRec; 

#pragma pack(1) 
typedef struct sMBR { 

UCHAR Code[0x1b9]; 

ULONG SerialNumber; 

UCHAR Unknownl ; 

tPartRec Partition[4]; 

USHORT Signature; 

} tMBR; 

#pragma pack(1) 

typedef struct _NTFS_BOOT_SECTOR { 
UCHAR Jmp[3]; // 

CHAR Oemld[8]; // 

USHORT BytesPerSector; 

UCHAR SectorsPerCluster; 

USHORT ReservedSectors; 



| 14 - not used in NT (0) 



51602| UCHAR NumberOfFats; // 

| 16 - not used in NT (0) 
51603| USHORT RootDirectory; // 

| 1 7 - not used in NT (0) 
51604| USHORT SmallSectors; // 

| 19 - not used in NT (0) 
51605| UCHAR Medial D; // 

|21 

51606| USHORT Sectors PerFat; // 

| 22 - not used in NT (0) 
51607| USHORT SectorsPerTrack; // 

| 24 

51608| USHORT Heads; // 
| 26 

51609| ULONG Hidden Sectors; // 
| 28 

51610| ULONG LargeSectors; // 
| 32 

51611| UCHAR Drive; // 
| 36 

51612| UCHAR Dirty Volume; // 

137 
51613| 

51614| USHORT Reserved; // 
| 38 

51615| ULARGEJNTEGER TotalSectors; // 
| 40 

51616| ULARGEJNTEGER ClusterToMFT; // 
| 48 

51617| ULARGEJNTEGER ClustersToMFTMirror; // 
| 56 

51618| ULONG ClustersPerFRS; // 
| 64 

51619| ULONG ClustersPerlndexBlock; // 
| 68 

51620| ULARGEJNTEGER SerialNumber; // 
| 72 

51621| ULONG SectorChecksum; // 
| 80 

51622| ULONG Unknownl; // 
| 84 

51623| ULONG Unknown2; // 
| 88 

51624| UCHAR Unknown3; // 
| 92 

51625| UCHAR Code[0x1a1]; // 
| 93 

51626| USHORT Signature; // 

|510-aa55 
51627| } NTFSJ3QOT_SECTOR; 



51628| typedef NTFS_BOOT_SECTOR *PNTFS_BOOT_SECTOR; 
51629| 

51630| #pragma pack(1) 
51 631 1 typedef struct _FAT_BOOT_SECTOR { 
51632| UCHAR Jmp[3]; // 
10 

51633| CHAR Oemld[8]; // 
13 

51634| USHORT BytesPerSector; // 

51635| UCHAR SectorsPerCluster; // 
I 13 

51636| USHORT ReservedSectors; // 
I 14 

51637| UCHAR NumberOfFats; // 
I 16 

51638| USHORT Root Directory; // 
I 17 

51639| USHORT SmallSectors; // 
I 19 

51640| UCHAR Medial D; // 
|21 

51641| USHORT Sectors PerFat; // 
| 22 

51642| USHORT Sectors PerTrack; // 
| 24 

51643| USHORT Heads; // 
| 26 

51644| ULONG Hidden Sectors; // 
| 28 

51645| ULONG LargeSectors; // 
| 32 

51646| UCHAR Drive; // 
| 36 

51647| UCHAR Dirty Volume; // 

137 
51648| 

51649| UCHAR BootSignature; // 

| 38 - 29 means the next are valid 
51650| ULONG VolumelD; // 

| 39 

51651| CHAR VolumeLabelfOxb]; // 
| 43 

51652| CHAR FileSysType[8]; // 
| 54 

51653| UCHAR Code[0x1c0]; // 
| 62 

51654| USHORT Signature; // 

|510-aa55 
51655| } FAT_BOOT_SECTOR; 



51656| typedef FAT_BOOT_SECTOR *PFAT_BOOT_SECTOR; 
51657| 

51658| #pragma pack(1) 

51 659| typedef struct _FAT32_BOOT_S ECTOR { 
51660| UCHAR Jmp[3]; // 
10 

51661| CHAR Oemld[8]; // 

13 
51662| 

51663| USHORT Bytes PerSector; // 
I 11 

51664| UCHAR SectorsPerCluster; // 
I 13 

51665| USHORT ReservedSectors; // 
I 14 

51666| UCHAR NumberOfFats; // 
I 16 

51667| USHORT RootEntries; // 
I 17 

51668| USHORT SmallSectors; // 
I 19 

51669| UCHAR Medial D; // 
| 21 

51670| USHORT SectorsPerFat; // 
| 22 

51671| USHORT SectorsPerTrack; // 
| 24 

51672| USHORT Heads; // 
| 26 

51673| ULONG Hidden Sectors; // 
| 28 

51674| ULONG LargeSectors; // 
| 32 

51675| ULONG LargeSectorsPerFat; // 
| 36 

51676| USHORT ExtendedFlags; // 
| 40 

51677| USHORT FsVersion; // 
| 42 

51678| ULONG RootDirFirstCluster; // 
| 44 

51679| USHORT FslnfoSector; // 
| 48 

51680| USHORT BackupBootSector; // 
| 50 

51681| UCHAR Reserved[1 2]; // 

| 52 
51682| 

51683| UCHAR Drive; // 
| 64 



51684| 

| 65 
51685| 
51686| 

| 66 
51687| 

|67 
51688| 

171 
51689| 

| 82 
51690| 

| 90 
51691| 



UCHAR DirtyVolume; 



// 



UCHAR BootSignature; 
29 means the next are valid 
ULONG VolumelD; 



// 



// 



CHAR Volumel_abel[Oxb]; 



// 



CHAR FileSysType[8]; 



// 



UCHAR Code[0x1a4]; 



// 



USHORT Signature; 



// 



|510-aa55 
51692| } FAT32_BOOT_SECTOR; 

51693| typedef FAT32_BOOT_SECTOR *PFAT32_BOOT_S ECTOR; 

51694| 

51695| // 

51696| // Define the FAT32 Fslnfo sector. 

51697| // 

51698| 

51699| #pragma pack(1) 

51700| typedef struct _FSINFO_SECTOR { 

51701| ULONG SectorBeginSignature; // 

| offset = 0x000 0 
51702| UCHAR ExtraBootCode[480]; // 

| offset = 0x004 4 
51703| ULONG FslnfoSignature; // 

| offset = 0x1 e4 484 
51704| ULONG FreeClusterCount; // 

| offset = 0x1 e8 488 
51705| ULONG NextFreeCluster; // 

| offset = 0x1 ec 492 
51706| UCHAR Reserved[12]; // 

| offset = 0x1 fO 496 
51707| ULONG SectorEndSignature; // 

| offset = 0x1 fc 508 
51708| } FSINFO_SECTOR, *PFSINFO_SECTOR; 
51709| 

51710| #define FS I N FO_S ECTO R_B EG I N_SI G N ATU R E 0x41615252 
| // AaRR 

51 71 1 1 #define FS I N FO_S ECTO R_E N D_S I G N ATU R E 0xAA550000 
51712| 

51713| #define FS I N FO_S I G N ATU R E 0x61417272 

| // aArr 
51714| 
51715| 

51716| #pragma pack(1) 

51 71 7| typedef struct _FAT_DIR_ENTRY { 



51718| CHAR Name[8]; 
51719| CHAR Ext[3]; 
51720| UCHAR Attributes; 
51721| UCHAR ReservedfOxa]; 
51722| USHORT Time; 
51723| USHORT Date; 
51724| USHORT StartCluster; 
51725| ULONG FileSize; 
51726| } FAT DI R ENTRY; 

51727| typedef FAT_DIR_ENTRY *PFAT_DIR_ENTRY; 

51728| 

51729| 

51730| #pragma pack() 

51731| 

51732| 

51733| 

51734| File Listing: PASSTHRU.cpp 
51735| 

51736| #include "precomp.h" 

51737| 

51738| 

51739| /* 



51740| NTSTATUS 
51741| PSManPassThru( 

51742| IN PDEVICE_OBJECT DeviceObject, 

51743| INPIRPIrp 

51744| ) 

51745| 

51746| /*++ 

51747| 

51748| Routine Description: 
51749| 

51 750| This is the driver entry point for read requests 
51 751 1 to disks to which the PSMan driver has attached. 
51 752| This driver collects statistics and then sets a 
| completion 

51 753 1 routine so that it can collect additional 

| information when 
51 754| the request completes. Then it calls the next 

| driver below 
51755| it. 
51756| 

51757| Arguments: 
51758| 

51759| DeviceObject 
51760| Irp 
51761| 

51762| Return Value: 
51763| 



51764| NTSTATUS 

51765| 

51766| --*/ 

51767| 

51768| { 

51769| 

51770| #if 0 

51 771 1 TRACE( TRACE_PASSTHRU, 
51772| 

| cu rrentl rpStack-> Parameters . Read. ByteOff set. High Part, 
51773| 

| cu rrentl rpStack-> Parameters . Read. ByteOff set. LowPart, 
51 774| currentlrpStack->Parameters. Read. Length, 

51 775| currentlrpStack->Parameters. Read. Key, 

51776| ""); 
51777| #endif 
51778| 

51779| #ifdef DEBUG 
51780| if( Debug Pri nts) { 
51781| char Buff[30]={0}; 

51 782| PIO_STACK_LOCATION current I rpStack = 

| lo GetCu rrent I rpStackLocatio n( I rp) ; 
51783| 

51784| sprintf(Buff,"PassThru %d,%d: ", 
51 785| currentlrpStack->MajorFunction, 
51 786| currentlrpStack->MinorFunction 
51787| ); 

51 788| File_PrintOnel_iner(Buff,DeviceObject,lrp); 
51789| } 
51790| #endif 
51791| 

51 792| if(PsmGetObjectType(DeviceObject)==OBJECTJNTERNAL) 
|{ 

51793| Debug(DEBUG_PASSTHRU | DEBUG_ERROR, ("Error! 

| Device is PSMan Object, Failing requestAn")); 
51794| 

51795| lrp->loStatus.Status = 

| STATUS_I N VALI D_DE VI C E_REQU EST; 
51796| lrp->loStatus. Information = 0; 
51797| loCompleteRequest(lrp, IO_NO_INCREMENT); 
51798| lnterlockedDecrement( 

| (PLONG)&OutstandingRequests ); 
51799| return STATUS_INVALID_DEVICE_REQUEST; 
51800| }else 
51801| 

| if(PsmGetObjectType(DeviceObject)==OBJECT_VIRTUALDISK) 
|{ 

51802| Debug(DEBUG_PASSTHRU | DEBUG_ERROR, ("Error! 

| Device is vdisk Object, Failing request\n")); 
51803| 



51804| lrp->loStatus.Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
51805| lrp->loStatus. Information = 0; 
51806| loCompleteRequest(lrp, IO_NO_INCREMENT); 
51 807| Interlocked Decrement 

| (PLONG)&OutstandingRequests ); 
51808| return STATUS_INVALID_DEVICE_REQUEST; 
51809| }else 
51810| 

| if(PsmGetObjectType(DeviceObject)==OBJECT_FS_OBJECT) { 
51811| Debug(DEBUG_PASSTHRU | DEBUG_ERROR, ("Error! 

| Device is FileSystem Object , Failing request\n")); 
51812| 

51813| lrp->loStatus.Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
51814| lrp->loStatus. Information = 0; 
51815| loCompleteRequest(lrp, IO_NO_INCREMENT); 
51 81 6| lnterlockedDecrement( 

| (PLONG)&OutstandingRequests ); 
51817| return STATUS_INVALID_DEVICE_REQUEST; 
51818| } 
51819| 

51820| #ifdef DEBUG 



51821| if( Debug Prints) { 

51 822| // Copy current stack to next stack. 

51823| loCopyCurrentlrpStackLocationToNext(lrp); 

51824| 

51 825| // Set completion routine callback. 

51 826| Hint -save -e506 -e774 7 

51827| loSetCompletionRoutine(lrp, 

51828| PSManloCompletionDevice, 

51829| DeviceObject, 

51830| TRUE, 

51831| TRUE, 

51832| TRUE); 

51833| Hint -restore 7 

51834| }else{ 

51835| loSkipCurrentlrpStackl_ocation( Irp ); 

51836| } 



51837| #else 

51838| loSkipCurrentlrpStackl_ocation( Irp ); 

51839| #endif 

51840| 

51 841 1 // Return the results of the call to the disk 

| driver. 
51842| 

51843| PFILTERED_EXTENSION FilteredExt = 
| GetFilteredExtension(DeviceObject); 

51844| return loCallDriver 

| (FilteredExt->TargetDeviceObject, Irp); 



51845| 

51846| } //end PSManPassThruQ 

51847| 

51848| 

51849| /* 



51850| NTSTATUS 

51851| PSManloCompletionDevice( 

51852| IN PDEVICE_OBJECT DeviceObject, 

51853| INPIRP Irp, 

51854| IN PVOID Context 

51855| ) 

51856| 

51857| /*++ 

51858| 

51859| Routine Description: 
51860| 

51861 1 This routine will get control from the system at 

| the completion of an IRP. 
51862| It will calculate the difference between the time 

| the IRP was started 
51 863| and the current time, and decrement the queue 

| depth. 
51864| 

51865| IRQL <= DISPATCH_LEVEL Assume running at 

| DISPATCH_LEVELM! 
51 866| as it will vary depending on what the higher 

| level driver is doing 
51867| 

51868| Arguments: 
51869| 

51870| DeviceObject - for the IRP. 

51871 1 Irp - The I/O request that just completed. 

51872| Context - Not used. 

51873| 

51874| Return Value: 
51875| 

51876| The IRP status. 

51877| 

51878| --7 

51879| 

51880| { 

51881| 

51882| NOT_REFERENCED(Context); 
51883| #if 0 

51884| TRACE( TRACE_PASSTHRU_COMP, 
51885| 

| irpStack-> Parameters . Read . ByteOff set. H igh Part, 
51886| 

| irpStack->Parameters.Read.ByteOffset.LowPart, 



51887 
51888 
51889 
51890 
51891 
51892 
51893 
51894 



| ",DeviceObject,lrp); 



51895 
51896 
51897 
51898 
51899 
51900 
51901 
51902 
51903 
51904 
51905 
51906 
51907 
51908 
51909 
51910 
51911 
51912 
51913 
51914 
51915 
51916 
51917 
51918 
51919 
51920 
51921 
51922 
51923 
51924 
51925 
51926 
51927 
51928 
51929 



51930 
51931 
51932 
51933 
51934 



irpStack->Parameters. Read. Length, 
irpStack->Parameters . Read . Key, 
""); 

#endif 

#ifdef DEBUG 
if( Debug Prints) { 

F i le_Pri ntO neLi ner(" PassTh ru Do ne : 



} 

#endif 

if (lrp->PendingReturned) { 
loMarklrpPending(lrp); 

} 

return STATUS_SUCCESS; 
} // PSManloCompletionDevice 



File Listing: PASSTHRU.h 

NTSTATUS 
PSManPassThru( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 

PSManloCompletionDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp, 

IN PVOID Context 

); 



File Listing: perapi.cpp 

#include "precomp.h" 

// 



void cdecl OurFree ( void *p ) 

{ 

if ( P ) { 

MemFreePool(p); 



51935 
51936 
51937 
51938 

I- 
51939 
51940 
51941 
51942 
51943 
51944 
51945 

|id) 
51946 
51947 
51948 
51949 
51950 
51951 
51952 
51953 



51954 
51955 
51956 
51957 
51958 
51959 
51960 



51961 
51962 
51963 
51964 
51965 
51966 
51967 

I- 
51968 
51969 
51970 
51971 
51972 
51973 
51974 
51975 
51976 
51977 
51978 
51979 



} 

} 

//— - 



PVOID cdecl OurMalloc ( 

ULONG x, 
ULONG id, 
POOL_TYPE pool ) 



{ 



PVOID buffer = MemAllocatePoolWithTag (pool, x, 

if ( buffer ) { 

RtlZeroMemory (buffer, x); 

} 

return buffer; 



void DeletableObject::operator delete (void *p) 
{ 

OurFree(p); 

} 

// 



void * cdecl operator new ( size_t size ) 

{ 

return OurMalloc ( size, 'ppcO', NonPagedPool ); 

} 

// 



ErrorCode 
Dictionary: :Open ( 

ULONG flags, 

Dictionary * SpDictionary ) 



{ 



ErrorCode error = STATUS_SUCCESS; 
pDictionary = 0; 

if ( flags & DICT_FLAG_NONPERSISTENT ) { 

pDictionary = new Temporary Dictionary(); 
} else if ( flags & DICT_FLAG_PERSISTENT ) { 



51980 
51981 
51982 
51983 
51984 
51985 
51986 
51987 
51988 
51989 
51990 
51991 
51992 

I- 
51993 
51994 
51995 
51996 
51997 
51998 
51999 
52000 
52001 
52002 
52003 
52004 
52005 
52006 
52007 
52008 
52009 
52010 
52011 
52012 
52013 
52014 
52015 
52016 
52017 
52018 
52019 
52020 
52021 
52022 
52023 
52024 
52025 
52026 
52027 
52028 



pDictionary = new PersistentDictionary(); 
} else { 

error = STATUS_INVALID_PARAMETER; 

} 

if ( error==STATUS_SUCCESS && IpDictionary ) { 
error = STATU S_N 0_M EMO R Y ; 

} 



return error; 



ErrorCode 
Dictionary: :Destroy ( 

Dictionary * &pDictionary ) 

{ 

ErrorCode error = pDictionary- >close(); 
delete pDictionary; 
pDictionary = 0; 
return error; 

} 

/*— end of file perapi.cpp — 7 



File Listing: perapi.h 

typedef const void *PCVOID; 
typedef NTSTATUS ErrorCode; 

#define DICT_FLAG_NONPERSISTENT 0x1 
#define DICT_FLAG_PERSISTENT 0x2 
#define DICT_FLAG_PERSERVE_M EMORY 0x4 
#define DICT_FLAG_PERSERVE_DISK 0x8 
#define DICT_FLAGS_USE_VLM 0x10 
#define DICT_FLAGS_USE_PAE 0x20 
#define DICT_FLAGS_REOPEN_EXISTING 0x40 

// for insert functions 

#define DICT_FLAG_REPLACE_DUPS 0x1 
// for insert and search 

#define DICT_FLAG_VIRTUAL_IO 0x8000 

#define DICT_ACCESS_READONLY (GENERIC_READ) 
#define DICT_ACCESS_READWRITE (GENERIC_READ | 



I GENERIC_WRITE) 
52029| #define DICT_ACCESS_QUERY (READ_CONTROL) 
52030| #define DICT_ACCESS_CHANGE (WRITE_DAC | 

| WRITEOWNER | READ CONTROL) 
52031 1 #define DICT_ACCESS_DELETE (DELETE) 
52032| #define DICT_ACCESS_WRITE_DAC (WRITE_DAC) 
52033| #define DICT_ACCESS_OWNER (WRITE OWNER) 

52034| #define DICT_ACCESS_SYNCHRONIZE (SYNCHRONIZE) 
52035| #define DICT_ACCESS_STANDARD_RIGHTS (GENERIC_ALL) 
52036| 

52037| #define GranulePart High Part 
52038| #define SnapShotPart LowPart 
52039 | 
52040 1 

52041 1 typedef struct _FILTERED_EXTENSION 

| *PFILTERED_EXTENSION; 
52042| typedef struct sDictSiblinglnfo { 
52043 1 char Opaque[256] ; 
52044| } tDictSiblinglnfo, *pDictSiblinglnfo; 
52045| 

52046| void * cdecl operator new ( size_t size ); 

52047| 
52048| 

52049 1 // We created the class DeletableObject because we 

| weren't having 
52050| // much luck getting the compiler to pay any attention 

| to our 

52051 1 // global function ::operator delete. (Compiler 

| refuses to generate code.) 
52052 1 

52053 1 class DeletableObject 
52054| { 
52055| public: 

52056| void cdecl operator delete ( void *p ); 

52057| }; 
52058| 
52059 1 

52060| enum Dictionarylnformation { 

52061 1 DictBasiclnformation, 

52062 1 DictStandard Information, 

52063| DictSecuritylnformation, 

52064| DictAlllnformation 

52065| }; 

52066| 

52067| 

52068| 

52069| class Dictionary: public DeletableObject 
52070 1 { 
52071| public: 

52072| virtual ~Dictionary() { cleanupQ; } 



52073| 

52074| virtual ErrorCode initialize ( ULONG flags ) = 0; 

52075| virtual ErrorCode cleanup() { return 

| STATUS_SUCCESS; } 

52076| virtual ErrorCode GetOutParams( WCHAR *Cache ) = 0; 
52077| 
52078| 

52079| virtual ErrorCode searchAndDeleteSingle( 
52080| PFILTEREDEXTENSION devExt, 
52081 1 ULARGEJNTEGER sector ) = 0; 
52082 1 

52083 1 

| /* 

| 

52084| searchMultiple 

52085| If one or more of the sectors exist in the 

| dictionary 
52086| Returns: 

52087| Dictionary::STATUS_SUCCESS 
52088| Dictionary: :INSUFFICIENT_RESOURCES 

52089| Dictionary: :INSUFFICIENT_DISK_SPACE 

52090| Dictionary: :OUT_OF_MEMORY 

52091| etc... 
52092| Starting - Starting Sector 
52093| Count - Number of sectors to do (0 is 
| allowed) 

52094| CountDid - Number of sectors found (0 is 
| allowed) 

52095| Bitmap - if NULL no data returned 
52096| else if a bit is set, the sector 

| corresponding to that 
52097| bit has been stored in the 

| dictionary 
52098| 
52099| 7 

52100| virtual ErrorCode search Multiple( 
521 01 1 PFILTEREDEXTENSION devExt, 
52102| ULARGEJNTEGER starting, 
52103| ULONG count, 
52104| ULONG &countDid, 
52105| PRTL_BITMAP bitMap, 
52106| ULARGEJNTEGER dataSize, 
52107| PVOID virtualDataPointer, 
52108| ULONG flags ) = 0; 

52109| 

52110| 

| /* 



521 1 1 1 searchAndlnsertMultiple 

521 12| If one or more of the sectors exist in the 



I dictionary, if they do 
52113| not, one or more are added 
52114| 

52115| Returns: 

52116| Dictionary::STATUS_SUCCESS 
52117| Dictionary: :INSUFFICIENT_RESOURCES 

52118| Dictionary: :INSUFFICIENT_DISK_SPACE 

52119| Dictionary: :OUT_OF_MEMORY 

52120| etc... 
521 21 1 Starting - Starting Sector 
521 22| Count - Number of sectors to do (0 is 
| allowed) 

52123| CountDid - Number of sectors added to the 

| dictionary (0 is allowed) 
52124| Bitmap - if NULL no data returned 
52125| else if a bit is set, the sector 

| corresponding to that 
52126| bit has been stored in the 

| dictionary else it was 
521 27| already in the dictionary 

52128| 

52129| DataSize - Number of bytes in the data pointer 
52130| VirtualDataPointer - Pointer to data to be 

| added to the dictionary 
52131| 7 

52132| virtual ErrorCode searchAndlnsertMultiple( 
521 33 1 PFILTERED EXTENSION devExt, 
52134| ULARGEJNTEGER starting, 
52135| ULONG count, 
52136| ULONG &countDid, 
52137| PRTL_BITMAP bitMap, 
52138| ULARGEJNTEGER dataSize, 
52139| PCVOID dataPointer, 
52140| pDictSiblinglnfo siblinglnfo, 
52141| ULONG Flags ) = 0; 

52142| 
52143| 
| /* 



52144| Open 

521 45 1 Opens the dictionary and allocates any needed 

| resources (memory, 

52146| disk, etc..) 
52147| 

52148| Returns: 

52149| Dictionary::STATUS_SUCCESS 

52150| Dictionary: :INSUFFICIENT_RESOURCES 

52151| Dictionary: :INSUFFICIENT_DISK_SPACE 

52152| Dictionary: :OUT_OF_MEMORY 

52153| etc... 



52154| Path - Path and options for dictionary some 

| examples could be 
521 55 1 file://servername/diskname/cachef ilename 

521 56| ftp://servername/directory/cachefilename 
521 57| memory ://servername 

52158| etc... 
52159| 

521 60| Options are seperated via semicolons, multi 

| options for 1 option 
521 61 1 is seperated via comma's some options could 

| be 
52162| 

521 63 1 MaxDiskSpace=80MB 
521 64 1 MaxMemory=90MB 
52165| UseDisks=C,D 
52166| etc... 
52167| 

521 68| so a full path would look like 

52169| 

52170| 

| "file://bart/c:/cache/psm.$$$?MaxDiskSpace=80MB;UseDisks 

| =C,D; Max Memory =80 MB" 
52171| 
52172| 
52173| 

521 74| Flags - Dictionary flags (DICT_FLAG_PERSISTENT, 
| etc..) 

521 75| Access - Access rights to dictionary 
52176| pDictionary - Returned handle 
52177| 7 

521 78 1 static ErrorCode Open ( 

52179| ULONG flags, 

521 80| Dictionary * &pDictionary ); 

52181| 

52182| 

| /* 

| 

52183| Destroy 

521 84| First closes the dictionary object, then 

| deallocates memory for it. 
52185| 

52186| Returns: 

52187| Dictionary::STATUS_SUCCESS 
52 1 88| D ictionary : : I N VAL I D_P A RAM ETE R 

52189| 

52190| pDictionary - Passed in as pointer to 
| dictionary. 

521 91 1 Will be set to NULL upon return. 

52192| 7 

52193| static ErrorCode Destroy ( 



521 94| Dictionary * &pDictionary ); 

52195| 

52196| 

52197| 

| /* 



52198| close 
52199| 

52200| Closes dictionary. 

52201 1 This dictionary can be reopened without any 

| data loss. Data is 
52202| flushed to disk before being closed. If 

| nonpersistent (should we 
52203| call this 'temporary'?) the data files will be 

| orphaned and deleted 
52204| upon bootup. Example scenario: The computer 

| crashes while a 
52205| nonpersistent snapshot is active. When the 

| machine reboots, our 
52206| software notices the orphaned cache files and 

| erases them to free up 
52207| the wasted disk space. 
52208| 

52209| This will force data to be flushed to disk, and 

| close the dictionary 
5221 0| in a consistent state. 
52211| 
52212| 7 

52213| virtual ErrorCode close() = 0; 
52214| 

52215| 

| /* 



52216| destroy 
52217| 

5221 8| Closes and deletes the dictionary for disk. 

| This dictionary can not 
52219| be reopened. 
52220| 
52221 1 7 

52222| virtual ErrorCode destroy() = 0; 

52223 | 

52224| 

| /* 



52225 1 reset 
52226| 

52227| Causes the dictionary to forget all the sectors 

| it has cached. This 
52228| is a very quick operation, perhaps involving 



I only a few "pointer" 
52229| operations which can be rolled back as just 

| another transaction (if 
52230| we can save the tiny amount of data that gets 

| overwritten during the 
52231| reset.) 
52232| 
52233| 7 

52234| virtual ErrorCode reset() = 0; 

52235| 

52236| 

52237| virtual ULONG GetSequenceNumber() const { return 
| Oxffffffff; } 

52238| virtual int64 GetSnapShotTime() const { return 

I _int64(0); } 
52239| 

52240| protected: 

52241 1 // !!! Put any code/data here that should be 

| inherited by ALL derived classes 
52242| // (e.g. TemporaryDictionary and 

| PersistentDictionary), but that you want 
52243 1 // to be invisible to code outside this class 

| hierarchy. 
52244| }; 
52245| 

52246| typedef Dictionary *pDictionary; 

52247| 

52248| 

52249 1 // 

I — 

52250| // tRevertlnfo defines how to initiate/complete a 
| revert 

52251 1 // operation at boot time... 
52252 1 // 
I — 

52253 1 typedef struct sRevertlnfo { 

52254| ULONG SnapShotSequenceNumber; // 

| identify snapshot to revert, or 0 if none 
52255| ULONG Reserved2; // used 

| to be 'VolumeldlnProgress' 
52256| ULARGEJNTEGER LastKnownGranuleFinished; // 

| granule which we know was finished 
52257| ULONG RevertFlags; 
52258| ULONG Reserved3; 
52259| LARGEJNTEGER SnapShotTime; 
52260| ULONG Reserved [2]; 

52261 1 } tRevertlnfo, *pRevertlnfo; 
52262 1 
52263| 

52264| // 



I 

52265| #define GRANULE_SIZE (65536) 
52266| //#define GRANULE_SIZE (1 024) 

52267| #define SECTORS_PER_G RANULE (GRANULE SIZE / 
| Sectors ize) 

52268| #define ROUND_UNITS_UP(c,s) ((((c)+((s)-1)) / (s))) 
52269| #define ROUND_UP(c,s) (((((c)+((s)-1)) / (s)))*(s)) 
52270| #define ROUND_DOWN(c,s) (((c) / (s))*(s)) 
52271 1 

52272| const ULONG D E F AU LT_H E A D E R_B LOC KS_TO_S A V E = 2; 
52273| const ULONG MAX_SNAPSHOTS_PER_HEADER_FILE = 1024; 
52274| const ULONG HEADER_SIZE_IN_RELEASE_2 = 1179648; 
52275| 

52276| #define PSM_DO_NOT_DO_FREE_SPACE (0x01) 
52277| 

52278| class tVirginMap; 
52279 1 

52280| void DeletePsmFilesOnVolume ( PFILTERED_EXTENSION ); 

| // for use by Vresetpsm' 
52281| NTSTATUS Rebuild_DismountAIIVolumes( PDEVICE_OBJECT 

| Volume, BOOLEAN DisableMounts ); 
52282| NTSTATUS Rebuild_ReenableVolumeMounts ( PDEVICE_OBJECT 

| Volume ); 
52283| 

52284| #ifdef DEBUG 

52285| #define DEBUG_VALIDATE_DIFF_GRANULES 0 
52286| #else 

52287| #define D E B U G_V AL I DAT E_D I F F_G RAN U L E S 0 

52288| #endif r DEBUG*/ 

52289| 

52290| class PersistentDictionary: public Dictionary 

52291| { 

52292| private: 

52293| #include "header.h" 

52294| 

52295| public: 

52296| PersistentDictionary(); 
52297| ~PersistentDictionary(); 
52298| 

52299| virtual ErrorCode initialize ( ULONG Flags ); 

52300| virtual ErrorCode cleanup(void); 

52301| 

52302| static ErrorCode lnitClass( ULONG Stage, 

| tOpenTransactionlnlnternal *ln, PVOID AbortEvent ); 
52303| 

52304| static ErrorCode DeinitClass( ); 

52305| static ErrorCode GetVolumeSpaceUsed( PDEVICE_OBJECT 

| Volume, ULONG &At, ULONG &High, ULONG &Used ); 
52306| 

52307| virtual ErrorCode GetOutParams( WCHAR *Cache ); 



52308| 

52309| virtual ErrorCode searchAndDeleteSingle( 

52310| PFILTERED_EXTENSION devExt, 

52311| ULARGEJNTEGER sector); 
52312| 

52313| virtual ErrorCode searchMultiple( 

52314| PFILTEREDEXTENSION devExt, 

52315| ULARGEJNTEGER starting, 

52316| ULONG count, 

52317| ULONG &countDid, 

52318| PRTL_BITMAP bitMap, 

52319| ULARGEJNTEGER dataSize, 

52320| PVOID virtualDataPointer, 

52321| ULONG flags); 
52322| 

52323| virtual ErrorCode searchAndlnsertMultiple( 

52324| PFILTERED EXTENSION devExt, 

52325| ULARGEJNTEGER starting, 

52326| ULONG count, 

52327| ULONG &countDid, 

52328| PRTLJ3ITMAP bitMap, 

52329| ULARGEJNTEGER dataSize, 

52330| PCVOID dataPointer, 

52331 1 pDictSiblinglnfo siblinglnfo, 

52332| ULONG Flags); 

52333 | 

52334| virtual ErrorCode close(void); 

52335| virtual ErrorCode destroy(void); 

52336| virtual ErrorCode reset(void); 
52337| 

52338| static ErrorCode GetDictionaryForVolume( PVOID 

| Volume, pDictionary &Dictionary ); 

52339| static ErrorCode GetDictionaryForVolume( PVOID 

| Volume, pDictionary &Dictionary, ULONG Index ); 
52340 1 

52341 1 ErrorCode SetVolume( PDEVICE_OBJECT AVolume, 
| skSnapShotMaster*MasterSnapShot, ULONG 
| SnapShotSequence ); 

52342| ErrorCode SetSnapShotlnfo( skSnapShotMaster *Master 

I); 

52343 1 static ErrorCode Setlnfo( 

| tOpenTransactionlnlnternal *ln ); 
52344| ULONG lsCacheWarningThresholdReached(); 
52345| ULONG IsCacheSnapShotCreationThresholdReachedO; 
52346| // static ULONG CacheFullThresholdPercent; 
52347| // static ULONG CacheWarninglnterval; 
52348| // static ULONG CacheWarningThreshold Percent; 
52349| // FIXFIXFIX This is a temporary flag to prevent 

| caching during rebuild - to be replaced 
52350| // with a holding pen to save the writes till after 



I rebuild is through. 
52351 1 NTSTATUS Persistent Dictionary:: Process CachingMap( 

| PRTL_BITMAP *C aching Bit Map, const WCHAR 

| *VirtualVolName, const WCHAR *LiveVolName ); 
52352| NTSTATUS SetFreeSpaceStatus( ULARGEJNTEGER Sector, 

| ULONG Count, BOOLEAN Set ); 
52353| BOOLEAN NeedsCaching( ULARGEJNTEGER Sector, ULONG 

| Count ); 

52354| BOOLEAN NeedMap(void); 
52355| static ErrorCode 

| UpdateCacheFileSizes(PDEVICE_OBJECT Volume); 
52356| static ErrorCode BeginUpdate(void); 
52357| static ErrorCode EndUpdate(void); 
52358| static ULONG QueryMaxNumUserSnapShots(); 
52359 1 NTSTATUS Re move Virtu a I Writes (void); 
52360| virtual ULONG GetSequenceNumber() const; 

52361 1 virtual int64 GetSnapShotTime() const; 

52362| static BOOLEAN DoFreeSpaceChecks(void); 
52363 1 

52364| virtual PRTL_BITMAP GetVolumeCachingMap( ULONG Map 

l = 0); 
52365| virtual void 

| PersistentDictionary::SetVolumeCachingMap( ULONG Map , 

| PRTL BITMAP BitMap ); 
52366| virtual ULONG GetVolumeClusterSize(void); 
52367| 

52368| ULONG GetSnapShotFlags(void); 

52369| ULONG IsReadOnlyO { return PSM_SS_lsReadOnly 

| ((unsigned char) GetSnapShotFlags()); } 
52370| ULONG lsReadWrite() { return PSM_SS_lsReadWrite 

| ((unsigned char) GetSnapShotFlags()); } 
52371 1 ULONG IsPersistentQ { return PSM_SS_lsPersistent 

| ((unsigned char) GetSnapShotFlags()); } 
52372| ULONG IsTemporaryQ { return PSM_SS_lsTemporary 

| ((unsigned char) GetSnapShotFlags()); } 
52373 1 

52374| static void GetRevertBootlnfo ( tRevertlnfo & ); 

52375| static NTSTATUS SetRevertBootlnfo ( PDEVICE_OBJECT 

| Volume, const tRevertlnfo & ); 
52376| static NTSTATUS SaveHeader(PDEVICE_OBJECT Volume); 
52377| static void GetCacheThresholds( PDEVICE_OBJECT 

| Volume, ULONG &Warn, ULONG &Full, ULONG &lnterval, 

| ULONG &FullPercent, ULONG &FullAction ); 
52378| static NTSTATUS LoadSnapShotsForVolume( 

| PDEVICE_OBJECT Volume, BOOLEAN Rebuild=TRUE, PVOID 

| AbortEvent=NULL); 
52379| static NTSTATUS UnloadSnapShotsForVolume( 

| PDEVICE_OBJECT Volume, ULONG OpenCloseOwned=FALSE ); 
52380| static NTSTATUS MiniUnloadSnapShotsForVolume( 

| PDEVICE_OBJECT Volume, ULONG OpenCloseOwned=FALSE ); 



52381 1 static NTSTATUS CloseFilesForVolume( PDEVICE_OBJECT 
| Volume ); 

52382| static NTSTATUS RebuildSnapShotsForVolume( 

| PDEVICE_OBJECT Volume, BOOLEAN Rebuild=TRUE, PVOID 

| AbortEvent=NULL); 
52383| static NTSTATUS RetrieveDirectlOMaps( 

| PDEVICE_OBJECT Volume, BOOLEAN 

| CheckClusterDataBase=TRUE ); 
52384| static NTSTATUS StoreClustersOfFiles( 

| PDEVICE_OBJECT Volume); 
52385| static void Part20fRebuildForVolume( PVOID Volume 

I); 

52386| static void SetSystem Ready (void); 

52387| static ULONG GetSystem Ready (void) { return 

| System Ready; } 
52388| static NTSTATUS CreateFilesForVolume( 

| PDEVICE_OBJECT Volume, PVOID AbortEvent ); 
52389| static NTSTATUS TearDownCacheForVolume( 

| PDEVICE_OBJECT Volume ); 
52390| static NTSTATUS InitializeFileNamesForVolume ( 

| PDEVICE_OBJECT Volume ); 
52391 1 static NTSTATUS OpenFilesForVolume( PDEVICE_OBJECT 

| Volume ); 

52392| static NTSTATUS GetStateForVolume( PDEVICE_OBJECT 
| Volume ); 

52393| static BOOLEAN ChecklfLoadNeeded( PDEVICE_OBJECT 
| Volume ); 

52394| static NTSTATUS CopyClusterRegistryToLocalRegistry( 

| PDEVICE_OBJECT Volume, PUNICODE_STRING LocalReg ); 
52395| static ULONG QueryResetPsm(); 
52396| static ULONG QueryNoPsm(); 
52397| static void DisableResetPsm(); 
52398| static void DisableNoPsm(); 
52399 | 

52400| static ULONG CalculateChecksum ( ULONG 

| DataSizelnBytes, const void *DataBuffer ); 
52401| 

52402| friend class 

| TreeSearcher_MakeVirtualWritesPersistent; 
52403| NTSTATUS Make Virtual Writes Persistent(); 
52404| 

52405| static NTSTATUS FindVirginSpace ( 
52406| PDEVICE_OBJECT Volume, 
52407| tVirginMap &VirginMap, 
52408| ULONG &ClusterSizelnBytes, 
52409| LARGEJNTEGER &TotalClusters ); 
52410| 

52411| private: 

| // 



52412| static ULONG Classlnited; 

52413| Error-Code SetVolumelnternal( PDEVICE_OBJECT Volume, 
| plnternalSnapShot MySnapShot, ULONG SnapShotSequence ); 

52414| BOOLEAN NodelsDefunct( key Type PreviousKey, key Type 
| CurrentKey); 

52415| tTreeLeaf *ScanForDeadNode( key Type PreviousKey, 

| ULONG NumNodesTo Inspect) ; 
52416| void FreeDeadNodes(void); 
52417| 
52418| 

52419| PDEVICE_OBJECT Volume; 
52420| PFILTERED_EXTENSION DevExt; 
52421 1 void FreeNodeAndBits( void *Ptr ); 
52422| class PersistentDictionary *Next; 
52423 1 

52424| pShared Shared; 
52425| 

52426| protected: 

52427| ULONG Flags; //needs to be protected so 

| TemporaryDictionary can access it 
52428| 

52429 1 private: 

52430| // ULONG SnapShotlndex; 
52431 1 plnternalSnapShot Snapshot; 
52432 1 

52433| static ULONG SystemReady; 
52434| static ULONG GhostBusterTime; 
52435| static PersistentDictionary *ListHead; 
52436| 

52437| // When adding/deleting any static variables modify 
| the 

52438| // InitClass method to initialize the values 

52439| static ULONG MaxNumUserSnapShots; 

52440| static ULONG ShareFiles; 

52441 1 static ULONG QPeriod; 

52442| static ULONG QTimeout; 

52443| static ULONG SectorSize; // 

| FIXFIXFIX: We don't necessarily have same sector size 

| on all volumes! 
52444| static ULONG NumSavedHeaderBlocks; // 

| (FIXFIXFIX see above) used for rotated headers 
52445| static ULONG NextHeaderBlockToSave; // 

| (FIXFIXFIX see above) used for rotated headers 
52446| static signed long Updating; 
52447| static ULONG PSMFreeSpaceOptions; 
52448| static ULONG NoPsm; 
52449| static ULONG ResetPsm; 
52450| static ULONG NoPsm_Disabled; 
52451 1 static ULONG Reset Psm_Disab led; 
52452| 



52453| 

52454| static ErrorCode MakeMountPoints(void); 
52455| static ErrorCode GetRegistrySettings( 

| PUNICODE_STRING RegistryPath ); 
52456| static ErrorCode OpenFiles( ULONG Stage, PVOID 

| AbortEvent ); 
52457| 

52458| static ErrorCode OpenAFile( 
52459| WCHAR *File, 
52460| HANDLE &FileHandle, 
52461 1 PFILE_OBJECT &FileObject, 
52462| HANDLE &WaitHandle, 
52463 1 PVOID &WaitObject ); 

52464| 

52465| static ErrorCode CloseAFile ( 
52466| HANDLE &FileHandle, 
52467| PFILE_OBJECT &FileObject, 
52468| HANDLE &WaitHandle, 
52469 1 PVOID &WaitObject ); 

52470 1 

52471 1 static ErrorCode ReloadStateFromDisk(void); 
52472 1 

52473 1 static plnternalSnapShot 

| GetNextFreeSnapShot(PDEVICE_OBJECT Volume, ULONG 

| SequenceNumber ); 
52474| 

52475| ULONG GetNextCacheLocation ( ULONG 

| NumberOfGranulesNeeded ); 
52476| void FreeCacheLocation ( ULONG Granulelndex ); 
52477| static BOOLEAN ValidateChecksum ( ULONG 

| DataSizelnBytes, const void *DataBuffer, ULONG 

| StoredChecksum ); 
52478| static BOOLEAN IndexSectorlsValid ( plndexSector x, 

| ULONG indexSectorNumber, NTSTATUS &status ); 
52479 1 

52480| #if D E B U G_V AL I DAT E_D I F F_G RAN U L E S 

52481 1 static bool ValidateDiffGranule ( 

52482| tlndexSector*, 

52483| void *diffGranuleBuffer, 

52484| PFILTERED_EXTENSION, 

52485| ULONG g ran uleN umber); 

52486| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 

52487| 

52488| static NTSTATUS Erase Index Info ( 

| PFILTERED EXTENSION DevExt, ULONG CacheNode ); 

52489| static NTSTATUS Savelndexlnfo ( PFILTERED_EXTENSION 
| DevExt, ULONG DasdGranule, ULONG SnapshotNumber, ULONG 
| CacheNode, ULONG DataChecksum, ULONG Flags ); 

52490| static NTSTATUS WritelndexSector ( 

| PFILTERED_EXTENSION DevExt, ULONG Granulelndex, const 



I tlndexSector &lndexSector ); 
52491| 

52492| static void CreditlnterveningGranuleslnTree 

| (PRTL BITMAP GranuleBitMap, tTree *Tree, ULONG LowerSS, 
| ULONG UpperSS); 

52493| // static NTSTATUS RebuildDictionary (void); 

52494| static void InitHeaderBitmaps(void); 

52495| 

52496| static NTSTATUS LoadHeader(PDEVICE_OBJECT Volume); 
52497| static NTSTATUS ReadHeaderBlock (PDEVICE_OBJECT 

| Volume, ULONG HeaderBlocklndex, pHeader 

| &SmallLocalHeader, pHeader &LocalHeader); 
52498| 

52499| static NTSTATUS ReadHeader ( 
52500| PDEVICE_OBJECT Volume, 
52501 1 pHeader &MostRecentValidHeader, 
52502| pHeader &SmallMostRecentValidHeader ); 
52503 1 

52504| // Note: After calling ReadHeader, it is caller's 

| responsibility to call FREE_POINTER() 
52505| // on MostRecentValidHeader if it is not NULL, and 

| same with SmallMostRecentValidHeader. 
52506| 

52507| static NTSTATUS FreeHeader(PDEVICE_OBJECT Volume); 
52508| static void SaveHeaderThread( void *Psh ); 
52509| static pkSnapShotMaster 

| FindMasterSnapShotOnOtherVolume ( plnternalSnapShot 

| Snapshot ); 

5251 0| static skSnapShotMaster *GetAMasterSnapShot( struct 
| _OT_USER_ *User, plnternalSnapShot MySnapShot ); 

5251 1 1 static struct skSnapShotEntry 

| *GetSnapShotForMaster( skSnapShotMaster 

| *MasterSnapShot, PDEVICE_OBJECT VolumeObject, 

| plnternalSnapShot Snapshot ); 

52512| static void DumpSizeOfs(void); 

52513| static void DumpHeader(void); 

52514| static bool BetterThan ( pHeader hi , pHeader h2 ); 

52515| 

5251 6| static plnternalSnapShot AllocSnapShot(void); 
5251 7\ static void FreeSnapShot( plnternalSnapShot 
| *SnapShot ); 

5251 8| static void AddSnapShotToList( PLIST ENTRY Head, 

| plnternalSnapShot Snapshot ); 
52519| static void RemoveSnapShotFromList( 

| plnternalSnapShot Snapshot ); 
52520| static plnternalSnapShot FindSnapShotFromSequence( 

| PDEVICE_OBJECT Volume, ULONG SequenceNumber ); 
52521| 

52522| static NTSTATUS AllocMemoryForVolume( 

| PDEVICE_OBJECT Volume, BOOLEAN UseDefaults ); 



52523| static NTSTATUS FreeMemoryForVolume( PDEVICE_OBJECT 
| Volume ); 

52524| static NTSTATUS ReleaseASnapShotForVolume( 
| PDEVICE_OBJECT Volume, plnternalSnapShot Snapshot ); 

52525| static NTSTATUS RemoveSnapShotDroppings( 
| PDEVICE_OBJECT Volume ); 

52526| static void DumpSnapShot ( tDisklnternalSnapShot * 

I); 

52527| 

52528| NTSTATUS RemoveVirtualWritesFromTree ( ULONG 

| ShouldEraselndexSectors ); 

52529| #ifdef DEBUG 

52530| void DumpVirtualWriteTree(); 

52531| #endif 
52532| 

52533| static NTSTATUS FindVirginSpace_GranuleBitmapPhase( 

52534| tVirginMap &VirginMap, 

52535| pShared Shared, 

52536| ULONG ClustersPerGranule, 

52537| ULONG &NumExtentsLost, 

52538| LARGEJNTEGER TotalClusters ); 

52539| 

52540| static NTSTATUS FindVirginSpace_SnapshotPhase( 

52541| tVirginMap &VirginMap, 

52542| tVirginMap &TempMap, 

52543| pShared Shared, 

52544| ULONG ClustersPerGranule, 

52545| ULONG &NumExtentsLost ); 

52546| 

52547| static NTSTATUS FindVirginSpace_VolumeBitmapPhase( 

52548| tVirginMap &VirginMap, 

52549| tVirginMap &TempMap, 

52550| ULONG &NumExtentsLost, 

52551 1 PFILE_OBJECT VolumeObject ); 

52552 1 }; 

52553 1 

52554| 

52555| typedef PersistentDictionary *pPersistentDictionary; 

52556| 

52557| 

52558| 

52559 1 // 

| 

52560 1 

52561 1 class TemporaryDictionary: public PersistentDictionary 
52562 1 { 
52563| public: 

52564| Temporary Dictionary(); 

52565| -Temporary Dictionary(); 

52566| //virtual ULONG GetSequenceNumber() const { return 



I Oxffffffff; } 
52567| }; 
52568| 
52569| 

52570| typedef TemporaryDictionary *pTemporaryDictionary; 
52571 | 
52572 1 

52573 1 // 

I 

52574| 

52575| class GenericTreeSearcher 
52576| { 
52577| public: 

52578| GenericTreeSearcher ( tTree &_tree ): 
52579 1 tree(_tree) 
52580 1 {} 
52581 | 

52582 1 boo I visitEveryNode(); // returns true if search 
| was completed, false if nodeCallback ever returned 
| false 

52583 1 

52584| virtual bool nodeCallback ( tTreeLeaf *node, int 

| depth ) = 0; // returns false to abort search. 
52585| 

52586| protected: 

52587| bool recursive!" raversal ( tTreeLeaf *node, int 

I depth ); 
52588| 

52589 1 private: 
52590 1 tTree &tree; 
52591| }; 
52592| 

52593| // 

| 

52594| 
52595| 

52596| typedef struct sPerSiblinglnfo { 
52597| BOOLEAN AlreadyHandled; 
52598| } tPerSiblinglnfo,*pPerSiblinglnfo; 
52599| 
52600| 

52601| // 

I 

52602| 

52603| typedef struct sSaveHeaderParameters { 
52604| PDEVICE_OBJECT Volume; 
52605| ULONG ShouldSignalEvent; 
52606| KEVENT Event; 

52607| } tSaveHeaderParameters, *pSaveHeaderParameters; 
52608| 



52609| //- 



52610| 

5261 1 1 typedef struct sCloseProcessSpecificHandles { 

52612| HANDLE &Handle; 

52613| PVOID &Object; 

52614| KEVENT Event; 

52615| 

5261 6| sCloseProcessSpecificHandles ( HANDLE &_Handle, 

| PVOID &_Object ): 
52617| Handle(JHandle), 
52618| Object(_Object) 
52619| { 

52620| RtlZeroMemory(& Event,sizeof ( Event)) ; 
52621 | } 

52622| } *pCloseProcessSpecificHandles; 

52623 1 

52624| 

52625| void CloseProcessSpecificHandles( 
[ pCloseProcessSpecificHandles Psh ); 
52626| extern PEPROCESS GlobalSystemProcessId; 
52627| 

52628| void CloseProcessHandle ( HANDLE &h, PVOID &o ); 
52629 1 

52630| NTSTATUS Rebuild_DeleteJunctionsOnVolume ( 

| PDEVICE_OBJECT Volume ); 
52631 | 

52632| /*— end of file perapi.h —7 

52633 1 

52634| 

52635| 

52636| File Listing: perdict.cpp 
52637| 

52638| #include "precomp.h" 
52639| #include "buildnum.h" 
52640 1 

52641 1 #define INVALID BIT INDEX ((ULONG)(-1)) 
52642 1 

52643| // when in debugger, set this to 1 to not rebuild the 

| dictionary during boot up 
52644| ULONG DebugReset=0; 
52645| 

52646| //ULONGLONG 

| PersistentDictionary::MostRecentSnapshotTime=0; 
52647| //PersistentDictionary : :plnternalSnapShot 

| PersistentDictionary: :MostRecentSnapshot=NULL; 
52648| ULONG 

| PersistentDictionary: :GhostBusterTime=FALSE; 
52649| ULONG PersistentDictionary::QPeriod=0; 
52650| ULONG PersistentDictionary::QTimeout=0; 



52651| ULONG PersistentDictionary::ShareFiles=0; 
52652| pPersistentDictionary PersistentDictionary::ListHead = 
| NULL; 

52653| ULONG PersistentDictionary::SectorSize=0; 
52654| ULONG 

| PersistentDictionary::NumSavedHeaderBlocks = 

| D E FAU LT H E A D E R BLOC KS_TO_S A VE ; 
52655| ULONG 

| PersistentDictionary::NextHeaderBlockToSave = 0; 
52656| signed long PersistentDictionary::Updating=0; 
52657| ULONG 

| PersistentDictionary::MaxNumUserSnapShots = 

| MAX_USER_SNAPSHOTS; 
52658| ULONG 

| PersistentDictionary::PSMFreeSpaceOptions = 0; 
52659| ULONG PersistentDictionary::Classlnited = 0; 

52660| ULONG PersistentDictionary::SystemReady= 0; 

52661 1 

52662| ULONG PersistentDictionary::NoPsm = FALSE; 
52663| ULONG Pe rs istent Dictionary:: Reset Psm = FALSE; 
52664| 

52665| ULONG PersistentDictionary::NoPsm_Disabled = FALSE; 
52666| ULONG PersistentDictionary::ResetPsm_Disabled = FALSE; 
52667| 

52668| #define CHECKSUM_IGNORE_DWORD 0xf5e4d3c1 
52669 1 

52670 1 ULONG 

52671| PersistentDictionary::CalculateChecksum ( 
52672| ULONG 

| DataSizelnBytes, 
52673| const void 

| *DataBuffer ) 
52674| { 

52675| ULONG sum = 0xc9d4b5a2; 

52676| ULONG multiplier = 0x1 a2b3c4d; 

52677| const unsigned char *p = (const unsigned char *) 

| DataBuffer; 
52678| ULONG i; 
52679 1 

52680| for ( i=0; i < DataSizelnBytes; ++i ) { 
52681 1 sum A = (0x1 00 + *p++) * multiplier++; 
52682| sum = (sum « 9) | (sum » (32-9)); // 

| rotate left 9 bits 
52683 1 } 
52684| 

52685| if ( sum == CHECKSUM_IGNORE_DWORD ) { 
52686| sum = Oxffffffff; // not allowed to be 

| CHECKSUM_IGNORE_DWORD 
52687| } 
52688| 



52689| return sum; 

52690| } 

52691| 

52692| BOOLEAN 

52693| PersistentDictionary::ValidateChecksum ( 
52694| ULONG 

| DataSizelnBytes, 
52695| const void 

| *DataBuffer, 
52696| ULONG 

| StoredChecksum ) 
52697| { 

52698| BOOLEAN isValid = TRUE; 
52699| 

52700| // If the stored checksum is CHECKSUM_IGNORE_DWORD, 

| it means we should ignore it. 
52701 | 

52702| if ( StoredChecksum != CHECKSUM_IGNORE_DWORD ) { 
52703| ULONG CalcChecksum = CalculateChecksum 

| (DataSizelnBytes, DataBuffer); 
52704| isValid = (CalcChecksum == StoredChecksum); 
52705| } 
52706| 

52707| return isValid; 
52708| } 
52709 1 

52710| // 

| 

52711 1 // Stuff for index file: 
52712| 

52713| BOOLEAN MemCompareToByte( const void *Buffer, unsigned 

| char Byte, ULONG Size ) 
52714| { 

52715| const ULONG *p = (const ULONG*)Buffer; 

5271 6| const ULONG NumDWords = Size / sizeoffp); 

5271 7| const ULONG Pattern = (ULONG)Byte * 0x01 01 01 01 ; 

52718| 

52719| ASSERT(Size % sizeof(ULONG)==0); 
52720| 

52721 1 for ( ULONG i=0; kNumDWords; ++i ) { 
52722| if ( *p++ != Pattern ) { 
52723 1 return FALSE; 

52724| } 
52725| } 

52726| return TRUE; 

52727| } 

52728| 

52729 1 // 



52731 1 BOOLEAN 

52732| PersistentDictionary::lndexSectorlsValid ( 
52733| plndexSector 

|x, 

52734| ULONG 

| indexSectorNumber, 
52735| NTSTATUS 

| Sstatus ) 
52736| { 

52737| BOOLEAN is Valid= FALSE; 
52738| BOOLEAN isEmpty = 

| MemCompareToByte(x,OxOO,SectorSize); 
52739 1 

52740| status = STATUS_SUCCESS; 
52741 | 

52742| if ( HsEmpty ) { 

52743| isValid = ValidateChecksum ( 

52744| SectorSize - 

| sizeof(ULONG), 
52745| 

| &(x->Filler[sizeof(ULONG)]), 
52746| 

| x->lnfo. Prefix. IndexChecksum ); 
52747| 

52748| if ( isValid ) { 

52749| isValid = (x->lnfo.DiskNode[0].CacheNode == 

| indexSectorNumber); 
52750 1 

52751 1 if ( isValid ) { 

52752| isValid = (x->lnfo. Prefix. PrefixSize == 

| sizeof(tlndexSectorPrefix)); 
52753| if ( isValid ) { 

52754| isValid = 

| (x->lnfo.DiskNode[0].SnapshotNumber> 0); 
52755| } else { 

52756| status = STATUS_FILE_CORRUPT_ERROR; 

52757| } 
52758| } else { 

52759| status = STATUS_FILE_CORRUPT_ERROR; 

52760 1 } 
52761 1 } else { 

52762| status = STATUS_FILE_CORRUPT_ERROR; 

52763 1 } 

52764| } else { 

52765| } 

52766| 

52767| return isValid; 

52768| } 

52769| 

52770 1 // 



I- 

52771 
52772 
52773 
52774 
52775 
52776 
52777 



NTSTATUS status = 0; 

Debug(DEBUG_DICT,("pd::Eraselndexlnfo (DevExt=%08x, 
| CacheNode=%08x)\n",DevExt,CacheNode)); 
52778I 

tlndexSector IndexSector = {0}; 
IO_STATUS_BLOCK loStatus; 
LARGEJNTEGER Location; 
Location. QuadPart = SectorSize*(unsigned 
int64)CacheNode; 



52779 
52780 
52781 
52782 

l_ 
52783 
52784 
52785 
52786 
52787 
52788 
52789 
52790 
52791 
52792 
52793 
52794 

| to 
52795 
52796 
52797 
52798 
52799 
52800 
52801 

I- 

I- 
52802 
52803 
52804 
52805 
52806 
52807 
52808 
52809 
52810 
52811 
52812 
52813 
52814 



NTSTATUS PersistentDictionary::Eraselndexlnfo ( 
PFILTERED_EXTENSION DevExt, 
ULONG CacheNode ) 

{ 



status = PsmWriteToFile( 
& DevExt->Cache. I ndexFile, 
SloStatus, 

(PVOID)&lndexSector, 
SectorSize, 
&Location, 
DevExt->DoDirectlO, 

&DevExt->Cache.DirectAccessResource ); 

if ( !NT_SUCCESS(status) ) { 

Debug(DEBUG_DICT,( "!!! Error 0x%08lx writing 
index fileAn", (unsigned long)status )); 
ASSERT(FALSE); 

} 

return status; 

} 



II- 



NTSTATUS PersistentDictionary::WritelndexSector ( 
PFILTERED_EXTENSION DevExt, 
ULONG Granulelndex, 
const tlndexSector &lndexSector ) 



{ 



NTSTATUS status = 0; 

IO_STATUS_BLOCK loStatus; 
LARGEJNTEGER Location; 
ULONG BytesToWrite = SectorSize; 

_try{ 

Location. QuadPart = SectorSize * ((unsigned 



I int64)Granulelndex); 

52815| status = PsmWriteToFile( 

5281 6| &DevExt->Cache.lndexFile, 

52817| &loStatus, 

52818| &lndexSector, 

52819| SectorSize, 

52820| &Location, 

52821 1 DevExt->DoDirectlO, 

52822| &DevExt->Cache.DirectAccessResource ); 



52823 1 } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
52824| status = GetExceptionCode(); 
52825| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::WritelndexSector\n",status)); 
52826| } 
52827| 

52828| if ( !NT_SUCCESS(status) ) { 

52829| Debug(DEBUG_DICT,( "!!! Error 0x%08lx writing 

| to index fileAn", (unsigned long)status )); 
52830 1 ASS E RT( F ALS E) ; 
52831| } 
52832| 

52833| return status; 
52834| } 
52835| 
52836| // 



52837| 
52838| 

52839| NTSTATUS PersistentDictionary::Savelndexlnfo ( 
52840| PFILTEREDEXTENSION DevExt, 



52846| { 

52847| Profile("pd::Savelndexlnfo"); 
52848| 

52849| ULONG i = 0; 
52850| 

52851 1 Debug(DEBUG_DICT,( "Savelndexlnfo (DevExt=%08x, 
| DasdGran=%08x, SS=%08x, CacheNode=%08x, 
| DataChecksum=0x%08lx, Flags=%08x)\n", 

52852 1 DevExt, 

52853| (unsigned long) DasdGranule, 

52854| (unsigned long) SnapshotNumber, 

52855| (unsigned long) CacheNode, 

52856| (unsigned long) DataChecksum, 



52841 | 
52842 | 
52843 | 
52844| 
52845| 



ULONG 
ULONG 
ULONG 
ULONG 
ULONG 



DasdGranule, 
SnapshotNumber, 
CacheNode, 
DataChecksum, 
Flags ) 



52857| Flags)); 
52858| 

52859| ASSERT (SectorSize == sizeof(tlndexSector)); 
52860| 

52861 1 tlndexSector IndexSector; 
52862 1 #if 0 

52863 1 // Scoot the disk nodes "down", deleting the last 

| one, so that we can stick 
52864| // new one in the first slot. 
52865| 

52866| for ( i = DISK_NODES_PER_INDEX_SECTOR - 1 ; i>0; -i 
l){ 

52867| lndexSector.lnfo.DiskNode[i] = 

| IndexSector. Info. DiskNode[i-1]; 
52868| } 
52869 1 #endif 
52870 1 

52871 1 // Now put the new disk node data in the first 

| slot... 
52872 1 

52873 1 I ndexSecto r. I nfo . DiskNode[0] . DasdGranu le 
| DasdGranule; 

52874| I ndexSecto r. I nfo . DiskNode[0] . SnapshotNu mber = 

| SnapshotNumber; 
52875 1 I ndexSecto r. I nfo . D iskNode[0] . CacheNode 

| CacheNode; 

52876| I ndexSecto r. I nfo . DiskNode[0] . DataChecksu m 

| DataChecksum; 
52877| I ndexSecto r. I nfo . DiskNode[0] . Vo lu meld 

| DevExt->Volumeld; 
52878| I ndexSecto r. I nfo . DiskNode[0] . Flags 

I Flags; 
52879 1 

52880| // Fill in all prefix information ***EXCEPT*** for 

| checksum (done after everything else): 
52881 | 

52882| IndexSector. I nfo. Prefix. PrefixSize = 

| sizeof(tl ndexSecto rPrefix); 
52883 1 I ndexSecto r. I nfo . Prefix .Version 

| PSM_INDEX_CURRENT_VERSION; 
52884| IndexSector. Info. Prefix. Sequence = 

| (DevExt->NextlndexSequenceNumber)++; 
52885| KeQuerySystemTime 

| (&(l ndexSector. I nfo .Prefix . DateTimeWritten)) ; 
52886| 

52887| // The checksum calculation must be done last, so 

| that remaining data is valid: 
52888| 

52889| I ndexSector. I nfo. Prefix. IndexChecksum = 
| CalculateChecksum ( 



52890| SectorSize - sizeof(ULONG), 

52891 1 &lndexSector.Filler[sizeof(ULONG)] ); 

52892 1 

52893| NTSTATUS status = WritelndexSector (DevExt, 

| CacheNode, IndexSector); 
52894 1 return status; 
52895| } 
52896| 

52897| // 



52899| PersistentDictionary::plnternalSnapShot 

| PersistentDictionary: :AllocSnapShot() 
52900| { 

52901 1 plnternalSnapShot 

| p=(PersistentDictionary::plnternalSnapShot)MemAllocatePo 
| olWithTag(PagedPool,sizeof(tlnternalSnapShot),PSM_INTERN 
| AL_SNAPSHOT); 

52902| if ( p ) { 

52903| Debug(DEBUG_DICT,( M pd::AllocSnapShot: Alloced 

| snapshot %08x\n M ,p)); 
52904| RtlZeroMemory(p,sizeof(tlnternalSnapShot)); 
52905| } 
52906| return p; 
52907| } 
52908| 

52909 1 // 

| 

52910| 

52911| void PersistentDictionary::FreeSnapShot( 

| PersistentDictionary: plnternalSnapShot *SnapShot ) 
52912| { 

52913| Debug(DEBUG_DICT,("pd::FreeSnapShot: Freeing 

| snapshot %08x\n",SnapShot)); 
52914| RtlZeroMemory(*SnapShot,sizeof(tlnternalSnapShot)); 
52915| MemFreePool(*SnapShot); 
52916| *SnapShot = NULL; 
52917| } 
52918| 

52919|// 

| 

52920| 

52921| void PersistentDictionary::AddSnapShotToList( 
| PLIST_ENTRY Head, 

| PersistentDictionary: plnternalSnapShot Snapshot ) 
52922| { 

52923| Debug(DEBUG_DICT,("pd::AddSnapShotToList: Adding 

| %08x to snapshot list\n",SnapShot)); 
52924| lnsertTailList(Head,&SnapShot->ListEntry); 
52925| } 



52926| 
52927| //- 



52929| void PersistentDictionary::RemoveSnapShotFromList( 

| PersistentDictionary::plnternalSnapShot Snapshot ) 
52930| { 

52931| Debug(DEBUG_DICT,("pd::RemoveSnapShotFromList: 

| Removing %08x from snapshot list\n", Snapshot)); 
52932| RemoveEntryList(&SnapShot->ListEntry); 
52933| } 
52934| 

52935| // 

| 

52936| 

52937| PersistentDictionary::plnternalSnapShot 

| PersistentDictionary::FindSnapShotFromSequence ( 
52938| PDEVICE_OBJECT Volume, 
52939| ULONG SequenceNumber ) 

52940| { 

52941 1 PLIST_ENTRY p; 

52942| plnternalSnapShot s=NULL; 

52943| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
52944| 

52945| p=DevExt->Cache.SnapShotHead.Flink; 
52946| 

52947| while ( p!=&DevExt->Cache.SnapShotHead ) { 
52948| 

| s=CONTAINING_RECORD(p,tlnternalSnapShot,ListEntry); 
52949 1 

52950| if ( s->Permanent.SequenceNumber == 

| SequenceNumber ) { 
52951 1 break; 
52952 1 } 
52953| p=p->Flink; 
52954| s = NULL; 
52955| } 
52956| 

52957| //Debug(DEBUG_DICT,( M pd::FindSnapShotFromSequence 

| (Volume=%08x, Sequence=%08x) returning 

| %08x\n",Volume,SequenceNumber,s)); 
52958| return s; 
52959 1 } 
52960 1 

52961 1 // 



52963| ULONG 

| PersistentDictionary::lsCacheSnapShotCreationThresholdRe 



I ached () 
52964| { 

52965| ULONG CacheWarningThreshold = (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapMaxSize * 

| DevExt->Cache.CacheWarningThresholdPercent) / 100); 

52966| ULONG CacheSnapDeleteThreshold = (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapMaxSize * 

| DevExt->Cache.CacheFullThresholdPercent) / 100); 

52967| 

52968| signed long GranuleSpan = ((signed 
| long)CacheSnapDeleteThreshold - (signed 
| long)CacheWarningThreshold)/5; //20 percent of the 
I gap 

52969| static const signed long M I N_G R A N U L E_S PAN = 
| 8*1 024*1 024/GRANULE_SIZE; //8MB of space between 
| stopping new ss create and deleting old ss 

52970| if ( GranuleSpan < MIN_GRANULE_SPAN ) { 

52971 1 GranuleSpan = MIN_GRANULE_SPAN; 

52972 1 

| Debug(DEBUG_DICT,("pd::lsCacheSnapShotCreationThresholdR 

| eached: Increased GranuleSpan to minimum 

| %08x\n M ,GranuleSpan)); 
52973 1 } 
52974| 

52975| ASSERT(GranuleSpan < (signed 

| long)CacheSnapDeleteThreshold); 
52976| ULONG CacheSnapCreationThreshold = 

| CacheSnapDeleteThreshold - GranuleSpan; 
52977| if ( 

| CacheSnapCreationThreshold<CacheWarningThreshold && 
| CacheWarningThreshold<CacheSnapDeleteThreshold ) { 

52978| CacheSnapCreationThreshold = 
| CacheWarningThreshold; 

52979 1 

| Debug(DEBUG_DICT,("pd::lsCacheSnapShotCreationThresholdR 

| eached: Moved creation threshold to warning 

| threshold^")); 
52980 1 } 
52981 1 
52982 1 

| Debug(DEBUG_DICT,("pd::lsCacheSnapShotCreationThresholdR 
| eached :\n")); 

52983| Debug(DEBUG_DICT,(" CacheWarningThreshold 

| = %08x\n", CacheWarningThreshold)); 
52984| Debug(DEBUG_DICT,(" CacheSnapDeleteThreshold 

| = %08x\n M , CacheSnapDeleteThreshold)); 
52985| Debug(DEBUG_DICT,(" GranuleSpan 

| = %08x\n M , GranuleSpan)); 
52986| Debug(DEBUG_DICT,(" 

| CacheSnapCreationThreshold = %08x\n M , 



I CacheSnapCreationThreshold)); 
52987| Debug(DEBUG_DICT,(" Current Cache Size 

| = %08x\n", DevExt->Cache.CurrentCacheFileSize)); 
52988| 

52989| ULONG ReturnValue = 0; // indicates that creating 

| a snapshot is OK 
52990| if ( DevExt->Cache.CurrentCacheFileSize > 

| CacheSnapCreationThreshold ) { 
52991 1 Debug(DEBUG_DICT,(" *** New snapshot 

| creation will be DENIED!\n")); 
52992| ReturnValue = CacheSnapCreationThreshold; // 

| indicates that creating a snapshot is NOT ALLOWED 
52993 1 } else { 

52994| Debug(DEBUG_DICT,(" — New snapshot 

| creation will be allowedAn")); 
52995| } 
52996| 

52997| return ReturnValue; 

52998| } 

52999| 

53000| // 



53001| 

53002| ULONG 

| PersistentDictionary::lsCacheWarningThresholdReached () 
53003| { 

53004| ULONG CacheWarningThreshold = (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapMaxSize * 

| DevExt->Cache.CacheWarningThresholdPercent) / 100); 

53005| if ( 

| DevExt->Cache.CurrentCacheFileSize>CacheWarningThreshold 
I ){ 

53006| return CacheWarningThreshold; 

53007| } else { 

53008| return 0; 

53009| } 

53010| } 

53011| 

53012| // 



53013| 

53014| PersistentDictionary::plnternalSnapShot 

| PersistentDictionary::GetNextFreeSnapShot ( 
53015| PDEVICE_OBJECT Volume, 
5301 6| ULONG SequenceNumber ) 

53017| { 

53018| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53019| 

53020| Debug(DEBUG_DICT,("GetNextFreeSnapShot: called - 



I Volume=%08x\n", Volume)); 
53021 1 plnternalSnapShot p=AllocSnapShot(); 
53022| if ( p ) { 

53023| ASSERT (DevExt->Cache. Header != NULL); 
53024| ASSERT (SequenceNumber > 

| DevExt->Cache.Header->HighestSnapNumber); 
53025| p->Permanent. SequenceNumber = 

| DevExt->Cache.Header->HighestSnapNumber = 

| SequenceNumber; 
53026| 

| AddSnapShotToList(&DevExt->Cache.SnapShotHead,p); 
53027| p->ReferenceCount++; 
53028| } 

53029| Debug(DEBUG_DICT,("GetNextFreeSnapShot: returning 

| %08x\n M ,p)); 
53030| return p; 
53031 1 } 
53032 | 

53033| // 



53034| // Returns a valid position or INVALID_POSITION_VALUE 

| if no positions available 
53035| 

53036| ULONG PersistentDictionary::GetNextCacheLocation ( 

| ULONG GranulesWeNeed ) 
53037| { 

53038| ULONG Bitlndex = INVALID_BIT_INDEX; 
53039| Profile( M pd::GetNextCacheLocation M ); 
53040| ASSERT(DevExt != NULL); 
53041 | 

53042| // we only support 31 bits of cache file space 

53043| ASSERT(DevExt->Cache.PSManBitMapSize<=0x7fffffff); 

53044| 

| ASSERT(DevExt->Cache.PSManBitMapMaxSize<=0x7fffffff); 
53045| 

53046| Debug(DEBUG_DICT,("pd::GetNextCacheLocation - about 

| to acquire PSManBitMapMutex\n")); 
53047| pmAcquireMutex ( &DevExt->Cache.PSManBitMapMutex, 

| NULL); 
53048| _try { 

53049| if ( DevExt->Cache.PSManBitHint + 

| GranulesWeNeed > DevExt->Cache.PSManBitMapSize ) { 

53050| // This hint can't possibly work, so start 

| over. 

53051 1 DevExt->Cache.PSManBitHint = 0; 

53052 1 } 
53053 1 

53054| PsmBitPositionValidate 

| (DevExt->Cache.PSManBitMapBuffer, 
| DevExt->Cache.PSManBitHint); 



53055| Bitlndex = 

| RtlFindClearBitsAndSet(DevExt->Cache.PSManBitMapBuffer,G 

| ranulesWeNeed,DevExt->Cache.PSManBitHint); 
53056| if ( Bitlndex==INVALID_BIT_INDEX && 

| DevExt->Cache.PSManBitHint>0 ) { 
53057| // try again from the beginning of the bit 

| array 

53058| DevExt->Cache.PSManBitHint = 0; 

53059| Bitlndex = 

| RtlFindClearBitsAndSet(DevExt->Cache.PSManBitMapBuffer,G 
| ranulesWeNeed,DevExt->Cache.PSManBitHint); 

53060| } 

53061 | 

53062| if ( Bitlndex == INVALID BIT INDEX ) { 
53063| // INVALID_BIT_INDEX == 32 bits, we can 

| only return 31 bits 
53064| Bitlndex = INVALID_POSITION_VALUE; 

53065| } else { 

53066| // We found the bits we needed. Now update 

| the hint for the next time. 
53067| DevExt->Cache.PSManBitHint = Bitlndex + 

| GranulesWeNeed; 
53068| DevExt->Cache.CurrentCacheFileSize += 

| GranulesWeNeed; 
53069 1 

53070| if ( DevExt->Cache.CurrentCacheFileSize > 

| DevExt->Cache.PSManBitMapSize ) { 
53071 1 DevExt->Cache. PSManBitMapSize = 

| DevExt->Cache.CurrentCacheFileSize; 
53072 1 } 
53073 1 } 

53074| } ^finally { 

53075| pmReleaseMutex ( 

| &DevExt->Cache.PSManBitMapMutex ); 
53076| Debug(DEBUG_DICT,( M pd::GetNextCacheLocation - 

| just released PSManBitMapMutex\n")); 
53077| } 
53078| 

53079| ASSERT(Bitlndex<=0x7fffffff); 
53080 1 return Bitlndex; 
53081 1 } 
53082 1 

53083| // 



53085| void PersistentDictionary::FreeCacheLocation ( ULONG 

| Granulelndex ) 
53086| { 

53087| Profile( M pd::FreeCacheLocation M ); 
53088| 



53089| #if DEBUG_INDEX_EOF 

53090| Debug(DEBUG_DICT,( M pd::FreeCacheLocation: 
| Granulelndex=%08x, DevExt=%08x - about to acquire 
| PsManBitMapMutex\n",Granulelndex,DevExt)); 

53091 1 #endif /*DEBUG_INDEX_EOFV 

53092 | 

53093| pmAcquireMutex ( &DevExt->Cache.PSManBitMapMutex, 

| NULL); 
53094| __try { 
53095| 

| PsmBitPositionValidate(DevExt->Cache.PSManBitMapBuffer, 
| Granulelndex); 
53096| ASSERT ( 

| RtlCheckBit(DevExt->Cache.PSManBitMapBuffer,Granulelndex 
l)!=0); 

53097| RtlClearBits ( DevExt->Cache.PSManBitMapBuffer, 

| Granulelndex, 1 ); 
53098| ASSERT ( DevExt->Cache.CurrentCacheFileSize > 0 

I); 

53099| Interlocked Decrement ( 

| (PLONG)&DevExt->Cache.CurrentCacheFileSize ); 
53100| }_finally { 
531 01 1 pmReleaseMutex ( 

| &DevExt->Cache.PSManBitMapMutex ); 
53102| } 
53103| } 
53104| 
53105| 

53106| // 

| 

| 

53107| // translate values in header.psm to PSM_SS_BIT_xxx 

| combinations ... 
53108| 

53109| unsigned char PSM_SS_HeaderTo Flags ( unsigned char 

| HeaderValue ) 
53110| { 

531 1 1 1 unsigned char SnapShotFlags = 

| PSM_SS_FLAG_P_READONLY; 
53112| 

531 13| switch ( HeaderValue ) { 

53114| case PSM_SS_FLAG_HEADER_READWRITE: 

531 15| SnapShotFlags = PSM_SS_FLAG_P_READWRITE; 

53116| break; 

53117| 

53118| case PSM_SS_FLAG_HEADER_READWRITE_PERSISTENT: 
53119| SnapShotFlags = 

| PSM_SS_FLAG_P_READWRITE_PVW; 
53120| break; 
53121| 



53122| case PSM_SS_FLAG_HEADER_READONLY: 

531 23 1 SnapShotFlags = P S M_SS_F L A G_P_R E A D O N L Y ; 

53124| break; 

53125| 

53126| default: 

53127| Debug(D EBUG_DICT, (" ! ! ! 

| PSM_SS_HeaderToFlags: Unknown 

| HeaderValue=%02x\n M , HeaderValue)); 
53 1 28 1 ASS E RT( F A LS E) ; 

53129| } 
53130| 

531 31 1 return SnapShotFlags; 

53132| } 

53133| 

53134| 

53135| // 

| 

| 

53136| // translate PSM_SS_BIT_xxx combinations to values in 

| header.psm ... 
53137| 

53138| unsigned char PSM_SS_FlagsToHeader ( unsigned char 

| SnapShotFlags ) 
53139| { 

53140| unsigned char HeaderValue = 

| PSM_SS_FLAG_HEADER_READONLY; 
53141| 

531 42 1 // We should never find temporary snapshot stuff in 
| the header... 

53143| ASSERT ( PSM_SS_lsPersistent(SnapS hot Flags) ); 
53144| ASSERT ( !(SnapShotFlags & 

| PSM_SS_BIT_SAVE_TEMP_ON_EXIT) ); 
53145| 

53146| if ( PSM_SS_lsReadWrite(SnapShotFlags) ) { 
531 47| // Read/Write snapshot 
531 48| if ( SnapShotFlags & 

| PSM_SS_BIT_VIRTUAL_WRITES_PERSISTENT ) { 
53149| HeaderValue = 

| PSM_SS_FLAG_HEADER_READWRITE_PERSISTENT; 
53150| }else{ 

53151 1 HeaderValue = PSM_SS_FLAG_HEADER_READWRITE; 

53152| } 

53153| 

53154| }else{ 

531 55 1 // Read-Only snapshot 
53156| 

531 57| // Cannot have persistent virtual writes on a 

| read-only snapshot! 
53158| ASSERT ( !(SnapShotFlags & 

| PSM_SS_BIT_VIRTUAL_WRITES_PERSISTENT) ); 



53159| } 
53160| 

531 61 1 return HeaderValue; 

53162| } 

53163| 

53164| // 



53165| 

53166| void PersistentDictionary::DumpSnapShot ( 

| PersistentDictionary::tDisklnternalSnapShot *SnapShot ) 
53167| { 

53168| #ifdef DEBUG 

531 69| ASSERT (SnapShot != NULL); 

53170| if ( Snapshot ) { 

531 71 1 Debug(DEBUG_DICT,("Dump of 

| tDisklnternalSnapShot %08x\n",SnapShot)); 
53172| Debug(DEBUG_DICT,(" SequenceNumber = 

| %08x\n",SnapShot->SequenceNumber)); 
53173| Debug(DEBUG_DICT,(" SnapShotTime = 

| %01 6l64x\n",SnapShot->SnapShotTime.QuadPart)); 
53174| Debug(DEBUG_DICT,(" External I nstance = 

| %08x\n",SnapShot->Externallnstance)); 
53175| Debug(DEBUG_DICT,(" GroupNumber = 

| %08x\n",SnapShot->GroupNumber)); 
53176| Debug(DEBUG_DICT,(" Status 

| %08x\n",SnapShot->Status)); 
53177| Debug(DEBUG_DICT,(" NumToKeep 

| %08x\n",SnapShot->NumToKeep)); 
53178| Debug(DEBUG_DICT,(" Priority 

| %02x\n",SnapShot->Priority)); 
53179| Debug(DEBUG_DICT,(" SnapShotFlags = 

| %02x\n",SnapShot->SnapShotFlags)); 
53180| Debug(DEBUG_DICT,(" Reservedl 

| %02x\n",SnapShot->Reserved1 )); 
53181| Debug(DEBUG_DICT,(" Reserved2 

| %02x\n",SnapShot->Reserved2)); 
53182| Debug(DEBUG_DICT,(" UserSnapShotName = 

| '%S'\n",SnapShot->UserSnapShotName)); 
53183| } 

53184| #endif /* DEBUG*/ 

53185| } 

53186| 

53187| // 



53188| 

53189| void PersistentDictionary::SaveHeaderThread( void 

| 'Context ) 
53190| { 



53191 1 Profile( M pd::SaveHeaderThread M ); 
53192| 

53193| pSaveHeaderParameters Psh = 

| pSaveHeaderParameters(Context); 
53194| GetSnapShotForRead(); 
53195| ULONG SnapShotAcquired = TRUE; 
53196| __try{ 
53197| __try{ 

53198| ULONG NumberOfPersistentSnapShots=0; 

53199| ULONG TotalNumberOfSnapShots=0; 

53200| LARGEJNTEGER Location={0}; 

53201 1 NTSTATUS Status=0; 

53202| IO_STATUS_BLOCK loStatus={0}; 

53203| PDEVICE_OBJECT Volume = Psh->Volume; 

53204| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53205| 

53206| Debug(DEBUG_DICT,( M pd::SaveHeaderThread: 

| Volume=%08x, DevExt=%08x\n",Volume,DevExt)); 
53207| 

53208| // get number of snapshots so we now how 

| much memory to alloc 
53209| PLIST_ENTRY 

| p=DevExt->Cache.SnapShotHead.Flink; 
5321 0| while ( p!=&DevExt->Cache.SnapShotHead ) { 

5321 1 1 ++TotalNumberOfSnapShots; 
53212| plnternalSnapShot s = 

| CONTAINING_RECORD(p,tlnternalSnapShot,ListEntry); 
53213| if ( PSM_SS_lsPersistent 

| (s->Permanent.SnapShotFlags) ) { 
53214| // Only count persistent snapshots, 

| because those are the only ones we will save. 
5321 5| ++NumberOf PersistentSnapShots; 

53216| } 
53217| p=p->Flink; 
53218| } 
53219| 

53220| ASSERT ( NumberOfPersistentSnapShots <= 

| MAX_SNAPSHOTS_PER_HEADER_FILE ); 
53221 | 

53222| Debug(DEBUG_DICT,("pd::SaveHeaderThread: 

| %08x - %d persistent snapshots active, %d 

| total\n",&DevExt->Cache.SnapShotHead,NumberOfPersistentS 

| napShots,TotalNumberOfSnapShots)); 
53223| if ( DevExt->Cache. Header ) { 

53224| // Sizes of the stuff we want to save 

53225| ULONG 

| SizelnMemory=sizeof(tHeader)+(NumberOfPersistentSnapShot 

| s*sizeof(tDisklnternalSnapShot))+sizeof(DWORD); 
53226| ULONG SizeOnDisk = 



I ROUND_UP(SizelnMemory,DevExt->BytesPerSector); 
53227| ASSERT(SizeOnDisk>=SizelnMemory); 
53228| ASSERT(SizeOnDisk % 

| DevExt->BytesPerSector == 0); 
53229| 

53230| // Maximum sizes of header blocks 

53231 1 ULONG BlockSize In Memory = 

| sizeof(tHeader)+(MAX_SNAPSHOTS_PER_HEADER_FILE*sizeof(tD 

| isklnternalSnapShot))+sizeof(DWORD); 
53232| ULONG BlockSizeOnDisk = 

| ROUND_UP(BlockSizelnMemory,DevExt->BytesPerSector); 
53233 | 

| ASSERT(BlockSizeOnDisk>=BlockSizelnMemory); 
53234| ASSERT(BlockSizeOnDisk % 

| DevExt->BytesPerSector == 0); 
53235| 

53236| pHeader LocalHeader = 

| (pHeader)MemAllocatePoolWithTag(PagedPool,SizeOnDisk,PSM 

| _D I CT_H E A D E R_T AG ) ; 
53237| if ( LocalHeader ) { 

53238| 

| RtlZeroMemory(LocalHeader,SizeOnDisk); 
53239 | 

53240| // Rotate the wheel! This helps us 

| know if we need to reload index info on cluster 

| failover... 
53241 1 

| ++(DevExt->Cache.Header->lndexLoadWheel); 
53242 1 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: 
| lndexLoadWheel=%08x, 

| DevExt=%08x\n M ,DevExt->Cache.Header->lndexLoadWheel,DevE 
I xt)); 
53243 1 

53244| // copy the normal header stuff 

53245| 

| RtlCopyMemory(LocalHeader,DevExt->Cache.Header,sizeof(tH 
| eader)); 
53246| 

53247| // move snapshots into new header 

53248| PLIST_ENTRY 

| p=DevExt->Cache.SnapShotHead. Flink; 
53249| ULONG i=0; 

53250| while ( 

| p!=&DevExt->Cache.SnapShotHead ) { 
53251 1 plnternalSnapShot s = 

| CONTAINING_RECORD(p,tlnternalSnapShot,ListEntry); 
53252| if ( PSM_SS_lsPersistent 

| (s->Permanent.SnapShotFlags) ) { 
53253| 



I DumpSnapShot(&s->Permanent); 
53254| 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: Adding 

| snapshot seq %08x (status=%08x) to header at pos 

| %08x\n",s->Permanent.SequenceNumber,s->Permanent. Status, 

M)); 

53255| ASSERT ( i < 

| NumberOfPersistentSnapShots ); 
53256| 

| RtlCopyMemory(&LocalHeader->SnapShots[i],&s->Permanent,s 
| izeof(tDisklnternalSnapShot)); 
53257| 

| LocalHeader->SnapShots[i].SnapShotFlags = 
| PSM_SS_FlagsToHeader 
| (LocalHeader->SnapShots[i].SnapShotFlags); 
53258| 

| LocalHeader->SnapShots[i]. Status = s->SnapShotMaster ? 
| s->SnapShotMaster->Status : PSM_PENDING; 
53259| 

53260| } else { 

53261 1 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: Excluding 

| temporary snapshot seq 

| %08x\n",s->Permanent.SequenceNumber)); 
53262 1 } 
53263| p=p->Flink; 
53264| } 
53265| 
53266| 

| ASSERT(i==NumberOfPersistentSnapShots); 
53267| 

53268| KeQuerySystemTime ( 

| &(LocalHeader->DateTimeWritten) ); 
53269| static LARGEJNTEGER LatestSaveTime 

I = {0}; 
53270 1 if ( 

| LocalHeader->DateTimeWritten.QuadPart > 

| LatestSaveTime. QuadPart ) { 
53271 1 LatestSaveTime = 

| LocalHeader->DateTimeWritten; 
53272 1 } else { 

53273| // Weird problem: this can 

| happen if we are saving header to a RAID 
53274| // with write-through RAM on 

| board. The time between consecutive SaveHeader calls 
53275| // can leave us thinking two 

| headers have been written at the same time, thus 
53276| // during reboot we cannot tell 

| which one is most recent. This may be the 
53277| // cause of our elusive 



I junction point problems. 
53278| // Fix: If this time seems to 



| be at or before the previous time we saved, 
53279| // then use the previous time 



| plus one. 

53280| // This forces all DateTimes 



| written to be in strictly increasing order. 
53281 | 
53282 | 

| LocalHeader->DateTimeWritten.QuadPart = 

| ++LatestSaveTime.QuadPart; 
53283 1 } 
53284| 

53285| LocalHeader->Size = SizelnMemory; 

53286| LocalHeader->Version = 

| PSM_HEADER_CURRENT_VERSION; 
53287| LocalHeader->Signature = 

| PSM_HEADER_SIGNATURE | PSM_HEADER_MINOR_VERSION; 
53288| 

53289| // We MUST calculate the header 

| checksum as the last step in constructing the header... 
53290| ULONG 

| *Checksum=(ULONG*)((((BYTE*)LocalHeader)+SizelnMemory-si 

| zeof(DWORD))); 
53291 1 *Checksum = CalculateChecksum 

| (SizelnMemory-sizeof(DWORD), LocalHeader); 
53292 | 

53293 1 // Rotated headers: Adjust location 

| based on the next place to put a header block... 
53294| ASSERT(NextHeaderBlockToSave >= 0); 

53295| ASSERT(NextHeaderBlockToSave < 

| NumSavedHeaderBlocks); 
53296| Location. QuadPart = BlockSizeOnDisk 

| * NextHeaderBlockToSave; 
53297| 

53298| // Rotated headers: Save next 

| header block in another slot... 
53299| ASSERT (NumSavedHeaderBlocks != 0); 

53300| ULONG CurrentHeaderBlock = 

| NextHeaderBlockToSave; 
53301 1 NextHeaderBlockToSave = (1 + 

| NextHeaderBlockToSave) % NumSavedHeaderBlocks; 
53302 | 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: 
| CurrentHeaderBlock=%x, 

| NextHeaderBlock=%x\n",CurrentHeaderBlock,NextHeaderBlock 
| ToSave)); 



53303 | 
53304| 
53305| 



if ( SnapShotAcquired ) { 

ReleaseSnapShotForRead(); 



53306| SnapShotAcquired = FALSE; 

53307| } 

53308| 

53309| // we are breaking a rule here. 

5331 0| // which is that an io may not 

| occur while we have the 
5331 1 1 // snapshot resource acquired from 

| write (which during close) 
53312| //we do. This is a hack to allow 

| it during close. This is 
53313| // somewhat safe as the file is not 

| being extended so the 
5331 4| // f ilesystem doesnt need any 

| volume resources to write to it. 
53315| // during open, when it may be 

| extended we dont have the resource 
5331 6| // acquired for write, so we are 

| safe. 



53317| 




53318| 


Status= PsmWriteToFile( 


53319| 


&DevExt->Cache.HeaderFile, 


53320| 


SloStatus, 


53321 | 


LocalHeader, 


53322 | 


SizeOnDisk, 


53323 1 


SLocation, 


53324| 


DevExt->DoDirectlO, 


53325| 




| & DevExt->Cache . D i rect Access Reso u rce 


53326| 


#ifdef DEBUG 


53327| 


, FALSE 


53328| 


#endif 


53329 1 


); 


53330 1 




53331 | 


DumpHeader(); 


53332 1 


MemFreePool (LocalHeader); 


53333 1 


LocalHeader = 0; 


53334| 


} else { 


53335| 





| Status=STATUS_INSUFFICIENT_RESOURCES; 
53336| 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: Error %08x 

| allocing memory\n", Status)); 
53337| } 
53338| } else { 

53339 1 

| Debug(DEBUG_DICT,("pd::SaveHeaderThread: 

| DevExt->Cache.Header is NULLAn")); 
53340| ASSERT (TotalNumberOfSnapShots == 0); 

53341 | } 
53342| } except( 



I ExceptionFilter(GetExceptionlnformation()) ) { 
53343| Debug(DEBUG_DICT,(" Exception %08x in 

| pd::SaveHeaderThread\n",GetExceptionCode())); 
53344| } 

53345| } ^finally { 

53346| if ( SnapShotAcquired ) { 
53347| ReleaseSnapShotForRead(); 
53348| SnapShotAcquired = FALSE; 

53349| } 
53350| } 
53351 | 

53352| if ( Psh->ShouldSignal Event ) { 

53353 1 // started as th read 

53354| pmSetEvent(&Psh->Event); 

53355| PsTerminateSystemThread( 0 ); 

53356| } 

53357| } 

53358| 

53359| // 



53360 1 

53361| NTKERNELAPI 

53362| BOOLEAN 

53363| lolsSystemThread( 

53364| IN PETHREAD Thread 

53365| ); 

53366| 

53367| // 

| 

53368| 

53369| NTSTATUS PersistentDictionary::SaveHeader ( 

| PDEVICE_OBJECT Volume ) 
53370| { 

53371 1 NTSTATUS Status = STATUS_SUCCESS; 

53372 1 __try { 

53373| if ( Updating == 0 ) { 

53374| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53375| if(DevExt->Cache.Header) { 

53376| #ifdef DEBUG 
53377| PVOID CallerAddress=0, 

| CallersCallerAddress=0; 
53378| RtlGetCallersAddress (&CallerAddress, 

| &CallersCallerAddress); 
53379| Debug(DEBUG_DICT,("Entering 

| pd::SaveHeader: volume=%08x, caller=%08x, 

| grandpa=%08x\n", 
53380| Volume, 
53381 1 CallerAddress, 
53382| CallersCallerAddress)); 



53383| #endif 
53384| 

53385| tSaveHeaderParameters Psh = {0}; 

53386| Psh.Volume = Volume; 

53387| Psh.ShouldSignalEvent = FALSE; 

53388| KelnitializeEvent ( &Psh. Event, 

| Notification Event, FALSE ); 
53389| 

53390| if(GlobalSystemProcessld == 

| PsGetCurrentProcess()) { 
53391 1 SaveHeaderThread(&Psh); 
53392 1 } else { 

53393| HANDLE ThreadHandle = 

| INVALID HANDLE VALUE; 
53394| Psh.ShouldSignalEvent = TRUE; 

53395| 

53396| pmStartThread( 
53397| 

| (PKSTART_ROUTINE)SaveHeaderThread, 
53398| (PVOID)&Psh, 
53399| &ThreadHandle ); 

53400 1 
53401| 

| pmWaitForSingleObject(&Psh.Event,NULL); 
53402| ZwClose(ThreadHandle); 
53403| } 
53404| 

53405| if ( NT_SUCCESS(Status) ) { 

53406| Debug(DEBUG_DICT,( "Successfully 

| saved header\n")); 
53407| } else { 

53408| Debug(DEBUG_DICT,( "!!! 

| SaveHeader() returning 0x%08lx\n", (unsigned 

| long)Status )); 
53409| } 
53410| }else{ 
53411| // nothing to do. 

53412| Debug(DEBUG_DICT,("pd::SaveHeader: No 

| header to save - returning Status=%08x\n", Status)); 

53413| } 

53414| } 

53415| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 

5341 6| Status = GetExceptionCode() ; 

53417| Debug(DEBUG_DICT,("!!! Exception %08x in 
| pd::SaveHeader\n",Status)); 

53418| } 

53419| 

53420| return Status; 
53421| } 



53422| 
53423| 

53424| // 

| 

53425| 
53426| 

53427| void PersistentDictionary::DumpHeader() 
53428| { 
53429| #if 0 

53430| Debug(DEBUG_DICT,( "HeaderAn")); 
53431| Debug(DEBUG_DICT,( " Version 

| %08x\n",Header->Version)); 
53432| Debug(DEBUG_DICT,( " Num Snapshots : 

| %08x\n",Header->NumberOfSnapShots)); 
53433| Debug(DEBUG_DICT,( " Cache File 

| %S\n",Header->CacheFile)); 
53434| Debug(DEBUG_DICT,( " Index File 

| %S\n",Header->lndexFile)); 
53435| Debug(DEBUG_DICT,( " Granule Size : 

| %08x\n",Header->GranuleSizelnBytes)); 
53436| Debug(DEBUG_DICT,( " IdxLoadWheel : 

| %08x\n",Header->lndexLoad Wheel)); 
53437| Debug(DEBUG_DICT,( " Highest Snap# : 

| %08x\n",Header->HighestSnapNumber)); 
53438| 

53439| ULONG Num=0,i; 
53440| 

53441| Debug(DEBUG_DICT,( " BitMap Dump\n")); 
53442| #define LINE_SIZE (32*8) 

53443| for ( i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i+=LINE_SIZE ) 
|{ 

53444| Debug(DEBUG_DICT,(" 

| %08x-%08x-%08x-%08x-%08x-%08x-%08x-%08x\n", 
53445| 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
|ZE], 
53446| 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
|ZE+1], 
53447| 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
I ZE+2], 
53448| 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
I ZE+3], 
53449 1 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
I ZE+4], 
53450 1 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 



I ZE+5], 
53451 | 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 
I ZE+6], 
53452 1 

| ((PRTL_BITMAP)&Header->SnapShotBitmap)->Buffer[i/LINE_SI 

I ZE+7] 
53453| )); 
53454| } 
53455| 

53456| for ( i=0;i<MAX_NUMBER_OF_SNAPSHOTS;i++ ) { 
53457| PsmBitPositionValidate 

| ((PRTL_BITMAP)(Header->SnapShotBitmap), i); 
53458| ULONG InUse = 

| RtlCheckBit((PRTL_BITMAP)(Header->SnapShotBitmap),i); 
53459 1 

53460| if ( InUse ) { 
53461 1 Num++; 
53462 1 } 
53463 1 

53464| // dont print empty locations 

53465| if ( (Header->SnapShots[i].SequenceNumber!=0) 

| && 
53466| 

| (Header->SnapShots[i].SnapShotTime.QuadPart!=0) ) { 
53467| Debug(DEBUG_DICT,( " Snapshot number 

| %02x\n",i)); 

53468| Debug(DEBUG_DICT,( " Marked in use : 

| %s\n",lnUse ? "Yes" : "No")); 
53469| Debug(DEBUG_DICT,( " Sequence Number: 

| %08x\n", Header- >SnapShots[i].SequenceNumber)); 
53470| Debug(DEBUG_DICT,( " Snapshot Time : 

| %08x%08x\n",Header->SnapShots[i].SnapShotTime.HighPart,H 

| eader->SnapShots[i].SnapShotTime.LowPart)); 
53471| Debug(DEBUG_DICT,( " Ext. Instance : 

| %08x\n", Header- >SnapShots[i].Externallnstance)); 
53472| Debug(DEBUG_DICT,( " Caller Private : 

| %08x\n",Header->SnapShots[i].CallerPrivateUse)); 
53473| Debug(DEBUG_DICT,( " DM Private : 

| %08x\n",Header->SnapShots[i].DIIPrivateUse)); 
53474| Debug(DEBUG_DICT,( " Num to Keep : 

| %08x\n",Header->SnapShots[i].NumToKeep)); 
53475| Debug(DEBUG_DICT,( " Priority 

| %08x\n",Header->SnapShots[i]. Priority)); 
53476| Debug(DEBUG_DICT,( " Snapshot flags : 

| %08x\n",Header->SnapShots[i].SnapShotFlags)); 
53477| Debug(DEBUG_DICT,( " Snapshot Name : 

| %S\n",Header->SnapShots[i].UserSnapShotName)); 
53478| } else { 
53479| if ( InUse ) { 



53480| Debug(DEBUG_DICT,( "Snapshot %d is 

| empty, but says it is in use\n",i)); 
53481 1 #ifdef DEBUG 
53482| DbgBreakPoint(); 
53483 1 #endif 
53484| } 
53485| } 
53486| } 

53487| DumpRevertlnfo ( Header->Revertlnfo ); 
53488| 

53489| if ( Num!=Header->NumberOf Snapshots ) { 

53490| Debug(DEBUG_DICT,( "Number of snapshots 
| mismatch bitmap %08x != counter 
| %08x\n",Num,Header->NumberOfSnapShots)); 

53491 1 #ifdef DEBUG 

53492| DbgBreakPoint(); 

53493 1 #endif 

53494| } 

53495| #endif 

53496| } 

53497| 

53498| // 

| 



53499 1 

53500| NTSTATUS PersistentDictionary::FreeHeader ( 

| PDEVICE_OBJECT Volume ) 
53501| { 

53502| Profile("pd::FreeHeader"); 

53503| NTSTATUS Status = STATUS_SUCCESS; 

53504| 

53505| ASSERT (Volume != NULL); 
53506| if ( Volume ) { 

53507| PFILTERED EXTENSION DevExt = 

[ GetFilteredExtension(Volume); 
53508| 

53509| PVOID CallerAddress=0, CallersCallerAddress=0; 
53510| RtlGetCallersAddress (&CallerAddress, 

| &CallersCallerAddress); 
5351 1 1 Debug(DEBUG_DICT,("Decrementing 

| HeaderReferenceCount: Count=%08x, caller=%08x, 

| grandpa=%08x\n",DevExt->Cache.HeaderReferenceCount,Calle 

| rAddress,CallersCallerAddress)); 
53512| 

53513| if (DevExt->Cache. HeaderReferenceCount) { 
53514| if( 

| --DevExt->Cache.HeaderReferenceCount==0 ) { 
53515| ASSERT(DevExt->Cache. Header != NULL); 

53516| if ( DevExt->Cache. Header != NULL ) { 

53517| MemFreePool(DevExt->Cache.Header); 



53518| DevExt->Cache. Header = NULL; 

53519| } 
53520| } 
53521| }else{ 

53522| ASSERT(DevExt->Cache.Header == NULL); 

53523| } 
53524| } else { 

53525| Status = STATUS_INVALID_PARAMETER; 

53526| } 

53527| 

53528| return Status; 

53529| } 

53530| 

53531|// 

| 



53532| 

53533| NTSTATUS Persistent Dictionary:: Load Header ( 

| PDEVICE_OBJECT Volume ) 
53534| { 

53535| PFILTERED_EXTENSION DevExt = Get Filtered Extension 

| (Volume); 
53536| 

53537| // Extract from the header file the most recent 

| header block that is valid (based on checksum). 
53538| pHeader MostRecentValidHeader=NULL, 

| SmallMostRecentValidHeader=NULL; 
53539| NTSTATUS Status = ReadHeader (Volume, 

| MostRecentValidHeader, SmallMostRecentValidHeader); 
53540| // Create all in-memory snapshot data structures 

| based on what is in MostRecentValidHeader. 
53541 1 if ( MostRecentValidHeader!=NULL && 

| SmallMostRecentValidHeader!=NULL ) { 
53542| ASSERT(NT_SUCCESS(Status)); 
53543| ULONG NumSnapShots = 

| (MostRecentValidHeader->Size - sizeof(DWORD) - 

| sizeof(tHeader)) / sizeof(tDisklnternalSnapShot); 
53544| Debug(DEBUG_DICT,("pd::LoadHeader: %d snapshots 

| in list, header saved 

| %01 6l64x\n",NumSnapShots,MostRecentValidHeader->DateTime 

| Written.QuadPart)); 
53545| for ( ULONG i=0; kNumSnapShots; i++ ) { 
53546| plnternalSnapShot Snapshot = 

| AllocSnapShot(); 
53547| if ( Snapshot ) { 

53548| SnapShot->SnapShotMaster=NULL; 
53549| Debug(DEBUG_DICT,("pd::LoadHeader: 

| Adding snapshot %d seq %d to snapshot 

| Hst\n",i,MostRecentValidHeader->SnapShots[i].SequenceNu 

I mber)); 



53550| 

| RtlCopyMemory(&SnapShot->Permanent,&MostRecentValidHeade 

| r->SnapShots[i],sizeof(tDisklnternalSnapShot)); 
53551 1 // If header is before 2.1 , the 

| Status field will not be valid (it used to be 

| DllPrivateUse pointer) 
53552| Debug(DEBUG_DICT,("pd::LoadHeader: 

| Ver=%08x, Sig=%08x, SnapStatus=%08x\n M , 
53553| MostRecentValidHeader->Version, 
53554| MostRecentValidHeader->Signature, 
53555| SnapShot->Permanent.Status)); 
53556| if ( 

| MostRecentValidHeader->Version<=2 && 

| (MostRecentValidHeader->Signature & 

| PSM_HEADER_MINOR_MASK) < 0x10000000 ) { 
53557| SnapShot->Permanent.Status = 

| STATUS_SUCCESS; // patch invalid status loaded from 

| old header 
53558| } 

53559| SnapShot->Permanent.SnapShotFlags = 

| PSM_SS_HeaderToFlags 

| (SnapShot->Permanent.SnapShotFlags); 
53560 1 

| AddSnapShotToList(&DevExt->Cache.SnapShotHead,SnapShot); 
53561 1 SnapShot->ReferenceCount++; 
53562| DumpSnapShot(&SnapShot->Permanent); 
53563 1 } else { 

53564| Status = STATUS_INSUFFICIENT_RESOURCES; 

53565| Debug(DEBUG_DICT,( M pd::LoadHeader() 

| error %08x allocing memory\n", Status )); 
53566| } 
53567| } 

53568| if ( DevExt->Cache. Header ) { 
53569| PVOID CallerAddress=0, 

| CallersCallerAddress=0; 
53570| RtlGetCallersAddress (&CallerAddress, 

| &CallersCallerAddress); 
53571 1 Debug(DEBUG_DICT,( M Decrementing 

| HeaderReferenceCount: Count=%08x, caller=%08x, 

| grandpa=%08x\n M ,DevExt->Cache.HeaderReferenceCount,Calle 

| rAddress,CallersCallerAddress)); 
53572| ASSERT(DevExt->Cache.HeaderReferenceCount); 
53573| DevExt->Cache. HeaderReferenceCount--; 

53574| MemFreePool(DevExt->Cache.Header); 
53575| } 

53576| DevExt->Cache. Header = 

| SmallMostRecentValidHeader; 
53577| SmallMostRecentValidHeader = NULL; // keep 

| from freeing below 
53578| PVOID CallerAddress=0, CallersCallerAddress=0; 



53579| RtlGetCallersAddress (&CallerAddress, 

| &CallersCallerAddress); 
53580| Debug(DEBUG_DICT,( M lncrementing 

| HeaderReferenceCount: Count=%08x, caller=%08x, 

| grandpa=%08x\n M ,DevExt->Cache.HeaderReferenceCount,Calle 

| rAddress,CallersCallerAddress)); 
53581 1 DevExt->Cache.HeaderReferenceCount++; 
53582 1 } else { 

53583| if((Status==STATUS_FILE_CORRUPT_ERROR ) || // 

| corrupt header 
53584| (Status==STATUS_UNSUCCESSFUL)) // 

| no header 
53585| { 

53586| Debug(DEBUG_DICT,( "pd::LoadHeader: Could 

| not load header from disk, so setting to defaults\n")); 
53587| 

53588| if ( SmallMostRecentValidHeader == NULL ) { 

53589| const ULONG HEADER_BLOCK_SIZE = 

| ROUND_UP(sizeof(tHeader),DevExt->BytesPerSector); 
53590| SmallMostRecentValidHeader = (pHeader) 

| MemAllocatePoolWithTag(PagedPool,HEADER_BLOCK_SIZE,PSM_D 

| ICT HEADER TAG); 
53591| } 

53592| // new file, lets set up defaults. 

53593| 

| RtlZeroMemory(SmallMostRecentValidHeader,sizeof(tHeader) 

I); 

53594| SmallMostRecentValidHeader->Version = 

| (_BuildNumber_« 16) | PSM_HEADER_CURRENT_VERSION; 
53595| 

| SmallMostRecentValidHeader->GranuleSizelnBytes = 
| GRANULE_SIZE; 
53596| SmallMostRecentValidHeader->lndexLoadWheel 
l = 0; 

53597| SmallMostRecentValidHeader->Size = 

| sizeof(tHeader); 
53598| 

| SmallMostRecentValidHeader->HighestSnapNumber = 1; 
53599 1 

53600| ASSERT(DevExt->Cache.Header==NULL); 
53601 1 DevExt->Cache.Header = 

| SmallMostRecentValidHeader; 
53602| SmallMostRecentValidHeader = NULL; // keep 

| from freeing below 
53603| PVOID CallerAddress=0, 

| CallersCallerAddress=0; 
53604| RtlGetCallersAddress (&CallerAddress, 

| &CallersCallerAddress); 
53605| Debug(DEBUG_DICT,("lncrementing 

| HeaderReferenceCount: Count=%08x, caller=%08x, 



I grandpa=%08x\n",DevExt->Cache.HeaderReferenceCount,Calle 
| rAddress,CallersCallerAddress)); 



53606| DevExt->Cache.HeaderReferenceCount++; 

53607| Status = STATUS_SUCCESS; 

53608| } else { 

53609| Debug(DEBUG_DICT,( "pd::LoadHeader: Error 

| %08x reading header\n", Status)); 
53610| #ifdef DEBUG 

5361 1 1 switch (Status) { 

53612| case STATUS_DEVICE_OFF_LINE : 

53613| case STATUS_DEVICE_BUSY 

53614| case STATUS_INSUFFICIENT_RESOURCES: 

53615| break; 

53616| default: 

53617| ASSERT(FALSE); 

53618| } 



53619| #endif 
53620| } 
53621 | } 
53622 1 

53623| if ( MostRecentValidHeader ) { 

53624| FREE_POINTER (MostRecentValidHeader); 

53625| } 

53626| 

53627| if ( SmallMostRecentValidHeader ) { 

53628| FREE_POINTER (SmallMostRecentValidHeader); 

53629 1 } 

53630 1 

53631 1 Debug(DEBUG_DICT,("pd::LoadHeader returning 

| %08x\n",Status)); 
53632| return Status; 
53633 1 } 
53634| 

53635| // 

| 

| ..... 
53636| 

53637| NTSTATUS PersistentDictionary:: Read Header ( 
53638| PDEVICE_OBJECT Volume, 

| // IN: which volume to read header for 
53639| pHeader SMostRecentValidHeader, 

| // OUT: if not NULL, latest valid header read 
53640| pHeader &SmallMostRecentValidHeader ) 

| // OUT: if not NULL, latest header prefix read 
53641 | { 

53642| NTSTATUS BlockStatus=STATUS_UNSUCCESSFUL; 
53643 1 

53644| Profile("pd::LoadHeader"); 
53645| Debug(DEBUG_DICT,("pd::LoadHeader: 
| Volume=%08x\n",Volume)); 



53646| 

53647| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53648| const ULONG HEADER BLOCK SIZE = 

| ROUND_UP(sizeof(tHeader),DevExt->BytesPerSector); 
53649| 

53650| // Because of rotated headers, we use the following 

| strategy: 
53651 1 // 

53652| // Try to read a header block at each possible 

| starting location in the header file. 
53653 1 // Whether the header file contains a Release 2.0 

| or Release 2.1 header, it will 
53654| // work when reading block offset 0. 
53655| // 

53656| // In any case, we keep the most recent of all 

| valid header blocks we read. 
53657| 

53658| SmallMostRecentValidHeader = NULL; 
53659| MostRecentValidHeader = NULL; // If we 

| don't find a valid header block, MostRecentValidHeader 

| will stay NULL. 
53660 1 

53661 1 ASSERT(NumSavedHeaderBlocks > 0); 

53662| for ( ULONG HeaderBlocklndex=0; HeaderBlocklndex < 

| NumSavedHeaderBlocks; ++HeaderBlocklndex ) { 
53663| pHeader SmallLocalHeader = NULL; 
53664| pHeader LocalHeader = NULL; 
53665| BlockStatus = ReadHeaderBlock (Volume, 

| HeaderBlocklndex, SmallLocalHeader, LocalHeader); 
53666| if ( NT_SUCCESS(BlockStatus) ) { 
53667| if ( SmallLocalHeader && LocalHeader ) { 

53668| ULONG HeaderlsBetter = FALSE; // 

| it rhymes! 

53669| if ( SmallMostRecentValidHeader ) { 

53670| ASSERT 

| (SmallLocalHeader->DateTimeWritten.QuadPart != 

| SmallMostRecentValidHeader->DateTimeWritten.QuadPart); 

53671 1 if ( 

| SmallLocalHeader->DateTimeWritten.QuadPart > 

| SmallMostRecentValidHeader->DateTimeWritten.QuadPart ) 



53672 1 
53673 1 
53674| 
53675| 
53676| 
53677| 
53678| 
53679 1 



} else { 

HeaderlsBetter = TRUE; 



if ( HeaderlsBetter ) { 

if ( SmallMostRecentValidHeader ) { 



HeaderlsBetter = TRUE; 



53680| 

| FREE_POINTER(SmallMostRecentValidHeader); 
53681 | } 

53682| if ( MostRecentValidHeader ) { 

53683 1 

| FREE_POINTER(MostRecentValidHeader); 
53684| } 

53685| SmallMostRecentValidHeader = 

| SmallLocalHeader; 
53686| MostRecentValidHeader = 

| LocalHeader; 
53687| 

53688| SmallLocalHeader = NULL; //keep 

| from freeing below 
53689| LocalHeader = NULL; 

53690 1 } 
53691 | } 
53692 1 } else { 

53693| ASSERT(SmallLocalHeader == NULL); 

53694| ASSERT(LocalHeader == NULL); 

53695| } 
53696| 

53697| if ( SmallLocalHeader ) { 

53698| FREE POINTER (SmallLocalHeader); 

53699 1 } 

53700 1 

53701 1 if ( LocalHeader ) { 

53702| FREE_POINTER (LocalHeader); 

53703 1 } 

53704| } 

53705| 

53706| NTSTATUS Status = (MostRecentValidHeader && 
| SmallMostRecentValidHeader) ? STATUS_SUCCESS : 
| BlockStatus; 

53707| Debug(DEBUG_DICT,("pd::ReadHeader returning 

| %08x\n",Status)); 
53708| return Status; 
53709 1 } 
53710| 

5371 1 1 // 

| 

| ..... 
53712| 

53713| NTSTATUS PersistentDictionary::ReadHeaderBlock ( 

53714| PDEVICE_OBJECT Volume, 

53715| ULONG HeaderBlocklndex, 

53716| pHeader &SmallLocalHeader, 

53717| pHeader SLocalHeader ) 

53718| { 

5371 9| SmallLocalHeader = NULL; 



53720| LocalHeader = NULL; 
53721| 

53722| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53723| const ULONG HEADER_BLOCK_SIZE = 

| ROUND_UP(sizeof(tHeader),DevExt->BytesPerSector); 
53724| NTSTATUS Status = STATUS_SUCCESS; 
53725| IO_STATUS_BLOCK loStatus = {0}; 
53726| LARGEJNTEGER Location = {0}; 
53727| 

53728| Profile("pd::ReadHeaderBlock"); 
53729| Debug(DEBUG_DICT,("pd::ReadHeaderBlock: 
| Volume=%08x, 

| HeaderBlocklndex=%08x\n",Volume,HeaderBlocklndex)); 
53730| 

53731 1 SmallLocalHeader = (pHeader) 

| MemAllocatePoolWithTag(PagedPool,HEADER_BLOCK_SIZE,PSM_D 

| ICT_HEADER_TAG); 
53732| if ( SmallLocalHeader ) { 
53733| ULONG BlockSizelnMemory = 

| sizeof(tHeader)+(MAX_SNAPSHOTS_PER_HEADER_FILE*sizeof(tD 

| isklnternalSnapShot))+sizeof(DWORD); 
53734| ULONG BlockSizeOnDisk = 

| ROUND_UP(BlockSizelnMemory,DevExt->BytesPerSector); 
53735| ASSERT(BlockSizeOnDisk>=BlockSizelnMemory); 
53736| ASSERT(BlockSizeOnDisk % DevExt->BytesPerSector 

I == 0); 

53737| Location. QuadPart = HeaderBlocklndex * 

| BlockSizeOnDisk; 
53738| LARGEJNTEGER SaveLocation = Location; 
53739 1 

53740| Status = PsmReadFromFile( 

53741 1 &DevExt->Cache.HeaderFile, 

53 742 1 & loStatus, 

53743 1 Smal ILocal Header, 

53744| HEADER_BLOCK_SIZE, 

53745| &Location, 

53746| DevExt->DoDirectlO, 

53747| &DevExt->Cache.DirectAccessResource ); 

53748| 

53749| if ( NT_SUCCESS(Status) ) { 
53750| if ( SmallLocalHeader- >Version == 

| PSM_HEADER_CURRENT_VERSION ) { 
53751 1 if ( (SmallLocalHeader->Signature & 

| PSM HEADER SIGNATURE MASK) == PSM HEADER SIGNATURE ) { 
53752| ULONG Size = 

| SmallLocalHeader->Size; 
53753| ULONG SizeOnDisk = 

| ROUND_UP(Size,DevExt->BytesPerSector); 
53754| LocalHeader = (pHeader) 



I MemAllocatePoolWithTag(PagedPool,SizeOnDisk,PSM_DICT_HEA 



| DER_TAG); 




53755| 


if ( LocalHeader ) { 


53756| 


ASSERT (Location. QuadPart == 


| SaveLocation.QuadPart); 


53757| 


Location. QuadPart = 


| SaveLocation.QuadPart; 


53758| 




53759| 


Status = PsmReadFromFile( 


53760| 


&DevExt->Cache.HeaderFile, 


53761 | 


&loStatus, 


53762 1 


LocalHeader, 


53763 | 


SizeOnDisk, 


53764| 


&Location, 


53765| 


Dev Ext- > Do D i rect I O , 


53766| 





| &DevExt->Cache.DirectAccessResource ); 
53767| 

53768| if ( NT_SUCCESS(Status) ) { 

53769| ULONG 

| Checksum=*(ULONG*)((((BYTE*)LocalHeader)+Size-sizeof(DWO 

I RD))); 

53770| // we already did version 

| checks, so dont do it again 
53771 1 BOOLEAN is Valid = 

| ValidateChecksum (Size-sizeof(DWORD), LocalHeader, 

| Checksum); 
53772| if ( isValid ) { 

53773 1 Status = 

| STATUS_SUCCESS; 
53774| 

| Debug(DEBUG_DICT,("pd::ReadHeaderBlock- success 
| loading header index=%d, 

| time=%01 6l64x\n",HeaderBlocklndex,LocalHeader->DateTimeW 

| ritten.QuadPart)); 
53775| } else { 

53776| Status = 

| STATUS_FILE_CORRUPT_ERROR; 
53777| Debug(DEBUG_DICT,( 

| M pd::ReadHeaderBlock() error %08x checksum doesnt 

| match\n M , Status )); 
53778| } 
53779 1 } else { 

53780| Debug(DEBUG_DICT,( 

| "pd::ReadHeaderBlock() error %08x reading header\n", 

| Status )); 
53781 1 } 
53782 1 } else { 

53 783 1 Status = 

| STATUS_INSUFFICIENT_RESOURCES; 



53784| Debug(DEBUG_DICT,( 

| M pd::ReadHeaderBlock() error %08x allocing memory\n", 
| Status )); 

53785| } 

53786| } else { 

53787| Status = STATUS_FILE_CORRUPT_ERROR; 

53788| Debug(DEBUG_DICT,( 

| "pd::ReadHeaderBlock() signature %08x isnt ours\n", 

| SmallLocalHeader->Signature)); 
53789| } 
53790| } else { 

53791 1 Status = STATUS_FILE_CORRUPT_ERROR; 

53792| Debug(DEBUG_DICT,( 

| u pd::ReadHeaderBlock() version %08x isnt ours\n", 

| SmallLocalHeader->Version)); 
53793 1 } 
53794| } else { 

53795| Debug(DEBUG_DICT,( "pd::ReadHeaderBlock: 

| error %08x reading header\n", Status )); 
53796| } 
53797| } else { 

53798| Status = STATUSJNSUFFICIENT_RESOURCES; 
53799| Debug(DEBUG_DICT,( M pd::LoadHeader() error %08x 

| allocing memoryVn", Status )); 
53800 1 } 
53801| 

53802| // This function must return with one of the 

| following two postconditions: 
53803| // 

53804| // 1 . Status is successful and both 'LocalHeader' 

| and 'SmallLocalHeader' point to 
53805| // valid header information. The caller is 

| responsible for using/freeing the 
53806| // two pointers when appropriate. 
53807| // 

53808| // 2. Status is unsuccessful and both 'LocalHeader' 

| and 'SmallLocalHeader' are NULL. 
53809 1 // 

5381 0| // In other words, the caller must be able to rely 
| upon the Status returned to tell 



5381 1 1 // whether it has responsibility for the pointers. 
53812| 

53813| if ( NT_SUCCESS(Status) ) { 

53814| ASSERT (LocalHeader != NULL); 

53815| ASSERT (SmallLocalHeader != NULL); 

53816| }else{ 

53817| if ( LocalHeader ) { 

5381 8| MemFreePool(LocalHeader); 

53819| LocalHeader = NULL; 

53820| } 



53821| 

53822| if ( SmallLocalHeader ) { 

53823| MemFreePool(SmallLocalHeader); 

53824| SmallLocalHeader = NULL; 

53825| } 

53826| } 

53827| 

53828| Debug(DEBUG_DICT,("pd::ReadHeaderBlock returning 
| Status=%08x, LocalHeader=%08x, 

| SmallLocalHeader=%08x\n M ,Status,LocalHeader,SmallLocalHe 

I ader)); 
53829| return Status; 
53830| } 
53831| 

53832| // 



53833| 

53834| ErrorCode PersistentDictionary::SetVolumelnternal ( 
53835| PDEVICE_OBJECT AVolume, 
53836| plntemalSnapShot MySnapShot, 
53837| ULONG SnapShotSequence ) 

53838| { 

53839| pDictionary p=NULL; 

53840| NTSTATUS Status=STATUS_SUCCESS; 

53841 | 

53842 1 __try { 

53843| GetDictionaryForVolume(A Volume, p); 
53844| if ( p ) { 

53845| // share the same tree and resource with 

| the other snapshots. 
53846| Shared = 

| ((pPersistentDictionary)p)->Shared; 
53847 1 S hared ->Co u nt++ ; 

53848| 

53849| Debug(DEBUG_DICT,( M pd::SetVolumelnternal 

| (dict=%08x): Incremented Shared->Count to %08x\n", 
53850| this, 
53851 1 Shared->Count)); 
53852 1 

53853| // Hide the map while we update it. This 

| will simulate as if no freespace check algorithm 
| exists. 

53854| // The worst that can happen elsewhere is 

53855| II A. we might not credit a granule we 

| snap .. BUT.. The tree will protect us against taking a 

| second snap for the same snapshot. 
53856| // .2. we might snap some free space we 

| didn't need to!! 
53857| Shared->MaplnTransform = Shared->Map; 

53858| Shared->Map = NULL; 



53859| 

53860| } else { 
53861 1 Shared = 

| (pShared)MemAllocatePoolWjthTag(NonPagedPool,sizeof(tSha 

| red),PSM_DICT_SHARED_TAG); 
53862| if ( Shared ) { 

53863| RtlZeroMemory ( Shared, sizeof(tShared) 

I); 

53864| 
53865| 

| ExlnitializeResourceLite(&Shared->TreeResource); 
53866| 

| pmRegisterObject(&Shared->TreeResource,"Shared->TreeReso 
| urce",pmRwLock); 



53867| rbtree_lnit(&Shared->Tree); 
53868| 

| rbt ree_l n it(&S hared-> Vi rtu al WritesTree) ; 

53869| Shared->MaplnTransform = Shared->Map = 
| NULL; 

53870| Shared->Count = 1 ; 

53871 1 Shared->RecycleNeeded = 0; 

53872| Shared->LastDirtyKey = 0; 

53873| Shared->HighestKeyKnownClean = 0; 

53874| Shared->HighestSequence = 0; // will 



| be set to correct value below 
53875| 
53876| 

| Debug(DEBUG_DICT,("pd::SetVolumelnternal (dict=%08x): 
| Initialized Shared->Count to 
| %08x\n",this,Shared->Count)); 
53877| } else { 

53878| Status = STATUSJNSUFFICIENT_RESOURCES; 

53879| Debug( D EBU G_D I CT, (" ! ! ! 

| pd::SetVolumelnternal (dict=%08x): Out of memory for 

| Shared\n",this)); 
53880 1 } 
53881 1 } 
53882 1 

53883| Snapshot = MySnapShot; 
53884| 

53885| if ( Snapshot ) { 

53886| if ( SnapShotSequence > 

| Shared->HighestSequence ) { 
53887| 

| Debug(DEBUG_DICT,("pd::SetVolumelnternal (dict=%08x): 

| Changing Shared->HighestSequence from %08x to 

| %08x\n",this,Shared->HighestSequence,SnapShotSequence)); 

53888| Shared->HighestSequence = 

| SnapShotSequence; 

53889| } 



53890| } 
53891| 

53892| Volume = AVolume; 
53893| if ( Volume ) { 

53894| DevExt = GetFilteredExtension(Volume); 

53895| } 

53896| 

53897| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
53898| Status = GetExceptionCode(); 
53899| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::SetVolume\n",Status)); 
53900| } 
53901| 

53902| return Status; 

53903| } 

53904| 

53905| // 



53907| ErrorCode PersistentDictionary::SetVolume ( 
53908| PDEVICE_OBJECT AVolume, 
53909 1 pkS napS hotM aste r M asterS napS hot, 
53910| ULONG SnapShotSequence ) 

53911| { 

53912| pDictionary p=NULL; 

53913| NTSTATUS Status=STATUS_SUCCESS; 

53914| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(AVolume); 
53915| 

53916| __try { 

5391 7| //Use a time change as indicator a new snapshot 
| has occurred - (otherwise we'll use the same index 

53918| //thus keeping multi-volume snapshots linked. 

53919| //Relies on assumption that time is granular 
| enough to distinguish separate snapshots 

53920| LARGEJNTEGER Time = 
| MasterSnapShot->SnapShotTime; 

53921| 

53922| if ( DevExt->Cache.MostRecentSnapshotTime != 

| (ULONGLONG)Time.QuadPart ) { 
53923| DevExt->Cache.MostRecentSnapshot = 

| GetNextFreeSnapShot (AVolume, SnapShotSequence); 
53924| DevExt->Cache.MostRecentSnapshotTime = 

| Time. Quad Part; 
53925| } else { 

53926| if ( DevExt->Cache.MostRecentSnapshot ) { 

53927| 

| DevExt->Cache.MostRecentSnapshot->ReferenceCount++; 
53928| } 



53929| } 

53930| Snapshot = DevExt->Cache.MostRecentSnapshot; 
53931| if ( Snapshot ) { 
53932| Status = 

| SetVolumelnternal(AVolume,SnapShot,SnapShotSequence); 
53933| if ( NT_SUCCESS(Status) ) { 

53934| SnapShot->Permanent.SnapShotTime = 

| Time; 

53935| SnapShot->SnapShotMaster = 

| MasterSnapShot; 
53936| 

53937| // Dont save header here as we can not 

| do io or a deadlock will 
53938| //occur. It is easier to not do it 

| here, and in the Setlnstance 
53939| // save the header. If we really need 

| to save here then 
53940| // we need to change the high level 

| code so it doesnt call us with 
53941 1 // io disabled 

53942 1 // Status = SaveHeader(); 

53943 1 // VerifyHeaderlntegrity ( Header, 

| "global header after SetVolume" ); 
53944| } else { 

53945| Debug(DEBUG_DICT,("pd::SetVolume: 

| SetVolumelnternal Failed %08x",Status)); 
53946| ASSERT(SnapShot->ReferenceCount); 
53947| if ( -SnapShot->ReferenceCount==0 ) { 

53948| RemoveSnapShotFromList(SnapShot); 
53949| FreeSnapShot(&SnapShot); 
53950 1 } 

53951 1 // Header->NumberOfSnapShots--; 
53952 1 // 

| RtlClearBits((PRTL_BITMAP)(Header->SnapShotBitmap),SnapS 

| hotlndex,0); 
53953 1 } 
53954| } else { 

53955| Status = STATUS_INSUFFICIENT_RESOURCES; 

53956| Debug(DEBUG_DICT,("pd::SetVolume: No free 

| snapshot bits")); 
53957| } 
53958 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
53959| Status = GetExceptionCode(); 
53960| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::SetVolume\n",Status)); 
53961 1 } 
53962 1 

53963 1 return Status; 
53964| } 



53965| 
53966| //- 



53968| ErrorCode 

| PersistentDictionary::UpdateCacheFileSizes(PDEVICE_OBJEC 

| T Volume) 
53969| { 

53970| NTSTATUS Status = STATUSJJNSUCCESSFUL; 
53971 1 #if 0 

53972| ULONG NewlnitialSize=0; 
53973| ULONG NewMaxSize=0; 
53974| ULONG NewMaxSizeG=0; 
53975| ULONG NewlnitialSizeG=0; 

53976| FILE_END_OF_FILE_INFORMATION EOFInfo={0}; 
53977| IO_STATUS_BLOCK loStatus={0}; 
53978| WCHAR Buffer[255]={0}; 
53979| UNICODE_STRING Reg={0}; 
53980| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
53981 | 

53982| Debug(DEBUG_DICT,("pd::UpdateCacheFileSizes; 

| Volume=%08x, DevExt=%08x, Header=%08x\n", 
53983| Volume, 
53984| DevExt, 
53985| DevExt->Cache. Header)); 
53986| 

53987| if ( DevExt->Cache. Header ) { 

53988| ASSERT(gRegistryPath.Length<sizeof(Buffer)); 

53989 1 

53990 | 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 
53991 | 

53992| // NULL terminate, since counted Unicode 

| strings are not necessarily null 
53993 1 //terminated 

53994| Buffer[gRegistryPath. Length / 2] = 0; 
53995| 

53996| wcscat(Buffer,L M \\ M ); 

53997| wcscat(Buffer,DevExt->VolumeGuid); 

53998| 

53999| RtllnitUnicodeString(&Reg,Buffer); 

54000| 

54001| 

| Reg_GetULONGKey(&Reg,L M lnitialSize M ,10,&NewlnitialSize); 
54002 | 

| Reg_GetULONGKey(&Reg,L M MaxSize M ,1 00,&NewMaxSize); 
54003 | 

54004| NewMaxSizeG = 



I NewMaxSize*((1 024*1 024)/GRANULE_SIZE); 
54005| NewlnitialSizeG = 

| NewlnitialSize*((1 024*1 024)/GRANULE_SIZE); 
54006| 

54007| ASSERT ( NewMaxSizeG % sizeof(ULONG) == 0 ); 
54008| ASSERT ( NewlnitialSizeG % sizeof(ULONG) == 0 

I); 

54009 1 

54010| if( 

| NewMaxSizeG>DevExt->Cache.PSManBitMapMaxSize ) { 
54011| 

54012| // allocate outside of bitmap mutex, as io 

| may be generated 
54013| // when we allocate memory 

54014| PRTL_BITMAP NewBuffer = (PRTL_BITMAP) 

| MemAllocatePoolWithTag( PagedPool, 

| sizeof(RTL_BITMAP)+(NewMaxSizeG) / 8, BITMAPTAG); 
54015| 

5401 6| // allocate new bitmap 

54017| pmAcquireMutex ( 

| &DevExt->Cache.PSManBitMapMutex, NULL ); 
54018| __try{ 
54019| if ( NewBuffer!= NULL ) { 

54020| 

| RtllnitializeBitMap(NewBuffer,(PULONG)((char*)(NewBuffer 

| )+sizeof(RTL_BITMAP)), NewMaxSizeG); 
54021 1 RtlClearAIIBits(NewBuffer); 
54022 1 

| RtlMoveMemory(NewBuffer->Buffer,DevExt->Cache.PSManBitMa 

| pBuffer->Buffer,DevExt->Cache.PSManBitMapMaxSize / 8); 
54023 1 PVOIDTemp = 

| DevExt->Cache.PSManBitMapBuffer; 
54024| DevExt->Cache.PSManBitMapBuffer = 

| NewBuffer; 
54025| MemFreePool(Temp); 
54026| DevExt->Cache.PSManBitMapMaxSize = 

| NewMaxSizeG; 
54027| } else { 

54028 1 // cant set new max, lets try and 

| move the initial as high 
54029| // up as we can 

54030 1 if ( 

| NewlnitialSizeG>DevExt->Cache.PSManBitMapMaxSize ) { 
54031| NewlnitialSizeG = 

| DevExt->Cache.PSManBitMapMaxSize; 
54032| } 
54033| } 

54034| } finally { 

54035| pmReleaseMutex 

| (&DevExt->Cache.PSManBitMapMutex); 



54036| } 
54037| } else { 

54038| // new max size is smaller than last time.. 

54039| if ( NewMaxSizeG < 

| DevExt->Cache.PSManBitMapSize ) { 
54040| DevExt->Cache. PSManBitMapMaxSize = 

| DevExt->Cache.PSManBitMapSize; 
54041 1 } else { 

54042| DevExt->Cache. PSManBitMapMaxSize = 

| NewMaxSizeG; 
54043 1 } 
54044| } 
54045| if ( 

| NewlnitialSizeG>DevExt->Cache.PSManBitMapSize ) { 
54046| DevExt->DoDirectlO = TRUE; 

54047| EOFInfo.EndOfFile.QuadPart = (unsigned 

| _int64)NewlnitialSizeG*GRANULE_SIZE; 
54048| 

54049| Status = ZwSetlnformationFile( 

54050 1 

| DevExt->Cache.CacheFile.FileHandle, // 

| IN HANDLE FileHandle, 
54051 1 &loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
54052| &EOFInfo, 

| // IN PVOID Filelnformation, 
54053 1 

| sizeof(EOFInfo), // IN ULONG Length, 
54054| 

| FileEndOfFilelnformation // IN FILE_INFORMATION_CLASS 

| FilelnformationClass 
54055| ); 
54056| 

54057| EOFInfo.EndOfFile.QuadPart = (unsigned 

| _int64)NewlnitialSizeG*SectorSize; 
54058| 

54059| Status = ZwSetlnformationFile( 

54060 1 

| DevExt->Cache.lndexFile. FileHandle, // 

| IN HANDLE FileHandle, 
54061 1 &loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
54062| &EOFInfo, 

| // IN PVOID Filelnformation, 
54063 1 

| sizeof(EOFInfo), // IN ULONG Length, 
54064| 

| FileEndOfFilelnformation // IN FILE_INFORMATION_CLASS 
| FilelnformationClass 
54065| ); 



54066| DevExt->Cache.PSManBitMapSize = 

| NewlnitialSizeG; 
54067| DevExt->DoDirectlO = FALSE; 

54068| } else { 

54069| // hmm, we cant shrink the current 

54070| // window because data could be spread out 

| across 

54071 1 // the cache file, so leave it at its 

| current 
54072 1 //size 
54073 1 } 
54074| } 
54075| #endif 
54076 1 return Status; 
54077| } 
54078| 

54079 1 // 

| 



54080 1 

54081| ErrorCode PersistentDictionary::BeginUpdate() 
54082| { 

54083| ASSERT (Updating >= 0); 
54084| lnterlockedlncrement(&Updating); 
54085| return STATUS_SUCCESS; 
54086| } 
54087| 

54088| // 

| 



54090| ErrorCode PersistentDictionary::EndUpdate() 
54091| { 

54092| NTSTATUS Status = STATUS_SUCCESS; 
54093| 

54094| signed long value = 

| lnterlockedDecrement(&Updating); 
54095| ASSERT(value>=0); 
54096| if(value==0) { 
54097| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
54098| while ( DevObj != NULL ) { 
54099| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
541 00| NTSTATUS SaveStatus = 

| SaveHeader( DevObj); 
541 01 1 if ( NT_SUCCESS(SaveStatus) ) { 

541 02 1 UpdateCacheFileSizes(DevObj); 
541 03| //VerifyHeaderlntegrity ( Header, 

| "Global header after EndUpdate" ); 



54104| }else{ 

54105| Debug(DEBUG_DICT,( M pd::EndUpdate: 
| SaveHeaderon DevObj=%08x returned 
| SaveStatus=%08x\n",DevObj,SaveStatus)); 

54106| ASSERT(NT_SUCCESS(SaveStatus)); // 

| temporary experiment 

541 07| if ( NT_SUCCESS(Status) ) { 

541 08| Status = SaveStatus; 

54109| } 

54110| } 

541 1 1 1 } 

54112| 

541 13| DevObj=DevObj->NextDevice; 
54114| } 
54115| } 
54116| 

54117| return Status; 

54118| } 

54119| 

54120| // 



54121| 

54122| ErrorCode PersistentDictionary::SetSnapShotlnfo( 

| pkSnapShotMaster Master ) 
54123| { 

541 24| pDictionary p=NULL; 

54125| NTSTATUS Status=STATUS_SUCCESS; 

54126| 

54127| __try{ 

541 28| SnapShot->DIIPrivateUse = 

| Master->DIIPrivateUse; 
54129| 

541 30| SnapShot->Permanent.GroupNumber 

| Master->GroupNumber; 
54131 1 SnapShot->Permanent.Externallnstance = 

| Master->lnstance; 
54132| SnapShot->Permanent.NumToKeep 

| Master->NumToKeep; 
54133| SnapShot->Permanent. Priority 

| Master->Priority; 
541 34| SnapShot->Permanent.SnapShotFlags 

| Master->SnapShotFlags; 
54135| 
54136| 

| wcscpy(SnapShot->Permanent.UserSnapShotName,Master->User 
| SnapShotName); 
54137| 

54138| ASSERT (Updating >= 0); 
54139| if ( Updating == 0 ) { 



54140| Status = SaveHeader(Volume); 

54141| 

54142| if ( NT_SUCCESS(Status) ) { 

54143| Status = UpdateCacheFileSizes(Volume); 

54144| //VerifyHeaderl integrity ( Header, 

| "global header after SetSnapShotlnfo" ); 
54145| } 
54146| } 
54147| 

54148| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54149| Status = GetExceptionCode(); 
54150| Debug(DEBUG_DICT,("Exception %08x in 

| pd::Setlnstance\n", Status)); 
54151| } 
54152| 

54153| return Status; 

54154| } 

54155| 

54156| // 



54157| 

54158| ErrorCode PersistentDictionary::GetRegistrySettings ( 

| IN PUNICODE_STRING RegistryPath ) 
54159| { 

541 60 1 WCHAR Buffer[255]={0}; 
54161| UNICODE_STRING Reg={0}; 
541 62 1 NTSTATUS Status=0; 
541 63 1 UNICODE_STRING Uni; 
54164| 

54165| PAGED_CODE(); 
54166| 

541 67| // get system start options 
54168| 

| wcscpy(Buffer,L M \\Registry\\Machine\\System\\CurrentCont 

| rolSetWControl"); 
541 69 1 RtllnitUnicodeString(&Reg, Buffer); 
54170| 

541 71 1 Reg_GetStringKey (&Reg, U'SystemStartOptions", 

| L"FASTDETECT", &Uni); 
54172| Debug(DEBUG_DICT,("pd::GetRegistrySettings: 

| SystemStartOptions = '%S'\n",Uni. Buffer)); 
54173| NoPsm = FALSE; 
541 74| ResetPsm = FALSE; 

54175| if ( wcsstr(Uni.Buffer,L"NOPSM M )!=NULL ) { 
54176| NoPsm = TRUE; 
54177| } 

54178| if ( wcsstr(Uni.Buffer,L"RESETPSM")!=NULL ) { 
541 79 1 ResetPsm = TRUE; 
54180| } 



54181 1 Reg_FreeString(&Uni); 

54182| Debug(DEBUG_DICT,("pd::GetRegistrySettings: 

| ResetPsm=%x, NoPsm=%x\n",ResetPsm,NoPsm)); 
54183| 

54184| ASSERT(RegistryPath->Length<sizeof (Buffer)); 

54185| 

54186| 

| RtlCopyMemory(Buffer, Registry Path->Buffer,RegistryPath-> 
I Length); 
54187| 

54188| // NULL terminate, since counted Unicode strings 

| are not necessarily null 
54189| //terminated 

541 90| Buffer[RegistryPath->Length / 2] = 0; 
54191| 

54192| wcscat(Buffer,L"\\persistent M ); 
54193| 

54194| RtllnitUnicodeString(&Reg,Buffer); 
54195| 

541 96| Reg_GetStringKey ( 

| &Reg,L"SnapShotLocation",L M snapshots",&Uni); 
54197| wcscpy(gSnapShotDirName,Uni. Buffer); 
54 1 98 1 Reg_FreeSt ri ng (& U n i) ; 
54199| 

54200| Reg_GetULONGKey(&Reg,L M QWait",5,&QPeriod); 
54201| Reg_GetULONGKey(&Reg,L"QTimeout M ,900,&QTimeout); 
54202| Reg_GetULONGKey(&Reg,L M ShareFiles",0,&ShareFiles); 
54203| 

| Reg_GetULONGKey(&Reg,L"MaxSnapShots",MAX_USER_SNAPSHOTS, 
| &MaxNumUserSnapShots); 
54204| 

54205| Debug(DEBUG_DICT,("pd::GetRegistrySettings: 

| QPeriod=%08x, QTimeout=%08x, ShareFiles=%08x, 

| MaxNumUserSnapShots=%08x\n", 
54206| QPeriod, 
54207| QTimeout, 
54208| ShareFiles, 
54209| MaxNumUserSnapShots)); 
54210| 

5421 1 1 if ( MaxNumUserSnapShots > MAX_USER_SNAPSHOTS ) { 
54212| MaxNumUserSnapShots = MAX_USER_SNAPSHOTS; 
54213| } 
54214| 

54215| return(Status); 

54216| } 

54217| 

54218| // 



54219| 

54220| ErrorCode 



54221 1 PersistentDictionary::OpenAFile( 
54222| WCHAR *File, 

HANDLE &FileHandle, 
PFILE_OBJECT &FileObject, 
HANDLE &WaitHandle, 
PVOID &WaitObject) 



54223 1 
54224| 
54225| 
54226| 
54227| { 
54228| 
54229 | 
54230 | 
54231 | 
54232 | 
54233 | 
54234| 
54235| 
54236| 
54237| 
54238| 
54239 | 
54240 1 
54241 1 
54242 1 
54243 1 
54244| 
54245| 
54246| 
54247| 
54248| 



UNICODE_STRING FullFileName={0}; 
OBJECT ATTRIBUTES Object Attributes={0}; 
NTSTATUS Status=STATUS_UNSUCCESSFUL; 
IO_STATUS_BLOCK loStatus={0}; 
ULONG ShareAccess = 0; 

PAG E DCOD E () ; 

Profile("pd::OpenAFile"); 

Debug(DEBUG_DICT,("pd::OpenAFile(%S)\n M ,File)); 

RtllnitUnicodeString( &FullFileName, File); 

InitializeObjectAttributes ( &ObjectAttributes, 
&FullFileName, 
OBJ_CASE_INSENSITIVE, 
NULL, 
NULL); 



if ( ShareFiles ) { 

ShareAccess = FILE_SHARE_READ | 
| FILE SHARE WRITE; 
54249 1 } else { 
54250| ShareAccess = 0; 
54251 1 } 
54252 1 

54253| Status = ZwCreateFile( &FileHandle, 
54254| FILE_GENERIC_READ | 

| FILE_GENERIC_WRITE, //desired access 
54255 1 &Object Attributes, // object 

| attributes 
54256| 
54257| 

| alloc size 
54258| 

| // file attributes 
54259 1 

| // share access 
54260 1 

| FILE OVERWRITE IF, 
| disposition 

54261 1 FILE_SYNCHRONOUS_IO_NONALERT 
I I 



&loStatus, 
NULL, 



// 



FILEATTRIBUTEHIDDEN, 

ShareAccess, 

FILE_OPEN, // 

// create 



54262| FILE_NO_COMPRESSION | 

54263| FILE_WRITE_THROUGH | 

54264| 

| FILE_NO_INTERMEDIATE_BUFFERING, 
54265| NULL, // eabuffer 

54266| 0); //ealength 

54267| 
54268| 

54269| if ( NT_SUCCESS(Status) ) { 
54270| // Get a Object handle so we can wait on 
| requests... 

54271 1 Status = ObReferenceObjectByHandle( 
54272| FileHandle, 

| // IN HANDLE Handle, 
54273 1 

| FILE_GENERIC_READ | FILE_GENERIC_WRITE, 
54274| NULL, 

| // IN POBJECTTYPE ObjectType, // optional 

54275| 

| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
54276| (PVOID 

| *)& FileObject, // OUT PVOID "Object, 
54277| NULL 

| // OUT POBJECTJHANDLEJNFORMATION Handlelnformation 

| // optional 
54278| ); 
54279 1 

54280| if ( NT_SUCCESS(Status) ) { 
54281 1 Status = 

| SbGetAsyncEvent(WaitHandle,WaitObject); 
54282| if ( NT_SUCCESS(Status) ) { 

54283| ASSERT(lsValidHandle(FileHandle)); 
54284| ASSERT(lsValidHandle(WaitHandle)); 
54285| ASSERT(FileObject != NULL); 

54286| ASSERT(WaitObject != NULL); 

54287| return STATUS_SUCCESS; 

54288| } else { 

54289| Debug( DEBUG_DICT, ("pd : :OpenAFile: 

| SbGetAsyncEvent(WaitHandle,WaitObject) returned 
| %08x\n",Status)); 

54290| if ( FileObject != NULL ) { 

54291 1 ObDereferenceObject (FileObject); 

54292| FileObject = NULL; 

54293 1 } 

54294| } 

54295| } else { 

54296| Debug(D EBUG_DICT,("pd : :Open AFile : 

| ObReferenceObjectByHandle() returned %08x\n",Status)); 
54297| } 



54298| 

54299| ZwClose(FileHandle); 

54300| FileHandle = INVALID_HANDLE_VALUE; 

54301 1 } else { 

54302| Debug(DEBUG_DICT,("pd::OpenAFile: 

| ZwCreateFile() returned %08x\n",Status)); 
54303 1 } 
54304| 

54305| // Getting here means an error occurred. 

54306| ASSERT(!NT_SUCCESS(Status)); 

54307| ASSERT(FileHandle == INVALID_HANDLE_VALUE); 

54308| ASSERT(WaitHandle == INVALID_HANDLE_VALUE); 

54309| ASSERT(FileObject == NULL); 

5431 0| ASSERT(WaitObject == NULL); 

5431 1 | 

54312| Debug(DEBUG_DICT,("pd::OpenAFile: Error! Unable to 

| open file '%S'\n",File)); 
54313| Debug(DEBUG_DICT,(" Status=%08x, 

| loStatus.Status=%08x\n",Status,loStatus.Status)); 
54314| return Status; 
54315| } 
54316| 

54317| // 



54318| 

54319| ErrorCode 

54320| PersistentDictionary::CloseAFile ( 

54321| HANDLE SFileHandle, 

54322| PFILE_OBJECT SFileObject, 

54323| HANDLE &WaitHandle, 

54324| PVOID &WaitObject ) 

54325| { 

54326| Profile("pd::CloseAFile"); 

54327| Debug(DEBUG_DICT,("pd::CloseAFile %08x, %08x, %08x, 

| %08x\n",FileHandle,FileObject,WaitHandle,WaitObject)); 
54328| 

54329| ASSERT(lsValidHandle(FileHandle)); 

54330| ASSERT(FileObject != NULL); 
54331 | 

54332| ZwClose( FileHandle); 

54333| FileHandle = INVALID_HANDLE_VALUE; 

54334| if ( FileObject ) { 

54335| ObDereferenceObject(FileObject); 

54336| FileObject = NULL; 

54337| } 

54338| 

54339| ASSERT (IsValidHandle(WaitHandle)); 

54340| ASSERT (WaitObject != NULL); 
54341 | 

54342| ZwClose (WaitHandle); 



54343 
54344 
54345 
54346 
54347 
54348 
54349 
54350 
54351 



54352 
54353 
54354 
54355 



| tOpenTransactionlnlnternal *ln ) 



54356 
54357 
54358 
54359 
54360 
54361 
54362 
54363 
54364 
54365 



54366 
54367 
54368 
54369 
54370 
54371 
54372 



54373 
54374 
54375 
54376 
54377 
54378 
54379 
54380 
54381 
54382 
54383 
54384 
54385 
54386 
54387 
54388 



if ( WaitObject ) { 
ObDereferenceObject (WaitObject) ; 
WaitObject = NULL; 

} 

return 0; 



ErrorCode 

PersistentDictionary::Setlnfo( 



{ 

if ( In ) { 

// reflect changes back up to higher level code 
ln->QuiescentWait = QPeriod; 
ln->QuiescentTimeout = QTimeout; 

} 

return 0; 

} 



II- 



ULONG PersistentDictionary::QueryMaxNumUserSnapShots() 
{ 

GetRegistrySettings(&gRegistryPath); 
return MaxNumUserSnapShots; 

} 



II- 



ErrorCode 

PersistentDictionary::lnitClass( 
ULONG Stage, 
tOpenTransactionlnlnternal *ln, 
PVOID AbortEvent ) 



{ 



NTSTATUS Status=STATUS_UNSUCCESSFUL; 

Debug(DEBUG_DICT,("pd::lnitClass\n")); 

if ( Classlnited ) { 
// already inited 
return STATUS_SUCCESS; 

} 

DumpSizeOfs(); 



54389| 

54390| __try { 

54391 1 ULONG DefaultMemSize = 1 ; // megabytes, 

| not nodes 
54392 | 

54393| ListHead = NULL; 

54394| SectorSize=51 2; 

54395| NumSavedHeaderB locks = 

| DEFAULT JHEADER_BLOCKS_TO_SAVE; 
54396| NextHeaderBlockToSave = 0; 
54397| 
54398| 

| Reg_GetULONGKey(&gRegistryPath,L"FreeSpaceOptions M ,0,&PS 
| MFreeSpaceOptions); 
54399 | 

| Reg_GetULONGKey(&gRegistryPath,L"DirectlOOptions",0,&PSM 

| DirectlOOptions); 
54400| Debug(DEBUG_DICT,("pd::lnitClass: 

| FreeSpaceOptions = %08x\n",PSMFreeSpaceOptions)); 
54401 1 GetRegistrySettings(&gRegistryPath); 
54402 1 

54403| Setlnfo(ln); 
54404| 

54405| if ( 

| lncreaseNodeMemory(DefaultMemSize,1 024*1 024)==STATUS_SUC 

| CESS ) { 
54406| Classlnited = TRUE; 

54407| Status = STATUS_SUCCESS; 

54408| } else { 

54409| Debug(DEBUG_DICT, ("Error! Out of memory for 

| nodelist\n")); 

54410| Status = STATUSJNSUFFICIENT_RESOURCES; 

5441 1 1 } 
54412| }_except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54413| Status = GetExceptionCode(); 
54414| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::lnitClass\n",Status)); 
54415| } 
54416| 

54417| return Status; 

54418| } 

54419| 

54420| // 



54421| 

54422| void CloseProcessSpecificHandles( 

| pCloseProcessSpecificHandles Psh ) 
54423| { 
54424| 



I //Debug(DEBUG_DICT,( M pd::CloseProcessSpecificHandles\n") 

I); 

54425| 

54426| ASSERT (Psh != NULL); 
54427| 

54428| if ( Psh != NULL ) { 
54429| if ( lsValidHandle(Psh->Handle) ) { 
54430| ZwClose(Psh->Handle); 
54431| } 

54432| Psh->Handle = INVALID_HANDLE_VALUE; 
54433| 

54434| if ( Psh->Object != NULL ) { 

54435| ObDereferenceObject(Psh->Object); 

54436| Psh->Object = NULL; 

54437| } 

54438| 

54439| pmSetEvent(&Psh->Event); 
54440| } 
54441 1 

54442| PsTerminateSystemThread( 0 ); 

54443 1 } 

54444| 

54445| // 



54447| void CloseProcessHandle ( HANDLE &h 5 PVOID &o ) 
54448| { 

54449| if(GlobalSystemProcessld == PsGetCurrentProcess()) 
|{ 

54450| if ( IsValidHandle(h) ) { 
54451| ZwClose(h); 
54452| } 

54453| h = INVALID_HANDLE_VALUE; // always change h 
| to INVALID_HANDLE_VALUE (it might have been NULL, for 
| example) 

54454| if ( o != NULL ) { 

54455| ObDereferenceObject(o); 

54456| o = NULL; 

54457| } 

54458| } else { 

54459| sCloseProcessSpecificHandles Psh (h, o); 

| // need constructor because it's only way to initialize 

| references in a struct 
54460| KelnitializeEvent (&Psh. Event, 

| NotificationEvent, NULL); 
54461 1 HANDLE ThreadHandle = INVALID_HANDLE_VALUE; 
54462| pmStartThread( 
54463 1 

| (PKSTART_ROUTINE)CloseProcessSpecificHandles, 
54464| (PVOID)&Psh, 



54465| &ThreadHandle ); 

54466| 

54467| if ( IsValidHandle(ThreadHandle) ) { 

54468| pmWaitForSjngleObject(&Psh.Event,NULL); 

54469| ZwClose(ThreadHandle); 

54470| } 

54471 1 } 

54472 1 

54473| // Postconditions: handle and object must be 
| closed 

54474| ASSERT (h == INVALID_HANDLE_VALUE); 
54475| ASSERT (o == NULL); 
54476| } 
54477| 

54478| // 

| 

54479 1 

54480| ErrorCode 

54481 1 PersistentDictionary::DeinitClass() 
54482 1 { 

54483| Debug(DEBUG_DICT,("pd::DeinitClass\n")); 
54484| 

54485| if ( GhostBusterTime ) { 
54486 1 return 0; 
54487| } 
54488| 

54489 1 __try { 

54490| // InitClass always grab 1 MB, lets free it. 
54491 | 

54492| ReclaimNodeMemory(1 ); 
54493| 

54494 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54495| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::DeinitClass\n",GetExceptionCode())); 
54496| } 
54497| 

54498| Classlnited = FALSE; 
54499 1 return 0; 
54500| } 
54501| 

54502| // 



54503| 

54504| PersistentDictionary::PersistentDictionary( ) 
54505| { 

54506| Debug(DEBUG_DICT,("pd::Constructor: 

| this=%08x\n M ,this)); 
54507| initialize (DICT_FLAG_PERSISTENT); 
54508| } 



54509| 
54510| //- 



5451 1 1 

54512| PersistentDictionary::~PersistentDictionary( ) 
54513| { 

54514| Debug(DEBUG_DICT,("pd::Destructor: 

| this=%08x\n",this)); 
54515| cleanupO; 
54516| } 
54517| 

54518| // 

I 

54519| 

54520| ErrorCode PersistentDictionary::initialize( ULONG 

| InitFlags ) 
54521 | { 

54522| Debug(DEBUG_DICT,("pd::initialize: 

| this=%08x\n",this)); 
54523 1 // zero out fields 
54524| Flags = InitFlags; 
54525| Next = ListHead; 
54526| ListHead = this; 
54527| Snapshot = NULL; 
54528| 

54529| return STATUS_SUCCESS; 
54530 1 } 
54531 | 

54532| // 



54534| ErrorCode PersistentDictionary::GetDictionaryForVolume( 

| PVOID Volume, pDictionary SDictionary ) 
54535| { 

54536| pPersistentDictionary p; 
54537| Dictionary = NULL; 
54538| 

54539| p=ListHead; 

54540| while ( p ) { 

54541 1 if ( p->Volume == Volume ) { 

54542| Dictionary = p; 

54543 1 break; 

54544| } 

54545| p=p->Next; 

54546| } 

54547| 

54548| 

54549 1 return 0; 
54550 1 } 
54551 | 



54552| //- 



54553| 

54554| ErrorCode PersistentDictionary::GetDictionaryForVolume 



54558| { 

54559| NTSTATUS Status = STATUS_NOT_FOUND; 
54560| Dictionary = NULL; 
54561 | 

54562| for ( pPersistentDictionary p = ListHead; p != 

| NULL; p = p->Next ) { 
54563| if ( (p-> Volume == Volume ) && 

| ((p->GetSequenceNumber()) == SequenceNumber) ) { 
54564| Status = STATUS_SUCCESS; 

54565| Dictionary = p; 

54566| break; 
54567| } 
54568| } 
54569 1 

54570| return Status; 
54571 | } 
54572 1 
54573 1 

54574| // 



54575| 

54576| void PersistentDictionary::FreeNodeAndBits ( void *Ptr 
I) 

54577| { 

54578| Profile("pd::FreeNodeAndBits"); 
54579| ASSERT(Ptr != NULL); 
54580 1 

54581 1 if ( Ptr != NULL ) { 

54582 1 pTreeLeaf Node = pTreeLeaf(Ptr); 

54583| if ( Node->Pos != INVALID_POSITION_VALUE ) { 

54584| ASSERT(Node->Pos < 

| DevExt->Cache.PSManBitMapSize); 
54585| FreeCacheLocation (Node->Pos); 

54586| } 
54587| 

54588| FreeNode(Node); 
54589 1 } 
54590 1 } 
54591 | 

54592 1 // 



I ( 
54555| 
54556| 
54557| 



PVOID Volume, 
pDictionary &Dictionary, 
ULONG SequenceNumber ) 



54593 1 



54594| ErrorCode PersistentDictionary::GetOutParams( WCHAR 

| *Cache ) 
54595| { 

54596| Debug(DEBUG_DICT, ("pd : :GetOutParams\n")) ; 
54597| return 0; 
54598| } 
54599| 

54600| // 

I 

54601 | 

54602| ErrorCode PersistentDictionary::GetVolumeSpaceUsed ( 

54603| PDEVICE_OBJECT Volume, 

54604| ULONG &At, 

54605| ULONG &High, 

54606| ULONG &Used ) 

54607| { 

54608| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
54609| Debug(DEBUG_DICT,("pd::GetVolumeSpaceUsed\n")); 
54610| 

5461 1 1 ASSERT (GRANULE_SIZE % 1 024 == 0); 
54612| ASSERT (GRANULE_SIZE > 0); 
54613| 

54614| At = DevExt->Cache.PSManBitMapSize * (GRANULESIZE 
1/1024); 

54615| High = DevExt->Cache.PSManBitMapMaxSize * 

| (GRANULE SIZE / 1024); 
5461 6| Used = DevExt->Cache.CurrentCacheFileSize * 

| (GRANULE_SIZE / 1024); 
54617| 

54618| return 0; 
54619| } 
54620| 

54621 1 // 



54622| // called when snapshot is destroyed via 

| Dictionary::Destroy 
54623 1 

54624| ErrorCode PersistentDictionary::close() 
54625| { 

54626| Debug(DEBUG_DICT,("pd::close\n")); 
54627| return STATUS_SUCCESS; 
54628| } 
54629| 

54630 1 // 

I 

54631 | 

54632| ErrorCode PersistentDictionary::destroy() 
54633 1 { 

54634| NTSTATUS Status=STATUS_UNSUCCESSFUL; 



54635| Debug(DEBUG_DICT, ("pd : :destroy\n")) ; 
54636| _try { 
54637| cleanupO; 

54638| // Status = SbDeleteFile(CacheFileName); 
54639| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54640| Status = GetExceptionCode(); 
54641 1 Debug(DEBUG_DICT,("Exception %08x in 

| pd::destroy\n",Status)); 
54642 1 } 
54643 1 

54644| return Status; 

54645| } 

54646| 

54647| // 



54648| 

54649| ErrorCode PersistentDictionary::reset() 
54650 1 { 

54651 1 NTSTATUS Status = STATUS_SUCCESS; 

54652| Debug(DEBUG_DICT,("pd::reset\n")); 

54653 1 _try { 

54654| destroy(); 

54655| Status = initialize(Flags); 

54656| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54657| Status = GetExceptionCode(); 
54658| Debug(DEBUG_DICT,("Exception %08x in 

| pd::reset\n", Status)); 
54659 1 } 

54660| return Status; 
54661 | } 
54662 1 

54663 1 // 

| 

54664| 

54665| BOOLEAN PersistentDictionary::DoFreeSpaceChecks() 
54666| { 

54667| return (PSMFreeSpaceOptions & 

| PSM_DO_NOT_DO_FREE_SPACE) ? FALSE : TRUE; 
54668| } 
54669 1 

54670 1 // 

| 

54671 | 

54672| void PersistentDictionary::DumpSizeOfs(void) 

54673 1 { 

54674| 

| Debug(DEBUG_DICT,("Sizeof(PersistentDictionary)=%d\n",si 
| zeof(PersistentDictionary))); 



54675| 

| Debug(DEBUG_DICT,("Sizeof(Dictionary)=%d\n",sizeof(Dicti 
I onary))); 
54676| 

| Debug(DEBUG_DICT,("Sizeof(TemporaryDictionary)=%d\n",siz 
| eof(TemporaryDictionary))); 
54677| 

| Debug(DEBUG_DICT,("Sizeof(tlnternalSnapShot)=%d\n",sizeo 
| f(tlnternalSnapShot))); 
54678| 

| Debug(DEBUG_DICT,("Sizeof(tDisklnternalSnapShot)=%d\n",s 

| izeof(tDisklnternalSnapShot))); 
54679| 
54680| 

| Debug(DEBUG_DICT,("Sizeof(tRevertlnfo)=%d\n",sizeof(tRev 
| ertlnfo))); 

54681| Debug(DEBUG_DICT,(" tRevertlnfo field 
| offsets :\n")); 

54682| Debug(DEBUG_DICT,(" SnapShotSequenceNumber 

| :%4d\n", 

| FIELD_OFFSET(tRevertlnfo,SnapShotSequenceNumber) )); 
54683| Debug(DEBUG_DICT,(" Reserved2 

| :%4d\n", FIELD_OFFSET(tRevertlnfo,Reserved2) )); 
54684| Debug(DEBUG_DICT,(" LastKnownGranuleFinished 

| :%4d\n", 

| FIELD_OFFSET(tRevertlnfo,LastKnownGranuleFinished) )); 
54685| Debug(DEBUG_DICT,(" RevertFlags 

| :%4d\n", FIELD_OFFSET(tRevertlnfo,RevertFlags) )); 
54686| Debug(DEBUG_DICT,(" Reserved3 

| :%4d\n", FIELD_OFFSET(tRevertlnfo,Reserved3) )); 
54687| Debug(DEBUG_DICT,(" SnapShotTime 

| :%4d\n", FIELD_OFFSET(tRevertlnfo,SnapShotTime) )); 
54688| Debug(DEBUG_DICT,(" Reserved[] 

| :%4d\n", FIELD_OFFSET(tRevertlnfo,Reserved) )); 
54689| 
54690| 

| Debug(DEBUG_DICT,("Sizeof(tHeader)=%d\n",sizeof(tHeader) 

I)); 

54691 | 

| Debug(DEBUG_DICT,("Sizeof(tDiskNode)=%d\n",sizeof(tDiskN 
I ode))); 
54692 1 

| Debug(DEBUG_DICT,("Sizeof(tlndexSectorPrefix)=%d\n",size 
| of(tlndexSectorPrefix))); 
54693 1 

| Debug(DEBUG_DICT,("Sizeof(tlndexSectorlnfo)=%d\n",sizeof 
| (tlndexSectorlnfo))); 
54694| 

| Debug(DEBUG_DICT,("Sizeof(tlndexSector)=%d\n",sizeof(tln 
| dexSector))); 



54695| 

| Debug(DEBUG_DICT,("Sizeof(tShared)=%d\n",sizeof(tShared) 

I)); 

54696| 

| Debug(DEBUG_DICT,("Sizeof(tTreeLeaf)=%d\n",sizeof(tTreeL 
I eaf))); 
54697| 

| Debug(DEBUG_DICT,("Sizeof(tTree)=%d\n",sizeof(tTree))); 
54698| 

| Debug(DEBUG_DICT,("Sizeof(ZONE_SEGMENT_HEADER)=%d\n",siz 

| eof(ZONE_SEGMENT_HEADER))); 
54699| } 
54700| 

54701| // 

| 

54702| 

54703| BOOLEAN PersistentDictionary::NeedsCaching( 

| ULARGEJNTEGER Sector, ULONG Count ) 
54704| { 

54705| LARGEJNTEGER Granule; 
54706| ULONG GranuleCount; 
54707| ULONG NumFree=0; 
54708| ULONG i; 
54709| 

54710| Profile("pd::NeedsCaching"); 
5471 1 | 

54712| if ( !Shared->Map ) { 
54713| return TRUE; 
54714| } 
54715| 

5471 6| Granule.QuadPart = Sector.QuadPart / 

| SECTORS_PER_GRANULE; 
54717| GranuleCount= 

| (ULONG)((ROUND_UP(Sector.QuadPart+Count,SECTORS_PER_GRAN 

| ULE)-ROUND_DOWN(Sector.QuadPart,SECTORS_PER_GRANULE)) / 

| SECTORS_PER_GRANULE); 
54718| 

54719| ASSERT(Granule.HighPart==0); 
54720| 

54721 1 for ( i=0;i<GranuleCount;i++ ) { 

54722| PsmBitPositionValidate (Shared->Map, 

| Granule. LowPart + i); 
54723 1 if ( 

| !RtlCheckBit(Shared->Map,Granule.LowPart+i) ) { 
54724| NumFree++; 
54725| } else { 
54726| break; 
54727| } 
54728| } 
54729| 



54730| if ( NumFree==GranuleCount ) { 
54731 1 //all granules are free 
54732 1 return FALSE; 
54733 1 } else { 

54734| // one or more granules are used 

54735| return TRUE; 

54736| } 

54737| } 

54738| 

54739 1 

54740| // 



54741 1 
54742 1 

54743| NTSTATUS PersistentDictionary::ProcessCachingMap( 
| PRTL_BITMAP *BitMapToWorkOn, const WCHAR 
| *VirtualVolName, const WCHAR *LiveVolName ) 

54744| { 

54745| ULONG ClusterSize=0; 

54746| NTSTATUS Status = FindAndProcessVirtualVolumeBitMap 
| (VirtualVolName, LiveVolName, BitMapToWorkOn, 
| ClusterSize ); 

54747| 

54748| #if 0 // This restore has been moved farther up the 

| calling routine stack to shut loopholes where 
54749| // modifying a map being rebuilt could get into 

| live service. 
54750 1 

54751 1 // now that transformation is complete we can 
| reopen the map for freespace and cache control, 

54752| // instead of presuming everything should be tried 
| to be cached and letting duplicate tree hits control. 

54753| Shared->Map=Shared->MaplnTransform; 

54754| Shared->MaplnTransform = NULL; 

54755| #endif 

54756| 

54757| #ifdef DEBUG 

54758| if(Shared->ClusterSize) { 

54759| // if reloading, make sure the cluster size 

| hasnt changed on us 
54760| // which would be catastrophic 
54761 1 if(ClusterSize) { 

54762| ASSERT(Shared->ClusterSize == ClusterSize); 

54763 1 } 

54764| } 

54765| #endif 

54766| 

54767| Shared->ClusterSize = ClusterSize; 
54768| 

54769 1 return(Status); 



54770| } 
54771 1 
54772 1 

54773| NTSTATUS 

| PersistentDictionary::RemoveVirtualWrites(void) 
54774| { 

54775| WCHAR Buffer2[257]; 
54776| PDEVICE_OBJECT 

| Virtual=GetVdiskObjectForName(DevExt->Name,SnapShot->Per 

| manent.Externallnstance); 



54777| NTSTATUS Status=STATUS_SUCCESS; 
54778| 

54779 1 __try { 

54780| bool DismountedTheVirtualVolume = false; 

54781 1 PVDISK_EXTENSION VDisk = 0; 

54782 1 __try { 

54783| // we may not get an object if part2 has 

| not run yet 

54784| if(Virtual) { 

54785| VDisk = GetVDiskExtension(Virtual); 

54786 1 Debug ( D E BU G_D I CT, (" RemoveVi rtu al Writes 



| called\n M )); 
54787| 

| swprintf(Buffer2,L"\\Device\\PsmDevices_%04x\\%s_%d",PSM 

| _LOW_COMPATIBLE_VERSION,VDisk->Name,SnapShot->Permanent. 

| External Instance); 
54788| Debug(DEBUG_DEVSUP,("Dismounting volume 

| '%S'\n",Buffer2)); 
54789| DismountedTheVirtualVolume = true; 

54790| ASSERT(!VDisk->MountDisabled); 
54791 1 VDisk->MountDisabled = 1 ; // 

| don't allow mount while we are removing virtual writes 
54792| Sblo_DismountVolume( Buffer2 ); 

54793 1 } 
54794| 

54795| Status = RemoveVirtualWritesFromTree 

I (TRUE); 
54796| 

54797| if(Virtual) { 

54798| Debug(DEBUG_DEVSUP,( M Remounting 

| volume\n")); 
54799| ASSERT(VDisk); 
54800| VDisk->MountDisabled = 0; // must 

| re-enable mount before we mount, don't you think? 
54801 1 SbTouchVolume( Buffer2 ); 

54802| DismountedTheVirtualVolume = false; 

54803 1 } 
54804| } ^finally { 

54805| if ( DismountedTheVirtualVolume ) { 

54806| VDisk->MountDisabled = 0; // 



I re-enable mount in case anything weird happens, so we 

| don't leave snapshot volume dead. 
54807| } 
54808| } 
54809| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54810| Status = GetExceptionCode(); 
5481 1 1 Debug(DEBUG_DICT,("Exception %08x in 

| pd::RemoveVirtualWrites\n",Status)); 
54812| } 
54813| 

54814| return Status; 

54815| } 

54816| 

54817| ULONG PersistentDictionary::GetSnapShotFlags(void) 
54818| { 

54819| ULONG Flags = 0; 
54820| if ( Snapshot ) { 

54821 1 Flags = SnapShot->Permanent.SnapShotFlags; 
54822 1 } else { 

54823| Debug(DEBUG_DICT,("!!l pd::GetSnapShotFlags: 

| SnapShot==NULL !!!\n")); 
54824| ASSERT(FALSE); 
54825| } 
54826| 

54827| return Flags; 
54828| } 
54829| 
54830 1 

54831| ULONG PersistentDictionary::GetSequenceNumber() const 
54832| { 

54833| ULONG sn = Oxffffffff; 
54834| if ( Snapshot ) { 

54835| sn = SnapShot->Permanent.SequenceNumber; 
54836| } else { 

54837| Debug(DEBUG_DICT,("!M pd::GetSequenceNumber: 

| SnapShot==NULL !!!\n")); 
54838| ASSERT(FALSE); 
54839| } 
54840| 

54841 1 #ifdef DEBUG 
54842 1 /* 

54843| static const PersistentDictionary * 

| PreviousDictPrinted = 0; 
54844| static ULONG PreviousSnPrinted = 0; 
54845| static ULONG OmitCount = 0; 
54846| 

54847| if ( this!=PreviousDictPrinted || 

| sn!=PreviousSnPrinted ) { // cut down on the visual 
| noise 



54848| Debug(DEBUG_DICT,("pd::GetSequenceNumber: 
| dict=%08x, returning %08x (did not print last %08x 
| calls)\n",this,sn,OmitCount)); 

54849| PreviousDictPrinted = (const 
| PersistentDictionary *) this; 

54850| PreviousSn Printed = sn; 

54851| OmitCount = 0; 

54852| } else { 

54853| ++OmitCount; 

54854| } 

54855| 7 

54856| #endif /"DEBUG*/ 
54857| 

54858| return sn; 

54859| } 

54860| 

54861| int64 PersistentDictionary::GetSnapShotTime() const 

54862| { 

54863| int64 time = int64(0); 

54864| 

54865| if ( Snapshot ) { 
54866| time = 

| SnapShot->Permanent.SnapShotTime.QuadPart; 
54867| } else { 

54868| Debug(DEBUG_DICT,("M! pd::GetSnapShotTime: 

| SnapShot==NULL !!!\n")); 
54869 1 ASS E RT( FALSE) ; 
54870| } 
54871 1 

54872| return time; 

54873 1 } 

54874| 

54875| NTSTATUS PersistentDictionary::SetRevertBootlnfo ( 
54876| PDEVICE_OBJECT Volume, 
54877| const tRevertlnfo &Revertlnfo ) 
54878| { 

54879| NTSTATUS Status = STATUS_SUCCESS; 
54880| Debug(DEBUG_DICT,("pd::SetRevertBootlnfo: 

| Volume=°/o08x\n'\ Volume)); 
54881 | 

54882| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
54883 1 if ( DevExt->Cache. Header ) { 

54884| DevExt->Cache.Header->Revertlnfo = Revertlnfo; 
54885| 

54886| Debug(DEBUG_DEVSUP,("SetRevertBootlnfo:\n")); 
54887| Debug(DEBUG_DEVSUP,(" SnapShotSequenceNumber 

| = %08x\n M , Revertlnfo. SnapShotSequenceNumber)); 
54888| Debug(DEBUG_DEVSUP,(" 

| LastKnownGranuleFinished = 



I %016l64x\n",Revertlnfo.LastKnownGranuleFinished.QuadPart 

I)); 

54889 1 } else { 

54890| Debug(DEBUG_DEVSUP,("SetRevertBootlnfo: Header 

| data does not exist!\n")); 
54891| } 
54892| 
54893| 

54894| Debug(DEBUG_DICT,("pd::SetRevertBootlnfo(%08x) 

| returning %08x\n M ,Volume,Status)); 
54895| return Status; 
54896| } 
54897| 
54898| 

54899| void PersistentDictionary::GetCacheThresholds( 

| PDEVICE_OBJECT Volume, ULONG &Warn, ULONG &Full, ULONG 
| &lnterval, ULONG &FullPercent, ULONG &FullAction ) 

54900| { 

54901 1 PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
54902| Warn = DevExt->Cache.CacheWarningThresholdPercent; 
54903| Full = DevExt->Cache.CacheFullThresholdPercent; 
54904| Interval = DevExt->Cache.CacheWarning Interval; 
54905| FullPercent = DevExt->Cache.CacheFullActionPercent; 
54906| FullAction = DevExt->Cache.CacheFullAction; 
54907 1 return; 
54908| } 
54909| 
54910| 

54911| NTSTATUS PersistentDictionary::LoadSnapShotsForVolume( 
| PDEVICE_OBJECT Volume, BOOLEAN Rebuild, PVOID Abort Event 
I) 

54912| { 

54913| NTSTATUS Status = STATUS_SUCCESS; 

5491 4| ULONG Opened=FALSE; 

54915| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
54916| 

54917| Debug(DEBUG_DICT,("pd::LoadSnapShotsForVolume: 

| Volume=%08x, Rebuild=%s, lsMounted=%s\n M , 
54918| Volume, 

54919| (Rebuild ? "TRUE" : "FALSE"), 

54920| (DevExt->lsMounted ? "TRUE" : "FALSE") )); 

54921 | 

54922| if(!DevExt->OpenCloseAcquired) { 
54923 1 if ( 

| AcquireOpenCloseResourceOnly((PKEVENT)AbortEvent)!=STATU 

| S_WAIT_0 ) { 
54924| return PSM_CANCELED_BY_USER; 

54925| } 



54926| Opened = TRUE; 

54927| DevExt->OpenCloseAcquired = TRUE; 

54928| } 

54929| 

54930| _try { 
54931 1 #if 0 

54932 1 // we need to "refresh" what we know about the 

| volumes 
54933| if(DevExt->PSMed) { 
54934| // snapshots already loaded, this can 

| happen when the volume comes online and 
54935| // when the volume is mounted, which 

| appears to happen in 2 seperate threads 
54936| Debug(DEBUG_DICT,("LoadSnapShotsForVolume: 

| Snapshots are already loaded for this volume 

| %08x\n",Volume)); 
54937| try_return(Status=STATUS_SUCCESS); 
54938| } 
54939| #endif 
54940 1 

54941 1 // set up system process as all snapshots must 

| be assigned to a process 
54942| pOTJJSER User = 

| FindPSMUser(GlobalSystemProcessld,(_ETHREAD*)-2); 
54943| ASSERT(User); 
54944| 

54945| if ( User ) { 
54946| ULONG United = FALSE; 

54947| User->Persistent = TRUE; 

54948| User->SaveTempOnExit = FALSE; 

54949 1 

54950| // dont do this if already done 

54951 1 if ( 

| lsValidHandle(DevExt->Cache.CacheFile.FileHandle) ) { 
54952| try_return(Status=STATUS_SUCCESS); 
54953 1 } 
54954| 

54955| DevExt->lnLoadUnload = TRUE; 

54956| 

54957| if ( IPSManPSMInited ) { 

54958| United = TRUE; 

54959 1 

| UpdateGlobalStatus(PSM_RESOURCE_ACQUISITION); 
54960| Status = SbPrelnit(User,NULL); 

54961 | } 
54962 1 

54963| if ( NT_SUCCESS(Status) ) { 

54964| Status = 

| RebuildSnapShotsForVolume(Volume,Rebuild,AbortEvent); 
54965| if ( NT_SUCCESS(Status) ) { 



54966| try_return(NOTHING); 
54967| } else { 

54968| Debug(DEBUG_DICT,("Error %08x 

| rebuilding snapshots\n",Status)); 
54969| } 
54970| 

54971| if ( United ) { 

54972| SbPreDelnit(); 
54973| } 
54974| } else { // if SbPrelnit 

54975| Debug(DEBUG_DICT,("Error%08x initing 

| snapshot engine\n", Status)); 
54976| } 
54977| } else { // if user 

54978| Status = STATUS_INSUFFICIENT_RESOURCES; 

54979| } 

54980| try_exit: NOTHING; 
54981 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
54982| Status = GetExceptionCode(); 
54983| Debug(DEBUG_DICT,(" Exception %08x in 

| pd::LoadSnapShotsForVolume\n",Status)); 
54984| } 

54985| UpdateGlobalStatus(PSMJDLE); 
54986| if(Opened) { 

54987| DevExt->OpenCloseAcquired = FALSE; 
54988| ReleaseOpenCloseResource(); 
54989 1 } 

54990| pmThreadSwitch(); 

54991 1 DevExt->lnLoadUnload = FALSE; 

54992| Debug(DEBUG_DICT,("pd::LoadSnapShotsForVolume 

| returning %08x\n",Status)); 
54993| return Status; 
54994| } 
54995| 
54996| 

54997| NTSTATUS RemoveVolumesFromSystem( PDEVICE_OBJECT 

| Volume) 
54998| { 

54999| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
55000| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55001 | 

55002| Debug(DEBUG_DICT,("Entering 

| RemoveVolumesFromSystem, Vol=%08x\n",Volume)); 
55003 1 

55004| _try { 

55005| pOTJJSER User = 

| FindPSMUser(GlobalSystemProcessld,(_ETHREAD*)-2); 
55006| ASSERT(User); 



55007| 

55008| // remove all virtual volumes 
55009| GetSnapShotForWrite(); 
55010| __try{ 
55011| PLIST_ENTRY 

| ListEntry=DevExt->SnapShots.Flink; 
55012| while(ListEntry != &DevExt->SnapShots) { 

55013| pkSnapShotEntry 

| p=CONTAINING_RECORD(ListEntry,tkSnapShotEntry,DevExt); 
55014| 

55015| ASSERT(p->DeviceObject == Volume); 

55016| 

5501 7| UseSnapShot(p); 
55018| 

5501 9 1 // start back at top 

55020 1 

| Debug(DEBUG_DCPSM,("RemoveVolumesFromSystem: Freeing 

| device %08x!\n'\p->DeviceObject)); 
55021 1 Status = 

| FreePSMVolume(User,p->DeviceObject,p); 
55022 1 

55023 1 // assert that no other people have 

| this snapshot in use 
55024| ASSERT(p->Count==1); 
55025| pkSnapShotMaster 

| Master=p->MasterSnapShot; 
55026| 

55027| // get rid of last reference count so 

| the snapshot is deleted 
55028| DoneWithSnapShot(p); 
55029 1 
55030 | 

| Debug(DEBUG_DICT,("pd::RemoveSnapShotsForVolume: 
| snapshot entry deleted, freeing master 
| %08x\n M ,Master->Count)); 



55031 1 if(Master->Count==0) { 

55032| FREEPOINTER(Master); 
55033| ASSERT(GlobalData->NumActive); 
55034| lnterlockedDecrement((PLONG) 

| &GlobalData->NumActive); 
55035| lnterlockedDecrement((PLONG) 



| &User->Open); 
55036| 

| Debug(DEBUG_DICT,("pd::RemoveSnapShotsForVolume: 

| Decremented Num Active to %08x 

| open=%08x\n",GlobalData->NumActive,User->Open)); 



55037| } 
55038| 

55039| ListEntry = DevExt->SnapShots.Flink; 

55040| } 



55041 1 
55042 1 



} finally { 

ReleaseSnapShotForWriteQ; 



55043 1 } 
55044 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55045| Status = GetExceptionCode(); 
55046| Debug(DEBUG_SFILTER,("Exception %08x in 

| dismount all volumes\n",Status)); 
55047| } 
55048| 

55049| Debug(DEBUG_DICT,("RemoveVolumesFromSystem 

| returning %08x\n",Status)); 
55050 1 return Status; 
55051 1 } 
55052 1 

55053| // Undoes what TdAddDrive did. 

55054| NTSTATUS DeleteVirtualVolumesFromSystem( PDEVICE_OBJECT 

| Volume ) 
55055| { 

55056| NTSTATUS Status=STATUS_SUCCESS; 
55057| Debug(DEBUG_DICT,("Entering 

| DeleteVirtualVolumesFromSystem, Vol=%08x\n",Volume)); 
55058| 

55059 1 __try { 

55060| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
55061| while(DevObj) { 
55062| if ( 

| PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
55063| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DevObj); 
55064| Debug(DEBUG_VDISK,("VDisk: 

| DeleteVirtualVolumesFromSystem: Found virtual Volume 

| %08x\n", DevObj)); 
55065| if(DevExt->PSMDevice==Volume) { 

55066| Debug(DEBUG_VDISK,("VDisk: 

| DeleteVirtualVolumesFromSystem: Found virtual Volume 

| %08x to delete\n", DevObj)); 
55067| if ((DevExt->DeviceObject->Vpb) && 

| ( DevExt->DeviceObject->Vpb->Flags & VPB_MOUNTED )) { 
55068| Debug(DEBUG_VDISK,("VDisk: 

| Devcon: Volume %08x is mounted\n", DevObj)); 
55069| DevExt->DeviceObject->Flags |= 

| DO_VERIFY_VOLUME; 
55070| } 



55071 | 
55072 1 
55073 | 
55074| 
55075| 



DevExt->PartitionActive = FALSE; 
DevExt->DriveNotReady = TRUE; 
DevExt->PSMDevice = NULL; 



DevExt->MountDisabled=TRUE; 



55076| 

55077| UNICODE_STRING Uni; 

55078| 

55079 1 Rtl I nitU nicodeString (&U n i , 

| DevExt->VolumeGuid); 
55080| loDeleteSymbolicLink(&Uni); 
55081 | 

55082| DoneWithSnapShot(DevExt->SnapShot); 
55083| DevExt->SnapShot = NULL; 

55084| DevExt->MasterSnapShot=NULL; 
55085| } 
55086| } 

55087| DevObj=DevObj->NextDevice; 
55088| } 
55089 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55090| Status = GetExceptionCode(); 
55091 1 Debug(DEBUG_SFILTER,("Exception %08x in 

| DeleteVirtualVolumesFromSystem\n", Status)); 
55092 1 } 
55093 1 

55094| Debug(DEBUG_DICT,("DeleteVirtualVolumesFromSystem 

| returning %08x\n M ,Status)); 
55095 1 return Status; 
55096| } 
55097| 

55098| typedef struct sClusterFiles { 
55099| WCHAR *KeyName; 
551 00| PFILE_OBJECT FileObject; 
55101| } tClusterFiles, *pClusterFiles; 
55102| 

55103| #ifdef DEBUG 

55104| void DumpMap( RETRIEVAL_POINTERS_BUFFER *Map ) 
55105| { 

55106| if (Map) { 

55107| ULONG j; 

551 08| LARGEJNTEGER StartVcn; 

55109| 

551 1 0| StartVcn = Map->StartingVcn; 

551 1 1 1 for(j=0;j<Map->ExtentCount;j++) { 

55112| Debug(DEBUG_DICT,(" %04d StartVcn=%08l64x, 

| LCN=%08l64x, Len=%08l64x, Next=%08l64x\n",j, 
55113| StartVcn. QuadPart, 

551 14| Map->Extents[j].Lcn.QuadPart, 
55115| 

| Map->Extents[j].NextVcn.QuadPart-StartVcn. QuadPart, 
551 1 6| Map->Extents[j].NextVcn.QuadPart)); 
551 1 7| StartVcn = Map->Extents[j].NextVcn; 

55118| } 
55119| } 



55120| } 
55121| #endif 
55122| 

55123| NTSTATUS PersistentDictionary::RetrieveDirectlOMaps( 

| PDEVICE_OBJECT Volume, BOOLEAN CheckClusterDataBase) 
55124| { 

55125| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55126| WCHAR *ClusterReg; 
55127| WCHAR *LocalReg={0}; 
55128| UNICODE_STRING Uni; 

55129| RETRIEVAL_POINTERS_BUFFER *RP = NULL; 
55130| ULONG BPC,BPS; 
55131| PVOID Handle; 

55132| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
55133| Direct Access File *newHeaderDirect = new 

| DirectAccessFileQ; 
55134| Direct Access File * new Index Direct = new 

| DirectAccessFileQ; 
55135| Direct Access File *newCacheDirect = new 

| DirectAccessFile(); 
55136| 

55137| Profile( M pd::RetrieveDirectlOMaps M ); 
55138| 

55139| Debug(DEBUG_DICT,("RetrieveDirectlOMaps %08x: %08x 
| %08x %08x\n", Volume, 

| DevExt->Cache.HeaderFile.Direct,DevExt->Cache.lndexFile. 

| Direct, DevExt->Cache.CacheFile. Direct)); 
55140| LocalReg=(WCHAR*)MemAllocateString(256); 
55141| if(LocalReg) { 
55142| 

| RtlCopyMemory(LocalReg,gRegistryPath.Buffer,gRegistryPat 
| h.Length); 

551 43 1 LocalReg[gRegistryPath. Length / 2] = 0; 

55144| wcscat(LocalReg,L"\V); 

55145| wcscat(LocalReg,DevExt->VolumeGuid); 

55146| 

55147| RtllnitUnicodeString(&Uni,LocalReg); 

55148| ClusterReg=(WCHAR*)MemAllocateString(256); 

55149| if(ClusterReg) { 

55150| ULONG DidCluster = TRUE; 

55151| 

55152| 

| wcscpy(ClusterReg,L"\\Registry\\Machine\\Cluster\\Persis 

| tentStorageManagerW); 
55153| wcscat(ClusterReg,DevExt->Uniqueld); 
551 54 1 if (CheckClusterDataBase) { 

551 55| // if cluster entry exists, use it 

| instead, as the local copy may be stale 
55156| 



I if(RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,ClusterReg) 
| ==STATUS_SUCCESS) { 
55157| 

| Debug(DEBUG_DICT,("pd:RetrieveDirectlOMaps: Using 
| cluster database instead of local database\n")); 
55158| 

551 59| // copy cluster database to local 

| database so it doesnt get stale 
55160| 

| CopyClusterRegistryTo Local Reg istry( Volu me, &U ni) ; 
55161| 
55162| 

| RtllnitUnicodeString(&Uni,ClusterReg); 
551 63| DidCluster = FALSE; 

55164| } 
55165| } 
55166| 

551 67| // FIXFIXFIX need to direct the direct io 

| stuff to the volume that 
551 68| // contains the file, not the volume we are 

| reading( which may not be the same!) 
55169| 

551 70| // FIXFIXFIX this is per file, not global 

| for all files, (as they may be 
551 71 1 // on different volumes) 

55172| 

| Reg_GetULONGKey(&Uni,L"BytesPerCluster",4096,&BPC); 
55173| 

| Reg_GetULONGKey(&Uni,L"BytesPerSector",512,&BPS); 
55174| 

55175| DoAgain: 

551 76| Status = 

| Reg_GetBinaryKey(&Uni,L"HeaderMap",(PVOID*)&RP,&Handle); 
551 77| if ( NT_SUCCESS(Status) ) { 

55178| 

| newHeaderDirect->Setlnternal(Volume,NULL,RP,BPC,BPS); 
55179| #ifdef DEBUG 

55180| Debug(DEBUG_DICT,("Header Map:\n")); 

55181| DumpMap(RP); 
55182| #endif 

55183| Reg_FreeBinary(Handle); 

55184| }else{ 

55185| 

| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: Could not 

| get HeaderMap from registry (%08x)\n",Status)); 
551 86| // ok, key not there. . lets try local 

55187| if(IDidCluster) { 

55188| 

| Debug(DEBUG_DICT,("pd:RetrieveDirectlOMaps: Using local 
| database instead of cluster database\n")); 



55189| DidCluster=TRUE; 
55190| 

| Rt 1 1 n itU n icodeStri ng( & U n i, Local Reg) ; 
55191| goto DoAgain; 

55192| } 
55193| } 
55194| 

55195| if(NT_SUCCESS(Status)) { 

55196| RP = NULL; 

55197| Status = 

| Reg_GetBinaryKey(&Uni,L"lndexMap",(PVOID*)&RP,&Handle); 
55198| if ( NT_SUCCESS(Status) ) { 

55199| 

| newlndexDirect->Setlnternal(Volume,NULL,RP,BPC,BPS); 
55200| #ifdef DEBUG 

55201| Debug(DEBUG_DICT,("lndex MapAn")); 

55202| DumpMap(RP); 
55203| #endif 

55204| Reg_FreeBinary(Handle); 

55205| } else { 

55206| 

| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: Could not 

| get IndexMap from registry (%08x)\n",Status)); 
55207| } 
55208| 

55209| if(NT_SUCCESS(Status)) { 

55210| RP = NULL; 

5521 1 1 Status = 

| Reg_GetBinaryKey(&Uni,L"CacheMap",(PVOID*)&RP,&Handle); 
5521 2| if ( NT_SUCCESS(Status) ) { 

55213| 

| newCacheDirect->Setlnternal(Volume,NULL,RP,BPC,BPS); 
55214| #ifdef DEBUG 

55215| Debug(DEBUG_DICT,("Cache 

| MapAn")); 
55216| DumpMap(RP); 
55217| #endif 

55218| Reg_FreeBinary(Handle); 

55219| }else{ 

55220| 

| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: Could not 

| get CacheMap from registry (%08x)\n", Status)); 
55221 1 } 
55222| RP = NULL; 

55223 1 } 
55224| } 

55225| MemFreeString(ClusterReg); 
55226| } else { 

55227| Status = STATUS_INSUFFICIENT_RESOURCES; 

55228| 



I Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: Out of 
| memory for clusterreg\n")); 
55229| } 

55230| MemFreeString(LocalReg); 
55231| }else{ 

55232| Status = STATUS_INSUFFICIENT_RESOURCES; 
55233| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: 

| Out of memory for localreg\n")); 
55234| } 
55235| 

55236| if ( !NT_SUCCESS(Status) ) { 

55237| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: 

| Deleting new maps because of status %08x\n M , Status)); 
55238| delete newHeaderDirect; 
55239| delete newlndexDirect; 
55240| delete newCacheDirect; 
55241 | 

55242| newHeaderDirect = 0; 
55243| newlndexDirect = 0; 
55244| newCacheDirect = 0; 
55245| } 
55246| 

55247| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: About 

| to acquire writer lock for DirectFileAccess pointer 

| swap\n")); 
55248| KeEnterCriticalRegion(); 
55249| pmAcquireWriterLock ( 

| &DevExt->Cache.DirectAccessResource, TRUE ); 
55250| Direct Access File *oldHeaderDirect = 

| DevExt->Cache.HeaderFile. Direct; 
55251| Direct Access File *oldlndexDirect = 

| DevExt->Cache.lndexFile. Direct; 
55252| Direct Access File *oldCacheDirect = 

| DevExt->Cache.CacheFile. Direct; 
55253| DevExt->Cache.HeaderFile. Direct = newHeaderDirect; 
55254| DevExt->Cache.lndexFile. Direct = newlndexDirect; 
55255| DevExt->Cache.CacheFile. Direct = newCacheDirect; 
55256| pmReleaseWriterLock ( 

| &DevExt->Cache.DirectAccessResource ); 
55257| Kel_eaveCriticalRegion(); 

55258| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: 
| Released writer lock - header=%08x, index=%08x, 
| cache=%08x\n", 

55259| DevExt->Cache.HeaderFile. Direct, 

55260| DevExt->Cache.lndexFile. Direct, 

55261 1 DevExt->Cache.CacheFile. Direct)); 

55262 1 

55263| Debug(DEBUG_DICT,("pd::RetrieveDirectlOMaps: 
| deleting old DirectAccessFile objects: header=%08x, 
| index=%08x, 



I cache=%08x\n",oldHeaderDirect,oldlndexDirect,oldCacheDir 
I eel)); 

55264| delete oldHeaderDirect; 
55265| delete oldlndexDirect; 
55266| delete oldCacheDirect; 
55267| 

55268| return Status; 

55269| } 

55270| 

55271| NTSTATUS PersistentDictionary::StoreClustersOfFiles( 

| PDEVICE_OBJECT Volume ) 
55272| { 

55273| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
55274| WCHAR Buffer[255]={0}; 
55275| ULONG i; 

55276| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55277| 

55278| Debug(DEBUG_DICT,("StoreClustersOfFiles: 

| Volume=%08x\n M ,Volume)); 
55279| Profile( M pd::StoreClustersOfFiles M ); 
55280| 

55281 1 #ifdef DEBUG 

55282| if(lsSnapShotAcquiredForWrite()) { 

55283| Debug(DEBUG_DCPSM,("TdAddDrive: Snapshot 

| acquired for write!!! This will cause a deadlock\n")); 
55284| DbgBreakPoint(); 
55285| } 
55286| #endif 
55287| 

55288| __try { 

55289 1 #define FileCount 3 

55290| tClusterFiles Files[FileCount]={ 

55291| 

| {U'HeaderMap", DevExt->Cache.HeaderFile. FileObject}, 
55292| 

| {L"lndexMap",DevExt->Cache.lndexFile. FileObject}, 
55293| 

| {L"CacheMap M ,DevExt->Cache.CacheFile. FileObject} 
55294| }; 
55295| 
55296| 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 

55297| Buffer[gRegistryPath. Length / 2] = 0; 

55298| wcscat(Buffer,L"\\ M ); 

55299| wcscat(Buffer,DevExt->VolumeGuid); 

55300| 

55301 1 for(i=0;i<FileCount;i++) { 

55302| RETRIEVAL_POINTERS_BUFFER *RP; 



55303| STARTING_VCN_INPUT_BUFFER SVIB; 

55304| ULONG CalcSize=0; 

55305| 

55306| if(!lsValidHandle(Files[i].FileObject)) { 

55307| continue; 

55308| } 

55309| ULONG Count = 1 6; 

55310| FtP=NULL; 
5531 1 | 

55312| do{ 

55313| if(RP){ 

55314| MemFreePool(RP); 

55315| RP = NULL; 

55316| } 

55317| CalcSize = 

| FIELD_OFFSET(RETRIEVAL_POINTERS_BUFFER,Extents)+Count*si 

| zeof(RP->Extents); 

55318| RP = 

| (RETRIEVAL_POINTERS_BUFFER*)MemAllocatePoolWithTag(Paged 

| Pool,CalcSize,TEMPTAG); 

55319| if(RP){ 

55320| RtlZeroMemory(RP,CalcSize); 

55321 1 SVIB.StartingVcn.QuadPart=0; 

55322| Status = FS_GetFileMap( 

55323| Files[i].FileObject, 

55324| &SVIB, 

55325| RP, 

55326| CalcSize); 

55327| Count*=2; 

55328| } else { 

55329 1 Status = 

| STATUS_INSUFFICIENT_RESOURCES; 

55330 1 } 

55331 1 } while(Status == STATUS_BUFFER_OVERFLOW); 
55332 1 

55333| if(Status==STATUS_SUCCESS) { 
55334| 

55335| LARGE_INTEGER Total, Avail; 

55336| ULONG BPS,BPC; 

55337| 

55338| 

| FS_GetVolumelnfo(Files[i].FileObject,BPC,BPS,Total,Avail 

I); 

55339 1 
55340 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Byt 
| esPerCluster",REG_DWORD,&BPC,sizeof(DWORD)); 
55341 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Byt 
| esPerSector",REG_DWORD,&BPS,sizeof(DWORD)); 



55342| 

55343| #ifdef DEBUG 
55344| 

| Debug(DEBUG_DICT,("%S\n",Files[i].KeyName)); 



55345| 


DumpMap(RP); 


55346| #endif 




55347| 


Status = RtlWriteRegistryValue( 


55348| 


RTL_REGISTRY_ABSOLUTE, 


55349| 


Buffer, 


55350| 


Files[i].KeyName, 


55351 | 


REG_BINARY, 


55352 1 


RP, 


55353 1 


CalcSize 


55354| 


); 


55355| 




55356| 


if(!NT_SUCCESS(Status)) { 


55357I 





| Debug(DEBUG_DEVCON,( M pd::StoreClustersOfFiles: Error 

| %08x setting file map in reg\n", Status)); 
55358| } 
55359 1 

55360| MemFreePool(RP); 
55361 1 } else { 

55362 1 

| Debug(DEBUG_DEVCON,( M pd::StoreClustersOfFiles: Error 

| %08x getting file map size\n",Status)); 
55363 1 } 
55364| } 
55365 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55366| Status = GetExceptionCode(); 
55367| Debug(DEBUG_SFILTER,("Exception %08x in 

| StoreClustersOfFiles\n M ,Status)); 
55368| } 

55369| Debug(DEBUG_DICT,("StoreClustersOfFiles: returning 

| %08x\n",Status)); 
55370| return STATUS_SUCCESS; 
55371 1 } 
55372 1 
55373 1 
55374| /* 

55375| Purpose of this function is to remove all snapshots 

| on the internal 
55376| list that did not get freed when the volumes were 

| freed. This can 
55377| happen when virtual volumes have not been mapped in 

| yet, as most 
55378| code following the virtual device tree 
55379 1 
55380 1 7 



55381 1 

55382| NTSTATUS PersistentDictionary::RemoveSnapShotDroppings( 

| PDEVICE_OBJECT Volume ) 
55383 1 { 

55384| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55385| // get system user 
55386| pOT_USER User = 

| FindPSMUser(GlobalSystemProcessld,(_ETHREAD*)-2); 
55387| PLIST_ENTRY ListEntry; 
55388| 

55389| Debug(DEBUG_DICT,("RemoveSnapShotDroppings: Called 

| for volume %08x\n",Volume)); 
55390 1 GetSnapShotForWrite(); 
55391| __try{ 

55392| ListEntry=DevExt->Cache.SnapShotHead.Flink; 
55393| while ( ListEntry!=&DevExt->Cache.SnapShotHead 
l){ 

55394 1 p I ntern alS napS hot 

| s=CONTAINING_RECORD(ListEntry,tlnternalSnapShot,ListEntr 

|y); 

55395| Debug(DEBUG_DICT,( M RemoveSnapShotDroppings: 
| Found internal ss %08x, rc=%d, 

| master=%08x\n",s,s->ReferenceCount,s->SnapShotMaster)); 
55396| 

55397| // go through list of all snapshot entries 

55398 1 pkS napS hot E nt ry 

| p=GetTopSnapShotForMaster(&s->SnapShotMaster->SnapShots) 

I ; 

55399| while ( p ) { 

55400| 

| Debug(DEBUG_DICT,("RemoveSnapShotDroppings: Found ss 

| entry %08x, %08x\n M ,p,p->DeviceObject)); 
55401 1 // and delete ones for this volume 

55402| if (p->DeviceObject==Volume) { 

55403 1 

| Debug(DEBUG_DCPSM,("RemoveSnapShotDroppings: Deleting 
| dropping %08x!\n",p)); 
55404| 

55405| if ( 

| DelDeviceFromList(&User->SnapShots,p)==STATUS_SUCCESS ) 
|{ 

55406| if ( User->NumOpenSnapShots ) { 

55407| 

| lnterlockedDecrement((PLONG) &User->NumOpenSnapShots); 
55408| } else { 

55409| // FIXFIXFIX can this 

| happen? 
55410| 

| Debug(DEBUG_DCPSM,("RemoveSnapShotDroppings: Doesnt 



I have psm active for that volume!\n")); 
55411| #ifdef DEBUG 



55412| DbgBreakPoint(); 
55413| #endif 
55414| } 
55415| }else{ 

5541 6| // This happens when virtual 



| volumes havent been mapped in yet 
55417| 

| Debug(DEBUG_DCPSM,("RemoveSnapShotDroppings: Unable to 

| delete from list!\n M )); 
55418| } 
55419| 

55420| // this deletes the snapshot and 

| removes it from the internal lists 
55421 1 FreeResourcesForVolume(Volume,p); 
55422 1 

55423 1 ASS E RT(p->Cou nt> 1 ) ; 

55424| 

55425| ULONG Deleted = p->Count==1 ; 

55426| pkSnapShotMaster 

| Master=p->MasterSnapShot; 
55427| 

55428 1 // get rid of last reference count 

| so the snapshot is deleted 
55429 1 DoneWithSnapShot(p); 
55430 1 

55431 1 ASSERT(Deleted); 
55432 1 

55433| // if no more references to this 

| snapshot entry then 
55434| // get rid of reference count 

55435| if(Deleted) { 

55436| 

| Debug(DEBUG_DICT,("pd::RemoveSnapShotsForVolume: 

| snapshot entry deleting, decrementing master 

| %08x\n M ,Master->Count)); 
55437| lnterlockedDecrement((PLONG) 

| &Master->Count); 
55438| if(Master->Count==0) { 

55439| FREE_POINTER(Master); 
55440 1 

| ASSERT(GlobalData->NumActive); 
55441 | 

| lnterlockedDecrement((PLONG) &GlobalData->NumActive); 
55442 1 

| lnterlockedDecrement((PLONG) &User->Open); 
55443 1 

| Debug(DEBUG_DICT,("pd::RemoveSnapShotsForVolume: 
| Decremented Num Active to %08x 



I open=%08x\n",GlobalData->NumActive,User->Open)); 
55444| } 
55445| } 
55446| 

55447| // start back at top 

55448| 

| p=GetTopSnapShotForMaster(&s->SnapShotMaster->SnapShots) 

I ; 

55449| } else { 

55450| 

| Debug(DEBUG_DICT,("RemoveSnapShotDroppings: Looking for 
| %08x, but it is %08x\n",Volume,p->DeviceObject)); 
55451 | 

| p=GetNextSnapShotForMaster(&s->SnapShotMaster->SnapShots 

hp); 

55452 1 } 
55453 1 } 
55454| 

55455| ListEntry=ListEntry->Flink; 
55456| } 

55457| } ^finally { 

55458| ReleaseSnapShotForWrite(); 
55459 1 } 

55460| Debug(DEBUG_DICT,("RemoveSnapShotDroppings: 

| Exiting\n M )); 
55461 1 return STATUS_SUCCESS; 
55462 1 } 
55463 1 

55464| NTSTATUS 

| PersistentDictionary: :L)nloadSnapShotsForVolume( 

| PDEVICE_OBJECT Volume, ULONG OpenCloseOwned ) 

55465| { 

55466| NTSTATUS Status=STATUS_SUCCESS; 
55467| #if 1 

55468| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55469 1 

55470| // this is in the context of the calling thread. 

| IE autochk or mount.exe, etc.. 
55471 1 // do not assume GlobalSystemProcessId == 

| PsGetCurrentProcess() 
55472 1 

55473| Debug(DEBUG_DICT,("pd::UnloadSnapShotsForVolume: 

| Volume=%08x, '%S'\n M , Volume, DevExt->Name)); 
55474| 

55475| if(IOpenCloseOwned) { 



55476| // cancel all pending creates 

55477| CancelCreationOfSnapShots(); 
55478| 

55479| if(DevExt->OpenCloseAcquired) { 



55480| // this happens when we are called 

| recursively 

55481 1 // A. OpenClose resource is acquired 

| (because snapshot is being created) 
55482| // B. We think a volume is mounted (on 

| cluster, because we were 
55483 1 // not notified it was removed) 

55484| // C. We call ZwCreateFile to open file 

55485| // D. It initiates a mount when it realizes 

| the volume isnt mounted 
55486| // E. It then calls rebuild 

55487| // F. Which then calls unload so it can 

| reload the snapshots 
55488| // G. Attempt to acquire open close 

| resource again. 
55489 1 

55490 1 // so we dont try and close it 

55491 1 OpenCloseOwned = TRUE; 

55492 1 } else { 
55493 1 if ( 

| AcquireOpenCloseResourceOnly(NULL)!=STATUS_WAIT_0 ) { 
55494| return PSM CANCELED BY USER; 

55495| } 
55496| } 
55497| } 
55498| 

55499 1 _try { 
55500 1 

55501| UpdateGlobalStatus(PSM_UNLOADING_SNAPSHOTS); 
55502| // store the clusters of where the files are so 

| we can do direct disk io 
55503| StoreClustersOfFiles(Volume); 
55504| 

55505| // let the system know that we should not do 
| everything 

55506| Debug(DEBUG_DEVCON,( M UnloadSnapShotsForVolume: 

| directio=%d, Setting to true\n",DevExt->DoDirectlO)); 
55507| DevExt->lnl_oadUnload = TRUE; 
55508| DevExt->DoDirectlO=TRUE; 
55509| 

5551 0| // dismount all virtual volumes 
5551 1 1 GetSnapShotForRead(); 
55512| __try{ 

55513| Rebuild_DismountAIIVolumes(Volume,TRUE); 

55514| }_finally { 

5551 5| ReleaseSnapShotForRead(); 

55516| if(AbnormalTermination()) { 

5551 7| Rebuild_ReenableVolumeMounts(Volume); 

55518| } 

55519| } 



55520| 

55521 1 // remove all the virtual volumes 
55522| Remove VolumesFromSystem(Volume); 
55523 1 

55524| // remove snapshot droppings 

55525| //RemoveSnapShotDroppings(Volume); 

55526| 

55527| // remove snapshots from linked list (if any on 
Mt) 

55528| PLIST_ENTRY ListEntry = 

| DevExt->Cache.SnapShotHead.Flink; 
55529| while(ListEntry!=&DevExt->Cache.SnapShotHead) { 
55530| plnternalSnapShot 

| SnapShot=CONTAINING_RECORD(ListEntry,tlnternalSnapShot,L 

| ist Entry); 

55531 1 RemoveSnapShotFromList(SnapShot); 
55532| FreeSnapShot(&SnapShot); 
55533 1 ListEntry = 

| DevExt->Cache.SnapShotHead.Flink; 
55534| } 
55535| 

55536| // make sure to NOT call SaveHeader or all the 

| snapshots will 
55537 1 // go away 
55538| 

55539| // remove memory and close cache files (if any, 
| as 

55540| // the RemoveVolumesFromSystem above should 
| have 

55541 1 // cleared this out. 
55542 1 TearDownCacheForVo lu me( Vo lu me) ; 
55543| DevExt->Cache.ReferenceCount = 0; 
55544 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55545| Status = GetExceptionCode(); 
55546| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::UnloadSnapShotsForVolume\n", Status)); 
55547| } 

55548| DevExt->lnLoadUnload = FALSE; 

55549| UpdateGlobalStatus(PSMJDLE); 

55550 1 if(!OpenCloseOwned) { 

55551 1 ReleaseOpenCloseResource(); 

55552 1 } 

55553 1 

55554| Debug(DEBUG_DICT,("pd::UnloadSnapShotsForVolume 

| returning %08x\n",Status)); 
55555| #endif 
55556 1 return Status; 
55557| } 
55558| 



55559| NTSTATUS 

| PersistentDictionary::MiniUnloadSnapShotsForVolume( 
| PDEVICE_OBJECT Volume, ULONG OpenCloseOwned ) 

55560| { 

55561 1 NTSTATUS Status=STATUS_SUCCESS; 
55562 1 #if 1 

55563| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
55564| 

55565| // this is in the context of the calling thread. 

| IE autochk or mount.exe, etc.. 
55566| // do not assume GlobalSystemProcessId == 

| PsGetCurrentProcess() 
55567| 
55568| 

| Debug(DEBUG_DICT,("pd::MiniUnloadSnapShotsForVolume: 
| Volume=%08x, '%S'\n",Volume,DevExt->Name)); 
55569 1 

55570| DevExt->Dismounting = TRUE; 
55571 | 

55572 1 if(!OpenCloseOwned) { 
55573| // cancel all pending creates 
55574| CancelCreationOfSnapShots(); 
55575| 

55576| if ( 

| AcquireOpenCloseResourceOnly(NULL)!=STATUS_WAIT_0 ) { 
55577| DevExt->Dismounting = FALSE; 

55578| return PSM_CANCELED_BY_USER; 

55579 1 } 
55580 1 } 
55581 | 

55582 1 __try { 

55583| UpdateGlobalStatus(PSM_UNMAPPING_SNAPSHOTS); 
55584| 

55585| // store the clusters of where the files are so 

| we can do direct disk io 
55586| StoreClustersOfFiles(Volume); 
55587| 

55588| // let the system know that we should not do 

| everything 
55589 1 

| Debug(DEBUG_DEVCON,("MiniUnloadSnapShotsForVolume: 
| directio=%d, Setting to true\n",DevExt->DoDirectlO)); 

55590| DevExt->lnl_oadUnload = TRUE; 

55591| 

55592| // dismount all virtual volumes 
55593| GetSnapShotForRead(); 
55594| __try { 

55595| Rebuild_DismountAIIVolumes(Volume,TRUE); 
55596| } finally { 



55597| ReleaseSnapShotForRead(); 

55598| if(AbnormalTermination()) { 

55599| Rebuild_ReenableVolumeMounts(Volume); 

55600| } 

55601| } 

55602| DeleteVirtualVolumesFromSystem(Volume); 
55603| 

55604| DevExt->DoDirectlO=TRUE; 

55605| 

55606| 

| DeleteFileObjectToSkip(DevExt->Cache.HeaderFile.FileObje 
let); 
55607| 

| DeleteFileObjectToSkip(DevExt->Cache.lndexFile.FileObjec 
It); 
55608| 

| DeleteFileObjectToSkip(DevExt->Cache.CacheFile.FileObjec 
It); 

55609| CloseFilesForVolume(Volume); 
55610| 

5561 1 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55612| Status = GetExceptionCode(); 
55613| Debug(DEBUG_DICT,("Exception %08x in 

| pd::MiniUnloadSnapShotsForVolume\n", Status)); 
55614| } 

55615| DevExt->Dismounting = FALSE; 

55616| DevExt->lnLoadUnload = FALSE; 

55617| UpdateGlobalStatus(PSMJDLE); 

55618| if(!OpenCloseOwned) { 

55619| ReleaseOpenCloseResource(); 

55620| } 

55621| 

55622| Debug(DEBUG_DICT,("pd::MiniUnloadSnapShotsForVolume 

| returning %08x\n M ,Status)); 
55623| #endif 
55624| return Status; 
55625| } 
55626| 
55627| 

55628| // 

| 

55629| // class VirtualWritesNodeFinder allows us to do a 

| recursive traversal of 
55630| // a virtual writes tree to find a batch of keys to be 

| deleted. 

55631 1 // Why a class for this? Because it greatly reduces 

| stack space when we do 
55632| // recursion, since we can pass a lot fewer parameters 

| in the recursive part. 



55633| //- 



55634| class VirtualWritesNodeFinder 
55635| { 
55636| public: 

55637| VirtualWritesNodeFinder ( tTreeLeaf *_NilNode, 

| ULONG _SequenceNumber, keyType *_DeleteTable, ULONG 
| _TableSize ): 

55638| NilNode(_NilNode), 

55639| SequenceNumber(_SequenceNumber), 

55640| DeleteTable(_DeleteTable), 

55641| NumlnTable(O), 

55642| TableSize(_TableSize) 

55643| {} 

55644| 

55645| #ifdef DEBUG 

55646| // The following constructor is used only for doing 
| debug dump 

55647| VirtualWritesNodeFinder ( tTreeLeaf *_NMNode ): 

55648| NilNode(_NilNode), 

55649| SequenceNumber(O), 

55650 1 DeleteTable( N U LL) , 

55651| NumlnTable(O), 

55652| TableSize(O) 

55653| {} 

55654| #endif /*DEBUG7 

55655| 

55656| ULONG FindBatch ( tTreeLeaf *HeadNode ); // 

| returns the number of nodes found (will be 

| O.TableSize) 
55657| 

55658| #ifdef DEBUG 

55659| void DebugDump ( tTreeLeaf *Node, ULONG Depth ); 
55660| #endif TDEBUG7 
55661 | 

55662 1 protected: 

55663 1 boo I FindVirtualWriteNodesTo Delete ( tTreeLeaf 
| *NodelnTree, ULONG Recursion Depth ); 



55664| 






55665 1 private: 




55666| 


tTreeLeaf 


*NilNode; 


55667| 


ULONG 


SequenceNumber; 


55668| 


keyType 


*DeleteTable; 


55669 1 


ULONG 


NumlnTable; 


55670 1 


ULONG 


TableSize; 


55671| }; 






55672| 






55673| 






55674| //- 







I 



55675| #ifdef DEBUG 

55676| void VirtualWritesNodeFinder::DebugDump ( tTreeLeaf 

| *node, ULONG depth ) 
55677| { 

55678| if ( depth < 32 ) { 

55679| if ( node != NilNode ) { 

55680| Debug Dump (node->Left, 1+depth); 

55681 1 Debug(DEBUG_DICT,("VWT Dump: Depth=%2x 

| Key=%016l64x Pos=%08x\n",depth,node->Key,node->Pos)); 
55682| Debug Dump (node->Right, 1+depth); 

55683| } 
55684| } else { 
55685| ASSERT(FALSE); 
55686| } 
55687| } 

55688| #endif /"DEBUG*/ 

55689 1 // 

| 

55690 1 

55691| ULONG VirtualWritesNodeFinder::FindBatch (tTreeLeaf 

| *HeadNode ) 
55692| { 

55693| NumlnTable = 0; 
55694| 

55695| if ( DeleteTable!=NULL && TableSize>0 ) { 

55696| if ( HeadNode != NilNode ) { 

55697| FindVirtualWriteNodesToDelete ( HeadNode, 0 

I); 

55698| } 
55699| } else { 

55700| ASSERT(DeleteTable!=NULL); 
55701 1 ASSERT(TableSize>0); 
55702 1 } 
55703 1 

55704| return NumlnTable; 

55705| } 

55706| 

55707| // 

I 

55708| 
55709 1 bOOl 

| VirtualWritesNodeFinder::FindVirtualWriteNodesToDelete 
l( 

55710| tTreeLeaf *NodelnTree, 
55711| ULONG RecursionDepth ) 
55712| { 

5571 3 1 boo I BailOut = false; 

55714| ASSERT ( NodelnTree != NilNode ); 

55715| 

5571 6| if ( RecursionDepth < 32 ) { 



5571 7| LARGEJNTEGER Key; 

55718| Key.QuadPart = NodelnTree->Key; 

55719| if ( Key.SnapShotPart == SequenceNumber ) { 

55720| ASSERT(NumlnTable < TableSize); 

55721 1 DeleteTable[NumlnTable++] = Key.QuadPart; 

55722| if ( NumlnTable >= TableSize ) { 

55723| BailOut = true; 

55724| } 

55725| } 

55726| 

55727| if ( IBailOut ) { 

55728| if ( NodelnTree->Left != NilNode ) { 

55729| BailOut = FindVirtualWriteNodesTo Delete 

| (NodelnTree->Left, 1+RecursionDepth); 
55730 1 } 
55731| 

55732| if ( BailOut ) { 

55733| if ( NodelnTree->Right != NilNode ) { 

55734| BailOut = 

| FindVirtualWriteNodesToDelete (NodelnTree->Right, 

| 1+RecursionDepth); 
55735| } 
55736| } 
55737| } 
55738| } else { 

55739| ASS E RT( FALSE) ; // we have gone deeper in 

| recursion than makes any sense for our rbtrees! 
55740 1 BailOut = true; 
55741 1 } 
55742 1 

55743| return BailOut; 

55744| } 

55745| 

55746| // 



55748| NTSTATUS 

| PersistentDictionary::RemoveVirtualWritesFromTree ( 

| ULONG ShouldEraselndexSectors ) 
55749 1 { 

55750| NTSTATUS status = STATUS_SUCCESS; 

55751 1 ULONG SequenceNumber = GetSequenceNumber(); 

55752 1 

55753| Debug(DEBUG_DICT,("pd::RemoveVirtualWritesFromTree: 

| Sequence=%08x, DevExt=%08x, Tree=%08x, 

| TreeResource=%08x\n", SequenceNumber, DevExt,&Shared->Virt 

| ualWritesTree,&Shared->TreeResource)); 
55754| #ifdef DEBUG 

55755| //Debug(DEBUG_DICT,("Virtual Writes Tree before 
| removing nodes 



I \n" )); 

55756| //DumpVirtualWriteTree(); 
55757| #endif TDEBUG7 
55758| 

55759| _try { 

55760| const ULONG BATCH_SIZE = 128; // how many 

| nodes to process in one gulp 
55761 1 key Type *DeleteTable = (keyType 

| *)MemAllocatePoolWithTag(PagedPool,sizeof(keyType)*BATCH 

| _SIZE,TEMPTAG); 
55762| if ( DeleteTable ) { 
55763| ULONG NumlnTable = 0; 

55764| do { 

55765| MyAcquireResourceSharedLite 

| (&(Shared->TreeResource), TRUE); 
55766| _try { 

55767| VirtualWritesNodeFinder NodeFinder 

I ( 
55768| 

| Shared-> Vi rtu al WritesTree . Tai I Leaf, 
55769| SequenceNumber, 
55770 1 DeleteTable, 
55771 1 BATCH_SIZE ); 

55772 1 

55773| NumlnTable = NodeFinder.FindBatch 

| (Shared->VirtualWritesTree.HeadLeaf); 
55774| } ^finally { 

55775| MyReleaseResourceForThreadLite 

| (&(Shared->TreeResource)); 
55776| } 
55777| 

55778| MyAcquireResourceExclusiveLite 

| (&(Shared->TreeResource), TRUE); 
55779 1 _try { 

55780| for ( ULONG i=0; kNumlnTable; ++i 

l){ 

55781 1 tTreeLeaf *KillNode = 

| rbtree_Delete (&(Shared->VirtualWritesTree), 

| DeleteTablefi]); 
55782 1 if ( KillNode ) { 

55783 1 

| Debug(DEBUG_DICT,("RemoveVirtualWritesFromTree: 

| Deleting key=%016l64x\n",DeleteTable[i])); 
55784| if ( 

| ShouldEraselndexSectors ) { 
55785| NTSTATUS eraseStatus = 

| Eraselndexlnfo (DevExt, KillNode->Pos); 
55786| 

| ASSERT(NT_SUCCESS(eraseStatus)); 
55787| } 



55788| FreeNodeAndBits(KillNode); 

55789| } else { 

55790| 

| Debug(DEBUG_DICT,("RemoveVirtualWritesFromTree: Key 
| %016l64x is missing from tree!\n",DeleteTable[i])); 

55791| ASSERT(FALSE); 

55792| } 

55793| } 

55794| } ^finally { 

55795| MyReleaseResourceForThreadLite 

| (&(Shared->TreeResource)); 
55796| } 

55797| } while ( NumlnTable > 0 ); 

55798| MemFreePool (DeleteTable); 

55799| DeleteTable = NULL; 

55800| } else { 

55801 1 status = STATUS_INSUFFICIENT_RESOURCES; 

55802| ASSERT(FALSE); 
55803 1 } 
55804 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55805| status = GetExceptionCode(); 
55806| Debug(DEBUG_DICT,("!!! 

| RemoveVirtualWritesFromTree: exception 

| %08x\n",status)); 
55807| } 
55808| 

55809| #ifdef DEBUG 

5581 0| //Debug(DEBUG_DICT,("Virtual Writes Tree after 
| removing nodes 

I \ n .. )); 

55811| //DumpVirtualWriteTreeO; 
55812| #endif /"DEBUG*/ 
55813| 

55814| Debug(DEBUG_DICT,("pd::RemoveVirtualWritesFromTree 

| returning %08x\n",status)); 
55815| return status; 
55816| } 
55817| 

55818| // 

| 

55819| 

55820| #ifdef DEBUG 

55821| void PersistentDictionary::DumpVirtualWriteTree() 
55822| { 
55823| _try { 

55824| MyAcquireResourceSharedLite 

| (&(Shared->TreeResource), TRUE); 
55825| _try { 

55826| VirtualWritesNodeFinder dumper 



I (Shared->VirtualWritesTree.TailLeaf); 
55827| dumper. DebugDump 

| (Shared->VirtualWritesTree.HeadLeaf, 0); 
55828| } ^finally { 

55829| MyReleaseResourceForThreadLite 

| (&(Shared->TreeResource)); 
55830| } 
55831 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55832| NTSTATUS status = GetExceptionCode(); 
55833| Debug(DEBUG_DICT,("!!! 

| pd::DumpVirtualWriteTree: exception %08x\n M ,status)); 
55834| } 
55835| } 

55836| #endif r DEBUG*/ 
55837| 

55838| // 

| 

55839| 

55840| bool GenericTreeSearcher::visitEveryNode() 
55841 1 { 

55842| bool searchCompleted = true; 
55843 1 

55844| if ( tree.HeadLeaf != tree.TailLeaf ) { 
55845| searchCompleted = recursiveTraversal 

| (tree.HeadLeaf, 0); 
55846| } 
55847| 

55848| return searchCompleted; 

55849 1 } 

55850| 

55851 1 // 



55852 1 

55853| bool GenericTreeSearcher::recursiveTraversal ( 

| tTreeLeaf *node, int depth ) 
55854| { 

55855| ASSERT ( depth < 32 ); 
55856| 

55857| bool continueSearch = true; 
55858| 

55859| if ( node->Left != tree.TailLeaf ) { 
55860| continueSearch = recursiveTraversal ( 

| node->Left, 1+depth ); 
55861 1 } 
55862 1 

55863 1 if ( continueSearch ) { 

55864| continueSearch = nodeCallback (node, depth); 
55865| 

55866| if ( continueSearch ) { 



55867| if ( node->Right != tree.TailLeaf ) { 

55868| continueSearch = recursiveTraversal ( 

| node->Right, 1+depth ); 
55869 1 } 
55870 1 } 
55871 1 } 
55872 1 

55873 1 return continueSearch; 

55874| } 

55875| 

55876| // 



55878| class TreeSearcher_MakeVirtualWritesPersistent: public 

| GenericTreeSearcher 
55879 1 { 
55880| public: 

55881 1 TreeSearcher_MakeVirtualWritesPersistent ( 

55882| tTree &_tree, 

55883| PersistentDictionary &_dictionary, 

55884| PFILTERED_EXTENSION _devExt, 

55885| ULONG _sequenceNumber ): 

55886| GenericTreeSearcher(_tree), 

55887| dictionary(_dictionary), 

55888| devExt(_devExt), 

55889| sequenceNumber(_sequenceNumber), 

55890| status(STATUS_SUCCESS) 

55891| {} 

55892| 

55893| virtual bool nodeCallback ( tTreeLeaf *node, int 

I depth ); 
55894| 

55895| NTSTATUS getStatus() const { return status; } 
55896| 

55897| private: 

55898| PersistentDictionary &dictionary; 
55899| PFILTEREDEXTENSION devExt; 
55900| ULONG sequenceNumber; 
55901| NTSTATUS status; 
55902| }; 
55903| 
55904| 
55905| bool 

| TreeSearcher_MakeVirtualWritesPersistent::nodeCallback 
l( 

55906| tTreeLeaf *node, 
55907| int depth ) 
55908| { 

55909| LARGEJNTEGER key; 
5591 0| key.QuadPart = node->Key; 



5591 1 1 if ( key.SnapShotPart == sequenceNumber ) { 

55912| status = dictionary.SavelndexInfo ( 

55913| devExt, 

5591 4| key .GranulePart, 

5591 5| sequenceNumber, 

55916| node->Pos, 

55917| CHECKSUM_IGNORE_DWORD, 
55918| PSM_I N D EX_FLAG_VI RTU AL_WRITE ); 

55919| } 

55920| return NT_SUCCESS(status) ? true : false; 

55921| } 

55922| 

55923| 

55924| // 

| 

55925| 

55926| NTSTATUS 

| PersistentDictionary: :MakeVirtualWritesPersistent() 
55927| { 

55928| NTSTATUS status = STATUS_SUCCESS; 
55929| __try { 

55930| Profile( M pd::MakeVirtualWritesPersistent M ); 
55931 1 MyAcquireResourceSharedLite 

| (&(Shared->Tree Resource), TRUE); 
55932 1 __try { 

55933| TreeSearcher_MakeVirtualWritesPersistent 
| saver ( 

55934| Shared->VirtualWritesTree, 

55935| *this, 

55936| DevExt, 

55937| GetSequenceNumber() ); 

55938| 

55939| saver.visitEveryNode(); 
55940| status = saver.getStatus(); 
55941| } ^finally { 

55942| MyReleaseResourceForThreadLite 

| (&(Shared->TreeResource)); 
55943| } 
55944| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
55945| status = GetExceptionCode(); 
55946| Debug(DEBUG_DICT,("M! 

| pd::MakeVirtualWritesPersistent: exception 

| %08x\n",status)); 
55947| } 
55948| 

55949| return status; 
55950| } 
55951 | 
55952 1 // 



I- 

55953 
55954 
55955 
55956 
55957 
55958 
55959 
55960 



3 /oS\n", (flag ?"TRU E" :"F ALSE"))) ; 



55961 
55962 
55963 
55964 

I- 
55965 
55966 
55967 
55968 
55969 
55970 
55971 
55972 



(flag?"TRUE":"FALSE"))); 



55973 
55974 
55975 
55976 

I- 
55977 
55978 
55979 
55980 
55981 
55982 
55983 
55984 

I- 
55985 
55986 
55987 
55988 
55989 
55990 
55991 
55992 



55993 
55994 



ULONG PersistentDictionary::QueryResetPsm() 
{ 

ULONG flag = FALSE; 
if ( !ResetPsm_Disabled ) { 
flag = ResetPsm; 

} 

Debug(DEBUG_DICT,("pd::QueryResetPsm returning 



return flag; 

} 

// 



ULONG PersistentDictionary::QueryNoPsm() 
{ 

ULONG flag = FALSE; 
if ( !NoPsm_Disabled ) { 
flag = NoPsm; 

} 

Debug(DEBUG_DICT,("pd::QueryNoPsm returning %s\n", 



return flag; 

} 



II- 



void PersistentDictionary::DisableResetPsm() 
{ 

ResetPsm_Disabled = TRUE; 
Debug(DEBUG_DICT,("pd::DisableResetPsm()\n")); 

} 

// 



void PersistentDictionary::DisableNoPsm() 
{ 

NoPsm_Disabled = TRUE; 
Debug(DEBUG_DICT,("pd::DisableNoPsm()\n")); 

} 



II- 



PRTL_BITMAP PersistentDictionary::GetVolumeCachingMap( 



| ULONG Map ) 



55995| { 



55996| switch(Map) { 

55997| case 0 :return Shared->Map; 

55998| case 1 : return Shared->MaplnTransform; 

55999| default: 

56000| ASSERT(FALSE); 

56001 | } 

56002 1 return NULL; 



56003 1 } 
56004| 

56005| #if DO_ALL_BITMAPS 

56006| void DumpCachingMap( PRTL_BITMAP *BitMap ) 
56007| { 

56008| if (*BitMap!=NULL) { 
56009| for (ULONG i=0; 

| i*4<((*BitMap)->SizeOfBitMap+7)/8;i+=0x8 ) { 
56010| if ( (i==0) || 

5601 1 1 ( (*BitMap)->Buffer[i+0] != 

| (*BitMap)->Buffer[i-8+0] ) || 
56012| ( (*BitMap)->Buffer[i+1] != 

| (*BitMap)->Buffer[i-8+1] ) || 
56013| ( (*BitMap)->Buffer[i+2] != 

| (*BitMap)->Buffer[i-8+2] ) || 
56014| ( (*BitMap)->Buffer[i+3] != 

| (*BitMap)->Buffer[i-8+3] ) || 
56015| ( (*BitMap)->Buffer[i+4] != 

| (*BitMap)->Buffer[i-8+4] ) || 
56016| ( (*BitMap)->Buffer[i+5] != 

| (*BitMap)->Buffer[i-8+5] ) || 
56017| ( (*BitMap)->Buffer[i+6] != 

| (*BitMap)->Buffer[i-8+6] ) || 
56018| ( (*BitMap)->Buffer[i+7] != 

| (*BitMap)->Buffer[i-8+7] ) ) { 
56019| 

56020| Debug(DEBUG_DEVSUP,(" Granule %08x: 

| %08x %08x %08x %08x - %08x %08x %08x %08x\n" 
56021 1 ,i*0x20 
56022| ,(*BitMap)->Buffer[i+0x0] 
56023 1 

| ,(i+1)*4<((* BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x1] : 0x0dd1b1d5 
56024| 

| ,(i+2)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x2] : 0x0dd1b1d5 
56025| 

| ,(i+3)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x3] : 0x0dd1b1d5 
56026| 

| ,(i+4)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x4] : 0x0dd1b1d5 



56027| 

| ,(i+5)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x5] : 0x0dd1b1d5 
56028| 

| ,(i+6)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 
| (*BitMap)->Buffer[i+0x6] : 0x0dd1b1d5 
56029 1 

| ,(i+7)*4<((*BitMap)->SizeOfBitMap+7)/8 ? 

| (*BitMap)->Buffer[i+0x7] : 0x0dd1b1d5 
56030| )); 
56031 | } 
56032 | } 
56033 1 } 
56034| } 
56035| #endif 
56036| 

56037| void PersistentDictionary::SetVolumeCachingMap( ULONG 

| Map , PRTL_BITMAP BitMap ) 
56038| { 

56039| switch(Map) { 
56040 1 

56041 | case 0 : 
56042 1 

56043| #if DO_ALL_BITMAPS 

56044| Debug(DEBUG_DEVSUP,(" Replacing active 

| Granule Map at 0x%08x . . An", Shared->Map )); 
56045| DumpCachingMap( &Shared->Map ); 

56046| #endif 

56047| Shared->Map = BitMap; 

56048| #if DO_ALL_BITMAPS 

56049| Debug(DEBUG_DEVSUP,(" . . . with this fresh 

| Granule Map at 0x%08x . . An", Shared->Map )); 
56050| DumpCachingMap( &Shared->Map ); 

56051 1 #endif 
56052 1 break; 
56053 1 

56054| case 1 : 
56055| 

56056| #if DO_ALL_BITMAPS 

56057| Debug(DEBUG_DEVSUP,(" Replacing Granule Map 

| in transform at 0x%08x . . An", Shared->MaplnTransform 

I)); 

56058| DumpCachingMap( &Shared->MaplnTransform ); 

56059| #endif 

56060| Shared->MaplnTransform = BitMap; 

56061 1 #if DO_ALL_BITMAPS 

56062| Debug(DEBUG_DEVSUP,(" . . . with this fresh 

| Granule Map in transform at 0x%08x . . An", 

| Shared->MaplnTransform )); 
56063| DumpCachingMap( &Shared->MaplnTransform ); 



56064 
56065 
56066 
56067 
56068 
56069 
56070 
56071 
56072 
56073 
56074 
56075 
56076 
56077 
56078 
56079 
56080 
56081 
56082 
56083 
56084 
56085 
56086 
56087 
56088 
56089 
56090 
56091 

I- 
56092 
56093 
56094 
56095 
56096 
56097 
56098 
56099 
56100 
56101 
56102 
56103 
56104 
56105 
56106 
56107 
56108 
56109 
56110 
56111 
56112 



#endif 

break; 
default: 

ASSERT(FALSE); 

} 

return; 

} 

ULONG PersistentDictionary::GetVolumeClusterSize(void) 
{ 

return Shared->ClusterSize; 

} 



/*— end of file perdict.cpp —7 

File Listing: perdict_rebuild.cpp 
#include "precomp.h" 

#define ENABLE INDEX LOAD WHEEL 1 
#define INVALID_HANDLE_VALUE ((HANDLE)(-1)) 
#define INVALID_BIT_INDEX ((ULONG)(-1)) 



II- 



DECLARE_STOPWATCH(Part2); 

DECLARE_STOPWATCH(Part2_AddingStage1); 

DECLARE_STOPWATCH(Part2_AddDrive); 

D E C L A R E STO P W ATC H ( Part2_C red it) ; 

DECLARE_STOPWATCH(Part2_AddingStage2); 

D EC LAR E_STO P WATCH ( Part2_D is mo u nt Al I) ; 

DECLARE_STOPWATCH(Part2_MountAII); 

DECLARE_STOPWATCH(Part2_RecreateJunctions); 

DECLARE_STOPWATCH(Rebuild_Total); 

DECLARE_STOPWATCH(Rebuild_ReadFromFile); 

DECLARE_STOPWATCH(Rebuild_AllocNode); 

DECLARE_STOPWATCH(Rebuild_FindDict); 

D EC LA R E_STO P WATCH ( Rebu i ld_Addi ng) ; 

DECLARE_STOPWATCH(Rebuild_SettingBits); 

DECLARE_STOPWATCH(Rebuild_AcquireExclusive); 

D EC LA R E_STO P WATCH ( Rebu i Id I nsertToTree) ; 

DECLARE_STOPWATCH(Rebuild_FreeNode); 
DECLARE_STOPWATCH(Rebuild_FreeDeadNodes); 
D EC LAR E_STO P WATCH ( Rebu i ld_RevertC heck) ; 



56113| #if DEBUG_VALIDATE_DIFF_GRANULES 

56114| DECLARE_STOPWATCH(Rebuild_ValidateDiffGranules); 

56115| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 

56116| 

56117| // 



56118| 

561 19| STATIC void LogCorruptlndexSector ( 

56120| ULONG sectorNumber, 

561 21 1 NTSTATUS status ) 
56122| { 

56123| ULONG dumpData[] = { status, sectorNumber}; 

56124| WCHAR sectorNumberString[32]; 

56125| WCHAR *stringArray[] = { sectorNumberString}; 



56126| Jtow ( sectorNumber, sectorNumberString, 10, 

| sizeof(sectorNumberString)-1 ); 

56127| Log Error ( 

56128| (PDEVICE_OBJECT)PSManDriverObject, 

56129| NULL, 

56130| PSM_CORRUPT_INDEX, 

56131| status, 

56132| dumpData, 

561 33| sizeof(dumpData), 

56134| stringArray, 

561 35| sizeof(stringArray) / 



| sizeof(stringArray[0])); 
56136| 

56137| Debug ( D E BU G_D I CT, (" Recovery detected corrupt index 

| sector %l64u\n",(ULONGLONG)sectorNumber)); 
56138| } 
56139| 

56140| // 



56141| 

56142| STATIC void LogTreelnsertionError ( 
56143| pTreeLeaf node, 
56144| int insertResult ) 
56145| { 

56146| ULONG dumpData[] = { node->Pos}; 

561 47| WCHAR insertResultString[32]; 

56148| WCHAR keyLowString[32]; 

56149| WCHAR keyHighString[32]; 

56150| WCHAR *stringArray[] = { insertResultString, 

| keyLowString, keyHighString}; 
56151| Jtow ( insertResult, insertResultString, 10, 

| sizeof(insertResultString)-1 ); 
561 52 1 Jtow ( (ULONG)(node->Key), keyLowString, 1 6, 

| sizeof(keyLowString)-1 ); 
56153| Jtow ( (ULONG)(node->Key » 32), keyHighString, 

| 16, sizeof(keyHighString)-1 ); 



56154| Log Error ( 



56155| (PDEVICE_OBJECT)PSManDriverObject, 

56156| NULL, 

56157| PSM_TREE_INSERT_ERROR, 

56158| 0, 

56159| dumpData, 

561 60| sizeof(dumpData), 

56161| stringArray, 

561 62 1 sizeof(stringArray) / 



| sizeof(stringArray[0])); 
56163| 

561 64 1 Debug(DEBUG_DICT, ("Recovery could not insert 
| key=0x%016l64x pos=%u into rbtree (error=%08x).\n", 

56165| node->Key, node->Pos, 

| insertResult)); 

56166| } 

56167| 

56168| // 



56169| 

56170| STATIC void LogSnapshotEntryNotFound ( 

561 71 1 pkSnapShotMaster m, 

56172| PDEVICE_OBJECT VolObj, 

561 73 1 ULONG sectorN umber ) 

56174| { 

561 75| ULONG dumpData[] = { (ULONG)m, (ULONG)VolObj}; 

56176| Log Error ( 



561 77| (PDEVICE_OBJECT)PSManDriverObject, 

56178| NULL, 

561 79 1 PSM_SNAPSHOT_ENTRY_NOT_FOUND, 

56180| 0, 

56181| dumpData, 

561 82 1 sizeof(dumpData), 

56183| NULL, 

56184| 0); 

56185| 



56186| Debug(DEBUG_DICT, ("Error getting snapshot entry for 

| master %08x, volume %08x\n",m,VolObj)); 
56187| } 
56188| 

56189| // 

56190| // Given a snapshot set (master) and volume object, 

| will return back a snapshot (entry) for that volume. 
56191 1 // One will be created if it does not exist 
56192| 

56193| struct skSnapShotEntry 

| *PersistentDictionary::GetSnapShotForMaster ( 
561 94| skSnapShotMaster *MasterSnapShot, 
56195| PDEVICE_OBJECT VolumeObject, 



56196| plnternalSnapShot Snapshot) 
56197| { 

56198| NTSTATUS Status=STATUS_SUCCESS; 

56199| pkSnapShotEntry p=NULL; 

56200| PFILTERED_EXTENSION VolExt=NULL; 

56201| 

56202| // if volume object is known, scan to see if we 

| already have a snapshot for it 

56203| if ( VolumeObject ) { 

56204| VolExt = GetFilteredExtension (VolumeObject); 
56205| 

56206| GetSnapShotForRead(); 

56207| __try { 

56208| 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 

56209| while ( p ) { 

5621 0| if ( p->DeviceObject==VolumeObject ) { 

5621 1 1 DoneWithSnapShot(p); 

56212| break; 

56213| } 

56214| 

| p=GetNextSnapShotForMaster(&MasterSnapShot->SnapShots,p) 

I ; 

56215| } 

56216| } ^finally { 

5621 7| ReleaseSnapShotForRead(); 
56218| } 
56219| } 
56220| 

56221 1 // no snapshot for this volume, so lets create one 

56222| if ( !p ) { 

56223 1 #if DO_ALL_S E ARC H 

56224| Debug(DEBUG_DICT,( 

56225| M pd::GetSnapShotForMaster: 

| Creating new snapshot for VolumeObject=%08x, 

| lnternalSnapShot=%08x\n", 
56226| VolumeObject, 
56227| Snapshot)); 
56228| #endif /*DO_ALL_SEARCH7 
56229 | 

56230 1 // find system process 
56231 1 pOTJJSER User = 

| FindPSMUser(GlobalSystemProcessld,(_ETHREAD*)-2); 
56232| ASSERT(User); 
56233 | 

56234| // need to make one 

56235| p = (tkSnapShotEntry *) MemAllocatePoolWithTag( 
| NonPagedPool, 

| sizeof(tkSnapShotEntry),PSM_SNAPSHOT_ENTRY); 
56236| if ( p ) { 



56237| 


RtlZeroMemory ( p, sizeof(tkSnapShotEntry) 


1); 

56238| 


p->DeviceObject = VolumeObject; 


56239| 


p->MasterSnapShot = MasterSnapShot; 


56240| 


p->Deleted = FALSE; 


56241 | 


p->Count=0; 


56242 1 


p->PSMSectors = NULL; 


56243 | 




56244| 


// Must be persistent snapshot. Otherwise, 



| why is it in rebuild? 
56245| 

| ASSERT(PSM_SS_lsPersistent(SnapShot->Permanent.SnapShotF 
I lags)); 

56246| ASSERT(!(SnapShot->Permanent.SnapShotFlags 

| & PSM_SS_BIT_SAVE_TEMP_ON_EXIT)); 
56247| Status = Dictionary::Open 

| (DICT_FLAG_PERSISTENT, p->Dictionary); 
56248| if ( NT_SUCCESS(Status) ) { 

56249| PDEVICE_OBJECT Virtual = 0; 

56250 1 

56251 1 ULONG CurrentSequenceNumber = 

| SnapShot->Permanent.SequenceNumber; 
56252| #if DO_ALL_SEARCH 

56253 1 

| Debug(DEBUG_DICT,( n pd::GetSnapShotForMaster: 
| snapshot=%08x, 

| sequence=%08x\n",p,CurrentSequenceNumber)); 
56254| #endif /* DO_AL L_S E ARC H */ 

56255| 
56256| 

| ((pPersistentDictionary)p->Dictionary)->SetVolumelnterna 
IK 

56257| VolumeObject, 

56258| Snapshot, 

56259| CurrentSequenceNumber ); 

56260 1 

56261 1 lnterlockedlncrement((PLONG) 

| &MasterSnapShot->Count); 
56262 1 

56263 1 if ( VolumeObject ) { 

56264| VolExt->SignalWrite = 0; 

56265| lnterlockedlncrement((PLONG) 

| &VolExt->PSMed); 
56266| lnterlockedlncrement((PLONG) 

| &VolExt->OpenCount); 
56267| 

56268| GetSnapShotForRead(); 

56269 1 __try { 

56270 1 pkS napS hot E ntry 

| q=GetTopSnapShot(&VolExt->SnapShots); 



56271 1 while ( q ) { 

56272 1 if ( 

| ((pPersistentDictionary)(q->Dictionary))->GetSequenceNum 

I ber() > 
56273 1 

| ((pPersistentDictionary)(p->Dictionary))->GetSequenceNum 

I ber() ) { 
56274| 
56275| 

56276| #define lnsertPrecedinglnList(Entry,New) {\ 
56277| (New)->Flink = (Entry);\ 
56278| (New)->Blink = (Entry)->Blink;\ 
56279| (Entry)->Blink->Flink = (New);\ 
56280| (Entry)->Blink = (New);\ 
56281 | } 
56282 1 
56283| 

| lnsertPrecedinglnList(&q->DevExt,&p->DevExt); 
56284| DoneWithSnapShot(q); 
56285| break; 
56286| } 
56287| 

| q=GetNextSnapShot(&VolExt->SnapShots,q); 
56288| } 
56289| 

56290| if ( q==NULL ) { 

56291 1 //we're the first but 

| insert-pre works cos the list is circular!! 
56292 1 

| lnsertPrecedinglnList(&VolExt->SnapShots,&p->DevExt); 
56293 1 } 
56294| 

56295| } ^finally { 

56296| ReleaseSnapShotForRead(); 

56297| } 

56298| 

56299| // Insert ...here... 

56300 1 // 

| lnsertHeadList(&VolExt->SnapShots,&p->DevExt); 
56301 | 
56302 1 

56303 1 } 

56304| 

56305| 

| lnsertHeadList(&MasterSnapShot->SnapShots,&p->Master); 
56306| 

| lnsertHeadl_ist(&User->SnapShots,&p->User); 
56307| lnterlockedlncrement((PLONG) 

| &User->NumOpenSnapShots); 
56308| } else { 



56309| Debug(DEBUG_DICT, ("Error %08x creating 

| dictionary\n M , Status)); 
56310| } 
56311| }else{ 

56312| Debug(DEBUG_DICT,("Out of memory getting 

| snapshot for master\n")); 
56313| } 
56314| } 
56315| 

56316| return p; 
56317| } 
56318| 

56319| // 

56320| 

56321 1 pkSnapShotMaster 

| PersistentDictionary::FindMasterSnapShotOnOtherVolume ( 
56322| plnternalSnapShot Snapshot ) 
56323 1 { 

56324| pkSnapShotMaster master = 0; 
56325| ULONG NumDictionarieslnList = 0; 
56326| 

56327| #if DO_ALL_SEARCH 
56328| 

| Debug(DEBUG_DICT,("pd::FindMasterSnapShotOnOtherVolume: 
| SnapShot=%08x, 

| Sequence=%08x\n",SnapShot,SnapShot->Permanent.SequenceNu 
I mber)); 

56329| #endif /* DO_AL L_S E ARC H */ 
56330 | 

56331 1 if ( SnapShot->Permanent.SequenceNumber > 0 ) { 
56332 | 

| //Debug(DEBUG_DICT,("pd::FindMasterSnapShotOnOtherVolume 
| : SnapShot=%08x, Sequence=%08x, Time=%016l64x - 
| looking through all 

| dictionaries\n",SnapShot,SnapShot->SequenceNumber,SnapSh 

| ot->SnapShotTime.QuadPart)); 
56333| ASSERT ( 

| SnapShot->Permanent.SnapShotTime.QuadPart > 0 ); 
56334| 

56335| // Search through all dictionaries to find a 
| master with the same sequence number and time. 
56336| 

56337| pPersistentDictionary diet = ListHead; 
56338| while ( diet != NULL ){ 
56339| if ( dict->SnapShot && 

| dict->SnapShot!=SnapShot && 

| dict->SnapShot->SnapShotMaster ) { 
56340| ULONG SameSequence = 

| (dict->SnapShot->Permanent.SequenceNumber == 



I SnapShot->Permanent.SequenceNumber); 

56341 1 ULONG SameTime = 

| (dict->SnapShot->Permanent.SnapShotTime.QuadPart == 
| SnapShot->Permanent.SnapShotTime.QuadPart); 

56342 1 if ( TSameSequence &&7 SameTime ) { 

56343 1 

| //Debug(DEBUG_DICT,( M pd::FindMasterSnapShotOnOtherVolume 
| : Matching dictionary: SnapShot=%08x, Sequence=%08x, 
| Time=%016l64x, 

| Listlndex=%08x\n",dict->SnapShot,dict->SnapShot->Sequenc 

| eNumber,dict->SnapShot->SnapShotTime.QuadPart,NumDiction 

| arieslnList)); 
56344| master = 

| dict->SnapShot->SnapShotMaster; 
56345| ASSERT(SameSequence); //not 

| horrible, but I want to know about it when it happens 
56346| if ( ISameSequence ) { 

56347| 

| SnapShot->Permanent.SequenceNumber = 

| dict->SnapShot->Permanent.SequenceNumber; //Experiment 
56348| } 
56349 1 break; 
56350 1 } 
56351 1 } 
56352 1 

56353 1 diet = dict->Next; 

56354 1 ++ N u m D ictio naries I n List ; 

56355| } 
56356| 

56357| #ifdef DEBUG 

56358| #if DO_ALL_S E ARC H 

56359| while ( diet != NULL ) { 

56360| diet = dict->Next; 

56361 1 ++NumDictionarieslnList; 

56362 1 } 

56363 | 

| Debug(DEBUG_DICT,("pd::FindMasterSnapShotOnOtherVolume: 
| NumDictionaries=%08x\n",NumDictionarieslnList)); 

56364| #endif 

56365| #endif /"DEBUG*/ 

56366| } 

56367| 

56368 1 return master; 
56369 | } 
56370 | 

56371 1 // 

| 

56372| // Given an index number, will return back a snapshot 

| set (master) associated with that index. 
56373| // If one doesnt exist it will create it. 



56374| 

56375| struct skSnapShotMaster 

| *PersistentDictionary::GetAMasterSnapShot ( 
56376| struct _OT_USER_ *User, 
56377| plnternalSnapShot Snapshot ) 
56378| { 

56379| //Debug(DEBUG_DICT,( M pd::GetAMasterSnapShot called: 

| SnapShot=%08x\n",SnapShot)); 
56380| 

56381 1 // change to allow the extra one used as a dummy 

| with all volumes on which 
56382| // to hang deceased snapshots 
56383| if ( ISnapShot ) { 
56384| return NULL; 
56385| } 
56386| 

56387| //Debug(DEBUG_DICT,( M pd::GetAMasterSnapShot: 

| SnapShot->SnapShotMaster = 

| %08x\n",SnapShot->SnapShotMaster)); 
56388| 

56389| if ( !SnapShot->SnapShotMaster ) { 
56390| SnapShot->SnapShotMaster = 

| FindMasterSnapShotOnOtherVolume (Snapshot); 
56391 1 if ( SnapShot->SnapShotMaster ) { 
56392| #if DO_ALL_SEARCH 

56393 | 

| Debug(DEBUG_DICT,("pd::GetAMasterSnapShot: Found other 

| volume's master %08x to link to internal 

| %08x\n",SnapShot->SnapShotMaster,SnapShot)); 

56394| #endif /*DO_ALL_SEARCH7 

56395| } else { 

56396| SnapShot->SnapShotMaster = 

| (tkSnapShotMaster *) MemAllocatePoolWithTag( 
| NonPagedPool, 

[ sizeof(tkSnapShotMaster),PSM_MASTER_SNAPSHOT); 
56397| 

56398| if ( SnapShot->SnapShotMaster ) { 

56399 1 Rt IZero Me mo ry ( 

| SnapShot->SnapShotMaster, sizeof (tkSnapShotMaster)); 
56400 1 
56401| 

| lnitializeListHead(&SnapShot->SnapShotMaster->SnapShots) 



56403| 

| SnapShot->SnapShotMaster->ExclusiveProcess = 0; 
56404| SnapShot->SnapShotMaster->OutOfSeconds 
1 = 0; 

56405| SnapShot->SnapShotMaster->Count 
1 = 0; 



56406| SnapShot->SnapShotMaster->Status 

| = STATUS_SUCCESS; 
56407| SnapShot->SnapShotMaster->Persistent 

| = TRUE; // Called only by rebuild - thus all 

| snapshots are persistent. 
56408| 

56409| if ( 

| SnapShot->Permanent.SequenceNumber==0 ) { 
56410| 

| SnapShot->SnapShotMaster->SnapShotTime.QuadPart = 0; 
5641 1 | 

| SnapShot->SnapShotMaster->GroupNumber = 0; 
5641 2| SnapShot->SnapShotMaster->NumToKeep 

I = -1; 

5641 3| SnapShot->SnapShotMaster->Priority 

l= 0; 
56414| 

| SnapShot->SnapShotMaster->SnapShotFlags = 0; 
56415| 

| SnapShot->SnapShotMaster->DIIPrivateUse = 0; 
56416| 

| wcscpy(SnapShot->SnapShotMaster->UserSnapShotName,L" M ); 
5641 7| SnapShot->SnapShotMaster->lnstance 

| = MAXNUMBEROFSNAPSHOTS; 
56418| }else{ 
56419| 

| SnapShot->SnapShotMaster->DIIPrivateUse 

| SnapShot->DIIPrivateUse; 
56420| 
56421| 

| SnapShot->SnapShotMaster->GroupNumber = 

| SnapShot->Permanent.GroupNumber; 
56422| SnapShot->SnapShotMaster->Status 

| = SnapShot->Permanent. Status; 
56423| 

| SnapShot->SnapShotMaster->SnapShotTime = 

| SnapShot->Permanent.SnapShotTime; 
56424| SnapShot->SnapShotMaster->NumToKeep 

| = SnapShot->Permanent.NumToKeep; 
56425| SnapShot->SnapShotMaster->Priority 

| = SnapShot->Permanent. Priority; 
56426| 

| SnapShot->SnapShotMaster->SnapShotFlags = 

| SnapShot->Permanent.SnapShotFlags; 
56427| SnapShot->SnapShotMaster->lnstance 

| = SnapShot->Permanent.Externallnstance; 
56428| 

| wcscpy(SnapShot->SnapShotMaster->UserSnapShotName,SnapSh 
| ot->Permanent.UserSnapShotName); 
56429| 



56430| if ( 

| SnapShot->SnapShotMaster->lnstance>=VDisklnstance ) { 
56431 1 VDisklnstance = 1 + 

| SnapShot->SnapShotMaster->lnstance; 
56432 1 } 
56433 1 } 
56434| 

56435| lnterlockedlncrement((PLONG) 

| &GlobalData->NumActive); 
56436| lnterlockedlncrement((PLONG) 

| &User->Open); 
56437| #if DO_ALL_SEARCH 

56438| 

| Debug(DEBUG_DICT,("pd::GetAMasterSnapShot: Incremented 
| Num Active to %08x 

| open=%08x\n",GlobalData->NumActive,User->Open)); 
56439| #endif /* DO_AL L_S E ARC H */ 

56440 1 } else { 

56441 1 Debug(DEBUG_DICT, ("Error out of memory 

| for master snapshot\n")); 
56442 1 } 
56443 1 } 
56444| } else { 
56445| // already allocated 
56446| } 
56447| 

56448| // VerifyHeaderlntegrity ( Header, "global header 

| after GetAMasterSnapShot" ); 
56449| //Debug(DEBUG_DICT,("pd::GetAMasterSnapShot 

| returning master %08x\n",SnapShot->SnapShotMaster)); 
56450| return SnapShot->SnapShotMaster; 
56451 1 } 
56452 1 
56453| 

56454| // 

| 

56455| // Given an ordered pair (Lower, Upper) of snapshot 

| numbers, traverses the whole Rbtree and 
56456| // sets as handled (a 0 bit) in the appropriate volume 

| bitmap each granule that was cached 
56457| // after the lower snapshot and before the upper 

| snapshot was taken. 
56458| // (NB: Upper = 0 means we accept any Sequence no. 

| above Lower) 
56459 1 
56460 1 void 

| PersistentDictionary::CreditlnterveningGranuleslnTree ( 
56461| PRTL_BITMAP GranuleBitMap, 
56462| tTree *Tree, 
56463| ULONG LowerSS, 



56464| ULONG UpperSS ) 

56465| { 

56466| __try { 

56467| ULARGEJNTEGER CurrentKey; 
56468| tTreeLeaf *CurrentNode = 

| rbtree_SearchUpperBound(Tree, 0); 
56469| 

56470| CurrentKey.QuadPart = CurrentNode->Key; 
56471 | 

56472| #define StepThroughTree CurrentNode = 
| rbtree_GetNextlnOrder(Tree, CurrentNode); if 
| (CurrentNode) {CurrentKey.QuadPart = CurrentNode->Key;} 

56473 1 

56474| while ( CurrentNode!=NULL ) { 

56475| //advance to next granule with a snapshot 

| at least high enough to be worth inspecting 
56476| while ( (CurrentNode!=NULL) && 

| (CurrentKey.SnapShotPart < LowerSS) ) { 
56477| #if DO_ALL_FREESPACE 

56478| 

| Debug(DEBUG_DICT,("pd::CreditlnterveningGranuleslnTree: 
| scope: \%x - %x Skipping %8x|%08x - SS too low\n M 

56479 1 , LowerSS 

56480| , UpperSS 

56481 | 

| CurrentKey. GranulePart 

56482 1 

| CurrentKey.SnapShotPart 
56483| )); 
56484| #endif /*DO_ALL_FREESPACE7 

56485| 

56486| StepThroughTree; 

56487| } 

56488| 

56489| // if in the intervening range then credit 

| it as already snapped 
56490| ULONG Granule = CurrentKey. GranulePart; 

56491 1 if ( (CurrentNode!=NULL) && 

| ((CurrentKey.SnapShotPart < UpperSS) || (UpperSS==0 )) 

IH 

56492 1 //free bit 

56493| if(GranuleBitMap) { 

56494| PsmBitPositionValidate 

| (GranuleBitMap, Granule); 
56495| RtlClearBits ( GranuleBitMap, 

| Granule, 1 ); 
56496| } 

56497| #if DO_ALL_FREESPACE 

56498| 

| Debug(DEBUG_DICT,("pd::CreditlnterveningGranuleslnTree: 



I scope: |%x - %x Crediting %8x|%08x\n" 
56499| , LowerSS 

56500| , UpperSS 

56501 | 

| CurrentKey.GranulePart 
56502 1 

| CurrentKey.SnapShotPart 
56503| )); 
56504| #endif /* DO_AL L_F R E ES P AC E*/ 

56505| StepThroughTree; 
56506| } 
56507| 

56508| // now we've examined, get at least out of 

| this granule 
56509| while ( (CurrentNode!=NULL) && 

| (CurrentKey.GranulePart == Granule) ) { 
56510| #if DO_ALL_FREESPACE 

5651 1 1 

| Debug(DEBUG_DICT,("pd::CreditlnterveningGranuleslnTree: 
| scope: |%x - %x skipping %8x|%08x - SS too high\n" 

56512| , LowerSS 

56513| , UpperSS 

56514| 

| CurrentKey.GranulePart 

56515| 

| CurrentKey.SnapShotPart 
56516| )); 
5651 7| #endif /* DO_AL L_F R E ES P AC E*/ 

56518| StepThroughTree; 
56519| } 
56520| 
56521 | } 
56522 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
56523| Debug(DEBUG_SFILTER,("Exception %08x in 

| Creditlnten/eningGranuleslnTree\n",GetExceptionCode())); 
56524| } 
56525| } 
56526| 

56527| // 

| 

56528| 

56529| NTSTATUS Rebuild_DeleteJunctionsOnVolume ( 

| PDEVICE_OBJECT Volume ) 
56530 1 { 

56531 1 NTSTATUS status = STATUS_SUCCESS; 
56532 1 

| Debug(DEBUG_DICT,("Rebuild_DeleteJunctionsOnVolume(%08x) 
| \n", Volume)); 
56533| 



56534| __try { 

56535| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
56536| const ULONG pathChars = 1 024; 
56537| WCHAR *path = (WCHAR *) 

| MemAllocateString(pathChars); 
56538| if ( path ) { 

56539| swprintf ( path, L"%s\\%s", DevExt->Name, 

| gSnapShotDirName ); 
56540| NTSTATUS tempStatus = 

| SbDeleteAIIReparsePointsAndDir (path); 
56541 | 

| Debug(DEBUG_DICT,("Rebuild_DeleteJunctionsOnVolume: 
| after SbDeleteAIIReparsePointsAndDir '%S'; 
| status=%08x\n M ,path,tempStatus)); 
56542 1 

56543| tempStatus = SbCreateDirectory 

| (path,NULL,FILE_ATTRIBUTE_NORMAL); 
56544| 

| Debug(DEBUG_DICT,("Rebuild_DeleteJunctionsOnVolume: 
| SbCreateDirectory('%S') returned 
| %08x\n M ,path,tempStatus)); 
56545| 

56546| MemFreeString(path); 

56547| } else { 

56548| 

| Debug(DEBUG_DICT,("Rebuild_DeleteJunctionsOnVolume: 

| Out of memory (path)\n")); 
56549| status = STATUS_INSUFFICIENT_RESOURCES; 

56550 1 } 
56551 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
56552 1 status = GetExceptionCode(); 
56553| Debug(DEBUG_DICT,("!!! Exception %08x in 

| Rebuild_DeleteJunctionsOnVolume; 

| Volume=%08x\n",status,Volume)); 
56554| } 
56555| 

56556| Debug(DEBUG_DICT,("Rebuild_DeleteJunctionsOnVolume 

| returning %08x\n M ,status)); 
56557 1 return status; 
56558| } 
56559 1 

56560 1 // 



56561 | 

56562| NTSTATUS Rebuild_RecreateJunctionsOnVolume( 

| PDEVICE_OBJECT Volume ) 
56563 1 { 

56564| NTSTATUS Status=STATUS_UNSUCCESSFUL; 



56565| 

56566| Debug(DEBUG_DICT,("Entering 

| Rebuild_RecreateJunctionsOnVolume, 

| Vol=%08x\n",Volume)); 
56567| 

56568| __try { 

56569| PDEVICE_OBJECT DevObj = Volume; 
56570| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
56571 1 Rebuild_DeleteJunctionsOnVolume (DevObj); 

56572| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
56573 1 pkS napS hot E ntry 

| p=GetTopSnapShot(&DevExt->SnapShots); 
56574| 

56575| while ( p ) { 

56576| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 
56577| 
56578| 

| if(p->MasterSnapShot->UserSnapShotName[0]!=0) { 
56579 1 P D E V I C EOBJ ECT 

| Virtual=GetVdiskObjectForName(DevExt->Name,p->MasterSnap 

| Shot->lnstance); 
56580| if ( Virtual ) { 

56581 1 PVDISK_EXTENSION VDisk = 

| GetVDiskExtension(Virtual); 
56582| WCHAR *linkDirectory = 0; 

56583| WCHAR *target Directory = 0; 

56584| 

56585| linkDirectory = 

| (WCHAR*)MemAllocateString(1 024); 
56586| if(linkDirectory) { 

56587| targetDirectory = 

| (WCHAR*)MemAllocateString(256); 
56588| 

56589| if(targetDirectory) { 

56590 1 swprintf ( 

| linkDirectory,L"%s\\%s",DevExt->Name,p->MasterSnapShot-> 

| UserSnapShotName ); 
56591 1 swprintf ( 

| targetDirectory,L"%s\\",VDisk->VolumeGuid ); 
56592 1 
56593 1 

| Debug(DEBUG_DICT,("Rebuild_RecreateJunctionsOnVolume: 
| dir='%S'\n",linkDirectory)); 
56594| 

| Debug(DEBUG_DICT,("Rebuild_RecreateJunctionsOnVolume: 
| target='%S'\n",targetDirectory)); 
56595| 



I Debug(DEBUG_DICT,("Rebuild_RecreateJunctionsOnVolume: 
| time=%l64x\n",p->MasterSnapShot->SnapShotTime.QuadPart)) 

I ; 

56596| Status = CreateJ unction 

l( 

| HnkDirectory,targetDirectory,p->MasterSnapShot->SnapSho 
| tTime ); 
56597| 

56598| if ( NT_SUCCESS(Status) 

l){ 
56599| 

| Debug(DEBUG_DICT,("Success creating junction\n")); 
56600| } else { 

56601 | 

| Debug(DEBUG_DICT,("Error%08x creating 

| junction\n", Status)); 
56602 1 } 
56603 1 

| MemFreeString(targetDirectory); 
56604| } else { 

56605| 

| Debug(DEBUG_DICT,("Error out of memory for target\n")); 
56606| } 
56607| 

| MemFreeString(linkDirectory); 
56608| } else { 

56609| Debug(DEBUG_DICT,("Error 

| out of memory for link\n")); 
56610| } 
5661 1 1 } else { 

56612| Debug(DEBUG_DICT,("Unable to 

| find virtual volume!!!!!!\n")); 
56613| #ifdef DEBUG 
56614| DbgBreakPoint(); 
56615| #endif 
56616| } 
56617| }else{ 

56618| Debug(DEBUG_DICT,("Error Snapshot 

| has no name\n")); 
56619| } 
56620| p = 

| GetNextSnapShot(&DevExt->SnapShots,p); 
56621 | } 
56622 1 } 
56623 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
56624| Status = GetExceptionCode(); 
56625| Debug(DEBUG_SFILTER, ("Exception %08x in 

| Rebuild_RecreateJunctionsOnVolume\n",Status)); 
56626| } 



56627| 
56628| 

| Debug(DEBUG_DICT,("Rebuild_RecreateJunctionsOnVolume 

| returning %08x\n M ,Status)); 
56629| return Status; 
56630| } 
56631| 

56632| // 

| 



56634| NTSTATUS Rebuild_DismountAIIVolumes ( PDEVICE_OBJECT 

| Volume, BOOLEAN DisableMounts ) 
56635| { 

56636| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

56637| WCHAR Buffer[255]; 

56638| 

56639| Debug(DEBUG_DICT,("Entering 

| Rebuild_DismountAIIVolumes, Vol=%08x\n", Volume)); 
56640| 

56641 1 _try { 

56642| // dismount all volumes 

56643| PDEVICE_OBJECT DevObj = Volume; 

56644| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
56645| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
56646| pkSnapShotEntry 

| p=GetTopSnapShot(&DevExt->SnapShots); 
56647| 

56648| while ( p ) { 

56649| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 
56650| PDEVICE_OBJECT 

| Virtual=GetVdiskObjectForName(DevExt->Name,p->MasterSnap 

| Shot->lnstance); 
56651 1 if ( Virtual ) { 

56652| PVDISK_EXTENSION VDisk = 

| GetVDiskExtension(Virtual); 
56653 1 
56654| 

| swprintf (Buffer, L"\\Device\\Psm Devices_%04x\\%s_%d", PSM_ 

| LOW_COMPATIBLE_VERSION,VDisk->Name,p->MasterSnapShot->ln 

| stance); 



56655| Debug(DEBUG_DICT,("Dismounting 

| volume '%S'\n", Buffer)); 
56656| if(DisableMounts) { 

56657| VDisk->MountDisabled=TRUE; 
56658| } 

56659| Status = Sblo_DismountVolume( 



I Buffer ); 

56660| if ( NT_SUCCESS(Status) ) { 

56661 1 Debug(DEBUG_DICT,("Success 

| dismounting volume\n")); 
56662 1 } else { 

56663| Debug(DEBUG_DICT,("Error %08x 

| dismounting volume\n", Status)); 
56664| } 
56665| 

56666| } else { 

56667| // This can happen before stage 2 

| had a chance to run or complete. 
56668| Debug(DEBUG_DICT,("Unable to find 

| virtual volume!! !!!!\n")); 
56669 1 } 
56670 1 p = 

| GetNextSnapShot(&DevExt->SnapShots,p); 
56671 | } 
56672 1 } 
56673 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
56674| Status = GetExceptionCode(); 
56675| Debug(DEBUG_SFILTER,("Exception %08x in 

| dismount all volumes\n",Status)); 
56676| } 
56677| 

56678| Debug(DEBUG_DICT,("Rebuild_DismountAIIVolumes 

| returning %08x\n",Status)); 
56679| return Status; 
56680 1 } 
56681 | 

56682 1 // 



56683| NTSTATUS Rebuild_ReenableVolumeMounts ( PDEVICE_OBJECT 

| Volume ) 
56684| { 

56685| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
56686| 

56687| Debug(DEBUG_DICT,("Entering 

| Rebuild_ReenableVolumeMounts , Vol=%08x\n", Volume)); 
56688| 

56689 1 _try { 

56690| // reenable mounting of all virtual volumes 
56691 1 PDEVICE_OBJECT DevObj = Volume; 
56692 1 if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
56693| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
56694| pkSnapShotEntry 



I p=GetTopSnapShot(&DevExt->SnapShots); 
56695| 

56696| while ( p ) { 

56697| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 
56698| PDEVICE_OBJECT 

| Virtual=GetVdiskObjectForName(DevExt->Name,p->MasterSnap 

| Shot->lnstance); 
56699| if ( Virtual ) { 

56700| PVDISK_EXTENSION VDisk = 

| GetVDiskExtension(Virtual); 
56701 | 

56702 1 VDisk->Mou ntDisabled= FALS E ; 

56703 1 } else { 

56704| // This can happen before stage 2 

| had a chance to run or complete. 
56705| Debug(DEBUG_DICT,("Unable to find 

| virtual volume!! !!!!\n")); 
56706| } 
56707| p = 

| GetNextSnapShot(&DevExt->SnapShots,p); 
56708| } 
56709 1 } 
56710| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
5671 1 1 Status = GetExceptionCode(); 
5671 2| Debug(DEBUG_SFILTER,(" Exception %08x in 

| reenable volume mounts\n",Status)); 
56713| } 
56714| 

56715| Debug(DEBUG_DICT,("Rebuild_ReenableVolumeMounts 

| returning %08x\n",Status)); 
56716| return Status; 
56717| } 
56718| 

56719| // 

| 

| 

56720| 

56721 1 NTSTATUS Rebuild_MountAIIVolumes ( PDEVICE_OBJECT 

| Volume ) 
56722 1 { 

56723| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

56724| WCHAR Buffer[255]; 

56725| 

56726| Debug(DEBUG_DICT,("Entering 

| Rebuild_MountAIIVolumes, vol=%08x\n",Volume)); 
56727| 

56728| _try { 

56729| PDEVICE_OBJECT DevObj = Volume; 



56730| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
56731 1 PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
56732 1 

56733 1 pkS napS hot E ntry 

| p=GetTopSnapShot(&DevExt->SnapShots); 
56734| 

56735| while ( p ) { 

56736| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(p->DeviceObject); 
56737| PDEVICE_OBJECT 

| Virtual=GetVdiskObjectForName(DevExt->Name,p->MasterSnap 

| Shot->lnstance); 
56738| if ( Virtual ) { 

56739| PVDISK_EXTENSION VDisk = 

| GetVDiskExtension(Virtual); 
56740 1 
56741 | 

| swprintf (Buffer, U'WDeviceWPsm Devices_%04x\\%s_%d M , PSM_ 
| LOW_COMPATIBLE_VERSION,VDisk->Name,p->MasterSnapShot->ln 
| stance); 
56742 1 

56743| // Make this disk a Unique 

| Number... This is to cause the file system to 
56744| // discard any cached data for the 

| old volume (due to a forced dismount) 
56745| // this however will cause all 

| volumes to go through the full mount stage 
56746 1 // even if the volume was not 

| forced shutdown 
56747| 

56748| LARGEJNTEGER BO; 

56749| Hint -save -e740 7 

56750| KeQueryTickCount( &BO ); 

56751| Hint -restore 7 

56752| VDisk->SerialNumber = BO.LowPart; 

56753| 

56754| Debug(DEBUG_DICT,("Mounting volume 

| 'o/oSW, Buffer)); 
56755| Status = SbTouchVolume( Buffer ); 

56756| if ( NT_SUCCESS(Status) ) { 

56757| Debug(DEBUG_DICT,( M Success 

| mounting volume\n")); 
56758| 

56759| // lets delete the snapshot 

| directory off of the virtual drive 
56760| // so nesting will not occur 

| when other snapshots exist 
56761 | 



56762| wcscat(Buffer,L"\V); 
56763| 

| wcscat(Buffer,gSnapShotDirName); 
56764| Debug(DEBUG_DEVSUP,("Deleting 

| directory '%S'\n", Buffer)); 
56765| SbSnapShotCleanup(Buffer); 
56766| 

56767| } else { 

56768| Debug(DEBUG_DICT,("Error %08x 

| mounting volume\n",Status)); 
56769| } 
56770| 

56771 1 } else { 

56772| // This can happen before stage 2 

| had a chance to run or complete. 
56773| Debug(DEBUG_DICT,("Unable to find 

| virtual volumeAn")); 
56774| } 
56775| p = 

| GetNextSnapShot(&DevExt->SnapShots,p); 
56776| } 
56777| } 
56778| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
56779| Status = GetExceptionCode(); 

56780| Debug(DEBUG_SFILTER,("Exception %08x in Mount 

| all volumes\n",Status)); 
56781 | } 
56782 1 

56783| Debug(DEBUG_DICT,("Rebuild_MountAIIVolumes 

| returning %08x\n",Status)); 
56784| return Status; 
56785| 
56786| } 
56787| 

56788| // 

| 

56789| 

56790| WCHAR *GetPrefix ( 
56791 1 const WCHAR * const Location, 
56792 1 WCHAR * Prefix ) 

56793| { 



56794| // determine where in the object name space the 

56795 1 // locations are 

56796| // C:\ d 

56797| if ( Location^ ]==L':' ) { 

56798| // drive letter passed in 

56799| wcscpy(Prefix,L"\\DosDevices\\"); 

56800 1 } else 

56801 1 // Volume{ 



56802| if ( (Location[0]==L'V) && (Location[6]==L'{') 
I ){ 

56803 1 wcscpy ( P ref ix, L"\\? ?\V) ; 
56804| } else { 

56805| if ( Location[0]==L'\V ) { 
56806| // already a valid path 

56807| wcscpy(Prefix,L""); 
56808| } else { 

56809| Debug(DEBUG_DEVCON, ("Invalid object name 

| space name '%S'\n",Location)); 
56810| // invalid name 

56811| ASSERT(FALSE); 
56812| wcscpy(Prefix,L""); 
56813| } 
56814| } 

56815| return Prefix; 

56816| } 

56817| 

56818| // 



56819| 
56820| #if 1 

56821| NTSTATUS AddPSMDirToDoNotBackupList( ) 
56822| { 

56823| ULONG Len=256; 

56824| WCHAR *DirToAdd=(WCHAR*)MemAllocateString(Len); 

56825| NTSTATUS Status; 

56826| 

56827| if(DirToAdd) { 

56828| wcscpy(DirToAdd,L"\V); 

56829| wcscat(DirToAdd,PSM_PRIVATE_DIR_SLASH); 

56830| wcscat(DirToAdd,L"* /s"); 

56831 1 Len = wcslen(DirToAdd); 

56832| DirToAddfLen] = 0; 

56833| DirToAdd[Len+1] = 0; 

56834| 

56835| Status = RtlWriteRegistryValue( 
56836| RTL_REGISTRY_ABSOLUTE, 
56837| 

| L"\\Registry\\Machine\\SYSTEM\\CurrentControlSet\\Contro 

| IWBackupRestoreWFilesNotToBackup", 
56838| L"Persistent Storage Manager (Files)", 

56839| REG_MULTI_SZ, 
56840| DirToAdd, 

56841 1 (Len*sizeof(WCHAR))+(sizeof(WCHAR)*2)); 
56842 1 

56843| Debug(DEBUG_DICT,("AddPSMDirToDoNotBackupList: 

| Status=%08x\n",Status)); 
56844| MemFreeString(DirToAdd); 
56845| } else { 



56846| Status = STATUS_INSUFFICIENT_RESOURCES; 
56847| } 

56848| return Status; 

56849| } 

56850| 

56851 1 // 



56853| NTSTATUS StoreFileSystem( PDEVICE_OBJECT Volume, HANDLE 

| Handle ) 
56854| { 

56855| NTSTATUS Status; 

56856| PFILE_OBJECT FileObject; 

56857| ULONG FileSystem; 

56858| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
56859 1 WCHAR Buffer[255]={0}; 
56860| PFILE_FS_ATTRIBUTE_INFORMATION 

| Attrib=(PFILE_FS_ATTRIBUTE_INFORMATION)Buffer; 
56861 | 

56862| PAG E D_CO D E () ; 
56863 1 

56864| Status = ObReferenceObjectByHandle( 
56865| Handle, // IN HANDLE Handle, 

56866| 0, // IN ACCESS_MASK DesiredAccess, 

56867| NULL, // IN POBJECT_TYPE 

| ObjectType, // optional 

56868| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE AccessMode, 
56869| (PVOID*)&FileObject, //OUTPVOID 

| "Object, 

56870 1 NULL // OUT 

| POBJECT_HANDLE_INFORMATION Handlelnformation // 

| optional 
56871| ); 

56872| if(NT_SUCCESS(Status)) { 

56873| Status = FS_GetVolumeAttributes( FileObject, 

| Attrib, sizeof(Buffer) ); 
56874| if(NT_SUCCESS(Status)) { 
56875| // null terminate 

56876| 

| Attrib->FileSystemName[Attrib->FileSystemNameLength/2]=0 



| if(_wcsicmp(Attrib->FileSystemName,L"NTFS")==0) { 
56878| FileSystem = FILE_SYSTEM_NTFS; 

56879| } else 

56880| 

| if(_wcsicmp(Attrib->FileSystemName,L"FAT")==0) { 
56881 1 FileSystem = FILE_SYSTEM_FAT; 



56882| } else { 

56883| FileSystem = FILE_SYSTEM_UNKNOWN; 

56884| } 

56885| 

56886| // store the file system type in the per 

| volume area of the registry 
56887| WCHAR *VolumeReg = 

| GetPerVolumeFtegistry(Volume); 
56888| if(VolumeReg) { 

56889| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,VolumeReg,L" 
| FileSystem",REG_DWORD,&FileSystem,sizeof(DWORD)); 

56890| DevExt->FileSystem = FileSystem; 

56891 1 FreePerVolumeRegistry(VolumeReg); 

56892 1 } 

56893 1 } else { 

56894| Debug(DEBUG_DICT,("Error %08x getting 

| volume attributes\n",Status)); 
56895| } 

56896| ObDereferenceObject (FileObject); 
56897| } else { 

56898| Debug(DEBUG_DICT,("Error %08x getting file 

| object for file handle\n",Status)); 
56899 1 } 

56900| return Status; 
56901 | } 
56902| 
56903 1 

56904| NTSTATUS PersistentDictionary::CreateFilesForVolume( 

| PDEVICE_OBJECT Volume, PVOID AbortEvent ) 
56905| { 

56906| NTSTATUS Status = STATUSJJNSUCCESSFUL; 

56907| WCHAR Header[300]; 

56908| WCHAR Cache[300]; 

56909 1 WCHAR lndex[300]; 

56910| LARGEJNTEGER Size; 

5691 1 1 PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
56912| 

56913| UpdateGlobalStatus(PSM_CREATING_FILES); 
56914| 

| Reg_GetULONGKey(&gRegistryPath,L"FillOnWrite",FILLONWRIT 
| ES_DEF,&PSManFillOnWrite); 
56915| 

5691 6| Debug(DEBUG_DICT,("pd::CreateFilesForVolume: 
| Volume=%08x, uni='%S\ 

| guid='%S'\n",Volume,DevExt->Uniqueld,DevExt->VolumeGuid) 

I); 

56917| _try{ 

56918| PSECURITY_DESCRIPTOR SD = SbGetAdminOnlySD(); 



56919| 
56920| 

| GetPrefix(DevExt->Cache.HeaderFile. Location, Header); 
56921| 

| wcscat(Header,DevExt->Cache.HeaderFile. Location); 

56922| wcscat(Header,PSM_PRIVATE_DIR_SLASH); 
56923| 

| SbCreateDirectory(Header,SD,FILE_ATTRIBUTE_HIDDEN); 
56924| 

56925| if(DevExt->Uniqueld[0]) { 

56926| wcscat(Header,DevExt->Uniqueld); 

56927| wcscat(Header,L".header.psm"); 

56928| } else 

56929| if(DevExt->VolumeGuid[0]) { 

56930| wcscat(Header,DevExt->VolumeGuid); 

56931 1 wcscat(Header,L".header.psm"); 

56932 1 } else { 

56933| wcscat(Header,L M header.psm"); 

56934| } 

56935| 

56936| 

| GetPrefix(DevExt->Cache. I ndexFile. Location, Index); 

56937| wcscat(lndex,DevExt->Cache.lndexFile. Location); 

56938| wcscat(lndex,PSM_PRIVATE_DIR_SLASH); 
56939 | 

| SbCreateDirectory(lndex,SD,FILE_ATTRIBUTE_HIDDEN); 

56940| if(DevExt->Uniqueld[0]) { 

56941 1 wcscat(lndex,DevExt->Uniqueld); 

56942| wcscat(lndex,L". index. psm"); 

56943 1 } else 

56944| if(DevExt->VolumeGuid[0]) { 

56945| wcscat(lndex,DevExt->VolumeGuid); 

56946| wcscat(l ndex, L". index. psm") ; 

56947| } else { 

56948| wcscat(lndex,L"index.psm M ); 

56949 1 } 
56950 | 
56951 | 

| GetPrefix(DevExt->Cache.CacheFile. Location, Cache); 

56952| wcscat(Cache,DevExt->Cache.CacheFile. Location); 

56953| wcscat(Cache,PSM_PRIVATE_DIR_SLASH); 
56954| 

| SbCreateDirectory(Cache,SD,FILE_ATTRIBUTE_HIDDEN); 

56955| if(DevExt->Uniqueld[0]) { 

56956| wcscat(Cache,DevExt->Uniqueld); 

56957| wcscat(Cache,L".diff.psm M ); 

56958| } else 

56959| if(DevExt->VolumeGuid[0]) { 

56960| wcscat(Cache,DevExt->VolumeGuid); 

56961 1 wcscat(Cache,L".diff.psm M ); 



56962| } else { 

56963| wcscat(Cache,L"diff.psm"); 

56964| } 

56965| 

56966| // free security descriptor 

56967| if(SD) { 

56968| MemFreePool(SD); 

56969| } 

56970| 

56971 1 AddPSMDirToDoNotBackupList(); 
56972 1 

56973| Size.QuadPart = 
56974| sizeof(tHeader) + 

56975| 

| MAX_SNAPSHOTS_PER_HEADER_FILE*sizeof(tDisklnternalSnapSh 
I ot) + 

56976| sizeof(DWORD); 
56977| 

56978| Size.QuadPart = ROUND_UP(Size.QuadPart, 

| DevExt->BytesPerSector); 
56979| Size.QuadPart *= NumSavedHeaderBlocks; 
56980| Debug(DEBUG_DICT,("pd::CreateFilesForVolume: 

| Header Size = %08l64x, Release 2 was 

| %08x\n",Size.QuadPart,HEADER_SIZE_IN_RELEASE_2)); 
56981 1 ASSERT(Size.QuadPart <= 

| HEADER_SIZE_IN_RELEASE_2); 
56982| Size.QuadPart = HEADER_SIZE_IN_RELEASE_2; // 

| maintain backward compatibility 
56983 1 

56984| Status = 

| SbCreateAndFillFile(Header,&Size,AbortEvent,0x00,FILLONW 

| RITE_ALL); 
56985| if ( NT_SUCCESS(Status) ) { 
56986| Size = RtlEnlargedUnsignedMultiply ( 

| DevExt->Cache.PSManBitMapSize, DevExt->BytesPerSector 

I); 

56987| Status = 

| SbCreateAndFillFile(lndex,&Size,AbortEvent,0x00,FILLONWR 

| ITE_ALL); 
56988| 

56989| if ( NT_SUCCESS(Status) ) { 

56990| HANDLE TempHandle = 

| INVALID_HANDLE_VALUE; 
56991 1 PFILE_OBJECT TempObject = NULL; 

56992| HANDLE TempWaitHandle = 

| INVALID_HANDLE_VALUE; 
56993| PVOID TempWaitObject = NULL; 

56994| 

56995| Size = RtlEnlargedUnsignedMultiply ( 

| DevExt->Cache.PSManBitMapSize, GRANULE_SIZE); 



56996| 

56997| // since the cache file can get huge, 

| lets 

56998| // reuse it whenever we can instead of 

| recreating it 
56999| Status = 

| OpenAFile(Cache,TempHandle,TempObject,TempWaitHandle,Tem 

| pWaitObject); 
57000| if ( NT_SUCCESS(Status) ) { 

57001 1 StoreFileSystem(Volume,TempHandle); 
57002| 

| CloseAFile(TempHandle,TempObject,TempWaitHandle,TempWait 
| Object); 

57003| try_return(NOTHING); 
57004| } else { 

57005| Status = 

| SbCreateAndFillFile(Cache,&Size,AbortEvent,OxOO,PSManFil 

| lOn Write); 

57006| if ( NT_SUCCESS(Status) ) { 

57007| // store what file system is 

| being used for this volume 
57008| Status = 

| OpenAFile(Cache,TempHandle,TempObject,TempWaitHandle,Tem 

| pWaitObject); 
57009| if ( NT_SUCCESS(Status) ) { 

57010| 

| StoreFileSystem(Volume,TempHandle); 
57011| 

| CloseAFile(TempHandle,TempObject,TempWaitHandle,TempWait 

| Object); 
57012| }else{ 
57013| // odd, unable to open file 

| we just created successfully 
57014| } 
57015| try_return(NOTHING); 
57016| }else{ 
57017| 

| Debug(DEBUG_DICT,("CreateFilesForVolume: Error %08x 

| creating cache\n", Status)); 
57018| } 
57019| } 

57020| SbDeleteFile(lndex, 

| FILE_ATTRIBUTE_NORMAL); 
57021| }else{ 
57022| 

| Debug(DEBUG_DICT,("CreateFilesForVolume: Error %08x 
| creating index\n", Status)); 
57023| } 

57024| SbDeleteFile(Header, 
| FILE_ATTRIBUTE_NORMAL); 



57025| } else { 

57026| Debug(DEBUG_DICT,( M CreateFilesForVolume: 

| Error %08x creating header\n", Status)); 
57027| } 

57028| try_exit:NOTHING; 
57029| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57030| Status = GetExceptionCode(); 
57031 1 Debug(DEBUG_DICT, ("Exception %08x in 

| pd::CreateFilesForVolume\n", Status)); 
57032 1 } 
57033 | 

57034| Debug(DEBUG_DICT,("pd::CreateFilesForVolume 

| returning %08x\n",Status)); 
57035 1 return Status; 
57036| } 
57037| 

57038| NTSTATUS 

57039| PersistentDictionary::CloseFilesForVolume( 

| PDEVICE_OBJECT Volume) 
57040 1 { 

57041 1 PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57042| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
57043 1 

57044| //Debug(DEBUG_DICT,("pd::CloseFilesForVolume: 

| Volume=%08x\n" J Volume)); 
57045| __try { 

57046| CloseProcessHandle 

| (DevExt->Cache.CacheFile.FileHandle, (PVOID 
| &)(DevExt->Cache.CacheFile.FileObject) ); 

57047| CloseProcessHandle 

| (DevExt->Cache.lndexFile.FileHandle, (PVOID 
| &)(DevExt->Cache.lndexFile.FileObject) ); 

57048| CloseProcessHandle 

| (DevExt->Cache.HeaderFile.FileHandle, (PVOID 
| &)(DevExt->Cache.HeaderFile.FileObject) ); 

57049 1 

57050| CloseProcessHandle 

| (DevExt->Cache.CacheFile.WaitHandle, 

| DevExt->Cache.CacheFile.WaitObject); 
57051 1 CloseProcessHandle 

| (DevExt->Cache.lndexFile.WaitHandle, 

| DevExt->Cache.lndexFile.WaitObject); 
57052| CloseProcessHandle 

| (DevExt->Cache.HeaderFile.WaitHandle, 

| DevExt->Cache.HeaderFile.WaitObject); 
57053| Status = STATUS_SUCCESS; 
57054 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 



57055| Status = GetExceptionCode(); 

57056| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::CloseFilesForVolume\n", Status)); 
57057| } 
57058| 

57059| Debug(DEBUG_DICT,("pd::CloseFilesForVolume%08x 

| returning %08x\n",Volume,Status)); 
57060| return Status; 
57061 1 } 
57062 1 

57063| #define abs(x) ((x) >=0 ? (x) : (-(x))) 
57064| 

57065| // 

57066| 

57067| void GetCacheSizes( PFILTERED_EXTENSION DevExt, ULONG 

| &lnitialSize, ULONG &MaxSize ) 
57068| { 
57069 1 __try { 

57070| signed long IS=(signed 

| long)DevExt->Cache.lnitialSize; 
57071 1 signed long MS=(signed 

| long)DevExt->Cache.MaxSize; 
57072| ULONG ISC=0; 
57073| ULONG MSC=0; 
57074| LARGEJNTEGER L = {0}; 
57075| NTSTATUS Status; 
57076| 

57077| Initialize = 0; 
57078| MaxSize = 0; 
57079 1 

57080| // Before sizes stored in DevExt->Cache, make 

| sure they are up to date. 
57081 1 // Call pd::GetStateForVolume to refresh latest 

| values from registry. 
57082| PDEVICE_OBJECT Volume = DevExt->DeviceObject; 
57083| ASSERT(GetFilteredExtension(Volume)==DevExt); 
57084| PersistentDictionary::GetStateForVolume 

| (Volume); 
57085| 

57086| if(DevExt->PSMed) { 

57087| // volume already has a cache file, lets 

| use its size 
57088| Status = 

| DevExt->Cache.CacheFile.Direct->getFileSizelnBytes(L); 
57089 1 

57090| if(NT_SUCCESS(Status)) { 

57091 1 ASSERT(L.QuadPart); 

| // make sure not zero 
57092| ASSERT((L.QuadPart % (1024*1024)) == 



I 0); // make sure it is an integer number of 
| megabytes 

57093| // convert to number of megabytes 

57094| L.QuadPart/=(1 024*1 024); 

57095| // cant handle things this large 

57096| ASSERT(L.HighPart==0); 
57097| // set the max and init size to the 

| same for now 
57098| InitialSize = MaxSize = L.LowPart; 

57099| Debug(DEBUG_DICT,("GetCacheSizes: 

| Reusing cache file size: cache file is %d 

| MB\n", InitialSize)); 
57100| }else{ 

57101 1 Debug(DEBUG_DICT,("GetCacheSizes: Error 

| %08x getting cache file size\n", Status)); 
57102| goto Calculated; 

57103| } 
57104| }else{ 

571 05| // volume has no snapshots, so calculate 

| the size incase it changed 
571 06| // from the last time the cache file was 

| created 
57107| Calculated: 

571 08| // if number is less than 0, then it is in 

| percentage 
57109| if(IS<0) { 

57110| //how many MB 

57111| L.QuadPart = 

| DevExt->Pi.PartitionLength.QuadPart / (1024*1024); 
57112| ASSERT(L.HighPart == 0); 

571 1 3| // get percentage of space in MB 

57114| ISC = (L.LowPart * (-IS)) / 100; 

57115| Debug(DEBUG_DICT,("GetCacheSizes: Init: 

| Volume is %d MB, cache= %d%%, (%d 

| MB)\n M ,L.LowPart,abs(IS),ISC)); 
57116| }else{ 
57117| ISC = (ULONG)IS; 

57118| } 
57119| 

57120| if(MS<0){ 
57121| //how many MB 

57122| L.QuadPart = 

| DevExt->Pi.PartitionLength.QuadPart/ (1024*1024); 
57123| ASSERT(L.HighPart == 0); 

571 24| // get percentage of space in MB 

57125| MSC = (L.LowPart * (-MS)) / 100; 

57126| Debug(DEBUG_DICT,("GetCacheSizes: Max: 

| Volume is %d MB, cache= %d%%, (%d 

| MB)\n M ,L.LowPart,abs(MS),MSC)); 
57127| }else{ 



57128| 
57129| 
57130| 
57131| 
57132| 



MSC = (ULONG)MS; 



Initialize = ISC; 
MaxSize = MSC; 



57133| }//PSMed 
57134| 

57135| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57136| NTSTATUS Status = GetExceptionCode(); 
57137| Debug(DEBUG_DICT,("!!! Exception %08x in 

| GetCacheSizes\n",Status)); 
57138| } 
57139| } 
57140| 

57141| // 



57142| 

57143| NTSTATUS 

| PersistentDictionary::lnitializeFileNamesForVolume ( 

| PDEVICE_OBJECT Volume ) 
57144| { 

571 45| NTSTATUS Status = STATUS_SUCCESS; 
57146| 

57147| __try{ 

57148| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57149| 

57150| WCHAR Dir[300]; 

57151 1 wcscpy(Dir,PSM_PRIVATE_DIR_SLASH); 
57152| 

57153| if(DevExt->Uniqueld[0]) { 

57154| wcscat(Dir,DevExt->Uniqueld); 

57155| wcscat(Dir,L". M ); 

57156| } else if(DevExt->VolumeGuid[0]) { 

57157| wcscat(Dir, DevExt- >VolumeGuid); 

57158| wcscat(Dir,L"."); 

57159| }else{ 

571 60| // Just append short file name later 

57161| } 

57162| 

571 63 1 const WCHAR * const FileTable[] = { 
57164| // short filename location 

| where to put complete name 
57165| L"header.psm", 

| DevExt->Cache.HeaderFile. Location, 

| DevExt->Cache.HeaderFile. FileName, 
57166| L"index.psm M , 

| DevExt->Cache.lndexFile. Location, 

| DevExt->Cache.lndexFile. FileName, 



57167| U'diff.psm", 

| DevExt->Cache.CacheFile. Location, 

| DevExt->Cache.CacheFile. FileName, 
57168| NULL, NULL, 

| NULL 
57169| }; 
57170| 

571 71 1 for ( ULONG i=0; FileTable[i] != NULL; i+=3 ) { 
57172| const WCHAR * const ShortFileName = 

| FileTablep]; 
57173| const WCHAR * const Location 

| FileTable[i+1]; 
57174| WCHAR* Destination = 

| (WCHAR *) FileTable[i+2]; 
57175| 

57176| ASSERT(Location != NULL); 

57177| ASSERT(Destination != NULL); 

57178| 

571 79| if ( Destination^] == L'\0' ) { 

57180| GetPrefix (Location, Destination); 

57181 1 wcscat (Destination, Location); 

57182| wcscat (Destination, Dir); 

57183| wcscat (Destination, ShortFileName); 

57184| }else{ 

57185| 

| Debug(DEBUG_DICT,("pd::lnitializeFileNamesForVolume: 
| Filename for %S was already defined - leaving 
| alone\n",ShortFileName)); 

57186| } 

57187| 

57188| 

| Debug(DEBUG_DICT,("pd::lnitializeFileNamesForVolume: 

| Info for FileTable[%d] ...\n M ,i)); 
57189| Debug(DEBUG_DICT,(" Short='%S' 

| ...^ShortFileName)); 
57190| Debug(DEBUG_DICT,(" Loc= 

| '%S'\n", Location)); 
57191| Debug(DEBUG_DICT,(" Dest= 

| '%S'\n",Destination)); 
57192| } 
57193| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57194| Status = GetExceptionCode(); 
57195| Debug(DEBUG_DICT,("M! Exception %08x in 

| pd::lnitializeFileNamesForVolume\n", Status)); 
57196| } 
57197| 

57198| return Status; 

57199| } 

57200| 



57201|//- 



57202| 

57203| NTSTATUS PersistentDictionary::OpenFilesForVolume ( 

| PDEVICE_OBJECT Volume ) 
57204| { 

57205| NTSTATUS Status = STATUSJJNSUCCESSFUL; 
57206| BOOLEAN New Files= FALSE; 
57207| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57208| 

57209| // dont check for this here, as this routine can be 
| called from 

5721 0| // other cases than just create snapshot (as in 

| create files) 
5721 1 1 // ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
57212| Debug(DEBUG_DICT,("pd::OpenFilesForVolume: 

| Volume=%08x, uni='%S', 

| guid='%S , \n",Volume,DevExt->Uniqueld,DevExt->VolumeGuid) 



I); 

57213| __try{ 

57214| InitializeFileNamesForVolume (Volume); 
57215| 

5721 6| Status = OpenAFile ( 

57217| DevExt->Cache.HeaderFile.FileName, 

57218| DevExt->Cache.HeaderFile.FileHandle, 

57219| DevExt->Cache.HeaderFile.FileObject, 

57220| DevExt->Cache.HeaderFile.WaitHandle, 

57221 1 DevExt->Cache.HeaderFile.WaitObject ); 
57222 | 

57223| if ( NT_SUCCESS(Status) ) { 

57224| Status = OpenAFile ( 

57225| DevExt->Cache.lndexFile.FileName, 

57226| DevExt->Cache.lndexFile.FileHandle, 

57227| DevExt->Cache.lndexFile.FileObject, 

57228| DevExt->Cache.lndexFile.WaitHandle, 

57229| DevExt->Cache.lndexFile.WaitObject ); 
57230 | 

57231 1 if ( NT_SUCCESS(Status) ) { 

57232| Status = OpenAFile ( 

57233| DevExt->Cache.CacheFile.FileName, 

57234| DevExt->Cache.CacheFile.FileHandle, 

57235| DevExt->Cache.CacheFile.FileObject, 

57236| DevExt->Cache.CacheFile.WaitHandle, 

57237| DevExt->Cache.CacheFile.WaitObject 

I); 

57238| 

57239| if ( NT_SUCCESS(Status) ) { 

57240I FILE_STANDARD_IN FORMATION 



I FSInfo={0}; 

57241 1 IO_STATUS_BLOCK loStatus; 

57242 1 

57243| Status = ZwQuerylnformationFile( 

57244| 

| DevExt->Cache.CacheFile.FileHandle, // IN HANDLE 

| FileHandle, 
57245| & loStatus, 

| // OUT PIO_STATUS_BLOCK loStatusBlock, 
57246| &FSInfo, 

| // IN PVOID Filelnformation, 
57247| 

| sizeof(FILE_STANDARD_INFORMATION), // IN ULONG 
I Length, 

57248| FileStandardlnformation ); 

| // IN FILE_INFORMATION_CLASS FilelnformationClass 
57249 1 

57250| if(NT_SUCCESS(Status)) { 

57251 1 // if snapshots exist, dont 

| look at the file 
57252 1 // sizes 

57253 1 if(!DevExt->PSMed) { 

57254| ULONG ISC,MSC; 

57255| GetCacheSizes( DevExt, ISC, 

| MSC ); 
57256| 

57257| // ISC is in megabytes 

57258| // EndOfFile is in bytes 

57259| 
57260 | 

| if((FSInfo.EndOfFile.QuadPart/1 024/1 024) == ISC) { 
57261 | 

| Debug(DEBUG_DICT,("OpenFilesForVolume: Files are okay, 
| using them\n")); 
57262 | 

| PersistentDictionary::StoreClustersOfFiles(Volume); 
57263| try_return(NOTHING); 
57264| } else { 

57265| 

| FILE_DISPOSITION_INFORMATION Del={0}; 
57266| 
57267| 

| Debug(DEBUG_DICT,("OpenFilesForVolume: File size doesnt 
| match, recreating files\n")); 
57268| 

57269| Del.DeleteFile = TRUE; 

57270 1 

57271 1 ZwSetlnformationFile( 

| DevExt->Cache.CacheFile. FileHandle ,&loStatus, &Del, 
| sizeof(Del),FileDispositionlnformation); 



57272| ZwSetlnformationFile( 

| DevExt->Cache.lndexFile.FileHandle ,&loStatus, &Del, 

| sizeof(Del),FileDispositionlnformation); 
57273| ZwSetlnformationFile( 

| DevExt->Cache.HeaderFile.FileHandle,&loStatus, &Del, 

| sizeof(Del),FileDispositionlnformation); 
57274| Status = 

| STATUS_OBJECT_NAME_NOT_FOUND; 
57275| } 
57276| } else { 

57277| 

| Debug(DEBUG_DICT,("OpenFilesForVolume: Snapshots exist, 

| using existing files\n")); 
57278| try_return(NOTHING); 
57279| } 
57280| } else { 

57281 | 

| Debug(DEBUG_DICT,("OpenFilesForVolume: Error %08x 

| getting file size\n", Status)); 
57282 1 } 
57283 1 

57284| CloseAFile ( 

57285| 

| DevExt->Cache.CacheFile. FileHandle, 
57286| 

| DevExt->Cache.CacheFile. FileObject, 
57287| 

| DevExt->Cache.CacheFile.WaitHandle, 
57288| 

| DevExt->Cache.CacheFile.WaitObject ); 
57289 1 } else { 

57290 | 

| Debug(DEBUG_DICT,("OpenFilesForVolume: Error %08x 

| opening diff file\n", Status)); 
57291 1 DevExt->Cache.CacheFile.WaitObject 

| = DevExt->Cache.CacheFile.FileObject = NULL; 
57292| DevExt->Cache.CacheFile.WaitHandle 

| = DevExt->Cache.CacheFile. FileHandle = 

| INVALID_HANDLE_VALUE; 
57293 1 } 
57294| 

57295| CloseAFile ( 

57296| DevExt->Cache. I ndexFile. FileHandle, 

57297| DevExt->Cache.lndexFile. FileObject, 

57298| DevExt->Cache.lndexFile.WaitHandle, 
57299| DevExt->Cache.lndexFile.WaitObject 

I); 

57300 | 

57301| }else{ 

57302| Debug(DEBUG_DICT,("OpenFilesForVolume: 



I Error %08x opening index file\n", Status)); 
57303| } 
57304| 

57305| CloseAFile ( 

57306| DevExt->Cache.HeaderFile.FileHandle, 
57307| DevExt->Cache.HeaderFile.FileObject, 
57308| DevExt->Cache.HeaderFile.WaitHandle, 
57309| DevExt->Cache.HeaderFile.WaitObject ); 

57310| }else{ 

5731 1 1 Debug(DEBUG_DICT,( M OpenFilesForVolume: 

| Error %08x opening volume header file\n", Status)); 
57312| } 

57313| try_exit:NOTHING; 
57314| }_except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57315| Status = GetExceptionCode(); 
57316| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::OpenFilesForVolume\n", Status)); 
57317| } 
57318| 

57319| Debug(DEBUG_DICT,("pd::OpenFilesForVolume returning 

| %08x\n M ,Status)); 

57320| return Status; 

57321| } 

57322| 

57323| // 
| 

57324| 

57325| ULONG ConvertNodesToMegs ( ULONG NumNodes ) 
57326| { 

57327| // Round up to integer number of megabytes. 

57328| const ULONG NumMegs = (NumNodes * sizeof(tTreeLeaf) 

| + 1024*1024-1)/ (1024*1024); 
57329| Debug(DEBUG_MEMORY,("ConvertNodesToMegs: given 

| NumNodes=%08x, calculated NumMegs=%08x\n", NumNodes, 

| NumMegs)); 
57330| return NumMegs; 
57331| } 
57332| 

57333| // 

| 

57334| 

57335| NTSTATUS PersistentDictionary::AllocMemoryForVolume( 

| PDEVICE_OBJECT Volume, BOOLEAN UseDefaults ) 
57336| { 

57337| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
57338| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57339| 

57340| Debug(DEBUG_DICT,("pd::AllocMemoryForVolume: 



I Volume=%08x, Use=%d\n",Volume,UseDefaults)); 
57341 | 

57342| UpdateGlobalStatus(PSM_RESOURCE_ACQUISITION); 

57343 1 __try { 

57344| ULONG ISC=0; 

57345| ULONG MSC=0; 

57346| 

57347| GetCacheSizes( DevExt, ISC, MSC ); 
57348| 

57349| // mutex for bitmap functions 
57350 1 

| ExlnitializeFastMutex(&DevExt->Cache.PSManBitMapMutex); 
57351 | 

57352| // make sure granule size isnt something odd 
57353| ASSERT((1 024*1 024) % GRANULE_SIZE==0); 
57354| ASSERT(ISC); 
57355| ASSERT(MSC); 
57356| 

57357| if(UseDefaults) { 

57358| // normally GetCacheSizes would return back 

| the actual cache file size 
57359| // as opposed to the default of 20%. 

| However, during rebuild, DevExt->PSMed 
57360 1 // is not set yet (because we are setting 

| up for it), so in that case we 
57361 1 // will query the cache file size directly. 

57362| Defaults: 

57363| // Params are in MB, convert to number of 

| granules 

57364| DevExt->Cache.PSManBitMapSize = 

| ISC*((1 024*1 024)/GRANULE_SIZE); 
57365| DevExt->Cache.PSManBitMapMaxSize = 

| MSC*((1 024*1 024)/GRANULE_SIZE); 
57366| } else { 
57367| LARGEJNTEGER L; 

57368| 

57369 1 // okay use whatever the cache file is at 

57370| ASSERT(DevExt->Cache.CacheFile. Direct); 

57371 1 Status = 

| DevExt->Cache.CacheFile.Direct->getFileSizelnBytes(L); 
57372| if(NT_SUCCESS(Status)) { 

57373| ASSERT(L.QuadPart); 

| // make sure not zero 
57374| ASSERT((L.QuadPart % (1 024*1 024)) == 

| 0); // make sure it is an integer number of 

| megabytes 

57375| ASSERT((L.QuadPart % (GRANULE SIZE)) == 

| 0); // make sure it is an integer number of granules 
57376| 

57377| DevExt->Cache. PSManBitMapMaxSize = 



I DevExt->Cache.PSManBitMapSize = (ULONG)(LQuadPart / 

| GRANULE_SIZE); 
57378| } else { 

57379| ASSERT(FALSE); 
57380| goto Defaults; 

57381 1 } 
57382 1 } 
57383 1 
57384| #if 1 

57385| // 10 November 2001 

57386| // Figure out memory allocation requirements 

| based on worst case 
57387| // granule usage on this volume. In other 

| words, assume that 
57388| // the number of tTreeLeafs needed will never 

| be more than 
57389| // the number of granules in the diff file. 
57390 1 // 

57391 1 // However, there is a twist: we also use 

| tTreeLeafs in Direct I/O 
57392| // code. Its usage should be small, unless the 

| volume is extrememly 
57393| // fragmented. But this is simply a matter of 

| how fragmented the volume 
57394| // is when PSM is installed. So we add a small 

| safety cushion of 64k of RAM. 
57395| 

57396| const ULONG NumMegsNeededForVolume = 

| ConvertNodesToMegs (DevExt->Cache.PSManBitMapSize); 

57397| Status = IncreaseNodeMemory 
| (NumMegsNeededForVolume, 0); 

57398| if ( !NT_SUCCESS(Status) ) { 

57399 | 

| Debug(DEBUG_DICT,("pd::AllocMemoryForVolume: Error %08x 
| returned from IncreaseNodePoolSizeVn", Status)); 

57400| try_return (NOTHING); 

57401| } 

57402| // 10 November 2001 code 

| change ends 
57403 1 #endif 
57404| 

57405| DevExt->Cache.CurrentCacheFileSize = 0; 
57406| DevExt->Cache.PSManBitMapBuffer = NULL; 
57407| DevExt->Cache.PSManCacheCanGrow = FALSE; 
57408| 

57409| Debug(DEBUG_DICT, 

5741 0| ("Cache file size = %d (%d)-%d (%d), 

| alloc mem=%d, threshold=%d,%d\n", 
5741 1 1 DevExt->Cache. Initialize, 

57412| DevExt->Cache.PSManBitMapSize, 



57413| DevExt->Cache.MaxSize, 

5741 4| DevExt->Cache. PSManBitMapMaxSize, 

57415| (DevExt->Cache.PSManBitMapMaxSize+1) / 

| N U M B E R_0 F_B I TS_I N_A_B YT E , 

57416| (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapSize * 

| DevExt->Cache.CacheWarningThresholdPercent) / 100), 

5741 7| (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapSize * 

| DevExt->Cache.CacheFullThresholdPercent) / 100) 

57418| )); 

57419| 

57420| // this can be Paged as only the Thread (which 

| runs at PASSIVE_LEVEL) 
57421| //will access it. 

57422| DevExt->Cache.PSManBitMapBuffer = (PRTL_BITMAP) 
| MemAllocatePoolWithTag( PagedPool, 

| sizeof(RTL_BITMAP)+(((DevExt->Cache.PSManBitMapMaxSize+3 
| 1)/32) *4), BITMAPTAG); 
57423 1 

57424| if ( DevExt->Cache.PSManBitMapBuffer != NULL ) 

|{ 
57425| 

| RtllnitializeBitMap(DevExt->Cache.PSManBitMapBuffer,(PUL 
| ONG)((char*)(DevExt->Cache.PSManBitMapBuffer)+sizeof(RTL 
| _BITMAP)),DevExt->Cache.PSManBitMapMaxSize); 
57426| 

| RtlClearAIIBits(DevExt->Cache.PSManBitMapBuffer); 
57427| DevExt->Cache.CurrentCacheFileSize = 0; 

57428| DevExt->Cache.PSManBitHint = 0; 

57429 1 

57430| try_return(Status = STATUS_SUCCESS); 

57431| }else{ 

57432| Debug(DEBUG_DICT, ("Error! Out of paged 

| memory for bitmap\n")); 
57433| 
57434| #if 1 

57435| // 1 0 November 2001 

57436| ReclaimNodeMemory (NumMegsNeededForVolume); 

| // clean up node memory that was allocated above. 
57437| #endif 
57438| 

57439| Status = STATUS_INSUFFICIENT_RESOURCES; 

57440 1 } 

57441 1 try_exit:NOTHING; 
57442 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57443 1 Status = GetExceptionCode(); 
57444| Debug(DEBUG_DICT,("Exception %08x in 

| pd::AllocMemoryForVolume\n",Status)); 



57445| } 
57446| 

57447| Debug(DEBUG_DICT,("pd::AllocMemoryForVolume 

| returning %08x\n M ,Status)); 
57448| return Status; 
57449| } 
57450| 

57451 1 // 

57452 1 

57453| NTSTATUS PersistentDictionary::FreeMemoryForVolume( 

| PDEVICE_OBJECT Volume ) 
57454| { 

57455| NTSTATUS Status=STATUS_SUCCESS; 
57456| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57457| 

57458| if ( DevExt->Cache.PSManBitMapBuffer ) { 
57459| #if 1 

57460| // 1 0 November 2001 

57461 1 const ULONG NumMegsNeededForVolume = 

| ConvertNodesToMegs (DevExt->Cache.PSManBitMapSize); 
57462| ReclaimNodeMemory (NumMegsNeededForVolume); 
57463| #endif 
57464| 

57465| MemFreePool(DevExt->Cache.PSManBitMapBuffer); 
57466| DevExt->Cache.PSManBitMapBuffer = NULL; 
57467| } 
57468| 

57469 1 return Status; 
57470 1 } 
57471 | 

57472| // 



57473 1 // reload stuff from registry 
57474| 

57475| NTSTATUS PersistentDictionary::GetStateForVolume( 

| PDEVICE_OBJECT Volume ) 
57476| { 

57477| NTSTATUS Status=STATUS_SUCCESS; 
57478| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57479| WCHAR Buffer[255]={0}; 
57480| WCHAR DefaultBuffer[255]={0}; 
57481 1 UNICODE_STRING Reg={0}; 
57482| UNICODE_STRING DefaultReg={0}; 
57483 1 

57484| Debug(DEBUG_DICT,("pd::GetStateForVolume: 

| Volume=%08x\n M , Volume)); 
57485| 



57486| PAG E D_CO D E () ; 
57487| 

57488| // get system start options 

57489| ASSERT(gRegistry Path. Length<sizeof (Buffer)); 

57490| 

57491| 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 
57492| 

57493| // NULL terminate, since counted Unicode strings 

| are not necessarily null 
57494| //terminated 

57495| Buffer[gRegistryPath. Length / 2] = 0; 

57496| wcscat(Buffer,L"\V); 

57497 1 wcscpy ( Def au It Buff er, Buff e r) ; 

57498| 

57499 1 wcscat( Buffer, DevExt-> Vo lu meGu id) ; 
57500 1 wcscat( Def au ItBuffer, L M persistent M ) ; 
57501| 

57502 1 Rtl I nitU nicodeString(& Reg, Buffer) ; 

57503| RtllnitUnicodeString(&DefaultReg,DefaultBuffer); 

57504| 

57505| // Get defaults first... 
57506| 

57507| ULONG DJnitialSize = (ULONG)-20; 
57508| ULONG D_MaxSize = (ULONG)-20; 
57509| ULONG D_CacheWarningThreshold = 80; 
5751 0| ULONG D_CacheFullThresho Id Percent = 90; 
5751 1 1 ULONG D_CacheWarninglnterval = 1 5; 
57512| ULONG D_Cache Full Action Percent = 99; 
57513| 

57514| BOOLEAN DefaultKey Exists = FALSE; 

57515| 

57516| if( 

| RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,DefaultBuffer) 

| ==STATUS_SUCCESS ) { 
5751 7| DefaultKey Exists = TRUE; 
57518| 

| Reg_GetULONGKey(&DefaultReg,L"d_lnitialSize",D_lnitialSi 
| ze,&D_lnitialSize); 
57519| 

| Reg_GetULONGKey(&DefaultReg,L"d_MaxSize",D_MaxSize,&D_Ma 
| xSize); 
57520| 

| Reg_GetULONGKey(&DefaultReg,L"d_CacheWarningThreshold",D 
| _CacheWarningThreshold,&D_CacheWarningThreshold); 
57521| 

| Reg_GetULONGKey(&DefaultReg,L M d_CacheWarninglnterval",D_ 
| CacheWarninglnterval,&D_CacheWarninglnterval); 
57522| 



I Reg_GetULONGKey(&DefaultReg,L"d_CacheFullActionPercent", 
| D_CacheFullActionPercent,&D_CacheFullActionPercent); 

57523| } 

57524| 

57525| // Now override defaults if they exist in the 

| per-volume registry key... 
57526| 
57527| if ( 

| RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,Buffer)==STATU 

| S_SUCCESS ) { 
57528| UNICODE_STRING Uni; 
57529| WCHAR Temp[255]; 
57530| 

5753 1 1 // pe r- vo I u me key ex ists ! 
57532 1 

| Reg_GetULONGKey(&Reg,L"lnitialSize M ,D_lnitialSize,&DevEx 
| t->Cache.lnitialSize); 
57533 1 

| Reg_GetULONGKey(&Reg,L"MaxSize",D_MaxSize,&DevExt->Cache 
| .MaxSize); 
57534| 

| Reg_GetULONGKey(&Reg,L M CacheWarningThreshold",D_CacheWar 
| ningThreshold,&DevExt->Cache.CacheWarningThresholdPercen 
It); 
57535| 

| Reg_GetULONGKey(&Reg,L"CacheFullThreshold M ,D_CacheFullTh 
| resholdPercent,&DevExt->Cache.CacheFullThresholdPercent) 



| Reg_GetULONGKey(&Reg,L"CacheWarninglnterval",D_CacheWarn 
| inglnterval,&DevExt->Cache.CacheWarninglnterval); 
57537| 

| Reg_GetULONGKey(&Reg,L"CacheFullAction",CACHE_ACTION_DEN 
| Y_WRITES,&DevExt->Cache.CacheFullAction); 
57538| 

| Reg_GetULONGKey(&Reg,L"CacheFullActionPercenr,D_CacheFu 
| IIActionPercent,&DevExt->Cache.CacheFullActionPercent); 
57539 1 

| Reg_GetULONGKey(&Reg,L"FileSystem",0,&DevExt->FileSystem 

I); 

57540 1 

57541 1 wcscpy(Temp,L"\\??\\Volume{"); 
57542| wcscat(Temp,DevExt->VolumeGuid); 
57543| wcscat(Temp,L"}\\"); 
57544| 

57545| Reg_GetStringKey ( 

| &gRegistryPath,L"CacheLocation",Temp,&Uni); 
57546| 

| wcscpy(DevExt->Cache.CacheFile. Location, Uni. Buffer); 
57547| Reg_FreeString(&Uni); 



57548| Reg_GetStringKey ( 

| &gRegistryPath,L"lndexLocation",Temp,&Uni); 
57549| 

| wcscpy(DevExt->Cache.lndexFile. Location, Uni. Buffer); 
57550| Reg_FreeString(&Uni); 
57551 1 Reg_GetStringKey ( 

| &gRegistryPath,L"HeaderLocation",Temp,&Uni); 
57552 1 

| wcscpy(DevExt->Cache.HeaderFile. Location, Uni. Buffer); 
57553| Reg_FreeString(&Uni); 
57554| Status = STATUS_SUCCESS; 
57555| 

57556| } else { 

57557| // key doesnt exist, lets make it and add the 

| defaults 
57558| Status = 

| RtlCreateRegistryKey(RTL_REGISTRY_ABSOLUTE,Buffer); 
57559 1 ASS E RT(Status==0) ; 
57560| if ( NT_SUCCESS(Status) ) { 
57561 1 DevExt->Cache.lnitialSize = DJnitialSize; 

57562| DevExt->Cache.MaxSize = D_MaxSize; 

57563| DevExt->Cache.CacheWarningThresholdPercent 

| = D_CacheWarningThreshold; 
57564| DevExt->Cache.CacheFullThresholdPercent = 

| D_CacheFullThresholdPercent; 
57565| DevExt->Cache.CacheWarninglnterval = 

| D_CacheWarninglnterval; 
57566| DevExt->Cache.CacheFullAction = 

| CACHE_ACTION_DENY_WRITES; 
57567| DevExt->Cache.CacheFullActionPercent= 

| D_CacheFullActionPercent; 
57568| DevExt->FileSystem = FILE_SYSTEM_UN KNOWN; 

57569 1 
57570 1 

| wcscpy(DevExt->Cache.CacheFile.Location,L"\\??\\Volume{" 

I); 

57571 | 

| wcscat(DevExt->Cache.CacheFile. Location, DevExt->VolumeGu 
Md); 
57572 1 

| wcscat(DevExt->Cache.CacheFile. Location, L"}\\"); 
57573 1 

| wcscpy(DevExt->Cache.HeaderFile. Location, DevExt->Cache.C 
| acheFile. Location); 
57574| 

| wcscpy(DevExt->Cache.lndexFile. Location, DevExt->Cache.Ca 

| cheFile. Location); 
57575| 
57576| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"lni 



I tialSize",REG_DWORD,&DevExt->Cache.lnitialSize,sizeof(DW 
I ORD)); 
57577| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Max 
| Size M ,REG_DWORD,&DevExt->Cache.MaxSize,sizeof(DWORD)); 
57578| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Cac 
| heWarningThreshold M ,REG_DWORD,&DevExt->Cache.CacheWarnin 
| gThresholdPercent,sizeof(DWORD)); 
57579| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Cac 
| heFullThreshold M ,REG_DWORD,&DevExt->Cache.CacheFullThres 
| holdPercent,sizeof(DWORD)); 
57580| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Buffer, L"Cac 
| heWarninglntervar',REG_DWORD,&DevExt->Cache.CacheWarning 
| lnterval,sizeof(DWORD)); 
57581 | 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Cac 
| heFullAction M ,REG_DWORD,&DevExt->Cache.CacheFullAction,s 
| izeof(DWORD)); 
57582 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Cac 
| heFullActionPercent",REG_DWORD,&DevExt->Cache.CacheFullA 
| ctionPercent,sizeof(DWORD)); 
57583 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Cac 
| heLocation",REG_SZ,DevExt->Cache.CacheFile. Location, NumB 
| ytes(DevExt->Cache.CacheFile.Location)+sizeof(WCHAR)); 
57584| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"lnd 
| exLocation",REG_SZ,DevExt->Cache.CacheFile. Location, NumB 
| ytes(DevExt->Cache.CacheFile.Location)+sizeof(WCHAR)); 
57585| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,Buffer,L"Hea 
| derLocation",REG_SZ,DevExt->Cache.CacheFile. Location, Num 
| Bytes(DevExt->Cache.CacheFile.Location)+sizeof(WCHAR)); 

57586| Status = STATUS_SUCCESS; 

57587| } 

57588| } 

57589 1 

57590| ULONG Bytes Returned=sizeof (Buffer); 
57591 1 // send the ioctl through us, instead of lower 
| driver 

57592 1 // so it can update the unique ids 
57593 1 

57594| Sblo_DeviceloControl( 

| Volume,IOCTL_MOUNTDEV_QUERY_UNIQUE_ID,NULL,0,(char*)Buff 

| er,sizeof(Buffer),&BytesReturned); 
57595| 



57596| return Status; 

57597| } 

57598| 

57599| // 



57601| void DeletePsmFilesOn Volume ( PFILTERED_EXTENSION 

| DevExt ) 
57602| { 

57603| // FIXFIXFIX we need to delete map from registry 

| (or does sfilter handle that now???) 
57604| _try { 

57605| Debug(DEBUG_DICT,("DeletePsmFiles: DevExt = 

| %08x\n", DevExt)); 
57606| ASSERT(DevExt->ObjectType == 

| OBJECT FILTEREDDISK); 
57607| 

57608| const WCHAR *const FileTablef] = { 
57609| U'header", 

| DevExt- >Cache.HeaderFile. FileName, 
57610| U'index", 

| DevExt- >Cache.lndexFile. FileName, 
5761 1 1 U'cache", 

| DevExt- >Cache.CacheFile. FileName, 
57612| NULL, NULL 

57613| }; 
57614| 

57615| for ( ULONG i=0; FileTable[i] != NULL; i += 2 ) 
|{ 

5761 6| const WCHAR * const Description = 

| FileTable[i]; 

5761 7| const WCHAR * const FileName = 

| FileTable[i+1]; 
57618| 

57619| ASSERT(FileName != NULL); 

57620| ASSERT(FileName[0] != L'\0'); 

57621 | 

57622| Debug(DEBUG_DICT,(" delete %S file 

| '%S'\n", Description, FileName)) ; 
57623| SbDeleteFile(FileName, 

| FILE_ATTRIBUTE_NORMAL); 
57624| } 
57625| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57626| NTSTATUS Status = GetExceptionCode(); 
57627| Debug(DEBUG_DICT,("!!!! Exception %08x in 

| DeletePsmFiles !!!!\n",Status)); 
57628| } 
57629| } 



57630| 

57631| // 

| 

| 

57632| 

57633| // Search all the snapshots on the volume to acquire 

| the next in chronological order 
57634| // (ie the one with the next lowest 

| OriginalDataSequenceNumber) to the one given. 
57635| // If a NULL pointer is given as the start point return 

| the oldest (lowest Sequence number). 
57636| 

57637| // MUST be called with snapshot resource acquired 

| !!!!!! 
57638| 

57639| pkSnapShotEntry GetNextChronologicalSnapshot ( 

| PFILTERED EXTENSION DevExt, pkSnapShotEntry StartFromSS 
I) 

57640| { 

57641 1 // we can start from 0 to get the oldest snapshot 

| still existing since 
57642| // OriginalDatasequence numbers can never be 0. 
57643| ULONG StartFromSequence = 

| StartFromSS?((pPersistentDictionary)(StartFromSS->Dictio 

| nary))->GetSequenceNumber():0; 
57644| 

57645| ULONG EarliestNextSequence = Oxffffffff; 

57646| pkSnapShotEntry q=NULL; 

57647| 

57648| pkSnapShotEntry 

| p=GetTopSnapShot(&DevExt->SnapShots); 
57649| while ( p ) { 
57650| ULONG ThisSequence = 

| ((pPersistentDictionary)(p->Dictionary))->GetSequenceNum 

I ber(); 

57651 1 if ( (ThisSequence > StartFromSequence ) && 

| (ThisSequence < EarliestNextSequence ) ) { 
57652| EarliestNextSequence = ThisSequence; 

57653| UseSnapShot(p); 
57654| if (q) { 

57655| DoneWithSnapShot(q); 
57656| } 
57657| q=p; 
57658| } 

57659| p=GetNextSnapShot(&DevExt->SnapShots,p); 
57660 1 } 
57661 | 

57662| if (StartFromSS) { 

57663| DoneWithSnapShot(StartFromSS); 

57664| } 



57665| 

57666| return q; 
57667| } 
57668| 

57669| // 

I 



57671| void PersistentDictionary::Part20fRebuildForVolume ( 

| PVOID DevObj ) 
57672| { 
57673| 

57674| NTSTATUS Status = 0; 

57675| PDEVICE_OBJECT Volume=(PDEVICE_OBJECT)DevObj; 
57676| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
57677| PDEVICE_OBJECT DO = 0; 
57678| ULONG SavedFlags = PSManPSMFIags; 
57679| 

57680| if(DevExt->PSMed) { 

57681 1 Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S'\n",Volume,DevExt->Name)); 
57682 1 } else { 

57683| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' not PSMed, 

| skipping\n", Volume, DevExt->Name)); 
57684| goto Exit; 
57685| } 
57686| 

57687| if(DevExt->lsPhysical) { 

57688| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' is physical, 

| skipping\n", Volume, DevExt->Name)); 
57689 1 goto Exit; 
57690 1 } else { 

57691 1 Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' is not 

| physical\n",Volume,DevExt->Name)); 
57692 1 } 
57693 1 

57694| DO=loGetAttachedDeviceReference(Volume); 
57695| if(DO) { 
57696| if(DO->Vpb) { 

57697| if(DO->Vpb->Flags & VPB_MOUNTED) { 

57698| 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 
| %08x '%S' is vpb mounted\n",Volume,DO,DevExt->Name)); 

57699 1 } else { 

57700 1 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 



I %08x '%S' is not vpb 

| mounted\n",Volume,DO,DevExt->Name)); 
57701| } 
57702| } else { 

57703| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 

| Volume=%08x %08x '%S' has no 

| vpb\n",Volume,DO,DevExt->Name)); 
57704| } 

57705| ObDereferenceObject(DO); 
57706| } else { 

57707| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' Unable to find attached 

| device\n",Volume,DevExt->Name)); 
57708| } 
57709| 
57710| #if 1 

5771 1 1 if(lsClusterServer()) { 

57712| LARGEJNTEGER TimeToWait; 

57713| ULONG Seconds=5*60; 

57714| // wait 5 minutes, so we can get all the disks 

| online before we map in the snapshots 
57715| 

| Reg_GetULONGKey(&gRegistryPath,L"MappingDelay M ,Seconds,& 
| Seconds); 

57716| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 
| Volume=%08x '%S' waiting %d seconds for all drives to 
| come online\n",Volume,DevExt->Name,Seconds)); 

5771 7| TimeToWait.QuadPart = 
| RELATIVE(SECONDS(Seconds)); 

5771 8| KeDelayExecutionThread( 

57719| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE WaitMode, 

57720| FALSE, // IN BOOLEAN Alertable, 

57721 1 &TimeToWait ); // IN PLARGEJNTEGER 

| Interval 

57722 1 

57723| if(!DevExt->PSMed) { 

57724| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 

| Cluster: Volume=%08x '%S' not PSMed now, 

| skippingW, Volume, DevExt->Name)); 
57725| goto Exit; 

57726| } 
57727| } 
57728| #endif 
57729 1 
57730 1 if ( 

| AcquireOpenCloseResourceOnly(NULL)!=STATUS_WAIT_0 ) { 
57731 1 goto Exit; 
57732 1 } 
57733| 



57734| if(DevExt->Dismounting) { 

57735| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 

| Volume=%08x '%S' dismount 

| called\n",Volume,DevExt->Name)); 
57736| ReleaseOpenCloseResource(); 
57737| goto Exit; 
57738| } 
57739| 

57740| // Turn off throttling so mapping in occurs faster. 

57741 1 // This is mostly for cluster to lower the windows 

57742| // of failure until we can eliminante it. 

57743| PSManPSMFIags &= ~PSM_FLAG_PAUSE_ON_IO; 

57744| 

57745| #ifdef DO_TI M I NG_TEST 
57746| /"lint -save -e740 7 
57747| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_MAPP 

| ING_IN_SNAPSHOTS,0,NULL,0,NULL,0); 
57748| /*lint -restore 7 
57749| #endif 
57750 | 

57751 1 __try { 

57752 1 STA RT_STO P WATC H ( Part2) ; 

57753| DevExt->OpenCloseAcquired = TRUE; 

57754| UpdateGlobalStatus(PSM_MAPPING_IN_SNAPSHOTS); 

57755| 

57756| 

| if(lsValidHandle(DevExt->Cache.CacheFile.FileHandle)) { 
57757| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' Part 2 already ran, 

| skipping\n", Volume, DevExt->Name)); 
57758| try_return(NOTHING); 
57759 1 } 
57760 1 

57761 1 if(GlobalData->ShutDownCalled) { 

57762| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' shutdown called, 

| skipping\n",Volume,DevExt->Name)); 
57763| try_return (NOTHING); 

57764| } 
57765| 

57766| if(!DevExt->lsMounted) { 

57767| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 

| Volume=%08x '%S' is not mounted, 

| skipping\n", Volume, DevExt->Name)); 
57768| try_return (NOTHING); 

57769 1 } else { 

57770| Debug(DEBUG_DICT,( M Part20fRebuildForVolume: 

| Volume=%08x '%S' is mounted\n M ,Volume,DevExt->Name)); 
57771 1 } 



57772| 

57773 1 ASS E RT( DevExt-> IsMou nted) ; 

57774| 

57775| { 

57776| // get the latest unique id 

57777| CHAR Buffer[256]; 

57778| ULONG Bytes Returned=sizeof( Buffer); 

57779| Sblo_DeviceloControl( 

| Volume,IOCTL_MOUNTDEV_QUERY_UNIQUE_ID,NULL,0,(char*)Buff 

| er,sizeof(Buffer),&BytesReturned); 
57780| } 
57781 | 

57782| Status = OpenFilesForVolume(Volume); 

57783| if(NT_SUCCESS(Status)) { 

57784| 

| lnsertFileObjectToSkip(DevExt->Cache.HeaderFile.FileObje 
let); 
57785| 

| lnsertFileObjectToSkip(DevExt->Cache.lndexFile.FileObjec 
It); 
57786| 

| lnsertFileObjectToSkip(DevExt->Cache.CacheFile.FileObjec 
It); 
57787| 

| Debug(DEBUG_DEVCON,("Part20fRebuildForVolume: 
| directio=%d, Setting to false\n",DevExt->DoDirectlO)); 

57788| Dev Ext-> Do D i rect 1 0= FA LS E ; 

57789 1 

57790| // Add snapshot volumes without virtual 

| writes for freespace logic 
57791 1 // Dismount snapshot volumes 

57792| // Mount snapshot volumes with virtual 

| writes 

57793| // now that all the nodes have been read 

| into memory and the snapshot images will be correct, 
| lets 

57794| // add the virtual drives to the system 

57795| 

57796| Debug(DEBUG_DICT,("Adding virtual drives to 

| system\n")); 
57797| 

57798| if ( DoFreeSpaceChecks() ) { 

57799| gVDiskDoVirtuallO = FALSE; 

57800 1 } 

57801 1 START_STOPWATCH(Part2_AddingStage1 ); 

57802| GetSnapShotForWrite(); 
57803 1 __try { 

57804| 

57805| PDEVICE_OBJECT Virtual; 

57806| PRTL_BITMAP CachingMaplnRebuild = NULL; 



57807| PRTL_BITMAP MapToBeReplaced = NULL; 

57808| pPersistentDictionary Diet = NULL; 

57809| 

5781 0| // we can start from 0 to get the 

| oldest snapshot still existing since 
5781 1 1 // OriginalDatasequence numbers can 

| never be 0. 
5781 2| pkSnapShotEntry 

| p=GetNextChronologicalSnapshot(DevExt, NULL); 
57813| while (p){ 

57814| 

57815| Dict = 

| ((pPersistentDictionary)(p->Dictionary)); 
57816| 

57817| #if 0 // don't need this code now as we're rebuilding 

| our map in private till it's finished 
57818| 

57819| // Going into map update switch 

| maps to what it expects we would have already done at 
| the moment we froze the snapshot. 

57820| Dict->Shared->MaplnTransform = 

| Dict->Shared->Map; 

57821 1 Dict->Shared->Map = NULL; 

57822| #endif 

57823 1 

57824| ST A RT_STO P WATC H ( P art2_Add D rive) ; 

57825| NTSTATUS Status = TdAddDrive ( 

| &CachingMaplnRebuild, p->DeviceObject, 

| p->MasterSnapShot, &Virtual,TRUE); 
57826| PAUSE_STOPWATCH(Part2_AddDrive); 
57827| 

57828| if ( NT_SUCCESS(Status) ) { 

57829| Debug(DEBUG_DICT,("Success 

| adding virtual drive %08x to system, seq=%08x 

| (%d)\n",Virtual, 
57830 1 

| ((pPersistentDictionary)(p->Dictionary))->GetSequenceNum 
| ber(),p->MasterSnapShot->lnstance)); 
57831| 

57832| } else { 

57833| Debug(DEBUG_DICT, ("Error %08x 

| adding virtual drive to system, seq=%08x 

| (%d)\n",Status, 
57834| 

| ((pPersistentDictionary)(p->Dictionary))->GetSequenceNum 

| ber() ,p->MasterSnapShot->l nstance)) ; 
57835| } 
57836| 

57837| ULONG SSJustAdded = 

| Dict->GetSequenceNumber(); 



57838| 

57839| p = 

| GetNextChronologicalSnapshot(DevExt, p); 
57840| 

57841 1 if ( DoFreeSpaceChecksQ ) { 

57842| START_STOPWATCH(Part2_Credit); 

57843 1 MyAcqu i re Resou rce Excl us iveLite 

| ( &Dict->Shared->TreeResource, TRUE ); 
57844| __try { 

57845| 

| CreditlnterveningGranuleslnTree (CachingMaplnRebuild, 

| &Dict->Shared->Tree ,SSJustAdded, 

| p!=NULL?((pPersistentDictionary)(p->Dictionary))->GetSeq 

| uenceNumber():0 ); 

57846| } finally { 

57847| 

| MyReleaseResourceForThreadLite ( 
| &Dict->Shared->TreeResource ); 
57848| } 

57849| PAUSE_STOPWATCH(Part2_Credit); 
57850 1 } 
57851 | 

57852| if(GlobalData->ShutDownCalled) { 

57853 1 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 

| '%S' shutdown called during add 

| drive\n'\ Volume, DevExt->Name)); 
57854| if ( p ) { 

57855| DoneWithSnapShot(p); 
57856| } 
57857| try_return (NOTHING); 

57858| } 
57859 1 

57860| if(DevExt->Dismounting) { 

57861 | 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 
| '%S' dismount called\n",Volume,DevExt->Name)); 

57862 1 if(p) { 

57863| DoneWithSnapShot(p); 

57864| } 

57865| try_return (NOTHING); 

57866| } 

57867| }// while 

57868| 

57869| // if we're here we must have completed 

| building a new map 
57870| ASSERT (!p && CachingMaplnRebuild && 

I Diet); 

57871 1 // so set it in service 

57872| MapToBeReplaced = 



I Dict->GetVolumeCachingMap( 0 ); 
57873| Dict->SetVolumeCachingMap( 0, 

| CachingMaplnRebuild ); 
57874| if (MapToBeReplaced != NULL) { 

57875| Debug(DEBUG_DICT,("Freeing obsolete 

| map at 0x%08x . . An", MapToBeReplaced )); 
57876| MemFreePool(MapToBeReplaced); 
57877| } 

57878| Debug(DEBUG_DICT,("Done adding virtual 

| drives to system\n")); 
57879| 

57880| } finally { 

57881 1 PAUSE_STOPWATCH(Part2_AddingStage1 ); 

57882| ReleaseSnapShotForWrite(); 

57883| gVDiskDoVirtuallO=TRUE; 

57884| } 

57885| 

57886| 

57887| 

57888| // okay, now that we have our bitmaps, lets 

| go through and dismount/remount all the 
57889| // volumes using virtual writes this time. 

57890| if ( DoFreeSpaceChecks() ) { 

57891| 

57892| START_STOPWATCH(Part2_AddingStage2); 
57893| GetSnapShotForRead(); 
57894| __try { 

57895| START_STOPWATCH(Part2_DismountAII); 
57896| gVDiskDoVirtuallO=FALSE; 
57897| __try { 

57898| 

| Rebuild_DismountAIIVolumes(Volume,TRUE); 

57899| } ^finally { 

57900| 

| PAUSE_STOPWATCH(Part2_DismountAII); 
57901 1 gVDiskDoVirtuallO=TRUE; 
57902| if(AbnormalTermination()) { 

57903 1 

| Rebuild_ReenableVolumeMounts(Volume); 
57904| } 
57905| } 
57906| 
57907| 

| Rebuild_ReenableVolumeMounts(Volume); 
57908| 

57909| if(GlobalData->ShutDownCalled) { 

57910| 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 
| '%S' shutdown called during remount for 
| freespace\n", Volume, DevExt->Name)); 



5791 1 1 try_return (NOTHING); 

57912| } 

57913| 

57914| if(DevExt->Dismounting) { 

57915| 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 
| '%S' dismount called\n",Volume,DevExt->Name)); 

57916| try_return (NOTHING); 

57917| } 

57918| 

5791 9| START_STOPWATCH(Part2_MountAII); 
57920| EnableWritesToNewFiles(); 
57921 1 _try { 

57922 1 

| Rebuild_MountAIIVolumes(Volume); 

57923| } ^finally { 

57924| DisableWritesToNewFiles(); 
57925| } 

57926| PAUSE_STOPWATCH(Part2_MountAII); 

57927| } ^finally { 

57928| 

| PAUSE_STOPWATCH(Part2_AddingStage2); 
57929| ReleaseSnapShotForRead(); 
57930 1 } 

57931 1 Debug(DEBUG_DICT,("Done adding real 

| virtual drives to system\n")); 
57932 1 } 
57933 1 

57934| if(GlobalData->ShutDownCalled) { 

57935| 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 

| '%S' shutdown called during recreate of 

| junctions\n",Volume,DevExt->Name)); 
57936| try_return (NOTHING); 

57937| } 
57938| 

57939| if(DevExt->Dismounting) { 

57940 1 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 
| '%S' dismount called\n",Volume,DevExt->Name)); 

57941| try_return (NOTHING); 

57942| } 

57943| 

57944| Debug(DEBUG_DICT,("Recreating junction 

| points\n")); 

57945| START_STOPWATCH(Part2_RecreateJunctions); 
57946| GetSnapShotForRead(); 
57947| _try { 

57948| // recreate junctions incase they 

| changed 



57949| // which can happen on cluster server 

57950| Rebuild_RecreateJunctionsOnVolume( 
| Volume ); 

57951 1 } finally { 

57952 1 

| PAUSE_STOPWATCH(Part2_RecreateJunctions); 
57953| ReleaseSnapShotForRead(); 
57954| } 

57955| Debug(DEBUG_DICT,("Done Recreating junction 

| points\n M )); 
57956| 

57957| if(GlobalData->ShutDownCalled) { 

57958| 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 

| '%S' shutdown called during Notify user of 

| event\n",Volume,DevExt->Name)); 
57959| try_return (NOTHING); 

57960 1 } 
57961 | 

57962| if(DevExt->Dismounting) { 

57963 | 

| Debug(DEBUG_DICT,("Part20fRebuildForVolume: Volume=%08x 

| '%S' dismount called\n",Volume,DevExt->Name)); 
57964| try_return (NOTHING); 

57965| } 
57966| 

57967| NotifyUserModeOfVolumeOnlineEvent(DevExt); 
57968| } else { 

57969| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| error %08x opening files\n", Status)); 
57970 1 } 

57971| Debug(DEBUG_DICT,("Part20fRebuildForVolume: 

| Volume=%08x '%S' leaving\n M ,Volume,DevExt->Name)); 
57972| try_exit: NOTHING; 
57973| 

57974 1 P A U S E_STO PWATC H ( Part2 ) ; 
57975| STOPWATCH_DUMPALL(); 
57976| STOPWATCH_RESETALL(); 
57977| 

57978| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
57979| Debug(DEBUG_SFILTER,("Exception %08x in 

| Part20fRebuildForVolume\n'\GetExceptionCode())); 
57980| } 
57981 | 

57982| #ifdef DO_TI M I NG_TEST 
57983| Hint -save -e740 7 
57984| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_DONE 
| _MAPPING_IN_SNAPSHOTS,0,NULL,0,NULL,0); 



57985| Hint -restore 7 

57986| #endif 

57987| 

57988| // restore the global flags 
57989| PSManPSMFIags = SavedFlags; 
57990| DevExt->OpenCloseAcquired = FALSE; 
57991 1 ReleaseOpenCloseResource(); 
57992 1 

57993| // GlobalStatus needs to be updated at bootup time. 

57994| UpdateGlobalStatus(PSMJDLE); 

57995| 

57996| Exit: 

57997| 

57998| PsTerminateSystemThread( 0 ); 

57999 1 } 

58000| 

58001| void PersistentDictionary::SetSystemReady(void) 
58002| { 

58003| Debug(DEBUG_DICT,("!! !!!!!!!!!!!!!! !!!!!!!!!!! 

| pd::SetSystem Ready: System Is Ready 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!\n")); 
58004| System Ready = TRUE; 
58005| } 
58006| 

58007| NTSTATUS Re moveVo I umes From System ( PDEVICE_OBJECT 

| Volume); 
58008| 

58009| NTSTATUS 

| PersistentDictionary::CopyClusterRegistryToLocal Registry 

| ( PDEVICE_OBJECT Volume, PUNICODE_STRING LocalReg ) 

58010| { 

5801 1 1 PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
58012| KEY VALUE FULL IN FORMATION *Handle; 
580 1 3 1 WC H AR Buf f er[256] ; 
58014| UNICODE_STRING ClusterReg; 
58015| RETRIEVAL_POINTERS_BUFFER *RP = NULL; 
58016| 

58017| ASSERT(DevExt->VolumeGuid[0]); 
58018| ASSERT(DevExt->Uniqueld[0]); 
58019| 
58020| 

| wcscpy(Buffer,L M \\Registry\\Machine\\Cluster\\Persistent 

| StorageManagerW); 
58021 1 wcscat(Buffer,DevExt->Uniqueld); 
58022 | 

58023| RtllnitUnicodeString(&ClusterReg,Buffer); 
58024| 

58025| // create local registry 
58026| GetStateForVolume(Volume); 



58027| 
58028| if ( 

| NT_SUCCESS(Reg_GetBinaryKey(&ClusterReg,L"HeaderMap",(PV 
| OID*)&RP,(PVOID*)&Handle)) ) { 
58029| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->Bu 
| ffer,L"HeaderMap",REG_BINARY,RP,Handle->DataLength); 

58030| Reg_FreeBinary(Handle); 

58031 1 } else { 

58032 1 

| Debug(DEBUG_DICT,("pd::CopyClusterRegistryToLocalRegistr 
| y: Deleting Local HeaderMap\n")); 
58033 1 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->B 

| uffer,L"HeaderMap"); 
58034| } 
58035| if ( 

| NT_SUCCESS(Reg_GetBinaryKey(&ClusterReg,L"lndexMap",(PVO 
| ID*)&RP,(PVOID*)&Handle)) ) { 
58036| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->Bu 
| ffer, L" I ndexMap", R EG_B I NARY, R P, Handle-> DataLength) ; 

58037| Reg_FreeBinary(Handle); 

58038| } else { 

58039 1 

| Debug(DEBUG_DICT,("pd::CopyClusterRegistryToLocalRegistr 
| y: Deleting Local lndexMap\n")); 
58040 1 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->B 

| uffer,L"lndexMap"); 
58041 1 } 
58042 1 if ( 

| NT_SUCCESS(Reg_GetBinaryKey(&ClusterReg,L"CacheMap",(PVO 
| ID*)&RP,(PVOID*)&Handle)) ) { 
58043 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->Bu 
|ffer,L"CacheMap",REG_BINARY,RP,Handle->DataLength); 

58044| Reg_FreeBinary(Handle); 

58045| } else { 

58046| 

| Debug(DEBUG_DICT,("pd::CopyClusterRegistryToLocalRegistr 
| y: Deleting Local CacheMap\n")); 
58047| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg->B 

| uffer,L"CacheMap"); 
58048| } 
58049 1 

58050| ULONG Value; 
58051 | 
58052 1 



I Reg_GetULONGKey(&ClusterReg,L"lnitialSize",DevExt->Cache 
| . Initialize, &Value); 
58053| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L M lnitialSize M ,REG_DWORD,&Value,sizeof(DWORD)); 

58054| 

58055| 

| Reg_GetULONGKey(&ClusterReg,L"MaxSize",DevExt->Cache.Max 
| Size,&Value); 
58056| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"MaxSize",REG_DWORD,&Value,sizeof(DWORD)); 

58057| 

58058| 

| Reg_GetULONGKey(&ClusterReg,L M CacheWarningThreshold M ,Dev 
| Ext->Cache.CacheWarningThresholdPercent,&Value); 
58059| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L M CacheWarningThreshold",REG_DWORD,&Value,sizeof(DW 
I ORD)); 

58060| 

58061 | 

| Reg_GetULONGKey(&ClusterReg,L"CacheFullThreshold M ,DevExt 
| ->Cache.CacheFullThresholdPercent,&Value); 
58062 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"CacheFullThreshold",REG_DWORD,&Value,sizeof(DWORD 

I)); 

58063 1 
58064| 

| Reg_GetULONGKey(&ClusterReg,L"CacheWarninglnterval M ,DevE 
| xt->Cache.CacheWarninglnterval,&Value); 
58065| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L M CacheWarninglnterval M ,REG_DWORD,&Value,sizeof(DWO 
I RD)); 

58066| 

58067| 

| Reg_GetULONGKey(&ClusterReg,L"CacheFullAction",DevExt->C 
| ache.CacheFullAction,&Value); 
58068| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"CacheFullAction",REG_DWORD,&Value,sizeof(DWORD)); 

58069 1 

58070 1 

| Reg_GetULONGKey(&ClusterReg,L"CacheFullActionPercent M ,De 
| vExt->Cache.CacheFullActionPercent,&Value); 
58071 | 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"CacheFullActionPercent M ,REG_DWORD,&Value,sizeof(D 



I WORD)); 
58072| 
58073| 

| Reg_GetULONGKey(&ClusterReg,L"FileSystem",DevExt->FileSy 
| stem, &Value); 
58074| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L M FileSystem M ,REG_DWORD,&Value,sizeof(DWORD)); 

58075| 

58076| #if 0 

58077| UNICODE_STRING Uni; 

58078| // dont do this as the registry entries are 

| specific to each node, not the volume 
58079| // this means that on cluster machines, the cache 

| file must be on the volume 
58080| // that has the snapshots. 
58081 1 Reg_GetStringKey ( 

| &ClusterReg,L M HeaderLocation",DevExt->Cache.HeaderFile.L 

| ocation,&Uni); 
58082 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L M HeaderLocation M ,REG_SZ,Uni.Buffer,NumBytes(Uni.Bu 
| ffer)+sizeof(WCHAR)); 

58083| Reg_FreeString(&Uni); 

58084| 

58085| Reg_GetStringKey ( 

| &ClusterReg,L"lndexLocation M ,DevExt->Cache.lndexFile.Loc 

| ation,&Uni); 
58086| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"lndexLocation M ,REG_SZ,Uni.Buffer,NumBytes(Uni.Buf 
| fer)+sizeof(WCHAR)); 

58087 1 Reg_FreeSt ri ng (& U n i) ; 

58088| 

58089 1 Reg_GetStringKey ( 

| &ClusterReg,L"CacheLocation",DevExt->Cache.CacheFile.Loc 

| ation,&Uni); 
58090 1 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE, Local Reg->Bu 
| ffer,L"CacheLocation",REG_SZ,Uni.Buffer,NumBytes(Uni.Buf 
| fer)+sizeof(WCHAR)); 

58091 1 Reg_FreeString(&Uni); 

58092| #endif 

58093 | 

58094| // refresh with new data from cluster database 

58095| GetStateForVolume(Volume); 

58096| return STATUS_SUCCESS; 

58097| } 

58098| 

58099 1 // 



I 



58100| // This function will determine if we need to load the 
| snapshots 

581 01 1 // without touching the actual volume. 
58102| 

58103| BOOLEAN PersistentDictionary::ChecklfLoadNeeded( 

| PDEVICE_OBJECT Volume ) 
58104| { 

58105| PAG E D_CO D E () ; 
58106| 

58107| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: 

| Volume=%08x\n M ,Volume)); 
58108| 

581 09 1 if(GlobalData->ShutDownCalled) { 

581 10| // dont load during shutdown 

581 1 1 1 Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: 

| Shutdown - returning FALSE\n")); 
58112| return FALSE; 
58113| } 
58114| 

58115| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
581 1 6| if (DevExt->VolumeGuid[0]==0) { 
581 1 7| II no volume guid defined 

58118| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: No 

| volume Guid - returning FALSEVn")); 
58119| return FALSE; 
58120| } 
58121| 

58122| WCHAR Buffer[255]={0}; 
58123| PVOID Handle; 

58124| RETRIEVAL_POINTERS_BUFFER *RP = NULL; 
58125| UNICODE_STRING Reg={0}; 
58126| BOOLEAN ClusterExists=FALSE; 
58127| 

581 28| // if cluster exists, check its map 

58129| 

58130| 

| wcscpy(Buffer,L M \\Registry\\Machine\\Cluster\\Persistent 

| StorageManagerW); 
58131 1 wcscat(Buffer,DevExt->Uniqueld); 
58132| 

58133| if(DevExt->Uniqueld[0]!=0) { 
58134| RtllnitUnicodeString(&Reg,Buffer); 
58135| // if cluster entry exists, use it instead, as 

| the local copy may be stale 
58136| 

| if(RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,Buffer)==ST 
| ATUS_SUCCESS) { 



58137| if( 

| !NT_SUCCESS(Reg_GetBinaryKey(&Reg,L M HeaderMap M ,(PVOID*)& 
| RP,&Handle)) ) { 
58138| 

| Debug(DEBUG_DICT,("pd::ChecklfLoadNeedecl: Cluster 
| registry has no maps - returning FALSE\n")); 



58139| //no maps 

58140| return FALSE; 

58141| } 

58142| Reg_FreeBinary(Handle); 

58143| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: 

| Cluster registry valid\n")); 

58144| ClusterExists=TRUE; 

58145| } 

58146| } 
58147| 



58148| ASSERT(gRegistryPath.Length<sizeof(Buffer)); 
58149| 

| RtlCopyMemory(Buffer,gRegistryPath.Buffer,gRegistryPath. 
I Length); 

58150| Buffer[gRegistryPath. Length / 2] = 0; 

58151 1 wcscat(Buffer,L"\V); 

58 1 52 1 wcscat( Buffer, DevExt-> Vo lu meGu id) ; 

58153| 

581 54| // check local maps 

58155| RtllnitUnicodeString(&Reg, Buffer); 

58156| 

58157| if( 

| RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE, Buffer) !=STATU 
| S_SUCCESS ) { 



58158| if(ClusterExists) { 

58159| // okay, we have cluster registry but no 

| local registry, lets create it 
58160| Debug(DEBUG_DICT,( M pd::ChecklfLoadNeeded: 



| No local registry for volume, copying cluster down to 
| local\n")); 
58161| 

| CopyClusterReg istryTo Local Reg istry ( Volu me, &Reg) ; 
58162| }else{ 

58163| Debug(DEBUG_DICT,( M pd::ChecklfLoadNeeded: 

| No local registry for volume - returning FALSE\n")); 
581 64 1 // key doesnt exist 

58165| return FALSE; 

58166| } 
58167| }else{ 
58168| if(ClusterExists) { 

58169| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: 

| Updating local with cluster database\n M )); 
581 70| // update the local based on the cluster 

58171| 



I Copy C lu ster Reg istryTo Local Reg istry ( Vo lu me, & Reg) ; 
58172| } 
58173| } 
58174| 
58175| if( 

| NT_SUCCESS(Reg_GetBinaryKey(&Reg,L"HeaderMap",(PVOID*)&R 

| P,&Handle)) ) { 
581 76| Reg_FreeBinary(Handle); 
58177| Handle = NULL; 
58178| }else{ 
58179| //no maps 

58180| Debug(DEBUG_DICT,( M pd::ChecklfLoadNeeded: 

| Local registry has no maps - returning FALSEVn")); 
58181| return FALSE; 
58182| } 
58183| 

58184| BOOLEAN LoadNeeded = TRUE; 
58185| 

58186| #if ENABLE INDEX LOAD WHEEL 

58187| // If this code block is enabled, it means that we 

| check the IndexLoadWheel on disk and in memory 
581 88| // to see if they match. If not, we assume the 

| index file is dirty and must be reloaded. 
58189| // Otherwise, the index file is assumed to be in 

| sync with in-memory snapshot data structures, 
58190| // so there is no reason to reload it. 
58191| 

58192| if ( DevExt->Cache. Header == NULL ) { 

58193| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: Need 

| to load because DevExt=%08x does not yet have a 

| header!\n M ,DevExt)); 
58194| }else{ 

581 95| // Need to compare dirty counters from on-disk 

| header and in-memory header. 
58196| 

581 97| pHeader MostRecentValidHeader=NULL, 

| SmallMostRecentValidHeader=NULL; 
58198| NTSTATUS ReadHeaderStatus = ReadHeader (Volume, 

| MostRecentValidHeader, SmallMostRecentValidHeader); 
58199| if ( NT_SUCCESS(ReadHeaderStatus) ) { 
58200| ASSERT(MostRecentValidHeader != NULL); 

58201 1 ASSERT(SmallMostRecentValidHeader != NULL); 

58202 | 

58203| if ( MostRecentValidHeader!=NULL && 

| SmallMostRecentValidHeader!=NULL ) { 
58204| 

| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: Dirty 
| counters - OnDisk=%08x 

| lnMemory=%08x\n",MostRecentValidHeader->lndexLoadWheel,D 
| evExt->Cache.Header->lndexLoadWheel)); 



58205| if ( 

| MostRecentValidHeader->lndexLoadWheel == 

| DevExt->Cache.Header->lndexLoadWheel) { 
58206| // Getting here means the index 

| file on disk matches the rbtrees already in memory. 
58207| 

| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: Index file 
| on disk has not changed since last reloadAn")); 

58208| LoadNeeded = FALSE; 

58209| } else { 

58210| 

| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: Index file 
| on disk has CHANGED! Need to do index reloadAn")); 

5821 1 | } 

58212| } 

58213| }else{ 

58214| // we will say to reload, incase snapshots 

| are on a disk that has disappeared (as on cluster) 

58215| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded: 
| Header file is unreadableAn")); 

5821 6| ASSERT(MostRecentValidHeader == NULL); 

5821 7| ASSERT(SmallMostRecentValidHeader == NULL); 

58218| } 

58219| 

58220| if ( MostRecentValidHeader != NULL ) { 
58221| FREE_POINTER (MostRecentValidHeader); 

58222| } 
58223| 

58224| if ( SmallMostRecentValidHeader != NULL ) { 
58225| FREE_POINTER (SmallMostRecentValidHeader); 

58226| } 
58227| } 

58228| #endif /*ENABLE_INDEX_LOAD_WHEEL7 
58229| 

58230| Debug(DEBUG_DICT,("pd::ChecklfLoadNeeded returning 

| %s\n",(LoadNeeded?"TRUE":"FALSE"))); 
58231 1 return LoadNeeded; 
58232 1 } 
58233| 

58234| // 

| 

| 

58235| 

58236| #if D EBUG_VALI DATE_D I FF_G RAN U LES 
58237| 

58238| bool PersistentDictionary::ValidateDiffGranule ( 
58239| tlndexSector *indexSector, 
58240| void *diffGranuleBuffer, 
58241 1 PFILTERED_EXTENSION devExt, 
58242| ULONG granuleNumber ) 



58243| { 

58244| // Read the granule from the diff file. 

58245| bool diffGranulelsValid = false; // unless 

| proven correct 
58246| 

58247| START_STOPWATCH(Rebuild_ValidateDiffGranules); 
58248| 

58249| IO_STATUS_BLOCK loStatus; 

58250| LARGEJNTEGER Location; 
58251 | 

58252| Location.QuadPart = i nt64(G RAN U LE_S IZE) * 

| int64(granuleNumber); 

58253| 

58254| NTSTATUS Status = PsmReadFromFile( 

58255| &devExt->Cache.CacheFile, 

58256| &loStatus, 

58257| diffGranuleBuffer, 

58258| GRANULE_SIZE, 

58259| &Location, 

58260| devExt->DoDirectlO, 

58261 1 &devExt->Cache.DirectAccessResource ); 

58262 1 

58263| if ( NT_SUCCESS(Status) ) { 

58264| BOOLEAN granulelsValid = ValidateChecksum ( 

58265| GRANULE_SIZE, 

58266| diffGranuleBuffer, 

58267| indexSector->l nfo . DiskNode[0] . DataChecksu m 

I); 

58268| 

58269| if ( granulelsValid ) { 
58270| diffGranulelsValid = true; 

58271| Debug(DEBUG_DICT,("pd::ValidateDiffGranule: 
| Position=%08x, DiskGranule=%08x is valid\n", 
| granuleNumber, 

| indexSector->l nfo . DiskNode[0]. DasdGranule)) ; 
58272| } else { 

58273| Debug(DEBUG_DICT,("pd::ValidateDiffGranule: 
| !!! DATA CORRUPTION !!! Position=%08x, 
| DiskGranule=%08x\n", granuleNumber, 
| indexSector->lnfo.DiskNode[0]. DasdGranule)); 

58274| Debug(DEBUG_DICT,("pd::ValidateDiffGranule: 
| Dump of granule data followsAn")); 

58275| DumpSector ( (char *)diffGranuleBuffer, 

| GRANULE_SIZE ); 

58276| } 

58277| } else { 

58278| Debug(DEBUG_DICT,("pd::ValidateDiffGranule: 

| !!! Error %08x reading from diff file! 

| DevExt=%08x\n", Status, devExt)); 
58279| } 



58280| 

58281| PAUSE_STOPWATCH(Rebuild_ValidateDiffGranules); 
58282| 

58283| return diffGranulelsValid; 

58284| } 

58285| 

58286| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 

58287| 

58288| 

58289| // 

| 



58290| // This function is called in 2 cases: 
58291 1 // 

58292| // Rebuild = TRUE : The volume has just been requested 
| to be mounted. The volume is not yet mounted so no 

58293| // requests can be sent down that 

| would cause a mount or a deadlock will occur 

58294| // 

58295| // Rebuild = FALSE: A snapshot is being created after 
| the volume has been mounted. IOW, a snapshot was just 
58296 1 // scheduled to be created 

58297| 

58298| NTSTATUS 

| PersistentDictionary::RebuildSnapShotsForVolume( 
58299| PDEVICE_OBJECT Volume, 
58300| BOOLEAN Rebuild, 
58301 1 PVOID AbortEvent ) 

58302 1 { 

58303| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
58304| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
58305| ULONG numberOfNodeslnserted = 0; 
58306| ULONG numberOfFailedlnserts = 0; 
58307| ULONG numberOf Virtual Writes = 0; 
58308| 

58309| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 
| Volume=%08x '%S\ Rebuild=%s, rc=%08x\n", 



5831 0| Volume,DevExt->Name, 

5831 1 1 (Rebuild ? "TRUE" : "FALSE"), 

583 1 2 1 DevExt->Cache . Ref erenceCou nt)) ; 
58313| 



58314| STA RT_STO P W ATC H ( Rebu i ld_Tot al ) ; 
58315| 

58316| #if D E B U G_V AL I DAT ED I F F_G RAN U L E S 
5831 7| void *diffGranuleBuffer = 

| MemAllocatePoolWithTag(PagedPool,GRANULE_SIZE,TEMPTAG); 
58318| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 

| diffGranuleBuffer=%08x\n", diffGranuleBuffer)); 
58319| ASSERT (diffGranuleBuffer != NULL); 



58320| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 
58321| 

58322| __try { 

58323| if(GlobalData->ShutDownCalled) { 
58324| 

| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 

| shutdown called during 

| rebuild\n M , Volume, DevExt->Name)); 
58325| Status = STATUS_CANCELLED; 

58326| try_return (NOTHING); 

58327| } 

58328| // if we are remounting and still have stuff 

| hanging around 
58329| // then we were not notified of the dismount 
58330| if(Rebuild && DevExt->Cache.ReferenceCount) { 
58331| 

| Debug(DEBUG_DICT,("pd:RebuildSnapShotsForVolume: Told 
| to rebuild with active snapshots, removing them\n")); 

58332| UnloadSnapShotsForVolume(Volume,TRUE); 

58333| ASSERT(DevExt->Cache.ReferenceCount==0); 

58334| } 

58335| 

58336| if(DevExt->Cache.ReferenceCount==0) { 
58337| 

| UpdateGlobalStatus(PSM_RESOURCE_ACQUISITION); 
58338| Status = GetStateForVolume(Volume); 

58339| if ( NT_SUCCESS(Status) ) { 

58340| DoOpen: 
58341| if(Rebuild) { 

58342| // We are executing BEFORE the 

| volume is mounted 
58343| // so lets do direct io until after 

| it is mounted 
58344| Status = 

| PersistentDictionary::RetrieveDirectlOMaps(Volume); 
58345| if(NT_SUCCESS(Status)) { 

58346| Debug(DEBUG_DICT,("Success 

| getting map, setting directio=true\n")); 
58347| DevExt->DoDirectlO = TRUE; 

58348| } else { 

58349| Debug(DEBUG_DICT, ("Error %08x 

| getting map, leaving 

| directio=%d\n",Status,DevExt->DoDirectlO)); 
58350| } 
58351 1 } else { 

58352| // cache file handles, bitmap, 



| etc... 



58353 1 
58354| 
58355| 



if ( QueryResetPsm() ) { 

Status = STATUSJJNSUCCESSFUL; 
} else { 



58356| Status = 

| OpenFilesForVolume(Volume); 
58357| if ( NT_SUCCESS(Status) ) { 

58358| 

| Debug(DEBUG_DEVCON,( M RebuildSnapShotsForVolume: 
| directio=%d, Setting to false\n",DevExt->DoDirectlO)); 

58359| DevExt->DoDirectlO = FALSE; 

58360| // dont care about status 

| here. 

58361 1 // we also need to have it 

| read the local registry 
58362| // as the cluster registry 

| may not have been copied yet if 
58363| //this is the first 

| snapshot on the volume 
58364| 

| PersistentDictionary::RetrieveDirectlOMaps(Volume, FALSE) 

I ; 

58365| } 
58366| } 
58367| } 
58368| 

58369| if ( NT_SUCCESS(Status) ) { 

58370| if ( (Rebuild) && (QueryNoPsm() || 

| QueryResetPsm()) ) { 
58371 1 Status = 

| STATUS_OBJECT_NAME_NOT_FOUND; 
58372 1 } 
58373 1 

58374| if ( NT_SUCCESS(Status) ) { 

58375| Status = LoadHeader(Volume); 

58376| if ( NT_SUCCESS(Status) ) { 

58377| if(IRebuild) { 

58378| 

| lnsertFileObjectToSkip(DevExt->Cache.HeaderFile.FileObje 
let); 
58379 1 

| lnsertFileObjectToSkip(DevExt->Cache.lndexFile.FileObjec 
It); 
58380| 

| lnsertFileObjectToSkip(DevExt->Cache.CacheFile.FileObjec 
It); 

58381 1 } 
58382 1 

58383 1 // this code was added to 

| solve a problem with allocating too 
58384| // much memory if the 

| volume was extended. If we have snapshots 
58385 1 // we need to allocate 

| memory based on the size of the file and 



58386| // not what the user 

| configured it for (ie 20%). 
58387| // the reason too much 

| memory is a problem is that it sets the 
58388| // PsManBitMap[Max]Size to 

| the new value, so we think our cache file 
58389| // size is larger than it 

| actually is. 
58390| if(Rebuild) { 

58391| if( 

| !lsListEmpty(&DevExt->Cache.SnapShotHead) ) { 
58392| // snapshots exist 

58393| Status = 

| AllocMemoryForVolume(Volume, FALSE); 
58394| } else { 

58395| // no snapshots 

| exist 

58396| Status = 

| AllocMemoryForVolume(Volume,TRUE); 
58397| } 
58398| } else { 

58399| // not rebuilding so no 

| snapshots exist 
58400| Status = 

| AllocMemoryForVolume(Volume,TRUE); 
58401| } 
58402| 

58403| if ( NT_SUCCESS(Status) ) { 

58404| // Shared->BitMap = 

| alloc mem 

58405| // init bitmap, etc.. 

58406 1 Ps m B itM ap Val idate 

| (DevExt->Cache.PSManBitMapBuffer); 
58407| RtlClearAIIBits ( 

| DevExt->Cache.PSManBitMapBuffer ); 
58408| 

| DevExt->Cache.CurrentCacheFileSize = 0; 
58409| 

| DevExt->Cache.PSManBitHint = 0; 
58410| 

58411| //if rebuilding and 

| there are snapshots, load them 
58412| if (Rebuild)! 

58413| if( 

| !lsListEmpty(&DevExt->Cache.SnapShotHead) ) { 
58414| pOTJJSER User = 

| FindPSMUser(GlobalSystemProcessld,(_ETHREAD*)-2); 
58415| ASSERT(User); 
58416| ULONG 

| NumSnapShotsAdded=0; 



58417| 
58418| 

| UpdateGlobalStatus(PSM_LOADING_SNAPSHOTS); 
58419| //go through 

| header adding all snapshots into memory 
58420| 

58421 1 PLIST_ENTRY 

| p=DevExt->Cache.SnapShotHead.Flink; 
58422| while ( 

| p!=&DevExt->Cache.SnapShotHead ) { 
58423 1 

| NumSnapShotsAdded++; 
58424| 

| plnternalSnapShot 

| s=CONTAINING_RECORD(p,tlnternalSnapShot,ListEntry); 
58425| // create a 

| master if not already done 
58426| 

| pkSnapShotMaster myss = GetAMasterSnapShot(User,s); 
58427| // create a 

| snapshot entry 
58428| 

| pkSnapShotEntry myse = 

| GetSnapShotForMaster(myss,Volume,s); 
58429| p=p->Flink; 
58430 1 } 
58431| 

58432| // Process the 

| index file to rebuild the rbtree: 
58433| if ( 

| NT_SUCCESS(Status) ) { 
58434| 

| tlndexSector *indexSector; // not to be confused with 
| 'GloballndexSector'. 
58435| 

| tlndexSector *lndexBlock; 
58436| ULONG 

| sectorNumber = 0; 
58437| 

| FILE_STANDARD_INFORMATION FSInfo={0}; 
58438| // 

| IO_STATUS_BLOCK loStatus; 
58439| 
58440| 

| ASSERT(sizeof(tlndexSector)==SectorSize); 
58441 | 
58442 | 

| LARGEJNTEGER L; 
58443| ULONG 

| NumEntrieslnCache = DevExt->Cache.PSManBitMapMaxSize; 



58444| signed long 

| NumSectorsLeftlnBlock = 0; 
58445| 

58446| //volume 

| already has a cache file, lets use its size 
58447| Status = 

| DevExt->Cache.CacheFile.Direct->getFileSizelnBytes(L); 
58448| 
58449| 

| if(NT_SUCCESS(Status)) { 
58450| 

| ASSERT(L.QuadPart); // make sure not zero 
58451 | 

| L.QuadPart/=(GRANULE_SIZE); // get number of granules 
58452 1 

| ASSERT(L.HighPart==0); // cant handle things this large 
58453 1 

| Debug ( D EB U G_D I CT, (" Rebu i Id : Reusing cache file size: 
| cache file is %d granules instead of %d 
| granules\n M ,L.LowPart,NumEntrieslnCache)); 
58454| 

| NumEntrieslnCache = L.LowPart; 
58455| } else { 

58456| // use 

| size retrieved from bitmap max size 
58457 1 Status 

| = STATUS_SUCCESS; 
58458| } 
58459| 

58460 1 // 

| fixfixfix we need to do sanity checks to make sure we 
| dont 

58461 1 // use 

| mismatched files 
58462 1 //1. Use 

| creation date/time to make sure files are matched 
58463| 112. Check 

| NumEntries in index and make sure it matches NumEntries 

| in cache 
58464| 

58465| #define LO_INDEXSECTORS_PER_BLOCK 128 
58466| #define HIJNDEXSECTORS_PER_BLOCK 1 024 
58467| 
58468| 

| IO_SCSI_CAPABILITIES Caps={0}; 
58469| ULONG 

| lndexSectorsPerBlock=LO_INDEXSECTORS_PER_BLOCK; 
58470 1 

58471 1 Status = 

| Sblo_GetCapabilities(DevExt->TargetDeviceObject,&Caps); 



58472| 

| if(NT_SUCCESS(Status)) { 
58473| 

| Debug(DEBUG_DICT,("Rebuild: MaxTransferSize=%d, 

| MaxPages=%d\n",Caps.MaximumTransferLength,Caps.MaximumPh 

| ysicalPages)); 

58474| 

58475| 

| if(Caps.MaximumTransferl_ength>=51 2*HI_INDEXSECTORS_PER_B 
| LOCK) { 
58476| 

| IndexSectorsPerBlock = HI_INDEXSECTORS_PER_BLOCK; 
58477| } else 

|{ 
58478| 

| IndexSectorsPerBlock = LO_INDEXSECTORS_PER_BLOCK; 
58479 1 } 
58480 1 } else { 

58481 1 

| Debug(DEBUG_DICT,("Rebuild: Error %08x retrieving 

| caps\n",Status)); 
58482| Status 

l = 0; 
58483 1 

| IndexSectorsPerBlock = LO_INDEXSECTORS_PER_BLOCK; 
58484| } 
58485| 
58486| 

| Debug(DEBUG_DICT,("Rebuild: Indexes per 
| block=%d\n",lndexSectorsPerBlock*512)); 
58487| 

58488| IndexBlock 
l = 

| (tlndexSector*)MemAllocatePoolWithTag(PagedPool,sizeof(t 

| lndexSector)*(lndexSectorsPerBlock),TEMPTAG); 
58489 1 if ( 

| IndexBlock ) { 
58490| for ( 

| sectorNumber=0; sectorNumber<NumEntrieslnCache; 

| ++sectorNumber,++indexSector ) { 
58491 1 

| IO_STATUS_BLOCK loStatus; 
58492| 

| LARGEJNTEGER Location; 
58493| 

58494| if 

| ( -NumSectorsLeftlnBlock<=0 ) { 
58495| 
58496| 

| NumSectorsLeftlnBlock = min(lndexSectorsPerBlock, 



I NumEntrieslnCache-sectorNumber); 
58497| 

| indexSector = IndexBlock; 
58498| 

| Location. QuadPart = (unsigned 

| int64)SectorSize*sectorNumber; 

58499| 
58500| 

| STA RT_STO P WATC H ( Rebu i ld_Read Fro m Fi le) ; 
58501 | 

| Status= PsmReadFromFile( 
58502 1 

| &DevExt->Cache.lndexFile, 
58503 1 

| SloStatus, 
58504| 

| IndexBlock, 
58505| 

| (SectorSize*NumSectorsLeftlnBlock), 
58506| 

| &Location, 
58507| 

| DevExt->DoDirectlO, 
58508| 

| &DevExt->Cache.DirectAccessResource ); 
58509 1 

| PAUSE_STOPWATCH(Rebuild_ReadFromFile); 
58510| 

5851 1 | } 
58512| 

58513| if 
| ( NT_SUCCESS(Status) && 

| lndexSectorlsValid(indexSector,sectorNumber,Status) ) { 
58514| 

| START_STOPWATCH(Rebuild_AllocNode); 
58515| 

| tTreeLeaf "Node = AllocNode(); 
58516| 

| PAUSE_STOPWATCH(Rebuild_AllocNode); 
58517| 

58518| #if DEBUG_VALIDATE_DIFF_GRANULES 
58519| 

| if ( diffGranuleBuffer != NULL ) { 
58520| 

| ValidateDiffGranule (indexSector, diffGranuleBuffer, 
| DevExt, sectorNumber); 
58521 | 

IJ 

58522| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 
58523 1 



I BOOLEAN FreeTheNode = TRUE; 
58524| 

| if ( Node ) { 
58525| 

| int insertResult = 0; 
58526| 

| ULARGEJNTEGER Key = {0}; 
58527| 

| pkSnapShotEntry p=NULL; 
58528| 

| pDictionary Dict=NULL; 
58529| 

| pkSnapShotMaster m=NULL; 
58530| 

| plnternalSnapShot Snapshot; 
58531 1 
58532 1 

| Key.SnapShotPart = 

| indexSector->lnfo.DiskNode[0].SnapshotNumber; 
58533 1 

| Key.GranulePart = 

| indexSector->lnfo.DiskNode[0].DasdGranule; 
58534| 
58535| 

| // get a volume object based on the info stored in the 
| index 
58536| 

| //VolObj = 

| GetVolumeObjectFromVolumeld(indexSector->lnfo.DiskNode[0 

| ].Volumeld); 
58537| 
58538| 

| // it is possible (and valid) for VolObj to be NULL. 
| this occurs when we have a snapshot for a 
58539 1 

| // volume that is not active. This can happen for 
| several reasons: 
58540 1 

| // 1 . Volume is offline when in a cluster 
58541 | 

| // 2. Volume is not yet mounted. 
58542 1 

| // We will later fix up everything when/if the volume 

| comes online 
58543 1 
58544| 

| // find an existing snapshot to insert node to 
58545| 

| START_STOPWATCH(Rebuild_FindDict); 
58546| 



I Snapshot = 

| FindSnapShotFromSequence(Volume,Key.SnapShotPart); 
58547| 

| if ( Snapshot ) { 
58548| 

| // active snapshot found 
58549| 

| // get a master snapshot entry 
58550| 

| m = GetAMasterSnapShot(User,SnapShot); 
58551 | 

| if ( m ) { 
58552 1 

| // get a snapshot entry (and dictionary) based on the 
| volume 
58553 1 

| p = GetSnapShotForMaster(m,Volume,SnapShot); 
58554| 

| Dict= p->Dictionary; 
58555| 

\) 
58556| 

| } else { 
58557| 

| // we have a node for a snapshot that has been deleted 
58558| 

| GetDictionaryForVolume(Volume,Dict); 
58559 1 

| // FIXFIXFIX what to do when a node is deleted for a 

| volume that is 
58560 1 

| // not active???? 
58561 1 

IJ 
58562 1 

| PAUSE_STOPWATCH(Rebuild_FindDict); 
58563 1 
58564| 
58565| 

| START_STOPWATCH(Rebuild_Adding); 
58566| 

I if ( Diet ) { 
58567| 

| Node->Key = Key.QuadPart; 
58568| 

| Node->Pos = indexSector->lnfo.DiskNode[0].CacheNode; 
58569 1 
58570 1 

| START_STOPWATCH(Rebuild_SettingBits); 
58571 | 



I // say the cache file entries are used 
58572| 

| PsmBitPositionValidate 

| (DevExt->Cache.PSManBitMapBuffer, Node->Pos); 
58573| 

| RtlSetBits ( DevExt->Cache.PSManBitMapBuffer, 
| Node->Pos, 1 ); 
58574| 

| Interlockedlncrement ( 

| (PLONG)&DevExt->Cache.CurrentCacheFileSize ); 
58575| 

| PAUSE_STOPWATCH(Rebuild_SettingBits); 
58576| 
58577| 

| ASSERT(((pPersistentDictionary)Dict)->Shared); 
58578| 
58579 1 

| STA RT_STO PWATC H ( Rebu i ld_Acqu i re Exclus ive) ; 
58580 1 

| MyAcquireResourceExclusiveLite ( 
| &((pPersistentDictionary)Dict)->Shared->TreeResource, 
I TRUE); 
58581 | 

| PAUSE_STOPWATCH(Rebuild_AcquireExclusive); 
58582 1 
l_try{ 

58583 1 

| STA RT_STO PWATC H ( Rebu i IdJ nsertToTree) ; 
58584| 

| if ( indexSector->lnfo.DiskNode[0]. Flags & 

| PSM_INDEX_FLAG_VIRTUAL_WRITE ) { 
58585| 

| pDictionary VirDict = 0; 
58586| 
58587| 

| GetDictionaryForVolume(Volume,VirDict,Key.SnapShotPart); 
58588| 
58589 1 

| if ( VirDict ) { 
58590 1 

| //Debug(DEBUG_DICT,("Adding key=%016l64x pos=%08xto 
| virtual\n",Node->Key,Node->Pos)); 
58591 1 

| // If combining virtual write trees, leave 
| Key.SnapShotPart as the sequence number 
58592 1 

| Debug(DEBL) G_D I CT, ("Rebu i Id : Volume %08x: Adding key 
| %016l64x, pos %08x to combined virtual 
| tree\n",Volume,Node->Key,Node->Pos)); 
58593| 



I insertResult = rbtree_lnsert( 
58594| 

| &(((pPersistentDictionary)VirDict)->Shared->VirtualWrite 

| sTree), 
58595| 

| Node); 
58596| 
58597| 

| if ( insertResult == 0 ) { 
58598| 

| FreeTheNode = FALSE; 
58599| 

| Profilef Reload: Virtual Write Nodes"); 
58600| 

1} 
58601 | 

| } else { 
58602 1 

| // no snapshot to apply this virtual write to. maybe it 
| was deleted. 
58603 1 

| Debug ( D EB U G_D I CT, ("No dictionary to add key=%016l64x 
| pos=%08x to virtual\n",Node->Key,Node->Pos)); 
58604| 

| PsmBitPositionValidate 

| (DevExt->Cache.PSManBitMapBuffer, Node->Pos); 
58605| 

| RtlClearBits ( DevExt->Cache.PSManBitMapBuffer, 
| Node->Pos, 1 ); 
58606| 

| InterlockedDecrement ( 

| (PLONG)&DevExt->Cache.CurrentCacheFileSize ); 
58607| 

| insertResult = 0; 
58608| 

I) 
58609 1 

| } else { 

58610| 

| //Debug(DEBUG_DICT,("Rebuild: Volume %08x: Adding key 
| %016l64x, pos %08x to shared 
| tree\n", Volume, Node->Key, Node->Pos)) ; 
5861 1 1 

| //Debug(DEBUG_DICT,("Adding key=%016l64x pos=%08x to 
| shared\n", Node->Key , Node->Pos)) ; 
58612| 

| insertResult = rbtree_lnsert( 
58613| 

| &((pPersistentDictionary)Dict)->Shared->Tree, 
58614| 



I Node); 
58615| 

| if ( insertResult == 0 ) { 
58616| 

| FreeTheNode = FALSE; 
58617| 

| Profiler Reload: Cached Data Nodes"); 
58618| 

1} 
58619| 

1} 
58620| 

| PAUSE_STOPWATCH(Rebuild_lnsertToTree); 
58621 | 

| } ^finally { 

58622| 

| MyReleaseResourceForThreadLite ( 
| &((pPersistentDictionary)Dict)->Shared->TreeResource ); 
58623 1 

I) 
58624| 
58625| 

| if ( insertResult != 0 ) { 
58626| 

| PsmBitPositionValidate 

| (DevExt->Cache.PSManBitMapBuffer, Node->Pos); 
58627| 

| RtlClearBits ( DevExt->Cache.PSManBitMapBuffer, 
| Node->Pos, 1 ); 
58628| 

| InterlockedDecrement ( 

| (PLONG)&DevExt->Cache.CurrentCacheFileSize ); 
58629 1 
58630 1 

| LogTreelnsertionError ( Node, insertResult ); 
58631 1 

| ++numberOfFailedlnserts; 
58632| #ifdef DEBUG 
58633 1 

| DbgBreakPoint(); 
58634| #endif 
58635| 

| //status = STATUS_FILE_CORRUPT_ERROR; 
58636| 

| } else { 
58637| 

| ++numberOfNodeslnserted; 
58638| 

| if ( indexSector->lnfo.DiskNode[0]. Flags & 
| PSM_INDEX_FLAG_VIRTUAL_WRITE ) { 



58639| 

| ++numberOfVirtualWrites; 
58640| 

1} 
58641 | 

IJ 
58642 1 

58643| 

|if( 

| Key.SnapShotPart>((pPersistentDictionary)Dict)->Shared-> 
| HighestSequence ) { 
58644| 

| ((pPersistentDictionary)Dict)->Shared->HighestSequence 
| = Key.SnapShotPart; 
58645| 

IJ 
58646| 

| } else { 
58647| 

| LogSnapshotEntryNotFound(m,Volume,sectorNumber); 
58648| 

| Status = STATUS_FILE_CORRUPT_ERROR; 
58649 1 

IJ 
58650| 

| PAUSE_STOPWATCH(Rebuild_Adding); 
58651 | 

| if(FreeTheNode) { 
58652 1 

| STA RT_STO P WATC H ( Rebu i ld_F reeNode) ; 
58653 1 

| FreeNode(Node); 
58654| 

| PAUSE_STOPWATCH(Rebuild_FreeNode); 
58655| 

I) 
58656| 

| } else { 
58657| 

| Debug(DEBL) G_D I CT, ( "!!! Cannot allocate rbtree node\n" 

I)); 

58658| 

| Status = STATUS_INSUFFICIENT_RESOURCES; 
58659 1 
I) 

58660 1 } 

| else { 
58661 1 

| if ( !NT_SUCCESS(Status) ) { 
58662| 



I if((Status==STATUS_DEVICE_OFF_LINE) || 
| (Status==STATUS_DEVICE_BUSY)) { 
58663| 

| // this can happen on cluster servers 
58664| 

| Debug(DEBU G_D I CT, (" ! ! ! Device went offline during 

| rebuild\n")); 
58665| 

| } else { 
58666| 

| // Corruption in the index file! 
58667| 

| LogCorruptlndexSector ( sectorNumber, Status ); 
58668| 

| Status = STATUS_SUCCESS; // try reading rest of index 
58669| 

1} 
58670| 

I) 

58671 | } 
58672 1 

58673 1 if 

| ( !NT_SUCCESS(Status) ) { 
58674| 

| break; // for loop 
58675| } 
58676| } // 

| for 
58677| 
58678| 

| if(NT_SUCCESS(Status)) { 
58679 1 // 

| We need to get the dictionary of any snapshot on the 

| volume so we can address the rbtree 
58680 1 // 

| we know we must get one because we know we had 

| snapshots to insert for which we had to get one already 
58681 1 

| START_STOPWATCH(Rebuild_FreeDeadNodes); 
58682 1 

| pDictionary Diet; 
58683 1 

| GetDictionaryForVolume(Volume,Dict); 
58684| 

58685| #if 

| SCAVENGESYNCHRONOUS 
58686| 

| ((pPersistentDictionary)Dict)->Shared->LastDirtyKey = 

| ((pPersistentDictionary)Dict)->Shared->HighestKeyKnownCI 

| ean; 



58687| 

| ((pPersistentDictionary)Dict)->Shared->RecycleNeeded = 

1 1; 

58688| 

| Debug(DEBUG_DICT,("pd::cleanup - Starting FreeDeadNodes 
| - HighestClean: %8x|%08x LastDirty: %8x|%08x\n" 
58689 1 

| ,((pPersistentDictionary)Dict)->Shared->HighestKeyKnownC 
| lean 
58690 1 

| ,((pPersistentDictionary)Dict)->Shared->LastDirtyKey 
58691 | 

I)); 

58692 1 

| FreeDeadNodes(); 
58693 1 

| Debug(DEBUG_DICT,("pd::cleanup - Finished FreeDeadNodes 
| - HighestClean: %8x|%08x LastDirty: %8x|%08x\n" 
58694| 

| ,((pPersistentDictionary)Dict)->Shared->HighestKeyKnownC 
| lean 
58695| 

| ,((pPersistentDictionary)Dict)->Shared->LastDirtyKey 
58696| 

I)); 

58697| #else 
58698| 

| //TODO synchronize these variable changes with scavenge 
| thread 

58699 1 //+ 

| Test for kick the dog awake is needed if we let the 
| scavenger sleep 

58700| 

| ((pPersistentDictionary)Dict)->Shared->LastDirtyKey = 
| ((pPersistentDictionary)Dict)->Shared->HighestKeyKnownCI 
| ean; 
58701 1 

| ((pPersistentDictionary)Dict)->Shared->RecycleNeeded = 

I 1; 

58702| #endif 
58703 1 

| PAUSE_STOPWATCH(Rebuild_FreeDeadNodes); 
58704| 

58705| } else 

|{ 

58706| // 

| since we are exiting, and the reference count will stay 
| atO 

58707| // 
| lets cleanup 



58708| 

| DevExt->Cache.ReferenceCount+=NumSnapShotsAdded; 
58709| 

| Remove VolumesFromSystem(Volume); 
58710| 

| ASSERT(DevExt->Cache.ReferenceCount==0); 
5871 1 1 

| DevExt->Cache.ReferenceCount=0; 
58712| } 
58713| 
58714| 

| FREE_POINTER(lndexBlock); 
58715| }else{ 
58716| 

| Debug(DEBUG_DICT,("Out of memory for index block buffer 

| for reading master snaps hots\n")); 
5871 7| Status 

| = STATUS_INSUFFICIENT_RESOURCES; 
58718| } 
58719| } else {//if 

| NT_SUCCESS(Status) 
58720| 

| Debug(DEBUG_DICT,("Error%08x creating master 

| snapshots\n",Status)); 
58721 | } 
58722 | 
58723 1 

58724| if ( 

| NT_SUCCESS(Status) ) { 
58725| 

| DevExt->Cache.ReferenceCount+=NumSnapShotsAdded; 
58726| 

I try_return(Status); 
58727| } 
58728| } else { 

58729| // no snapshots 

| during rebuild, exit out 
58730 1 Status = 

| STATUS_NOT_FOUND; 
58731 | } 
58732 1 } else { 

58733| // not in rebuild, 

| all resources have been aqcuired 
58734 1 // now exit 

58735| Status = 

| STATUS_SUCCESS; 
58736| 

| DevExt->Cache.ReferenceCount++; 
58737| 

| try_return(NOTHING); 



58738| } 
58739| 

| FreeMemoryForVolume(Volume); 
58740| } else { 

58741 | 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: Error 
| %08x allocing mem on volume %08x\n", Status, Volume)); 

58742 | } 

58743| if(IRebuild) { 

58744| 

| DeleteFileObjectToSkip(DevExt->Cache.HeaderFile.FileObje 
let); 
58745| 

| DeleteFileObjectToSkip(DevExt->Cache.lndexFile.FileObjec 
It); 
58746| 

| DeleteFileObjectToSkip(DevExt->Cache.CacheFile.FileObjec 
It); 

58747| } 

58748| FreeHeader(Volume); 

58749| } else { 

58750 1 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: Error 
| %08x loading header on volume %08x\n",Status, Volume)); 

58751 | } 

58752| if(IRebuild) { 

58753| 

| Debug(DEBUG_DEVCON,("RebuildSnapShotsForVolume: 
| directio=%d, Setting to true\n",DevExt->DoDirectlO)); 

58754| DevExt->DoDirectlO = TRUE; 

58755| 

| CloseFilesForVolume(Volume); 
58756| } 
58757| } 
58758| } else { 

58759| if ( (Status == 

| STATUS_OBJECT_NAME_NOT_FOUND) || (Status == 

| STATUS_OBJECT_PATH_NOT_FOUND) ) { 
58760| 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: Volume 

| %08x has no snapshots\n",Volume)); 
58761 1 if ( IRebuild ) { 

58762 1 // this is a new one 

58763| // Params are in MB, 

| convert to number of granules 
58764| ULONG ISC; 

58765| ULONG MSC; 

58766| 

58767| GetCacheSizes( DevExt, ISC, 

| MSC ); 



58768| 
58769| 

| DevExt->Cache.PSManBitMapSize = 
| ISC*((1 024*1 024)/GRANULE_SIZE); 
58770 1 

| DevExt->Cache.PSManBitMapMaxSize = 
| MSC*((1 024*1 024)/GRANULE_SIZE); 
58771 1 #ifdef DEBUG 

58772| if(DevExt->DoDirectlO) { 

58773| // if we are doing 

| directio, and no files exist, and we have snapshots 
58774| // something is 

| screwed. 

58775| ASSERT(!DevExt->PSMed); 
58776| 

| ASSERT(lsListEmpty(&DevExt->Cache.SnapShotHead)); 
58777| } 
58778| #endif 

58779| // no need to do directio 

| since no files exist. 
58780| DevExt->DoDirectlO = FALSE; 

58781 1 Status = 

| CreateFilesForVolume(Volume,AbortEvent); 
58782| if ( NT_SUCCESS(Status) ) { 

58783 1 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: 
| CreateFilesForVolume succeeded, jumping back to 
| DoOpen\n")); 

58784| goto DoOpen; 

58785| } else { 

58786| 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: Error 
| %08x creating files on volume %08x\n",Status,Volume)); 

58787| } 

58788| } 

58789 1 } else { 

58790 1 

| Debug(DEBUG_DICT,("RebuildSnapShotsForVolume: Error 
| %08x opening files on volume %08x\n",Status,Volume)); 

58791 1 } 

58792 1 } 

58793| } 

58794| 

| ASSERT(lsListEmpty(&DevExt->Cache.SnapShotHead)); 
58795| ASSERT(Status!=STATUS_SUCCESS); 
58796| ASSERT(DevExt->Cache.ReferenceCount==0); 
58797| } else { 
58798| // Reference count !=0 

58799| Status = STATUS_SUCCESS; 

58800| DevExt->Cache.ReferenceCount++; 



58801| } 

58802| try_exit: NOTHING; 
58803| 

58804| Debug(DEBUG_DICT,( M RebuildSnapShotsForVolume() 
| Number of nodes inserted in virtual trees = 
| %d\n", (unsigned long) numberOfVirtualWrites)); 

58805| Debug(DEBUG_DICT,( M RebuildSnapShotsForVolume() 
| has inserted %lu nodes into the rbtree with status of 
| %08x\n", (unsigned long) numberOfNodeslnserted, Status 

I)); 

58806| 

58807| Debug(DEBUG_DICT,( M RebuildSnapShotsForVolume() 
| Number of nodes insertion failures = %d\n", (unsigned 
| long) numberOfFailedlnserts)); 

58808| Debug(DEBUG_DICT,( M RebuildSnapShotsForVolume() 
| returning 0x%08x\n", (unsigned long) Status )); 

58809| 

58810| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
5881 1 1 Status = GetExceptionCode(); 
58812| Debug(DEBUG_SFILTER,("Exception %08x in 

| RebuildSnapShotsForVolume\n",Status)); 
58813| } 
58814| 

58815| if ( NT_SUCCESS(Status) ) { 
58816| if (Rebuild)! 

5881 7\ II Avoid revert check if we booted 'nopsm' 

| or Yesetpsm'... 
58818| if ( QueryNoPsm() || QueryResetPsmQ ) { 

58819| 

| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 
| skipping revert check due to nopsm/resetpsm\n")); 
58820| } else { 

58821 1 // Do not set Status to return value of 

| revert check. 
58822| // We do this on purpose, because we 

| don't want to indicate that 
58823| // the snapshot load failed. That is 

| bad! 

58824| START_STOPWATCH(Rebuild_RevertCheck); 
58825| RevertCheckAtVolumeMount(Volume); 
58826| PAUSE_STOPWATCH(Rebuild_RevertCheck); 
58827| } 
58828| } 
58829 1 

58830| // Do a SaveHeader here... this has the 

| side-effect of incrementing the dirty counter, 
58831 1 // so if a cluster failover happens, the other 

| machine can tell whether it needs to reload 
58832| //the index file. 



58833| 

58834| NTSTATUS SaveHeaderStatus = SaveHeader(Volume); 

58835| if ( NT_SUCCESS(SaveHeaderStatus) ) { 

58836| 

| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 

| Updated dirty counter in header\n")); 
58837| } else { 
58838| 

| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume: 

| Error %08x updating dirty counter in 

| header!\n", SaveHeaderStatus)); 
58839| ASSERT(FALSE); 
58840| } 
58841 1 } 
58842 1 

58843| #if D E B U G_V AL I DAT E_D I F F_G RAN U L E S 
58844| if ( diffGranuleBuffer != NULL ) { 
58845| FREE_POINTER(diffGranuleBuffer); 
58846| } 

58847| #endif /*DEBUG_VALIDATE_DIFF_GRANULES7 
58848| 

58849| PAUSE_STOPWATCH(Rebuild_Total); 
58850| UpdateGlobalStatus(PSMJDLE); 

58851| Debug(DEBUG_DICT,("pd::RebuildSnapShotsForVolume 

| returning %08x\n",Status)); 
58852 1 STO P WATCH_DU M P ALL() ; 
58853 1 STO PWATCHRES ETALL() ; 
58854| return Status; 
58855| } 
58856| 

58857| // 

| 



58859| typedef struct sZeroOut { 
58860| WCHAR *FileName; 
58861 1 LARGEJNTEGER Size; 
58862 1 } tZeroOut; 
58863 1 

58864| void ZeroOutFileThread ( void *ptr ) 
58865| { 

58866| tZeroOut *Zero=(tZeroOut*)ptr; 
58867| 

58868| ASSERT(Zero); 
58869| if ( Zero ) { 
58870 1 

| SbCreateAndFillFile(Zero->FileName,&Zero->Size,NULL,OxOO 

| ,FILLONWRITE_ALL); 
58871 1 MemFreePool(Zero); 
58872 1 } 



58873| 

58874| PsTerminateSystemThread( 0 ); 

58875| } 

58876| 

58877| // 

| 



58878| // The purpose of this procedure is to release any 
| resources 

58879| // associated with a volume. This does NOT delete 

| snapshots from 
58880| // the system. This is called when a volume goes away 

| (dismounted) 

58881 1 // it should undo everything RebuildSnapShotsForVolume 

| did. 
58882 1 

58883| NTSTATUS PersistentDictionary::TearDownCacheForVolume( 

| PDEVICE_OBJECT Volume ) 
58884| { 

58885| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
58886| Debug(DEBUG_DICT,("pd::TearDownCacheForVolume: 

| Volume=%08x\n M ,Volume)); 
58887| 

58888| if(!DevExt->lnl_oadUnload) { 

58889| // zero out index file to optimize load time 

| after reboot 
58890 1 tZeroOut *Zero = (tZeroOut 

| *)MemAllocatePoolWithTag(PagedPool,sizeof(tZeroOut),TEMP 

I TAG); 
58891| if(Zero){ 

58892| Zero->Size = RtlEnlargedUnsignedMultiply ( 

| DevExt->Cache.PSManBitMapSize, SectorSize ); 

58893| Zero->FileName = 

| DevExt->Cache.lndexFile.FileName; 

58894| 

58895| HANDLE TempHandle; 

58896| 

58897| pmStartThread( 
58898| 

| (PKSTART_ROUTINE)ZeroOutFileThread, // IN 

| P KST A RT RO UTI N E StartRoutine, 
58899| (PVOID)Zero, 

| // IN PVOID StartContext 
58900| &TempHandle // 

| OUT PHANDLE ThreadHandle, 
58901| ); 

58902| ZwClose(TempHandle); 
58903| } 
58904| } 



58905| 
58906| 

| DeleteFileObjectToSkip(DevExt->Cache.HeaderFile.FileObje 
let); 
58907| 

| DeleteFileObjectToSkip(DevExt->Cache.lndexFile.FileObjec 
It); 
58908| 

| DeleteFileObjectToSkip(DevExt->Cache.CacheFile.FileObjec 
It); 

58909| CloseFilesForVolume(Volume); 
58910| DevExt->Cache.ReferenceCount = 0; 
5891 1 1 FreeMemoryForVolume(Volume); 
589 1 2 1 F ree Heade r( Vo I u me) ; 
58913| return STATUS_SUCCESS; 
58914| } 
58915| 

58916| // 



58917| 

58918| NTSTATUS 

| PersistentDictionary::ReleaseASnapShotForVolume( 

| PDEVICE_OBJECT Volume, plnternalSnapShot Snapshot ) 

58919| { 

58920| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(Volume); 
58921| 

58922| Debug(DEBUG_DICT,("pd::ReleaseASnapShotForVolume: 
| Volume=%08x, Snapshot=%08x, src=%d, 

| crc=%d\n M ,Volume,SnapShot,SnapShot->ReferenceCount,DevEx 

| t->Cache.ReferenceCount)); 
58923| if ( --SnapShot->ReferenceCount==0 ) { 
58924| RemoveSnapShotFromList(SnapShot); 
58925| FreeSnapShot(&SnapShot); 
58926| } 
58927| 

58928| if(!DevExt->lnl_oadllnload) { 
58929| SaveHeader(Volume); 
58930| } 
58931| 

58932| if ( --DevExt->Cache.ReferenceCount==0 ) { 
58933 1 TearDownCacheForVo lu me( Vo lu me) ; 
58934| } 

58935| return STATUS_SUCCESS; 

58936| } 

58937| 

58938| #endif 

58939| 

58940| 



58941 1 /*— end of file perdict_rebuild.cpp —7 
58942 1 
58943 1 
58944| 

58945| File Listing: perdict_scavenge.cpp 
58946| 

58947| #include "precomp.h" 
58948| 

58949| // 



58950| // definitions & variables global to delete functions 
58951 | 

58952| #define SCAVENGESYNCHRONOUS 1 
58953 1 

58954| #define MAXMOUTHFUL 200 
58955| 

58956| int ScavengeDebugFlag = 0; 
58957| 

58958| // Thread Control Macros 
58959 1 #ifdef netware 
58960 1 extern void *rbtree_Semaphore; 
58961 | 

58962| #define DATA_REQUEST CPSemaphore(rbtree_Semaphore) 
58963| #define D AT A_R E L E AS E CVSemaphore(rbtree_Semaphore) 
58964| #else 

58965| #define DATA_REQU EST 

58966| #define DATA_RELEASE 

58967| #endif 

58968| 

58969 1 

58970 1 

58971 1 // 



58972| // Checks if any snapshot still exists between 2 given 

| node key values 
58973 1 BOOLEAN 

589 74| PersistentDictionary::NodelsDefunct( key Type 

| PreviousKey, key Type CurrentKey) 
58975| { 

58976| ULARGEJNTEGER my Current Key, myPreviousKey; 
58977| ULONG MyReferringLimit; 
58978| int i; 
58979 1 

58980| myCurrentKey. Quad Part = CurrentKey; 
58981 1 myPreviousKey. QuadPart = PreviousKey; 
58982 1 

58983| if ( myCurrentKey. GranulePart == 

| myPreviousKey. GranulePart ) { 
58984| MyReferringLimit=myPreviousKey.SnapShotPart; 
58985| } else { 



58986| MyReferringLimit=0; 

58987| } 

58988| 

58989| // This logic can be streamlined if a table exists 

| of the viable snapshots in sequence 
58990| // - which it may already do - need to check what 

| format Rob currently writes to disk 
58991| 

58992| PLIST ENTRY p=DevExt->Cache.SnapShotHead.Flink; 
58993| while ( p!=&DevExt->Cache.SnapShotHead ) { 
58994| plnternalSnapShot 

| s=CONTAINING_RECORD(p,tlnternalSnapShot,ListEntry); 
58995| 

58996| // Ignore the snapshot we are deleting as a 

| referrer because it's considered 
58997| // deleted even though it's still linked as 

| yet. 
58998| 

58999| // FIXFIXFIX I THINK THIS WONT WORK IF WE 
| REINSTATE SCAVENGE AT REBOOT !!!!!!!!!!!!!!!!!!!! 
| check!!!! 

59000| 

59001| if (s != Snapshot) { 
59002| 

59003| if ( 

| (s->Permanent.SequenceNumber<=myCurrentKey.SnapShotPart) 

| && (s->Permanent.SequenceNumber>MyReferringLimit) ) { 
59004| //then this referring snapshot is still 

| viable so node still required 
59005| if ( ScavengeDebugFlag ) { 

59006| Debug(DEBUG_DICT,("Scavenge: 

| %8x|%08x scope: |%x - %x Retained - referred to by %x 

|\n" 
59007| 

| myCurrentKey.GranulePart 
59008| 

| myCurrentKey.SnapShotPart 
59009| 

| MyReferringLimit+1 
59010| 

| myCurrentKey.SnapShotPart 
59011| 

| s->Permanent.SequenceNumber 



59012| )); 

59013| } 

59014| return 0; 

59015| } 

59016| } 

59017| 

59018| p=p->Flink; 



59019| } 

59020| //no viables left using it so is defunct 

59021 1 if ( ScavengeDebugFlag ) { 

59022| Debug(DEBUG_DICT,("Scavenge: %8x|%08x scope: 

| |%x - %x Deleted - no referrers\n" 
59023| , myCurrentKey.GranulePart 

59024| , myCurrentKey.SnapShotPart 

59025| , MyReferringLimit+1 

59026| , myCurrentKey.SnapShotPart 

59027| )); 

59028| } 

59029 1 return 1; 



59030 1 } 

59031|// 

| 

59032| 

59033| tTreeLeaf * 

59034| PersistentDictionary::ScanForDeadNode( keyType 

| PreviousKey, ULONG NumNodesTolnspect) 
59035| { 

59036| ULARGEJNTEGER my Previous Key, CurrentKey; 

59037| tTreeLeaf "CurrentNode; 

59038| 

59039| myPreviousKey.QuadPart = PreviousKey; 
59040| myPreviousKey.SnapShotPart++; 
59041| CurrentNode = 

| rbtree_SearchUpperBound(&Shared->Tree, 

| myPreviousKey.QuadPart); 
59042| myPreviousKey.SnapShotPart-; 
59043| 

59044| // D ATA_R EQ U EST ; //don't think I need this, maybe 

| if ever ported to Netware 
59045| while ( (NumNodesTolnspect--) && ( 

| (Shared->RecycleNeeded) || 

| (Shared->HighestKeyKnownClean<Shared->LastDirtyKey) ) ) 
|{ 

59046| if ( CurrentNode == NULL ) { 

59047| //can only be no next if we've reached end 

| of tree so loop back to start 
59048| Debug(DEBUG_DICT,("Scavenge: 

| Recycling^")); 
59049| Shared->RecycleNeeded = 0; 

59050| Shared->HighestKeyKnownClean = 

| myPreviousKey.QuadPart = 0; 
59051 1 CurrentNode = 

| rbtree_SearchUpperBound(&Shared->Tree, 

| myPreviousKey.QuadPart); 
59052| continue; 
59053 1 } 

59054| CurrentKey.QuadPart = CurrentNode->Key; 



59055| PreviousKey = myPreviousKey.QuadPart; 
59056| //added condition to not free nodes which have 

| the current highest key on the volume as they could 

| then be recached. 
59057| //This can lead to duplicate key errors 

| (c000022a) on a reboot which though benign (since the 

| original node 
59058| //wasn't ever gonna be needed again or we 

| wouldn't free it in the first place) lead to event log 

| messages and 
59059| //critical status on screens which would 

| mislead and worry the punters. 
59060| if ( (CurrentKey.SnapShotPart != 

| Shared->HighestSequence) && (NodelsDefunct( 

| PreviousKey, CurrentKey.QuadPart)) ) { 
59061 1 // DATA_RELEASE; //don't think I need this, 

| maybe if ever ported to Netware 
59062| return CurrentNode; 

59063 1 } 

59064| my PreviousKey = CurrentKey; 
59065| CurrentNode = 

| rbtree_GetNextlnOrder(&Shared->Tree, CurrentNode); 
59066| // do i need some extra synchronising mechanism 

| here to ensure we do at LEAST a full cycle 
59067| Shared->HighestKeyKnownClean = 

| myPreviousKey.QuadPart; 
59068| } 

59069| // D ATA_R EL E AS E ; //don't think I need this, maybe 

| if ever ported to Netware 
59070| return NULL; 
59071 1 } 

59072 1 // 



59074| void 

59075| PersistentDictionary::FreeDeadNodes(void) 

59076| { 

59077| 

59078| #if SCAVENGESYNCHRONOUS 
59079 1 #else 

59080| //TODO determine these conditions 
59081 1 while ( appropriate allow exit ) { 
59082| #endif 
59083 1 

59084| while ( Shared->RecycleNeeded || 

| (Shared->HighestKeyKnownClean<Shared->LastDirtyKey) ) { 
59085| keyType KeyTo Delete = 0; 

59086| tTreeLeaf *NodeToDelete =NULL; 

59087| 

59088| MyAcquireResourceSharedLite( 



I &Shared->TreeResource, TRUE ); 
59089| __try { 

59090| NodeToDelete = 

| ScanForDeadNode(Shared->HighestKeyKnownClean, 

| MAXMOUTHFUL); 
59091| 

59092| if ( NodeToDelete != NULL ) { 

59093| //Only now that I know there is a 

| node can I get the key - and I must get it before I 

| release 

59094| //the shared lock as the node may 

| have moved by the time I get the exclusive lock!!! 
59095| KeyToDelete = NodeToDelete->Key; 

59096| } 
59097| } finally { 

59098| //allow other processes to alter tree 

| structure between mouthfuls 
59099| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59100| } 
59101| 

591 02 1 if ( NodeToDelete != NULL ) { 

591 03| MyAcquireResourceExclusiveLite( 

| &Shared->TreeResource, TRUE ); 
59104| __try{ 
59105| 

| FreeNodeAndBits(rbtree_Delete(&Shared->Tree, 

| KeyToDelete)); 
591 06| //Now switch back to shared mode 

| for the next search 
59107| } ^finally { 

591 08| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59109| } 
59110| } 
59111| } 
59112| 

59113| #if SCAVENGESYNCHRONOUS 

59114| #else 

59115| } 

59116| #endif 

59117| 

59118| } 

59119| 

59120| 

59121| // 



59122| 

59123| ErrorCode 

59124| PersistentDictionary::cleanup(void) 



59125| { 

59126| NTSTATUS Status; 
59127| 

59128| Debug(DEBUG_DICT,("pd::cleanup: 

| this=%08x\n",this)); 

59129| _try{ 

59130| tTreeLeaf *Node=NULL; 
59131| 

59132| pPersistentDictionary p=ListHead; 

59133| pPersistentDictionary Prev=NULL; 
59134| 

59135| while (p){ 

59136| if ( p == this ) { 

59137| break; 

59138| } 

59139| Prev=p; 

59140| p=p->Next; 

59141| } 
59142| 

59143| ASSERT(p); 

59144| if < p ) { 

59145| if(Prev){ 

59146| Prev->Next = Next; 

59147| }else{ 

59148| ListHead = Next; 

59149| } 

59150| } 

59151| 

59152| Remove VirtualWritesFromTree (FALSE); 
59153| 

59154| ASSERT(Shared->Count>0); 
59155| 

59156| Shared->Count~; 

59157| Debug(DEBUG_DICT,("pd::cleanup: (dict=%08x) 

| Decremented Shared->Count to %08x\n", 

59158| this, 

59159| Shared->Count)); 
59160| 

591 61 1 if ( Shared->Count==0 ) { 

59162| Debug(DEBUG_DICT,("pd::cleanup - 

| Acquire\n")); 

591 63| MyAcquireResourceExclusiveLite( 

| &Shared->TreeResource, TRUE ); 

59164| Debug(DEBUG_DICT,("pd::cleanup - Freeing 

| nodes\n")); 

59165| _try{ 

591 66| Node=Shared->Tree.HeadLeaf; 

591 67| while ( Node!=Shared->Tree.TailLeaf ) { 

59168| FreeNodeAndBits( 

| rbtree_Delete(&Shared->Tree, Node->Key) ); 



591 69 1 Node = Shared->Tree.Headl_eaf ; 

59170| } 
59171| } finally { 

591 72 1 Debug(DEBUG_DICT,("pd::cleanup - init 

| tree\n M )); 
59173| // reinittree... 

591 74 1 rbtree_lnit( &Shared->Tree ); 

59175| Debug(DEBUG_DICT,("pd::cleanup - 

| Release\n")); 
59176| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59177| } 
59178| 
59179| 

59180| Debug(DEBUG_DICT,( M pd::cleanup - Delete 

| resource\n")); 
591 81 1 // remove resource 

591 82 1 ExDeleteResourcel_ite( &Shared->TreeResource 

I); 

59183| Debug(DEBUG_DICT,( M pd::cleanup - 

| Deregister\n")); 
59184| pmDeRegisterObject(&Shared->TreeResource); 
59185| Debug(DEBUG_DICT,( M pd::cleanup - Free 

| mem\n")); 
59186| if ( Shared->Map ) { 

59187| FREE_POINTER(Shared->Map); 
59188| } 

59189| FREE_POINTER(Shared); 

59190| }else{ 

59191| 

59192| if(!DevExt->lnLoadUnload) { 

59193| #if SCAVENGESYNCHRONOUS 
59194| Shared->LastDirtyKey = 

| Shared->HighestKeyKnownClean; 
591 95| Shared->RecycleNeeded = 1 ; 

59196| Debug(DEBUG_DICT,("pd::cleanup - 

| Starting FreeDeadNodes - HighestClean: %8x|%08x 

| LastDirty: %8x|%08x\n" 
59197| 

| ,Shared->HighestKeyKnownClean 



59198| ,Shared->LastDirtyKey 

59199| )); 

59200| FreeDeadNodes(); 

59201 1 Debug(DEBUG_DICT,("pd::cleanup - 



| Finished FreeDeadNodes - HighestClean: %8x|%08x 
| LastDirty: %8x|%08x\n" 
59202 | 

| ,Shared->HighestKeyKnownClean 
59203 1 ,Shared->Last Dirty Key 

59204| )); 



59205| #else 

59206| //TODO synchronize these variable 

| changes with scavenge thread 
59207| //+ Test for kick the dog awake is 

| needed if we let the scavenger sleep 
59208| Shared->LastDirtyKey = 

| Shared->HighestKeyKnownClean; 
59209| Shared->RecycleNeeded = 1 ; 

59210| #endif 
59211| }//!in mount 

59212| } 
59213| 

59214| if ( (Snapshot) && 

| (SnapShot->Permanent.SequenceNumber!=0) ) { 
59215| ReleaseASnapShotForVolume(Volume,SnapShot); 
59216| } 
59217| 
59218| I* 

59219| if ( (GhostBusterTime == FALSE) && 

| (!DevExt->lnLoadUnload)) { 
59220| Status = SaveHeader(Volume); 

59221 1 if ( !NT_SUCCESS(Status) ) { 

59222| Debug(DEBUG_DICT, ("Error %08x saving 

| header\n", Status)); 
59223| // dont exit, as we cant do anything 

| about it anyway so lets cleanup 
59224| // as much as we can 

59225| } 
59226| } 
59227| 7 
59228| 
59229 1 

59230| Status = STATUS_SUCCESS; 
59231 1 } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
59232| Status = GetExceptionCode(); 
59233| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::cleanup\n", Status)); 
59234| } 
59235| 

59236| return Status; 

59237| } 

59238| 

59239| /*— end of file perdict_scavenge.cpp —7 
59240 1 
59241 1 
59242 1 

59243| File Listing: perdict_search.cpp 
59244| 

59245| #include "precomp.h" 



59246| 

59247| // note: define DO_ALL_IO in precomp.h do get all io 

| related functions 
59248| // otherwise only io in this file will get printed 
59249| 

59250| // 



59251 | 

59252 1 ErrorCode 

59253| PersistentDictionary::searchAndDeleteSingle( 
59254| 

| PFILTERED_EXTENSION DevExt, 
59255| 

| ULARGEJNTEGER Sector ) 
59256| { 

59257| sTreeLeaf *Node; 

59258| NTSTATUS Status=STATUS_NOT_FOUND; 
59259 1 

59260| Profile("pd::searchAndDeleteSingle"); 

59261| Debug(DEBUG_DICT,("pd::searchAndDeleteSingle\n")); 

59262| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
59263| _try { 
59264| 

59265| MyAcquireResourceExclusiveLite ( 

| &Shared->TreeResource, TRUE ); 
59266| __try { 

59267| ULARGEJNTEGER TreeKey; 

59268| unsigned int64 Granule = Sector.QuadPart 

| / SECTORS_PER_GRANULE; 
59269| ASSERT ( (Granule » 32) == 0 ); 

59270| TreeKey.GranulePart = (ULONG) Granule; 

59271 1 TreeKey. Snapshot Part = GetSequenceNumber(); 

59272 1 if ( (Node = 

| rbtree_Delete(&Shared->Tree,TreeKey.QuadPart))!=NULL ) 

|{ 

59273| FreeNodeAndBits(Node); 
59274| Status = STATUS_SUCCESS; 

59275| } 
59276| } ^finally { 

59277| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59278| } 
59279 1 } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
59280| Status = GetExceptionCode(); 
59281 1 Debug(DEBUG_DICT,("Exception %08x in 

| pd::searchAndDeleteSingle\n M ,Status)); 
59282 1 } 
59283| 



59284| return Status; 

59285| } 

59286| 

59287| // 



59288| 
59289| 

59290| bool EnableSearchMultipleDebug = false; 
59291 | 

59292| ErrorCode 

59293| PersistentDictionary::searchMultiple ( 
59294| 

| PFILTERED_EXTENSION DevExt, 
59295| ULARGEJNTEGER 
| Starting, 

59296| ULONG 
| Count, 

59297| ULONG 

| SCountDid, 
59298| PRTL_BITMAP 

| BitMap, 

59299| ULARGEJNTEGER 

| DataSize, 
59300| PVOID 

| VirtualDataPointer, 
59301 1 ULONG 

I Flags ) 
59302 1 { 

59303| NTSTATUS Status=STATUS_SUCCESS; 

59304| BOOLEAN Read=FALSE; 

59305| ULONG FirstlnMem=0; 

59306| Profile("pd::searchMultiple"); 

59307| 

59308| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcessQ); 
59309| if ( Count==0 ) { 

5931 0| Debug(DEBUG_DICT,("pd::searchMultiple: 

| Count==0\n")); 
5931 1 1 return STATUS_SUCCESS; 
59312| } 
59313| 

59314| _try{ 
59315| 

5931 6| // VirtualDataPointer contains the data as read 
| from the 

59317| // head drive., it is not in GRANULE_SIZE 

| offsets or counts 
59318| 

59319| CountDid = 0; 
59320| if ( BitMap ) { 



59321 1 PsmBitMapValidate (BitMap); 

59322| RtlClearAIIBits(BitMap); 
59323 1 } 
59324| 

59325| char *NextReadPoint = (char 

| *)VirtualDataPointer; 
59326| ULONG Sectors Remaining = Count; 
59327| ULARGEJNTEGER CurrentSector = Starting; 
59328| ULONG CurrentGranule = 

| (ULONG)(Starting.QuadPart / SECTORS_PER_GRANULE); 
59329| ULONG StartOffset Into Granule = 

| (ULONG)(Starting.QuadPart % SECTORS_PER_GRANULE); 
59330| tTreeLeaf *Node = 0; 
59331 1 ULARGEJNTEGER Key = {0}; 
59332 | 

59333| while ( SectorsRemaining>0 && 

| NT_SUCCESS(Status) ) { 
59334| // First figure out which sectors we need 

| to process within this granule. 
59335| // We need to know which sector to start at 

| (StartOffsetlntoGranule) 
59336| // and how many sectors to read 

| (SectorsToRead). 
59337| 

59338| ULONG SectorsToRead= 0; // Sectors to 

| read in this granule, starting at given offset 
59339| if ( SectorsRemaining + 

| StartOffsetlntoGranule > SECTORS_PER_GRANULE ) { 
59340| SectorsToRead = SECTORS_PER_GRANULE - 

| StartOffsetlntoGranule; 
59341 1 } else { 

59342| SectorsToRead = SectorsRemaining; 

59343 1 } 

59344| 

59345| #if 0 

59346| if ( 

| !NeedsCaching(CurrentSector,SectorsToRead) ) { 
59347| #endif 
59348| 

59349 1 // Now that we know what we are 

| supposed to read for this granule, 
59350| // we need to determine WHERE to get 

| the granule from: cache or dasd. 
59351 | 

59352| Key.SnapShotPart = GetSequenceNumberQ; 

59353| Key.GranulePart = CurrentGranule; 

59354| 

59355| MyAcquireResourceSharedLite ( 

| &Shared->TreeResource, TRUE ); 
59356| if ( Flags & DICT_FLAG_VIRTUAL_IO ) { 



59357| // check to see if it has a virtual 

| write 

59358| Node = rbtree_Search ( 

| &(Shared->VirtualWritesTree), Key.QuadPart ); 
59359| if ( Node ) { 

59360| #if DO_ALL_IO 

59361 1 if ( EnableSearchMultipleDebug 

l){ 
59362| 

| Debug(DEBUG_DICT,("pd::searchMultiple: rbtree_Search[1] 

| found node in virtual tree: Key=%016l64x, 

| Pos=%08x\n", Node->Key , Node->Pos)) ; 
59363 1 } 
59364| #endif 
59365| } else { 

59366| // no virtual write, see if its 

| in the cache 

59367| Node = rbtree_SearchUpperBound( 

| &Shared->Tree, Key.QuadPart); 
59368| #if DO_ALL_IO 
59369| if ( Node && 

| EnableSearchMultipleDebug ) { 
59370 1 

| Debug(DEBUG_DICT,("pd::searchMultiple: 

| rbtree_SearchUpperBound[2] found node in shared tree: 

| Key=%016l64x, Pos=%08x\n M ,Node->Key,Node->Pos)); 

59371 1 } 

59372| #endif 

59373 1 } 

59374| } else { 

59375| Node = rbtree_SearchUpperBound( 

| &Shared->Tree, Key.QuadPart); 
59376| #if DO_ALL_IO 
59377| if ( Node && 

| EnableSearchMultipleDebug ) { 
59378| 

| Debug(DEBUG_DICT,("pd::searchMultiple: 

| rbtree_SearchUpperBound[3] found node in shared tree: 

| Key=%016l64x, Pos=%08x\n",Node->Key,Node->Parent)); 

59379 1 } 

59380 1 #endif 

59381 1 } 

59382 1 

59383 1 if ( Node ) { 

59384| IO_STATUS_BLOCK loStatus; 

59385| ULARGEJNTEGER FoundKey; 

59386| 

59387| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59388| 



59389| Found Key. Quad Part = Node->Key; 

59390| 

59391 1 #ifdef DEBUG 

59392| if ( !(Flags & 

| DICT_FLAG_VIRTUAL_IO) ) { 
59393| ASSERT ( FoundKey.QuadPart >= 

| Key.QuadPart ); 
59394| } 
59395| #endif 
59396| 

59397| // Need to determine whether this 

| is really the same granule. 
59398| if ( Key.GranulePart == 

| FoundKey.GranulePart ) { 
59399| // Found this node in the 

| dictionary, so read from cache 
59400 1 #if DO_ALL_IO 

59401 1 if ( EnableSearchMultipleDebug 

l){ 
59402 1 

| Debug(DEBUG_DICT,("pd::searchMultiple: %08l64x in cache 

| at pos %08x\n M ,Key,Node->Pos)); 
59403 1 } 
59404| #endif 

59405| if ( BitMap ) { 

59406| ULONG NumSectors = (ULONG) 

| (CurrentSector.QuadPart - Starting. QuadPart); 

59407| PsmBitRangeValidate 
| (BitMap, NumSectors, SectorsToRead); 

59408| RtlSetBits( BitMap, 

| NumSectors, SectorsToRead ); 

59409 1 } 

59410| CountDid+=SectorsToRead; 
5941 1 | 

59412| if ( VirtualDataPointer ) { 

59413| LARGEJNTEGER Location; 

59414| Location. QuadPart = 

| ((unsigned _int64)Node->Pos*SECTORS_PER_GRANULE + 
| StartOffsetlntoGranule) * (unsigned int64)SectorSize; 

59415| 

59416| 

| ASSERT(Node->Pos!=INVALID_POSITION_VALUE); 
59417| 

| ASSERT(Node->Pos<=DevExt->Cache.PSManBitMapSize); 
59418| 

59419| Status = PsmReadFromFile( 

59420| 

| &DevExt->Cache.CacheFile, 
59421 1 &loStatus, 
59422| NextReadPoint, 



59423| SectorsToRead * 

| SectorSize, 
59424| &Location, 
59425| DevExt->DoDirectlO, 
59426| 

| &DevExt->Cache.DirectAccessResource ); 
59427| 

59428| #ifdef DEBUG_REVERT 

59429| Debug(DEBUG_DICT,( 

59430| 

| "pd::searchMultiple: PsmReadFromFile returned 0x%08x; 

| CacheHandle=%p, ReadPoint=%p, Location=0x%l64x\n", 
59431 1 Status, 
59432 1 

| DevExt->Cache.CacheFile. FileHandle, 
59433 1 

| NextReadPoint, 
59434| 

| Location. QuadPart)); 
59435| #endif /* DEBUG_REVERT 7 
59436| } 
59437| } else { 

59438| // not in tree.. 

59439 1 } 
59440 1 } else { 

59441| // not in tree.. 

59442| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 
59443| #if DO_ALL_IO 

59444| if ( EnableSearchMultipleDebug ) { 

59445| 

| Debug(DEBUG_DICT,("pd::searchMultiple: rbtree node not 
| found for search key = %016l64x\n",Key.QuadPart)); 

59446| } 

59447| #endif 

59448| } 

59449 1 #if 0 

59450 1 } else { // free space 

59451| Debug(DEBUG_DICT,("pd::searchMultiple: 

| %08l64x is free space\n",Key)); 
59452| if ( BitMap ) { 

59453| ULONG NumSectors = (ULONG) 

| (CurrentSector.QuadPart - Starting.QuadPart); 

59454| PsmBitRangeValidate (BitMap, 

| NumSectors, SectorsToRead); 

59455| RtlSetBits( BitMap, NumSectors, 

| SectorsToRead ); 

59456| } 

59457| CountDid+=SectorsToRead; 
59458| } 



59459| #endif 

59460| CurrentSector.QuadPart = ++CurrentGranule * 

| (unsigned int64)SECTORS_PER_G RANULE; 

59461 1 StartOffsetlntoGranule = 0; // for all 

| subsequent granules (if any) start at 0 
59462| SectorsRemaining -= SectorsToRead; 

59463| NextReadPoint += SectorSize * 

| SectorsToRead; 
59464| } 
59465 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
59466| Status = GetExceptionCode(); 
59467| Debug(DEBUG_DICT, ("Exception %08x in 

| pd::searchMultiple\n", Status)); 
59468| } 
59469 1 

59470| if ( (SStatus) && (!CountDid) ) { 

59471 1 // if we didn't do anything, say so.. 

59472| Status = STATUS_NOT_FOUND; 

59473 1 } else { 

59474| #jf DO_ALL_IO 

59475| if ( EnableSearchMultipleDebug ) { 

59476| Debug(DEBUG_DICT,("pd::searchMultiple 

| %08x %08l64x %08x %08x %08x %08l64x %08x, %08x\n" 
59477| DevExt->DeviceObject, 
59478| Starting, 
59479 1 Count, 
59480| CountDid, 
59481 1 BitMap, 
59482 1 DataSize, 
59483| VirtualDataPointer, 
59484| Flags)); 
59485| } 

59486| #endif /*D0_ALL_I07 

59487| } 

59488| 

59489 1 return Status; 

59490 1 } 

59491| 

59492| // 

| 

59493| ErrorCode 

59494| PersistentDictionary::searchAndlnsertMultiple( 
59495| 

| PFILTERED EXTENSION DevExt, 
59496| 

| ULARGEJNTEGER Starting, 
59497| ULONG 
| Count, 

59498| ULONG 



I &CountDid, 
59499| 

| PRTL_BITMAP BitMap, 
59500| 

| ULARGEJNTEGER DataSize, 
59501| PCVOID 

| DataPointer, 
59502| 

| pDictSiblinglnfo Siblinglnfo, 
59503| ULONG 

I Flags ) 
59504| { 

59505| pPerSiblinglnfo Info = 
| (pPerSiblinglnfo)Siblinglnfo; 
59506| ULONG Bit=0; 
59507| NTSTATUS Status=0; 
59508| Prof ile("pd : :searchAnd InsertMu Itiple") ; 
59509| 

5951 0| ASSERT(GlobalSystemProcessld == 

| PsGetCurrentProcess()); 
5951 1 1 

59512| #ifdef DEBUG 

59513| // maybe we don't need DevExt parameter? Here's an 

| experiment to find out... 
59514| if ( DevExt != this->DevExt ) { 
59515| static bool alreadyAsserted = false; // 

| don't assert over and over again, in case we do find 

| mismatching DevExt 
59516| if ( lalreadyAsserted ) { 
5951 7| alreadyAsserted = true; 

59518| ASSERT(DevExt == this->DevExt); 

59519| } 
59520| } 

59521| #endif TDEBUG7 
59522| 

59523| if ( Count==0 ) { 

59524| #if DO_ALL_S E ARC H 

59525| 

| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple Count==0 
I \n")); 

59526| #endif /*DO_ALL_SEARCH7 
59527| 

59528| return STATUS_SUCCESS; 

59529| } 

59530| 

59531 1 // on entry DataPointer is original data from disk 
59532| // we need to save it to our cache file 
59533 1 

59534| // for simplicity's sake we are only going to allow 
| Starting to be a multiple 



59535| // of GRANULE_SIZE as the higher level code has 

| already read the data 
59536| // from disk using the granule offset 
59537| 

59538| ASSERT((Starting.QuadPart % 

| SECTORS_PER_GRANULE)==0); 
59539| 

59540| __try { 

59541 1 const CHAR *NextWritePosition = (const 

| char*)DataPointer; 
59542| ULONG DataChecksum = 0; 
59543| ULONG SnapshotNumber = 0; 
59544| ULONG CurrentGranule = 

| (ULONG)(Starting.QuadPart / SECTORS_PER_GRANULE); 
59545| ULONG SectorOffset Into Granule = 

| (ULONG)(Starting.QuadPart % SECTORS_PER_GRANULE); 
59546| ULONG SectorsRemaining = Count; 
59547| tTreeLeaf *Node = 0; 
59548| ULARGEJNTEGER Key={0}; 
59549| ULARGEJNTEGER WorkingKey; 
59550 1 

59551 1 // If we are inserting into the shared virtual 
| write tree, 

59552| // we need to make the snapshot part of the 

| node's key be 
59553| // specifically for this snapshot, not the 

| highest sequence number 
59554| // as we do for the normal shared tree. 
59555| ULONG VirtualWriteSequence = 

| GetSequenceNumber(); 
59556| 

59557| ASSERT(DataSize.QuadPart>=Count*SectorSize); 
59558| ASSERT(DataPointer!=NULL); 
59559 1 

59560| if ( lnfo->AlreadyHandled ) { 

59561 1 // we have 1 dictionary per volume, 

59562| // the higher level code is going through 

59563| // all the snaps in the system, tell it to 

59564| // quit scanning.. 

59565| 

| //Debug(DEBUG_DICT,( M pd::searchAndlnsertMultiple 

| AlreadyHandled \n")); 
59566| try_return (Status = STAT U S_E N D_0 F_F I L E) ; 

59567| } 
59568| 

59569| #if DO_ALL_IO 

59570| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple 
| %08x %08l64x %08x %08x %08x %08l64x %08x %08x 
| %08x\n",DevExt->DeviceObject,Starting,Count,CountDid,Bit 
| Map,DataSize,DataPointer,Siblinglnfo, Flags)); 



59571 1 #endif 
59572 1 

59573| CountDid=0; 
59574| 

59575| if ( BitMap ) { 

59576| PsmBitMapValidate (BitMap); 

59577| RtlClearAIIBits(BitMap); 

59578| } 

59579 1 

59580| // Need to check for copy-on-write only if 

| snapshots exist. 
59581 1 // Getting here means at least one snapshot 

| does exist. 
59582 1 
59583 1 

59584| Key.QuadPart = 0; 
59585| // attach to latest snapshot for this volume 
| only 

59586| SnapshotNumber = Key.SnapShotPart = 

| Shared->HighestSequence; //Header->HighestSnapNumber; 
| //FindHighestSnapNumber(); 

59587| 

59588| ASSERT(Key.SnapShotPart>0); 
59589 1 

59590| // For each granule that this write will touch, 

| perform copy-on-write 
59591 1 // if it hasn't already been done. 
59592 1 

59593| while ( SectorsRemaining>0 && 

| NT_SUCCESS(Status) ) { 
59594| ULONG SectorsToSkip = 0; 

59595| if ( SectorsRemaining + 

| SectorOffsetlntoGranule > SECTORS_PER_GRANULE ) { 
59596| SectorsToSkip = SECTORS_PER_GRANULE - 

| SectorOffsetlntoGranule; 
59597| } else { 

59598| SectorsToSkip = SectorsRemaining; 

59599| } 



59600 1 
59601 | 
59602 1 
59603 1 
59604| 
59605| 
59606| 
59607| 
59608| 
59609 1 
59610| 
5961 1 1 



// not in any snapshots, so lets add it 
Node = AllocNode(); 
if ( Node ) { 



Key.GranulePart 



Node->Pos = INVALID_POSITION_VALUE; 



ULONG Added=0; 
IO_STATUS_BLOCK loStatus; 
LARGEJNTEGER Location; 
ULONG DontFree=0; 



CurrentGranule; 



59612| MyAcquireResourceExclusiveLite ( 

| &Shared->TreeResource, TRUE ); 
59613| if ( Flags & DICT_FLAG_VIRTUAL_IO ) { 

59614| ULARGEJNTEGER VKey=Key; 

5961 5| VKey.SnapShotPart = 

| VirtualWriteSequence; 
5961 6| Node->Key = VKey.QuadPart; 

59617| Added = 

| rbtree_lnsert(&(Shared->VirtualWritesTree),Node)==0; 
59618| #if DO_ALL_SEARCH 

59619| 

| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple - 

| VirtualWrite: key=%016l64x insert: 

| added=%x\n'\VKey.QuadPart,Added)); 
59620| #endif /*DO_ALL_SEARCH7 

59621| if ( !Added){ 

59622| // ok, must already be in the 

| tree, lets update 
59623| // the data in the cache file 

| with the now new 
59624| // data 

59625| FreeNode(Node); 
59626| 

| Node=rbtree_Search(&(Shared->VirtualWritesTree),VKey.Qua 
| dPart); 

59627| if ( Node ) { 

59628| 

| ASSERT(Node->Pos!=INVALID_POSITION_VALUE); 
59629| Added = TRUE; 

59630| DontFree = TRUE; 

59631| }else{ 
59632| // shouldnt happen 

59633 1 ASS ERT( FALS E) ; 

59634| } 
59635| } 
59636| } else { 

59637| Node->Key = Key. Quad Part; 

59638| Added = 

| rbtree_lnsert(&Shared->Tree,Node)==0; 
59639| } 
59640| 

59641 1 WorkingKey.QuadPart = Node->Key; 

59642 1 

59643 1 if ( Added ) { 

59644| if ( Flags & DICT_FLAG_VIRTUAL_IO ) 

|{ 

59645| if ( 

| Node->Pos==INVALID_POSITION_VALUE ) { 
59646| Node->Pos = 

| GetNextCacheLocation(l); 



59647| } 

59648| } else { 

59649| Node->Pos = 

| GetNextCacheLocation(l); 
59650| } 
59651 1 if ( 

| Node->Pos!=INVALID_POSITION_VALUE ) { 
59652| ULONG SavedPos = Node->Pos; 

59653 1 

59654| // release this while we do the 

| write or a deadlock will occur. 
59655| // we have a valid value at 

| this time, and unless an error occurs 
59656| // we dont have to worry about 

| reacquiring it. 
59657| MyReleaseResourceForThreadLite 

| ( &Shared->TreeResource ); 
59658| 

59659| // Do !!!!!NOT!!!M! access 

| Node from this point ON 
59660| // unless you like random 

| corruption 

59661 1 Location. QuadPart = (unsigned 

| _int64)SavedPos * GRANULE SIZE; 
59662| 

59663| ASSERT(Key.SnapShotPart>0); 
59664| 

59665| #if DO_ALL_IO 
59666| 

| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple: Writing 
| %08l64x to cache file position %08x\n M ,Key,SavedPos)); 

59667| #endif 

59668| 

| ASSERT(SavedPos<=DevExt->Cache.PSManBitMapSize); 
59669 1 

59670| #ifdef DEBUG 
59671 1 #if DO_ALL_SEARCH 
59672 1 if ( Flags & 

| DICT_FLAG_VIRTUAL_IO ) { 
59673 1 

| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple - 
| Virtual Write: saving pos=%08x, key=%016l64x, 
| this->Flags=%08x, 

| SnapShotFlags=%08x\n",SavedPos,WorkingKey.QuadPart,this- 

| >Flags,GetSnapShotFlags())); 
59674| } 
59675| #endif /* DO_AL L_S E ARC H */ 
59676| #endif TDEBUG7 
59677| 

59678| // write to cache file 



59679| 


Status = PsmWriteToFile( 


59680| 


&DevExt->Cache.CacheFile, 


59681 1 


&loStatus, 


59682 1 


(PVOID)NextWritePosition, 


59683 1 


GRANULE_SIZE, 


59684| 


&Location, 


59685| 


DevExt->DoDirectlO, 


59686| 




| &DevExt->Cache.DirectAccessResource ); 


59687| 




59688| 


if ( NT_SUCCESS(Status) ) { 


59689 1 


// Need to save to index 


| file whether we have a temporary or persistent 


| snapshot. 




59690| 


//This is due to the 


| lookahead algorithm. In other words, persistent 


| snapshots 




59691| 


// inherit changes made to 



| subsequent temporary snapshots. Even when the 



| temporary 

59692| // snapshot goes away, we 

| need the changes it made to the index file for 

| persistent 
59693| //snapshots. The 

| scavenger will clean up index entries created by 

| temporary snapshots 
59694| // with no preceeding 

| persistent snapshots. 
59695| 

59696| ULONG Virtuallo = (Flags & 

| DICT_FLAG_VIRTUAL_IO) ? TRUE : FALSE; 
59697| unsigned char SnapShotFlags 

| = (unsigned char) GetSnapShotFlagsQ; 
59698| ULONG ReadW rite Persistent = 

| (SnapShotFlags & PSM_SS_BIT_VIRTUAL_WRITES_PERSISTENT) 

| ? TRUE : FALSE; 
59699| if ( ReadWritePersistent ) 

|{ 

59700| ASSERT 

| (PSM_SS_lsPersistent(SnapShotFlags)); 
59701| } 
59702| 

59703| if ( (Virtuallo && 

| ReadWritePersistent) || IVirtuallo ) { 
59704| ULONG 

| FlagValue=PSM_INDEX_FLAG_NORMAL; 
59705| 

59706| if ( Virtuallo ) { 

59707| FlagValue = 

| PSM_I N DEX_FLAG_VI RTU AL_WRITE ; 



59708| } 
59709| 

5971 0| DataChecksum = 

| CalculateChecksum (GRANULESIZE, NextWritePosition); 
5971 1 | 

59712| // if virtual write, 

| save what seq. number it is for, otherwise link it to 
| the highest 
59713| //seq number found 

59714| Status = Savelndexlnfo 

I ( 
59715| 

| DevExt, 
59716| 

| CurrentGranule, 
59717| 

| Virtuallo ? GetSequenceNumberQ : SnapshotNumber, 
59718| 

| Saved Pos, 
59719| 

| DataChecksum, 
59720| 

| FlagValue ); 
59721| 

59722| if ( NT_SUCCESS(Status) 

l){ 

59723| if ( IVirtuallo ) { 

59724| //Mark that we 

| won't need it snapped again before another snapshot 
59725| // NOTE It's 

| not the end of the world if we fail to credit 

| occasionally. 
59726| // (eg no map 

| yet or asynchronous map transformation removes our 

| credit). 

59727| //... The 

| tree will protect us against taking a second snap for 

| the same snapshot. 
59728| //... The 

| worst is we might snap some free space we didn't need 

| to!! 

59729| if ( 

| Shared->Map != NULL ) { 
59730| 
59731| // 

| RtlClearBits ( Shared->Map, CurrentGranule, 1 ); 
59732 1 

| ChangeTheBitsWithinBounds ( CHANGE_TO_CLEAR, 
| Shared->Map, CurrentGranule, 1 ); 
59733| } 



59734| } 
59735| goto Next; 

59736| } else { 

59737| 

| Debug(DEBUG_DICT,("!M Error %08x writing to index 

| file\n" , Status)); 
59738| } 
59739| } else { 

59740| // temporary virtual 

| write 

59741 1 #if DO_ALL_S E ARC H 

59742 1 

| Debug(DEBUG_DICT,("Skipping temporary virtual write: 

| key=%016l64x\n",WorkingKey.QuadPart)); 
59743 1 #endif 

| /*DO_ALL_SEARCH7 
59744| goto Next; 

59745| } 
59746| } else { 

59747| Debug(DEBUG_DICT,("M! 

| Error %08x writing to cache file\n", Status )); 
59748| } 
59749 1 

59750| // reacquire the resource so we 

| can delete it from the tree 
59751 1 MyAcquireResourceExclusiveLite 

| ( &Shared->TreeResource, TRUE ); 
59752 1 

59753| if ( IDontFree ) { 

59754| 

| ASSERT(SavedPos!=INVALID_POSITION_VALUE); 
59755| // if this bit is clear, 

| then we have to assume a delete has occured 
59756| // so lets not clear it 

| twice which would report the wrong 
59757| // size of the cache file. 

| Also, this node could have been deleted 
59758| // so we dont access the 

| node structure from this point on either. 
59759| PsmBitPositionValidate 

| (DevExt->Cache.PSManBitMapBuffer, SavedPos); 
59760 1 if ( 

| RtlCheckBit(DevExt->Cache.PSManBitMapBuffer,SavedPos) ) 

|{ 

59761 1 FreeCacheLocation ( 

| SavedPos ); 
59762 1 } 
59763 1 } 

59764| if ( Status == STATUS_DISK_FULL 

l){ 



59765| Debug(DEBUG_DICT,("!M 
| pd::searchAndlnsertMultiple: out of disk space: 
| DevExt=%08x\n",DevExt)); 

59766| Status = 

| PSM_ERROR_CACHEFILE_FULL; 

59767| } 

59768| } else { 

59769| Debug(DEBUG_DICT,("H! Error 

| allocating cache file space\n" )); 
59770| Status = 

| PSM_ERROR_CACHEFILE_FULL; 
59771 | } 
59772 1 if ( IDontFree ) { 

59773| // we delete by using the save 

| key, instead of using Node->Key 
59774| // as a race condition with a 

| delete could have caused this 
59775| // node to already be deleted. 

59776| if ( Flags & 

| DICT_FLAG_VIRTUAL_IO ) { 
59777| Node = 

| rbtree_Delete(&(Shared->VirtualWritesTree), 

| WorkingKey.QuadPart); 
59778| } else { 

59779 1 Node = 

| rbtree_Delete(&Shared->Tree, WorkingKey.QuadPart); 
59780| } 
59781 1 } else { 

59782 1 

| ASSERT(Node->Pos!=INVALID_POSITION_VALUE); 
59783 1 } 
59784| } else { 

59785| // already in tree. . 

59786| ASSERT(Key.SnapShotPart>0); 
59787| #if DO_ALL_IO 
59788| 

| Debug(DEBUG_DICT,("pd::searchAndlnsertMultiple: Data 
| %08l64x already in cache file\n",Key)); 
59789| #endif 

59790| Status = STATUS_SUCCESS; 

59791 | } 

59792 1 if (IDontFree) { 

59793| // can be null, if something 

| catastrophic happened.. 
59794| if ( Node ) { 

59795| FreeNode(Node); 
59796| } 
59797| } 

59798| MyReleaseResourceForThreadLite ( 

| &Shared->TreeResource ); 



59799| } else { 

59800| Debug(DEBUG_DICT,( "!!! Could not 

| allocate rbtree node in DasdWrite\n" )); 
59801 1 Status=STATUS_INSUFFICIENT_RESOURCES; 
59802 1 } 
59803| Next: 

59804| // update stuff for next iteration... 

59805| SectorsRemaining -= SectorsToSkip; 

59806| ++CurrentGranule; 
59807| NextWritePosition += SectorSize * 

| SectorsToSkip; 
59808| SectorOffsetlntoGranule = 0; 

59809 1 } 

5981 0| lnfo->AlreadyHandled = TRUE; 
5981 1 1 try_exit: NOTHING; 
59812| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
59813| Status = GetExceptionCode(); 
59814| Debug(DEBUG_DICT,("Exception %08x in 

| pd : :searchAnd I nsertMu ltiple\n",Status)) ; 
59815| } 
59816| 

5981 7| // on exit, the original write will be sent down to 

| the drive 
59818| 
59819| 

59820| return Status; 
59821 | } 
59822 1 

59823 1 // 

| 

59824| 
59825| 

59826| /*— end of file perdict_search.cpp —7 

59827| 

59828| 

59829 1 

59830| File Listing: PNP.cpp 
59831 | 

59832| #include "precomp.h" 
59833 1 

59834| #if _WIN32_WINNT>=0x0500 
59835| 

59836| STATIC NTSTATUS 
59837| PSManPnpObject( 

59838| IN PDEVICE_OBJECT DeviceObject, 

59839| IN PIRP Irp 

59840 1 ); 

59841 1 STATIC NTSTATUS 

59842| PSManPnpDevice( 



59843 
59844 
59845 
59846 
59847 

| DeviceObject, 
59848 
59849 
59850 
59851 
59852 
59853 

I- 
59854 
59855 
59856 
59857 
59858 
59859 
59860 
59861 
59862 
59863 
59864 
59865 
59866 
59867 
59868 



59873 
59874 
59875 
59876 
59877 
59878 
59879 
59880 
59881 
59882 
59883 
59884 
59885 
59886 
59887 
59888 
59889 



IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManPnpVDisk( 
IN PDEVICE OBJECT 



IN PIRP Irp 

); 



I* 

• 7 

NTSTATUS 
PSManPnp( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 
) 

/*++ 

Routine Description: 

Passes the Irp to the correct handler 
Arguments: 



DriverObject - Pointer to device object to being 
| shutdown by system. 
59869| 
59870 1 
59871 | 
59872 1 

NT Status 



Irp - IRP involved. 
Return Value: 



--7 



NTSTATUS Status; 

switch ( PsmGetObjectType( DeviceObject) ) { 
case OBJECTJNTERNAL 

Status = PSManPnpObject(DeviceObject, Irp); 
break; 

case OBJECT_FILTEREDDISK : 

Status = PSManPnpDevice(DeviceObject, Irp); 
break; 

case OBJECT_VIRTUALDISK : 

Status = PSManPnpVDisk(DeviceObject, Irp); 



59890| 

59891 | c 
59892 1 

I irp); 
59893 1 

59894| c 
59895| 

I Irp); 
59896| 

59897| d 
59898| 

| STATUS 
59899 1 
59900| 
59901 | 



default: 

lrp->loStatus.Status = Status = 
3_NO_SUCH_DEVICE; 

lrp->loStatus. Information = 0 ; 
loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
break; 



break; 

case OBJECT_FS_OBJECT : 

Status = PSManPnpFSObject(DeviceObject, 



break; 

case OBJECT_FS_FILTER : 

Status = PSManPnpFSFilter(DeviceObject, 



break; 



59902 1 } 

59903| return Status; 
59904| 

59905| } // end PSManPnpQ 

59906| 

59907| 

59908| r 



59909 1 STATIC NTSTATUS 
59910| PSManPnpObject( 

5991 1 1 IN PDEVICE_OBJECT DeviceObject, 

59912| INPIRPIrp 

59913| ) 

59914| 

59915| /*++ 

59916| 

59917| Routine Description: 
59918| 

59919| This routine is called for pnp IRPs. 
59920| 

59921| Arguments: 
59922| 

59923| DriverObject - Pointer to device object 

59924| Irp - IRP involved. 

59925| 

59926| Return Value: 
59927| 

59928| NT Status 
59929| 
59930| --*/ 
59931 | 
59932 1 { 

59933| NOT_REFERENCED(DeviceObject); 

59934| Debug(DEBUG_PROCCALL,("PSManPnpObject Called\n")); 
59935| lrp->loStatus.Status = STATUS_SUCCESS; 



59936| lrp->loStatus. Information = 0; 
59937| 

59938| loCompleteRequest(lrp, IO_NO_INCREMENT); 

59939| Debug(DEBUG_PROCCALL,("PSManPnpObject Done\n")); 

59940| return STATUS_SUCCESS; 

59941 | 

59942| } // end PSManPnpObject() 

59943 1 

59944| 

59945| 

59946| NTSTATUS 

59947| PSManRegisterDevice( 

59948| IN PDEVICE_OBJECT DeviceObject 

59949 1 ) 
59950 1 
59951 1 /*++ 
59952 1 

59953| Routine Description: 
59954| 

59955| Routine to initialize a proper name for the device 

| object, and 
59956| register it with WMI 
59957| 

59958| Arguments: 
59959 1 

59960| DeviceObject - pointer to a device object to be 

| initialized. 
59961 1 

59962 1 Return Value: 
59963 1 

59964| Status of the initialization. NOTE: If the 

| registration fails, 
59965| the device name in the DeviceExtension will be left 

| as empty. 
59966| 
59967| --*/ 
59968| 
59969 1 { 

59970| NTSTATUS status; 

59971 1 IO_STATUS_BLOCK ioStatus; 

59972| KEVENT event; 

59973| PFILTERED_EXTENSION deviceExtension; 

59974| PIRP irp; 

59975| STO RAG E_DEVIC EN UMBER number; 

59976| ULONG registrationFlag = 0; 

59977| 

59978| PAG E DCO D E () ; 
59979 1 

59980| Debug(DEBUG_PNP,("PSManRegisterDevice: DeviceObject 
| %X\n", DeviceObject)); 



59981 1 device Extension = 

| GetFilteredExtension(DeviceObject); 
59982| deviceExtension->lsPhysical = FALSE; 
59983| deviceExtension->DiskNumber = -1 ; 
59984| 

59985| KelnitializeEvent(&event, NotificationEvent, 

I FALSE); 
59986| 
59987| // 

59988| // Request for the device number 
59989 1 // 

59990| irp = loBuildDeviceloControlRequest( 
59991| 

| lOCTLSTORAGEGETDEVICENUMBER, 
59992| 

| deviceExtension->TargetDeviceObject, 



59993| NULL, 

59994| 0, 

59995| &number, 

59996| sizeof (nu mber), 

59997| FALSE, 

59998| &event, 

59999| &ioStatus); 



60000| if ( !irp ) { 

60001| 

60002| 

| LogError(DeviceObject,NULL,IO_ERR_INSUFFICIENT_RESOURCES 
| ,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 
60003| Debug(DEBUG_PNP,("PSManRegisterDevice: Fail to 
| build irp\n M )); 

60004| return STATUS_INSUFFICIENT_RESOURCES; 

60005| } 

60006| 

60007| status = 

| loCallDriver(deviceExtension->TargetDeviceObject, irp); 
60008| if ( status == STATUS_PENDING ) { 
60009| pmWaitForSingleObject(&event, NULL); 
6001 0| status = ioStatus.Status; 
60011| } 
60012| 

60013| if ( NT_SUCCESS(status) ) { 
60014| 

60015| // 

6001 6| // Remember the disk number for use as 

| parameter in DiskloNotifyRoutine 
60017| // 
60018| 

60019| deviceExtension->DiskNumber = 

| number. DeviceNumber; 
60020| 



60021| // 

60022| // Create device name for each partition 

60023| // 

60024| 

60025| 

| swprintf(deviceExtension->PhysicalDeviceNameBuffer,L"\\D 

| evice\\Harddisk%d\\Partition%d",number.DeviceNumber, 

| number.PartitionNumber); 
60026| RtllnitUnicodeString( 

| &deviceExtension->PhysicalDeviceName, 

| &deviceExtension->PhysicalDeviceNameBuffer[0]); 
60027| 
60028| 

| swprintf(deviceExtension->Name,L"\\Device\\Harddisk%d\\P 

| artition%d", number. DeviceNumber, 

| number.PartitionNumber); 
60029 1 Rtl I nitU nicodeString ( 

| &deviceExtension->UniName, deviceExtension->Name); 
60030| 

60031 1 if ( number.PartitionNumber == 0 ) { 
60032| // registrationFlag = 

| WM I R EG_FL AG_TR AC E_P RO VI D E R | WMIREG_NOTIFY_DISK_IO; 
60033| deviceExtension->lsPhysical = TRUE; 

60034| } 
60035| // 

60036| // Set default name for physical disk 
60037| // 

60038| RtlCopyMemory( 

| &(deviceExtension->StorageManagerName[0]), U'PhysDisk", 

| 8 * sizeof(WCHAR)); 
60039| Debug(DEBUG_PNP,("PSManRegisterDevice: Device 

| name %ws\n", 

| deviceExtension->PhysicalDeviceNameBuffer)); 
60040| } else { 
60041 | 

60042| // request for partition's information failed, 

| try volume 
60043 1 

60044| ULONG outputSize = 

| sizeof(MOUNTDEV_NAME); 
60045| PMOUNTDEV_NAME output = (PMOUNTDEV_NAME) 

| MemAllocatePoolWithTag(PagedPool, outputSize,TEMPTAG); 
60046| if ( loutput ) { 
60047| 

| LogError(DeviceObject,NULL,IO_ERR_INSUFFICIENT_RESOURCES 
| ,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 

60048| return STATUS_INSUFFICIENT_RESOURCES; 

60049 1 } 

60050| 

60051 1 KelnitializeEvent(&event, Notification Event, 



I FALSE); 

60052| irp = loBuildDeviceloControlRequest( 
60053| 

| IOCTL_MOUNTDEV_QUERY_DEVICE_NAME, 
60054| 

| deviceExtension->TargetDeviceObject, NULL, 0, 
60055| output, 

| outputSize, FALSE, &event, &ioStatus); 
60056| if ( !irp ) { 
60057| MemFreePool(output); 
60058| 

| LogError(DeviceObject,NULL,IO_ERR_INSUFFICIENT_RESOURCES 
| ,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 

60059| return STATUS_INSUFFICIENT_RESOURCES; 

60060| } 

60061 | 

60062 1 status = 

| loCallDriver(deviceExtension->TargetDeviceObject, irp); 
60063| if ( status == STATUS_PENDING ) { 
60064| pmWaitForSingleObject(&event, NULL); 

60065| status = ioStatus. Status; 

60066| } 
60067| 

60068| if ( status == STATUS_BUFFER_OVERFLOW ) { 
60069| outputSize = sizeof(MOUNTDEV_NAME) + 

| output->NameLength; 
60070| MemFreePool(output); 
60071 1 output = (PMOUNTDEV_NAME) 

| MemAllocatePoolWithTag(PagedPool, outputSize,TEMPTAG); 
60072 1 

60073 1 if ( !output ) { 

60074| 

| LogError(DeviceObject,NULL,IO_ERR_INSUFFICIENT_RESOURCES 
| ,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 

60075| return STATUS_INSUFFICIENT_RESOURCES; 

60076| } 

60077| 

60078| KelnitializeEvent(&event, 

| NotificationEvent, FALSE); 
60079| irp = loBuildDeviceloControlRequest( 

60080 1 

| lOCTL MOUNTDEV QUERY DEVICE NAME, 
60081 | 

| deviceExtension->TargetDeviceObject, NULL, 0, 
60082| output, 

| outputSize, FALSE, &event, &ioStatus); 
60083| if ( !irp ) { 

60084| MemFreePool(output); 
60085| 

| LogError(DeviceObject,NULL,IO_ERR_INSUFFICIENT_RESOURCES 



I ,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 
60086| return STATUS_INSUFFICIENT_RESOURCES; 

60087| } 
60088| 

60089| status = 

| loCallDriver(deviceExtension->TargetDeviceObject, irp); 
60090| if ( status == STATUS_PENDING ) { 

60091 1 pmWaitForSingleObject(&event,NULL); 
60092| status = io Status. Status; 

60093 1 } 
60094| } 

60095| if ( !NT_SUCCESS(status) ) { 
60096| MemFreePool(output); 
60097| 

| //LogError(DeviceObject,NULL,IO_ERR_CONFIGURATION_ERROR, 

| status,NULL,0,NULL,0); 
60098| return status; 

60099 1 } 
60100| 

601 01 1 deviceExtension->PhysicalDeviceName. Length = 

| output->Namel_ength; 
60102| 

| deviceExtension->PhysicalDeviceName.MaximumLength = 
| output->Namel_ength + sizeof(WCHAR); 
60103| 

601 04| RtlCopyMemory( 

| deviceExtension->PhysicalDeviceName. Buffer, 

| output->Name, output->Namel_ength); 
60105| 

| deviceExtension->PhysicalDeviceName.Buffer[deviceExtensi 
| on->PhysicalDeviceName.Length/sizeof(WCHAR)] = 0; 

601 06| MemFreePool(output); 

60107| 

60108| 

| wcscpy(deviceExtension->Name,deviceExtension->PhysicalDe 
| viceNameBuffer); 
60109| 

| RtllnitUnicodeString(&deviceExtension->UniName,deviceExt 
| ension->Name); 
60110| 

60111| RtlCopyMemory( 

| &deviceExtension->StorageManagerName[0], U'LogiDisk", 8 

| * sizeof(WCHAR)); 
601 12| Debug(DEBUG_PNP,("PSManRegisterDevice: Device 

| name %ws\n", 

| deviceExtension->PhysicalDeviceNameBuffer)); 
60113| } 
60114| 

601 15| status = loWMIRegistrationControl(DeviceObject, 
| WMIREG_ACTION_REGISTER | registration Flag ); 



60116| if ( ! NT_SUCCESS(status) ) { 
60117| 

| LogError(DeviceObject,NULL,IO_ERR_INTERNAL_ERROR, STATUS. 
| INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 
60118| } 

60119| return status; 

60120| } 

60121| 

60122| NTSTATUS 
60123| PSManStartDevice( 

60124| IN PDEVICE_OBJECT DeviceObject, 

60125| INPIRPIrp 

60126| ) 

60127| /*++ 

60128| 

60129| Routine Description: 
60130| 

60131 1 This routine is called when a Pnp Start Irp is 
| received. 

60132| It will schedule a completion routine to initialize 

| and register with WMI. 
60133| 

60134| Arguments: 
60135| 

60136| DeviceObject - a pointer to the device object 
60137| 

60138| Irp - a pointer to the irp 

60139| 

60140| 

60141| Return Value: 
60142| 

60143| Status of processing the Start Irp 
60144| 
60145| -7 
60146| { 

60147| PFILTERED_EXTENSION deviceExtension; 

60148| NTSTATUS status; 

60149| PDISK_GEOMETRY Geometry=NULL; 

60150| 

60151| PAG E D_CO D E () ; 
60152| 

60153| Debug(DEBUG_PNP,( M PSManStartDevice: DeviceObject 

| %X\n M , DeviceObject)); 
60154| deviceExtension = 

| GetFilteredExtension(DeviceObject); 
60155| 

60156| status = PSManForwardlrpSynchronous(DeviceObject, 

I Irp); 
60157| 

601 58 1 PSManSyncFilterWithTarget(DeviceObject, 



I deviceExtension->TargetDeviceObject); 
60159| 
60160| // 

601 61 1 // Complete WMI registration 
60162| // 

601 63 1 PSManRegisterDevice(DeviceObject); 
60164| 

601 65| if ( NT_SUCCESS(status) ) { 

60166| 

60167| 

601 68| // we can now access the lower level driver 

601 69| // and get information we need. 

60170| 

601 71 1 // Allocate buffer for disk geometry. 
60172| 

60173| Debug(DEBUG_INIT,("Gettinggeometry\n")); 
60174| Geometry = 

| (PDISK_GEOMETRY)MemAllocatePoolWithTag(PagedPool,sizeof( 

| DISK_GEOMETRY),TEMPTAG); 
60175| 

60176| if ( Geometry ) { 
60177| 

60178| status = 

| Sblo_GetGeometry(deviceExtension->TargetDeviceObject,Geo 

I metry); 
60179| 

60180| if ( !NT_SUCCESS(status) ) { 

60181 1 Debug(DEBUG_INIT,("Error! %08x sending 

| disk_geometry to %X 

| '%S'\n",status,DeviceObject,deviceExtension->Name)); 
60182| // keep going, incase there is no 

| cartridge in drive. 
60183| Geometry->Cylinders.QuadPart = 0; 

60184| Geometry->MediaType 

| RemovableMedia; 
60185| Geometry->TracksPerCylinder =0; 

60186| Geometry->SectorsPerTrack = 0; 

60187| Geometry->BytesPerSector = 512; 

60188| status = 0; 

60189| } 



60190| 
60191| 
60192| 

| Geometry 
60193| 

| Geometry 
60194| 

| Geometry 
60195| 

| Geometry 



// get the disk geometry 

deviceExtension->Cylinders 

->Cylinders; 

deviceExtension->MediaType 
->MediaType; 

deviceExtension->TracksPerCylinder 
->TracksPerCylinder; 
deviceExtension->SectorsPerTrack 
>SectorsPerTrack; 



60196| deviceExtension->BytesPerSector 

| Geometry->BytesPerSector; 
60197| deviceExtension->DeviceShutDown =0; 

60198| 

60199| // save largest BPS request 

60200| if ( deviceExtension->BytesPerSector > 

| GlobalData->LargestBPS ) { 
60201 1 Global Data->LargestBPS = 

| deviceExtension->BytesPerSector; 
60202 1 } 
60203 | 
60204| 

60205| Debug(DEBUG_INIT,("Device=%p, Cyls=%d, 

| Heads=%d, SPT=%d, BPS=%d\n", 
60206| DeviceObject, 
60207| 

| Geometry->Cylinders.LowPart, 
60208| 

| Geometry->TracksPerCylinder, 
60209 | 

| Geo metry->SectorsPerT rack, 



6021 0| Geometry->BytesPerSector 

60211| )); 

60212| 

60213| FREE_POINTER(Geometry); 
60214| }else{ 

60215| Debug(DEBUG_IN IT, ("Error! Out of 

| memory\n")); 
60216| } 
60217| }else{ 

60218| Debug(DEBUG_INIT,("Error %08x starting lower 



| level driver\n",status)); 
60219| } 
60220| 
60221 | 
60222 | 
60223 1 // 

60224| // Complete the Irp 
60225| // 

60226| lrp->loStatus.Status = status; 

60227| loCompleteRequest(lrp, IO_NO_INCREMENT); 

60228| 

60229 1 return status; 

60230 1 } 

60231| 

60232| 

60233| NTSTATUS 

60234| PSManRemoveDevice( 

60235| IN PDEVICE_OBJECT DeviceObject, 

60236| IN PIRP Irp 



60237| ) 
60238| /*++ 
60239| 

60240| Routine Description: 
60241 | 

60242 1 This routine is called when the device is to be 
| removed. 

60243| It will de-register itself from WMI first, detach 

| itself from the 
60244| stack before deleting itself. 
60245| 

60246| Arguments: 
60247| 

60248| DeviceObject - a pointer to the device object 
60249 1 

60250 1 Irp - a pointer to the irp 
60251 | 
60252 | 

60253| Return Value: 
60254| 

60255| Status of removing the device 
60256| 
60257| -7 
60258| { 

60259| NTSTATUS status; 
60260| PFILTERED_EXTENSION deviceExtension; 
60261 1 PWMILIB_CONTEXT wmilibContext; 
60262 1 

60263| PAG E D_CO D E () ; 
60264| 

60265| Debug(DEBUG_PNP,( M PSManRemoveDevice: DeviceObject 
| %X 

| rc=%d\n", DeviceObject, DeviceObject->ReferenceCount)); 
60266| deviceExtension = 

| GetFilteredExtension(DeviceObject); 
60267| 

60268| // if psmed, then free resources for it. 
60269 1 if ( deviceExtension->PSMed ) { 
60270| 

| PersistentDictionary: :UnloadSnapShotsForVolume( 

| DeviceObject, FALSE ); 
60271 1 } 
60272 1 
60273 1 // 

60274| // Remove registration with WMI first 
60275| // 

60276| loWMIRegistrationControl(DeviceObject, 

| WMIREG_ACTION_DEREGISTER); 
60277| 
60278| // 



60279| // quickly zero out the count first to invalid the 

| structure 
60280| // 

60281 1 wmilibContext = &deviceExtension->WmilibContext; 
60282| lnterlockedExchange((PLONG) 

| &(wmilibContext->GuidCount),(LONG) 0); 
60283| RtlZeroMemory(wmilibContext, 

| sizeof(WMILIB_CONTEXT)); 
60284| 

60285| status = PSManForwardlrpSynchronous(DeviceObject, 

I "rp); 
60286| 
60287| 

| loDetachDevice(deviceExtension->TargetDeviceObject); 
60288| 

60289| KeEnterCriticalRegion(); 
60290| pmAcquireWriterLock ( 

| &deviceExtension->Cache.DirectAccessResource, TRUE ); 
60291 1 Direct Access File *oldHeaderDirect = 

| deviceExtension->Cache.HeaderFile. Direct; 
60292| DirectAccessFile *oldlndexDirect = 

| deviceExtension->Cache. I ndexFile. Direct; 
60293| DirectAccessFile *oldCacheDirect = 

| deviceExtension->Cache.CacheFile. Direct; 
60294| deviceExtension->Cache.HeaderFile. Direct = NULL; 
60295| deviceExtension->Cache.lndexFile. Direct = NULL; 
60296| deviceExtension->Cache.CacheFile. Direct = NULL; 
60297| pmReleaseWriterLock ( 

| &deviceExtension->Cache.DirectAccessResource ); 
60298| KeLeaveCriticalRegion(); 
60299 | 

60300| delete oldHeaderDirect; 
60301 1 delete oldlndexDirect; 
60302| delete oldCacheDirect; 
60303 | 

60304| ExDeleteResourceLite ( 

| &deviceExtension->Cache.DirectAccessResource ); 
60305| pmDeRegisterObject ( 

| &deviceExtension->Cache.DirectAccessResource ); 
60306| 
60307| 

60308| // per device resources that need to be freed 
60309 | 

| ExDeleteResourceLite(&deviceExtension->DeviceExtResource 

I); 

60310| 

| pmDeRegisterObject(&deviceExtension->DeviceExtResource); 
60311| 
60312| 

60313| // NOTE: Do not access deviceExtension after 



I this call as it 
60314| // will have been freed! 
6031 5| loDeleteDevice(DeviceObject); 
60316| 
60317| // 

6031 8| // Complete the Irp 
60319| // 

60320| lrp->loStatus.Status = status; 

60321| loCompleteRequest(lrp, IOJMOJNCREMENT); 

60322| 

60323| Debug(DEBUG_PNP,("PSManRemoveDevice: DeviceObject 

| %X done %08x\n",DeviceObject,status)); 
60324| return status; 
60325| } 
60326| 
60327| 
60328| 

60329| r 



60330| STATIC NTSTATUS 
60331 1 PSManPnpDevice( 

60332| IN PDEVICE_OBJECT DeviceObject, 

60333| IN PIRP Irp 

60334| ) 

60335| 

60336| /*++ 

60337| 

60338| Routine Description: 
60339 1 

60340| This routine is called for pnp IRPs. 
60341 1 

60342| Arguments: 
60343 1 

60344| DriverObject - Pointer to device object 

60345| Irp - IRP involved. 

60346| 

60347| Return Value: 
60348| 

60349 1 NT Status 
60350 1 
60351 1 ~7 
60352 1 
60353 1 { 

60354| PIO_STACK_LOCATION irpSp = 

| lo GetCu rrent I rpStackLocatio n( I rp) ; 
60355| NTSTATUS status; 
60356| PFILTEREDEXTENSION 

| device Extens io n= Get Fi Itered Extens io n ( DeviceObject) ; 
60357| 

60358| PAGED_CODE(); 



60359| Debug(DEBUG_PNP,("PSManPnp: Device %X Irp %X - 
| %s\n",DeviceObject, 

| lrp,irpSp->MinorFunction,File_GetPnpMinorFunctionName(ir 
| pSp->MinorFunction))); 
60360| 

60361 1 switch ( irpSp->MinorFunction ) { 
60362 1 

60363| case I R P_M N_ST A RT_D E V I C E : { 
60364| // 

60365| // Call the Start Routine handler to 

| schedule a completion routine 
60366| // 

60367| Debug(DEBUG_PNP,("PSManPnp: Schedule 

| completion for START_DEVICE\n")); 
60368| status = PSManStartDevice(DeviceObject, 

I "rp); 

60369| break; 
60370 1 

60371 1 } 

60372| case IRP_MN_SURPRISE_REMOVAL : { 
60373| // if psmed, then free resources for it. 

60374| if ( deviceExtension->PSMed ) { 

60375| 

| PersistentDictionary: :UnloadSnapShotsForVolume( 
| DeviceObject, FALSE ); 
60376| } 

60377| loSkipCurrentlrpStackLocation( Irp ); 

60378| return 

| loCallDriver(deviceExtension->TargetDeviceObject, Irp); 
60379 1 } 

60380| case IRP_MN_REMOVE_DEVICE: { 
60381 1 // 

60382| // Call the Remove Routine handler to 

| schedule a completion routine 
60383 1 // 

60384| Debug(DEBUG_PNP,("PSManPnp: Schedule 

| completion for REMOVE_DEVICE\n")); 
60385| status = 

| PSManRemoveDevice(DeviceObject, Irp); 
60386| break; 
60387| } 

60388| case IRP_MN_DEVICE_USAGE_NOTIFICATION: { 
60389| PIO_STACK_LOCATION irpStack; 

60390| BOOLEAN setPagable; 

60391| 

60392| Debug(DEBUG_PNP,("PSManPnp: Processing 

| DEVICE_USAGE_NOTIFICATION\n")); 
60393| irpStack = 

| loGetCurrentlrpStackLocation(lrp); 
60394| 



60395| if ( 

| irpStack->Parameters.UsageNotification.Type != 

| DeviceUsageTypePaging ) { 
60396| loSkipCurrentlrpStackLocation( Irp 

I); 

60397| return 

| loCallDriver(deviceExtension->TargetDeviceObject, Irp); 
60398| } 
60399| 

60400| // 

60401 1 // wait on the paging path event 

60402 1 // 
60403 1 

60404| status = 

| pmWaitForSingleObject(&deviceExtension->PagingPathCountE 

| vent,NULL); 
60405| 

60406| // 

60407| // if removing last paging device, need 

| to set DO_POWER_PAGABLE 
60408| // bit here, and possible re-set it 

| below on failure. 
60409 1 // 
60410| 

6041 1 1 setPagable = FALSE; 

60412| if( 

| !irpStack->Parameters.UsageNotification.lnPath && 
6041 3| deviceExtension->PagingPathCount 

I == 1 ) { 
60414| 

60415| // 

6041 6| // removing the last paging file 

6041 7| II must have DO_POWER_PAGABLE bits 

| set 

60418| // 
60419| 

60420| if ( DeviceObject->Flags & 

| DO_POWER_INRUSH ) { 

60421 1 Debug(DEBUG_PNP,("PSManPnp: 
| last paging file removed but DO_POWER_INRUSH set, so 
| not setting PAGABLE bit for DO %p\n", DeviceObject)); 

60422 1 } else { 

60423| Debug(DEBUG_PNP,("PSManPnp: 
| Setting PAGABLE bit for DO %p\n", DeviceObject)); 

60424| DeviceObject-> Flags |= 

| DO_POWER_PAGABLE; 

60425| setPagable = TRUE; 

60426| } 

60427| } 

60428| 



60429| // 

60430| // send the irp synchronously 

60431| // 

60432| 

60433| status = 

| PSManForwardlrpSynchronous(DeviceObject, Irp); 
60434| 

60435| // 

60436| // now deal with the failure and 

| success cases. 
60437| // note that we are not allowed to fail 

| the irp 

60438| // once it is sent to the lower 

| drivers. 
60439| // 
60440| 

60441 1 if ( NT_SUCCESS(status) ) { 

60442 1 
60443 | 

| loAdjustPagingPathCount((PLONG)&deviceExtension->PagingP 
| athCount,irpStack->Parameters.UsageNotification.lnPath); 
60444| 

60445| if ( 

| irpStack->Parameters.UsageNotification.lnPath ) { 
60446| if ( 

| deviceExtension->PagingPathCount == 1 ) { 
60447| 

60448| // 

60449| //first paging file 

| addition 
60450 1 // 
60451 | 

60452| Debug(DEBUG_PNP,("PSManPnp: 
| Clearing PAGABLE bit for DO %p\n", DeviceObject)); 

60453| DeviceObject->Flags &= 

| ~DO_POWER_PAGABLE; 

60454| } 

60455| } 

60456| 

60457| } else { 

60458| 

60459 1 // 

60460| // cleanup the changes done above 

60461 1 // 
60462 1 

60463| if ( setPagable == TRUE ) { 

60464| DeviceObject-> Flags &= 

| ~DO_POWER_PAGABLE; 
60465| setPagable = FALSE; 

60466| } 



60467| } 
60468| 

60469| // 

60470| // set the event so the next one can 

| occur. 
60471 1 // 
60472 1 
60473 1 

| pmSetEvent(&deviceExtension->PagingPathCountEvent); 
60474| 

60475| // 

60476| // and complete the irp 

60477| // 

60478| 

60479| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
60480| return status; 

60481 1 } 

60482| case IRP_MN_QUERY_DEVICE_RELATIONS: { 
60483| PIO_STACK_LOCATION irpStack = 

| lo GetCu rrent I rpStackLocatio n( I rp) ; 
60484| 

60485| Debug(DEBUG_PNP,("PSManPnp: Processing 

| IRP_MN_QUERY_DEVICE_RELATIONS 
| %08x\n",irpStack->Parameters.QueryDeviceRelations.Type)) 

I ; 

60486| 

60487| loSkipCurrentlrpStackLocation( Irp ); 

60488 1 return 

| loCallDriver(deviceExtension->TargetDeviceObject, Irp); 
60489 1 } 
60490| 

60491 1 default: 

60492| Debug(DEBUG_PNP,("PSManPnp: Forwarding 

I irp\n")); 
60493| // 

60494| // Simply forward all other Irps 

60495| // 

60496| loSkipCurrentlrpStackl_ocation( Irp ); 

60497| return 

| loCallDriver(deviceExtension->TargetDeviceObject, Irp); 
60498| 
60499 1 } 
60500 1 

60501 1 return status; 
60502 1 

60503| } // end PSManPnpDevice() 

60504| 

60505| 

60506| /* 



60507| STATIC NTSTATUS PSManPnpVDisk( 
60508| IN PDEVICE_OBJECT 

| DeviceObject, 
60509| IN PIRP Irp 

60510| ) 
6051 1 | { 

60512| NTSTATUS StatuS=STATUS_INVALID_DEVICE_REQUEST; 
60513| 

60514| Debug(DEBUG_PROCCALL | DEBUG_PNP,("PSManPnpVDisk 

| Called Dev=%p, I rp=%p\n", DeviceObject, Irp)); 
60515| lrp->loStatus. Information = 0; 
6051 6| lrp->loStatus.Status = Status; 
60517| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
60518| Debug(DEBUG_PROCCALL | DEBUG_PNP,("PSManPnpVDisk 

| Done\n")); 
60519| 

60520| return Status; 
60521 | } 
60522 1 

60523| r 



60524| STATIC NTSTATUS PSManPnpFSObject( 
60525| IN PDEVICE_OBJECT 

| DeviceObject, 
60526| IN PIRP Irp 

60527| ) 
60528| { 

60529| NTSTATUS Status=STATUS_SUCCESS; 
60530 1 

60531 1 Debug(DEBUG_PROCCALL | DEBUG_PNP,("PSManPnpFSObject 

| Called Dev=%p, I rp=%p\n", DeviceObject, Irp)); 
60532| I rp->loStatus. Information = 0; 
60533| lrp->loStatus.Status = Status; 
60534| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
60535| Debug(DEBUG_PROCCALL | DEBUG_PNP,("PSManPnpFSObject 

| Done\n")); 
60536| 

60537| return Status; 
60538| } 
60539| 
60540 1 

60541 1 r 



60542 1 STATIC NTSTATUS 
60543| PSManPnpFSFilter( 



60544| IN PDEVICE_OBJECT DeviceObject, 

60545| IN PIRP Irp 

60546| ) 
60547| 



60548| /*++ 
60549| 

60550| Routine Description: 
60551 | 

60552 1 Pass irp to handler 
60553 1 

60554| Arguments: 
60555| 

60556| DriverObject - Pointer to device object to being 

| shutdown by system. 
60557| Irp - IRP involved. 
60558| 

60559 1 Return Value: 
60560 1 

60561 1 NT Status 
60562 1 
60563 1 -7 
60564| 
60565| { 

60566| NTSTATUS Status; 
60567| 

60568| #ifdef DEBUG 
60569| if ( PsmActive ) { 
60570| Debug(DEBUG_PNP | 

| DEBUG_PROCCALL,("PSManPnpFSFilter Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
60571 | } 
60572| #endif 
60573 1 

60574| Status = PSManFSPassThru( DeviceObject, Irp ); 
60575| 

60576| #ifdef DEBUG 

60577| if ( PsmActive ) { 

60578| Debug(DEBUG_PNP | 

| DEBUG_PROCCALL,("PSManPnpFSFilter Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 

60579 1 } 

60580| #endif 

60581 1 return Status; 

60582| } // end PSManPnpFSFilter() 

60583 1 

60584| 

60585| #endif 
60586| 
60587| 
60588| 

60589| File Listing: PNP.h 
60590 1 

60591 1 NTSTATUS 
60592| PSManPnp( 



60593 
60594 
60595 
60596 
60597 
60598 
60599 
60600 
60601 
60602 
60603 
60604 
60605 
60606 
60607 
60608 
60609 
60610 
60611 
60612 
60613 
60614 
60615 
60616 
60617 
60618 
60619 
60620 
60621 
60622 
60623 
60624 
60625 
60626 
60627 
60628 
60629 
60630 
60631 

I- 
60632 
60633 
60634 
60635 
60636 
60637 
60638 
60639 
60640 
60641 



IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

NTSTATUS 
PSManPnpFSObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 
PSManPnpFSFilter( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 



File Listing: POWER.cpp 

#include "precomp.h" 

#if _WIN32_WINNT>=0x0500 

STATIC NTSTATUS 
PSManPowerObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManPowerDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS PSManPowerVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 



r- 



7 

NTSTATUS 
PSManPower( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 

/*++ 

Routine Description: 



60642| Passes the Irp to the correct handler 
60643| 

60644| Arguments: 
60645| 

60646| DriverObject - Pointer to device object to being 

| shutdown by system. 
60647| Irp - IRP involved. 
60648| 

60649| Return Value: 
60650| 

60651 1 NT Status 

60652 1 

60653 1 -7 

60654| 

60655| { 

60656| 

60657| NTSTATUS Status; 
60658| 

60659| switch(PsmGetObjectType(DeviceObject)) { 
60660| case OBJECTJNTERNAL 
60661 1 Status = PSManPowerObject(DeviceObject, 

I Irp); 

60662 1 break; 

60663| case OBJECT FILTEREDDISK : 
60664| Status = PS Man Power Device(DeviceObject, 

I Irp); 

60665| break; 

60666| case OBJ ECT_VIRTUALDISK : 
60667| Status = PSManPowerVDisk(DeviceObject, 

I Irp); 

60668| break; 
60669| case OBJECT_FS_FILTER : 
60670| Status = PSManPowerFSFilter(DeviceObject, 

I Irp); 

60671 1 break; 

60672| caseOBJECT_FS_OBJECT : 
60673| Status = PSManPowerFSObject(DeviceObject, 

I Irp); 

60674| break; 
60675| default: 

60676| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 
60677| lrp->loStatus. Information = 0 ; 
60678| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
60679| break; 
60680 1 } 

60681| return Status; 
60682| 

60683| } //end PSManPower() 
60684| 



60685 
60686 

I- 
60687 
60688 
60689 
60690 
60691 
60692 
60693 
60694 
60695 
60696 
60697 
60698 
60699 
60700 
60701 
60702 
60703 
60704 
60705 
60706 
60707 
60708 
60709 
60710 
60711 
60712 



60713 
60714 
60715 
60716 
60717 
60718 
60719 
60720 
60721 
60722 
60723 

I- 
60724 
60725 
60726 
60727 
60728 
60729 
60730 
60731 



/* 

• 7 

STATIC NTSTATUS 
PSManPowerObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 

/*++ 

Routine Description: 

This routine is called for pnp IRPs. 

Arguments: 

DriverObject - Pointer to device object 
Irp - IRP involved. 

Return Value: 

NT Status 

-7 



{ 



NOT_REFERENCED(DeviceObject); 
Debug(DEBUG_PROCCALL,("PSManPowerObject 



Called\n")); 



lrp->loStatus.Status = STATUS_SUCCESS; 
lrp->loStatus. Information = 0; 

loCompleteRequest(lrp, IO_NO_INCREMENT); 
Debug(DEBUG_PROCCALL,("PSManPowerObject Done\n")); 
return STATUS_SUCCESS; 

} // end PSManPowerObject() 



/* 

7 

STATIC NTSTATUS 
PSManPowerDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 



/*++ 



60732| Routine Description: 
60733| 

60734| This routine is called for pnp IRPs. 
60735| 

60736| Arguments: 
60737| 

60738| DriverObject - Pointer to device object 

60739| Irp - IRP involved. 

60740| 

60741 1 Return Value: 
60742 1 

60743| NT Status 

60744| 

60745| -7 

60746| 

60747| { 

60748| PFILTERED EXTENSION deviceExtension = 

| GetFilteredExtension(DeviceObject); 
60749| PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackLocation(lrp); 
60750 1 

60751 1 Debug(DEBUG_POWER,( M PSManPowerDevice: %X %X %d - 
| %s\n",DeviceObject,lrp,irpSp->MinorFunction,File_GetPowe 
| rMinorFunctionName(irpSp->MinorFunction))); 

60752 1 PoStartNext Power I rp( I rp) ; 

60753| loSkipCurrentlrpStackLocation(lrp); 

60754| 

60755| return 

| PoCallDriver(deviceExtension->TargetDeviceObject, Irp); 
60756| } //end PSManPowerDevice() 
60757| 
60758| 

60759| /* 



60760| STATIC NTSTATUS PSManPowerVDisk( 
60761 1 IN PDEVICE_OBJECT DeviceObject, 
60762| IN PIRP Irp 
60763 1 ) 
60764| { 

60765| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST;; 
60766| 

60767| Debug(DEBUG_PROCCALL | DEBUG_POWER,("PSManPowerVDisk 

| Called Dev=%p, I rp=%p\n M , DeviceObject, Irp)); 
60768| lrp->loStatus. Information = 0; 
60769| lrp->loStatus. Status = Status; 
60770| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
60771 1 Debug(DEBUG_PROCCALL | DEBUG_POWER,("PSManPowerVDisk 

| Done\n")); 
60772 1 

60773 1 return Status; 



60774| } 
60775| 
60776| 
60777| r 



60778| STATIC NTSTATUS 

60779| PSManPowerFSFilter( 

60780| IN PDEVICE_OBJECT DeviceObject, 

60781| INPIRPIrp 

60782| ) 

60783| 

60784| /*++ 

60785| 

60786| Routine Description: 
60787| 

60788| This routine is called for pnp IRPs. 
60789| 

60790| Arguments: 
60791| 

60792| DriverObject - Pointer to device object 

60793| Irp - IRP involved. 

60794| 

60795| Return Value: 
60796| 

60797| NT Status 

60798| 

60799| -7 

60800| 

60801| { 

60802| PFILTERED_EXTENSION deviceExtension = 

| GetFilteredExtension(DeviceObject); 
60803| PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackLocation(lrp); 
60804| 

60805| Debug(DEBUG_POWER,( M PSManPowerFSFilter: %X %X %d - 
| %s\n",DeviceObject,lrp,irpSp->MinorFunction,File_GetPowe 
| rMinorFunctionName(irpSp->MinorFunction))); 

60806| PoStartNext Power I rp( I rp) ; 

60807| loSkipCurrentlrpStackLocation(lrp); 

60808| 

60809| return 

| PoCallDriver(deviceExtension->Target DeviceObject, Irp); 
60810| }// end PSManPowerFilter() 
6081 1 | 
60812| 

60813| I* 



60814| STATIC NTSTATUS PSManPowerFSObject( 
60815| IN PDEVICE_OBJECT DeviceObject, 
60816| INPIRPIrp 



60817 
60818 
60819 
60820 
60821 



) 

{ 

NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST;; 



Debug(DEBUG_PROCCALL | 
| DEBUG_POWER,("PSManPowerFSObject Called Dev=%p, 
| lrp=%p\n",DeviceObject,lrp)); 
60822| lrp->loStatus.lnformation = 0; 
60823| lrp->loStatus.Status = Status; 
60824| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
60825| Debug(DEBUG_PROCCALL | 

| DEBUG_POWER,("PSManPowerFSObject Done\n")); 
60826| 

60827| return Status; 
60828| } 
60829 
60830 
60831 
60832 
60833 
60834 
60835 
60836 
60837 
60838 
60839 
60840 
60841 
60842 
60843 
60844 
60845 
60846 
60847 
60848 
60849 
60850 
60851 
60852 
60853 
60854 
60855 
60856 
60857 
60858 
60859 
60860 
60861 
60862 
60863 



#endif 



File Listing: POWER. h 

NTSTATUS 
PSManPower( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 
PSManPowerFSFilter( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 

PSManPowerFSObject( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 



File Listing: PRECOMP.h 

r 

II unreferenced inline function has been removed 
#pragma warning (disable :451 4) 
// unreferenced formal parameter 
#pragma warning (disable:4100) 



60864| // conditional expression is constant 
60865| #pragma warning (disable:4127) 
60866| 

60867| #define PSM_INCLUDE_DEAD_CODE 0 
60868| 

60869| //#define OSR_DEBUG 
60870 1 

60871 1 // precomp.h 

60872| //#define DEBUGTREE 

60873| //#define DEBUGMEMORY 

60874| #define NODEBUGREAD 

60875| #define SYNC 

60876| //#define NOPSM 

60877| 

60878| #ifdef_DEBUG 
60879| #ifndef DEBUG 
60880| #define DEBUG 
60881 1 #endif 
60882 1 #endif 
60883 1 

60884| #jfdef DEBUG 

60885| #ifndef_DEBUG 

60886| #define_DEBUG 

60887| #endif 

60888| #ifndef DBG 

60889 1 #define DBG 1 

60890 1 #endif 

60891| #define STATIC 

60892| // #define OSR_DEBUG 

60893| 

60894| 

60895| // define if you want Driver Verifier to verify the 

| Irp's we allocate 
60896| #define IRP_DEBUG 
60897| 

60898| // define if you want driver verifier to verify 

| memory we allocate 
60899| #define MEM DBG 0 
60900| 

60901 1 // define to use memory checking routines instead 

| of suballocating 
60902| #define _USE_MEM_CHECK_ 
60903 | 
60904| #else 

60905| // #define STATIC static 
60906| #define STATIC 
60907| #endif 
60908| 

60909| #define TRACK_CONTENTIONS 0 
60910| 



6091 1 1 // define this value to print each time the functions 
| are called along with 



60912 
60913 
60914 
60915 
60916 
60917 
60918 
60919 
60920 
60921 
60922 
60923 
60924 
60925 
60926 
60927 
60928 
60929 
60930 
60931 
60932 
60933 
60934 
60935 
60936 
60937 
60938 
60939 
60940 
60941 
60942 
60943 
60944 
60945 
60946 
60947 
60948 
60949 
60950 
60951 
60952 
60953 
60954 
60955 
60956 
60957 
60958 
60959 



// the parameters. 
#define DO_ALL_IO 0 
#define DO_ALL_BITMAPS 0 
#define DO_ALL_FREESPACE 0 
#define DO_ALL_S EARC H 0 
#define DO_ALL_CLEANUP 0 
#define DO ALL S FILTER 0 



#ifdef LINT 

// Lint doesnt like the references in ntdef.h 
typedef unsigned char KIRQL; 

typedef KIRQL *PKIRQL; 

#endif 

#if 0 

// from nt4 ntddk.h 

// 

// Logical Data Type - These are 32-bit logical values. 

// 

typedef unsigned long LOGICAL; 
typedef unsigned long *PLOGICAL; 



// 

// Timer type 

// 

typedef enum TIMERTYPE { 

NotificationTimer, 

SynchronizationTimer 

} TIMER TYPE; 
#endif 

/"lint -emacro(641 ,MmGetSystemAddressForMdl)7 
Tlint -emacro(742,MemAllocatePool)7 
Hint -emacro(742,MemAllocatePoolWithTag)7 
Tlint -emacro(774,loSetCompletionRoutine)7 
Hint -emacro(506,loSetCompletionRoutine)7 

extern "C" 
{ 

// use ntifs.h as it has more definitions than ntddk.h 
I* lint -elib(1 0,1 02,763,778) 7 



60960 
60961 
60962 
60963 
60964 
60965 
60966 
60967 
60968 
60969 
60970 
60971 
60972 
60973 
60974 
60975 
60976 
60977 
60978 
60979 
60980 
60981 
60982 
60983 
60984 
60985 
60986 
60987 
60988 
60989 
60990 
60991 
60992 
60993 
60994 
60995 
60996 
60997 
60998 
60999 
61000 
61001 
61002 
61003 
61004 
61005 
61006 
61007 
61008 
61009 



#pragma warning (push) 
#pragma warning (disable:4201) 

#ifdef OSR_DEBUG 
//#include <osrddk.h> 
#else 

#if _WIN32_WINNT >= 0x0500 
#include <ddk/ntddk.h> 
#else 

#include <ntddk.h> 

#endif 

#endif 

//#include "ntifs.h" 
#include <stdarg.h> 
#include <stdio.h> 
#include <ntdddisk.h> 



#if _WIN32_WINNT >= 0x0500 

#define INITGUID 
#include <ntddvol.h> 
#include <mountdev.h> 
#include "wmistr.h" 
#include "wmidata.h" 
#include "wmiguid.h" 
//#include "wmikm.h" 
#include "wmilib.h" 
#include "wmi.h" 
#include "power.h" 
#include "pnp.h" 
#undef INITGUID 
#include <ntddft2.h> 
#endif 

#include <ntddstor.h> 
#include <ntddscsi.h> 
#include <ntddft.h> 
#include <ntdddisk.h> 

#pragma warning (pop) 

I* lint -restore +elib(1 0,1 02,763,778) 7 

// Misc Rtl functions not documented 
#include "rtl.h" 

typedef unsigned long DWORD; 



61010 
61011 
61012 
61013 
61014 
61015 
61016 
61017 
61018 
61019 
61020 
61021 
61022 
61023 
61024 
61025 
61026 
61027 
61028 
61029 
61030 
61031 
61032 
61033 
61034 
61035 
61036 
61037 
61038 
61039 
61040 
61041 
61042 
61043 
61044 
61045 
61046 
61047 
61048 
61049 
61050 
61051 
61052 
61053 
61054 
61055 
61056 
61057 
61058 
61059 



// public (api) header 
#define UNICODE 
#include "psm.h" 
#undef UNICODE 

// internal headers 
#include "irp.h" 
#include "rbtree.h" 
#include "ioctl.h" 
#include "bit.h" 
#include "mem.h" 

#include "ondisk.h" 
#include "ntfs.h" 

#include "reg.h" 
#include "file.h" 

//#include "cont.h" 

#include "primates. h" 

#if TRACK CONTENTIONS 

#include "cont.h" 

#endif 

#include "memtrack.h" 
} // extern "C" 

// C++ header files 
#include "perapi.h" 

#include "iodirect.h" 
#include "virgin. h" 

extern "C" 
{ 

// undocumented NT calls 
/* lint -elib(1 0,1 02,763,778)7 
#include <undoc.h> 

#include "snapshot. h" 
#include "sbpsman.h" 
#include "devsup.h" 
#include "thread. h" 

#include "passthru.h" 
#include "read.h" 
#include "write. h" 
#include "create, h" 
#include "cleanup. h" 
#include "close. h" 
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61072 
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61077 
61078 
61079 
61080 
61081 
61082 
61083 
61084 
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61090 
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61092 
61093 
61094 
61095 
61096 
61097 
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| "I 
61099 
61100 
61101 
61102 



61103 
61104 
61105 
61106 
61107 



#include "flush.h" 
#include "shutdown. h" 
#include "devcon.h" 
#include "dcpsm.h" 
#include "misc.h" 
#include "vdisk.h" 
#include "log.h" 
#include "psmerr.h" 
#include "unload. h" 
#include "security. h" 
#include "sfilter.h" 



// new features added to sp4 that we can use 
#include "sp4.h" 

r lint -restore +elib(1 0,1 02,763,778)7 



} // extern "C" 

#include "revert. h" 

extern "C" 
NTSYSAPI 
NTSTATUS 
NTAPI 

ZwWait Fo rS i ng leObject( 
IN HANDLE Handle, 
IN BOOLEAN Alertable, 

IN PLARGEJNTEGER Timeout OPTIONAL ); 
#ifdef _NTIFS_ 

// from ntddk.h that is not in ntifs.h 
NTHALAPI 
NTSTATUS 
lo Read Part itionTable( 

IN PDEVICE_OBJECT DeviceObject, 
IN ULONG SectorSize, 
IN BOOLEAN ReturnRecognizedPartitions, 
OUT struct _DRIVE_LAYOUT_INFORMATION 
PartitionBuffer 

); 

#endif 

// enable this to disable exception handling, so the 



| debugger breaks where the 



// exception occurs 
#if 0 

#define try if(1) 

#define_try if(1) 
#define finally if(1) 



61108| #define .finally if(1) 

61 1 09 1 #define except(x) else 

61 1 1 0| #define _except(x) else 
61 1 1 1 1 #undef GetExceptionCode 
61112| #define GetExceptionCode() 

| STATU S_U N H AN D L E D EXC E PT I O N 
61113| #undef AbnormalTermination 
61114| #define AbnormalTermination (FALSE) 
61115| #endif 
61116| 
61117| 
61118| 

61119| File Listing: PRIMATES. h 
61120| 

61 121 1 typedef enum ePrimateObjectType { 

61122| pmSpinLock, 

61123| pmMutex, 

61124| pmRwLock, 

61 1 25| pmSemaphore, 

61126| pmEvent 

61127| } tPrimateObjectType; 

61128| 

61129| 

61 130| #define pmAcquireMutex(m,t) 

| ExAcquireFastMutex(m) 
61 131 1 #define pmAcquireReaderLock(r,w) 

| ExAcquireResourceSharedLite(r,w) 
61 132| #define pmAcquireSpinLock(sJ) 

| KeAcquireSpinLock(sJ) 
61 1 33| #define pmAcquireWriterLock(r,w) 

| Ex Acqu i re Resou rce Exclus iveLite( r, w) 
61 134| #define pmBroadcastEvent(e) 

| KePulseEvent(e) 
61 135| #define pmClearEvent(e) 

| KeClearEvent(e) 
61 1 36| #define pmExamineSemaphore(s) 

| KeReadStateSemaphore(s) 
61 1 37| #define pmReleaseMutex(m) 

| ExReleaseFastMutex(m) 
61 1 38| #define pmReleaseReaderLock(r) 

| ExReleaseResourceForThreadLite(r,ExGetCurrentResourceThr 

I ead()) 

61139| #define pmReleaseSpinLock(s,i) 

| KeReleaseSpinLock(s,i) 
61 1 40| #define pmReleaseSemaphore(s) 

| KeReleaseSemaphore(s,1 ,1 , FALSE); 
61 141 1 #define pmReleaseWriterLock(r) 

| ExReleaseResourceForThreadLite(r,ExGetCurrentResourceThr 

I ead()) 

61 142| #define pmRwLockNumReaders(r) 



I ExGetSharedWaiterCount(r) 
61143| #define pmRwLockedForWrite(r) 

| ExlsResourceAcquiredExclusiveLite(r) 
61144| #define pmSetEvent(e) 

| KeSetEvent(e,(KPRIORITY)1 , FALSE) 
61 145| #define pmSignalSemaphore(s) 

| KeReleaseSemaphore(s,1 ,1 , FALSE) 
61146| #define pmStartThread(t,a,h) 

| PsCreateSystemThread(h,THREAD_ALL_ACCESS,NULL,NULL,NULL, 

IU) 

61 147| #define pmWaitForSemaphore(s,t) 

| KeWaitForSingleObject(s,Suspended,(KPROCESSOR_MODE)Kerne 

| IMode,FALSE,t) 
61148| #define pmWriterToReaderLock(r) 

| ExConvertExclusiveToSharedLite(r) 
61 1 49| #define pmRegisterObject(o,n,t) 
61 150| #define pmDeRegisterObject(o) 
61 151 1 #define pmAcquireSemaphore(s,t) 

| KeWaitForSingleObject(s,Suspended,(KPROCESSOR_MODE)Kerne 

| IMode,FALSE,t) 
61152| 
61153| 

61 154| #define pmThreadSwitch() { 

| LARGE INTEGER _T_={0}; KeDelayExecutionThread( 
| (KPROCESSOR_MODE)KernelMode, FALSE, &_T_); } 

61155| 

61156| #define pmWaitForMultipleObjects(o,n,t) 

| KeWaitForMultipleObjects(n,o,WaitAny,Suspended,(KPROCESS 

| OR_MODE)KernelMode,FALSE,t,NULL) 
61157| #define pmWaitForSingleObject(o,t) 

| KeWaitForSingleObject(o,Suspended,(KPROCESSOR_MODE)Kerne 

| IMode,FALSE,t) 
61158| 

61 159| // not implemented 



61160| #defi 
61 1 61 1 #def i 
61162| #defi 
61163| #defi 
61164| #defi 
61165| #defi 
61166| #defi 
61167| #defi 
61168| #defi 
61169| #defi 
61170| #defi 
61 171 1 #defi 
61172| #defi 
61173| #defi 
61174| #defi 
61175| #defi 



ne pmGetLastError() Do Not Use 

ne pmlnitThreadStructure(p) Do Not Use 

ne pmFinishedLoading() Do Not Use 

ne pmCloseEvent(e) Do Not Use 
ne pmCloseHandlesForThread(t) Do Not Use 

ne pmCloseMutex(m) Do Not Use 

ne pmCloseRwLock(r) Do Not Use 

ne pmCloseSemaphore(s) Do Not Use 

ne pmCloseSpinLock(s) Do Not Use 

ne pmCreateAutoEvent(n) Do Not Use 

ne pmCreateManualEvent(n) Do Not Use 

ne pmCreateMutex(nJ) Do Not Use 

ne pmCreateRwLock(n) Do Not Use 

ne pmCreateSemaphore(n,m) Do Not Use 

ne pmCreateSpinLock(n) Do Not Use 

ne pmSetLastError(e) Do Not Use 



61176 
61177 
61178 
61179 
61180 
61181 
61182 
61183 
61184 
61185 
61186 
61187 
61188 
61189 
61190 
lis 
61191 



#define pmAssociateTidWithObject(o,t) Do Not Use 
#define pmDelnitThreadStructure(p) Do Not Use 
#define pmExamineMutex(m) Do Not Use 

#define pmlsValidPointer(p) Do Not Use 

#define pmlsValidObject(o,t) Do Not Use 



File Listing: RBTREE.cpp 



http ://epaperpress . co m/s_m an . htm I 

Permission to reproduce portions of this document 
given provided 

the web site listed below is referenced, and no 



| additional 



61192 



software project, 



61193 
61194 
61195 
61196 
61197 
61198 
61199 
61200 
61201 
61202 
61203 
61204 
61205 
61206 
61207 
61208 
61209 
61210 
61211 
61212 
61213 
61214 
61215 
61216 
61217 
61218 
61219 
61220 
61221 
61222 



restrictions apply. Source code, when part of a 



may be used freely without reference to the author. 

Thomas Niemann 
thomasn@epaperpress.com 
Portland, Oregon 
epaperpress.com 

http://members.xoom.com/thomasn/s_man.htm 
Portions Copyright Thomas Niemann thomasn@ips.net 
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/* red-black tree 7 

#include "precomp.h" 

#ifndef RBTREE TEST PRINTF 

#define RBTREE_TEST_PRINTF printf 
#endif 

//#define _NO_TREE_STUFF_ 1 

// keep synced with original source 
#define NIL (Tree->TailLeaf) 
#define root (Tree->HeadLeaf) 
#define color Red 

#define compLT(a,b) ((a) < (b)) 
#define compEQ(a,b) ((a) == (b)) 



61223 
61224 
61225 
61226 
61227 



psystemConsoleScreen, msg ); EnterDebugger() 



61228 
61229 
61230 
61231 
61232 
61233 
61234 
61235 
61236 
61237 
61238 
61239 

l& 
61240 



Checksum=%08x\n",_ls,_ShouldBe,_CheckSum);\ 



61241 
61242 
61243 
61244 
61245 
61246 
61247 
61248 
61249 
61250 
61251 
61252 
61253 
61254 
61255 
61256 
61257 
61258 
61259 
61260 
61261 
61262 
61263 
61264 
61265 
61266 
61267 
61268 
61269 



// Debug Control definitions 
#ifdef DEBUG 
#ifdef netware 

#define BreakPoint(msg) OutputToScreen( 



#else 

#ifdef JJSERMODE 

#undef DbgPrint 

#undef DbgBreakPoint 

#undef Breakpoint 

#define DbgPrint printf 

#define DbgBreakPoint() 
#endif 

#define BreakPoint(msg) {\ 

ULONG_ls=0,_ShouldBe=0,_CheckSum=0;\ 
DbgPrint(msg);\ 

rbtree_Audit ( Tree, &_ls, &_ShouldBe, 
CheckSum);\ 

DbgPrintfTree: ls=%08x, Shouldbe=%08x, 



DbgBreakPoint();\ 

} 

#endif 
#else 

#ifdef netware 

extern Abend(char *msg); 

#define BreakPoint(msg) Abend(msg) 
#else 

#define BreakPoint(msg) 
#endif 
#endif 



// Thread Control Macros 
#ifdef netware 

extern void *rbtree_Semaphore; 

#define DATA_REQUEST CPSemaphore(rbtree_Semaphore) 
#define D AT A_R E L E AS E CVSemaphore(rbtree_Semaphore) 
#else 

#define DATA_REQU EST 
#define D AT A_R E L E AS E 
#endif 



// module variables 
#ifdef RBTREE TEST 



61270 
61271 
61272 
61273 
61274 
61275 
61276 
61277 
61278 



61279 
61280 
61281 
61282 
61283 
61284 
61285 
61286 
61287 
61288 
61289 
61290 
61291 
61292 



61293 



61294 
61295 
61296 
61297 
61298 
61299 
61300 
61301 
61302 
61303 

I); 

61304 
61305 
61306 
61307 
61308 
61309 
61310 
61311 



// Procedures used for tree testing only 

#define MAX_LEVEL 32 
#define GRAPH_WIDTH 60 

STATIC long LevelCount[MAX_LEVEL+1]; 
STATIC long LevelMax, LevelGrand, LevelDepth; 

/* 

7 

STATIC void Clearl_evel() 
{ 

int n; 

// reset the count accumulators 
for(n=0; n<MAX_LEVEL; n++) { 
LevelCount[n] = 0; 

}; 

// reset the max accumulator (for print scaling) 
LevelMax = LevelGrand = LevelDepth = 0; 



r 
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STATIC void Level_CountBelow( LONG *Count, tTree Tree, 



| tTreeLeaf *Node, int Level ) 



{ 



int slot; 

//exit on the tail 
if(Node == NIL) { 
return; 

}; 

// recurse to process lower levels 
Level_CountBelow( Count, Tree, Node->Left, Level+1 

(*Count)++; 



// accumulate level totals and maxima 
slot = LevekMAX LEVEL ? Level : MAX LEVEL; 
LevelCount[slot] ++; 
LevelGrand ++; 

LevelDepth = slot > LevelDepth ? slot : LevelDepth; 
LevelMax = LevelCount[slot]>LevelMax ? 
| LevelCount[slot] : LevelMax; 
61312| 

61313| // recurse for Right hand lower levels 
613141 Level_CountBelow( Count, Tree, Node->Right, Level+1 



I); 

61315| } 
61316| 
61317| I* 



61318| STATIC void PrintLevelHistogram(void) 
61319| { 

61320| int n, m, I, pdepth; 

61321 1 pdepth = LevelDepth < MAX_LEVEL ? LevelDepth: 

| MAX_LEVEL+1 ; 
61322| for (n=0; n<pdepth; n++) { 
61 323| // once for each line 
61324| if (n!=MAX_LEVEL) 

61325| printf("% 5d |% 8ld ", n+1 , LevelCount[n]); 

61326| else 

61 327| printf(" »%2d |% 8ld ", n, 

| LevelCount[n]); 
61 328| // compute graph scale 
61 329| I = (int)((float)(LevelCount[n]) / LevelMax * 

| GRAPH_WIDTH); 
61 330| // one star for each scaled level 
61331 1 for (m=0; m<l ; m++) 
61332| printf("*"); 
61 333| // terminate the line 
61334| printf("\n"); 
61335| }; 

61336| printf(" \n"); 

61337| printf("Total =% 8ld\n", LevelGrand); 

61338| } 

61339| 

61340| 

61341| r 



61342| void rbtree_GraphTree ( tTree Tree ) 
61343| { 

61344| ULONG Count=0; 
61345| 

61346| ClearLevel(); // reset accumulators 

61347| Level_CountBelow( &Count, Tree, Tree->Headl_eaf,0 ); 

61348| printf("\n"); // start on a new line 

61 349| Printl_evelHistogram(); // show the man how it did 

61350| } 

61351| 

61352| r 



61353| void rbtree_PrintBelow( LONG *Count, tTree Tree, 

| tTreeLeaf *Node, int Level ) 
61354| { 
61355| inti; 

61356| ULARGEJNTEGER Key; 



61357| 

61358| if(Node == NIL) { 
61359| return; 
61360| }; 

61361 1 rbtree_PrintBelow( Count, Tree, Node->Right, 

[ Level+1 ); 
61362| for(i=0;i<Level;i++) { 
61363| RBTREE_TEST_PRINTF(" "); 
61364| }; 

61365| if(Node->Red) { 

61366| SetConsoleTextAttribute( GetStdHandle( 

| STD_OUTPUT_HANDLE ), FOREGROUND_RED ); 
61367| }else{ 

61368| SetConsoleTextAttribute( GetStdHandle( 

| STD_OUTPUT_HANDLE ), FOREGROUND_BLUE ); 
61369| }; 
61370| 

61 371 1 Key.QuadPart = Node->Key; 

61372| RBTREE_TEST_PRINTF("%c\n",Node->Red ? 'R' : 'B'); 
61373| SetConsoleTextAttribute( GetStdHandle( 

| STD_OUTPUT_HANDLE ), FOREGROUND_RED | FOREGROUND_GREEN 

| | FOREGROUND_BLUE ); 
61374| (*Count)++; 

61375| rbtree_PrintBelow( Count, Tree, Node->Left, Level+1 

I); 

61376| } 

61377| 

61378| 

61379| r 



61380| void rbtree_DumpTree ( tTree *Tree ) 
61381| { 

61382| ULONG Count=0; 
61383| 

61384| rbtree_PrintBelow( &Count, Tree, Tree->HeadLeaf,0 

I); 

61 385| RBTREE_TEST_PRINTF("lnternal Count=%1 2d, Tree 

| Count=%12d\n",Count,Tree->NumberNodes ); 
61386| 

61387| if(Count != Tree->NumberNodes) { 

61 388| BreakPoint("Node count doesnt match!\n"); 

61389| } 

61390| } 

61391| 

61392| #endif //def RBTREE_TEST 
61393| 

61394| #ifdef DEBUG 
61395| 

61396| /* 



61397| STATIC void rbtree_AuditBelow( LONG *Count, tTree 

| *Tree, tTreeLeaf *Node, key Type Total, int Level ) 
61398| { 

61399| if (Node == NIL) { 
61400| return; 
61401| }; 
61402| 

61403| rbtree_AuditBelow( Count, Tree, Node->Left, Total, 

| Level+1 ); 
61404| (*Count)++; 
61 405| (Total) += Node->Key; 

61406| rbtree_AuditBelow( Count, Tree, Node->Right, Total, 

| Level+1 ); 
61407| } 
61408| 

61409| I* 



61410| void rbtree_Audit ( tTree *Tree, ULONG *ls, keyType 

| *ShouldBe, keyType *Amount ) 
61411| { 

61412| ULONG Count=0; 
61413| keyType Total=0; 
61414| 

61415| rbtree_AuditBelow( &Count, Tree, 

| Tree->HeadLeaf,&Total,0 ); 
61416| *ls = Count; 
61417| 

61418| *ShouldBe = Tree->NumberNodes; 

61419| *Amount = Total; 

61420| } 

61421| 

61422| 

61423| #endif 
61424| 

61425| #ifdef DEBUG 
61426| 

61427| #define DEBUG_RBTREE_HUGE 0x40000000 

61428| 

61429| 

61430| STATIC ULONG maxdepth; 
61431| STATIC ULONG depth; 
61432| 

61433|/* 



61434| STATIC int checkProperty(tTree *Tree,tTreeLeaf *t) { 

61435| // property 1 - Every node is red or black. 

61436| //this is given. 

61437| // property 2 - Every leaf node is black 

61438| if( (t==NIL) && (t->Red==RED)) { 

61439| Debug(DEBUG_MISC,("Property 2: node %p Leaf 



I node not BLACK\n", t)); 
61440| return 0; 
61441| }else 

61442| // property 3 - Every Red node has both children 
| black 



61443| if (t->Red == RED) { 

61444| if (t->Left->Red != BLACK) { 

61445| Debug(DEBUG_MISC,("Property 3: node %p 

| (Key=%d) Left not BLACK\n", t,t->Key)); 

61446| return 0; 

61447| } 

61448| if (t->Right->Red != BLACK) { 

61449| Debug(DEBUG_MISC,("Property 3: node %p 

| (Key=%d) Right not BLACKVn", t,t->Key)); 

61450| return 0; 

61451| } 

61452| }else{ 

61453| depth++; 

61454| } 

61 455| // property 4 - Every path from Tree->HeadLeaf to 



| leaf contains the same number of black nodes 
61456| if (t == NIL) { 
61457| #if 0 

61458| if (maxdepth == -1) 
61459| maxdepth = depth; 

61460| else{ 

61461 1 if (depth != maxdepth) { 

61462| Debug(DEBUG_MISC,( M Property 4: 

| depth=%d, maxdepth=%d\n", depth, maxdepth)); 
61463| return 0; 

61464| } 
61465| } 
61466| #endif 
61467| }else{ 

61 468| if(!checkProperty(Tree,t->Left)) 

61469| return 0; 

61470| if(!checkProperty(Tree,t->Right)) 

61471| return 0; 

61472| } 

61473| 

61474| // left keys should always be less than us 

61475| // and right keys greater than us 

61 476| // duplicates are not allowed 

61477| if(t!=NIL) { 

61478| if(t->Left!=NIL) { 

61 479| if (t->Left->Key>=t->Key) { 

61480| Debug(DEBUG_MISC,("Property 5: Left 

| %08x is greater than or equal to %08x\n", 

| t->Left->Key,t->Key )); 
61481| return 0; 



61482 
61483 
61484 
61485 
61486 



| %08x is less than or equal to %08x\n", 



It-: 
61487 
61488 
61489 
61490 
61491 
61492 
61493 
61494 
61495 
61496 

I- 
61497 

61498 
61499 
61500 
61501 
61502 
61503 
61504 
61505 
61506 
61507 
61508 
61509 

I- 
61510 
61511 
61512 
61513 
61514 
61515 
61516 
61517 
61518 
61519 
61520 
61521 
61522 
61523 
61524 
61525 
61526 
61527 



} 

} 

if(t->Right!=NIL) { 

if(t->Right->Key<=t->Key) { 

Debug(DEBUG_MISC,("Property 5: Left 



Right->Key,t->Key )); 
return 0; 

} 

} 

} 



if (t->Red == BLACK) depth--; 
return 1 ; 
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int rbtree_CheckProperties(tTree *Tree) { 
maxdepth = -1 ; 
depth = 0; 

if(!checkProperty(Tree,Tree->HeadLeaf->Left)) 
return 0; 

if(!checkProperty(Tree,Tree->HeadLeaf->Right)) 

return 0; 
return 1 ; 

} 

#endif 



I* 
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STATIC void rotateLeft(tTree Tree, tTreeLeaf *x) { 



I* ************************* 

* rotate node x to Left * 

************************** j 

tTreeLeaf *y = x->Right; 

/* establish x->Right link 7 
x->Right = y->Left; 

if (y->Left != NIL) y->Left->Parent = x; 

/* establish y->Parent link 7 

if (y != NIL) y-> Parent = x->Parent; 

if (x->Parent) { 

if (x == x->Parent->Left) 
x->Parent->Left = y; 

else 



61528| 
61529| 
61530| 
61531| 
61532| 
61533| 
61534| 
61535| 
61536| 
61537| 
61538| 

I — 
61539| 
61540| 
61541| 
61542| 
61543| 
61544| 
61545| 
61546| 
61547| 
61548| 
61549| 
61550| 
61551| 
61552| 
61553| 
61554| 
61555| 
61556| 
61557| 
61558| 
61559| 
61560| 
61561| 
61562| 
61563| 
61564| 
61565| 
61566| 
61567| 

I — 
61568| 

61569| 
61570| 
61571| 
61572| 
61573| 
61574| 
615751 



x->Parent->Right = y; 
} else { 

Tree->Headl_eaf = y; 

} 

/* link x and y 7 
y->Left = x; 

if (x != NIL) x->Parent = y; 



-7 



STATIC void rotateRight(tTree Tree, tTreeLeaf *x) { 

j** ******************* ******* 

* rotate node x to Right * 

**************************** i 

tTreeLeaf *y = x->Left; 

/* establish x->Left link 7 
x->Left = y->Right; 

if (y->Right != NIL) y->Right->Parent = x; 

/* establish y->Parent link 7 

if (y != NIL) y->Parent = x->Parent; 

if (x->Parent) { 

if (x == x->Parent->Right) 
x->Parent->Right = y; 

else 

x->Parent->Left = y; 
} else { 

Tree->HeadLeaf = y; 

} 

/* link x and y 7 
y->Right = x; 

if (x != NIL) x->Parent = y; 



-7 



STATIC void insertFixup(tTree *Tree,tTreeLeaf *x) { 

I** ***************************** ****** 

* maintain Red-Black tree balance * 

* after inserting node x 



************************************* 



V 



/* check Red-Black properties 7 



61576| while (x != Tree->Headl_eaf && x->Parent->Red == 
I RED) { 



61 577| /* we have a violation 7 

61 578| if (x->Parent == x->Parent->Parent->Left) { 

61 579| tTreeLeaf *y = x->Parent->Parent->Right; 

61580| if (y->Red == RED) { 

61581| 

61582| /* uncle is RED 7 

61583| x->Parent->Red = BLACK; 

61584| y->Red = BLACK; 

61585| x->Parent->Parent->Red = RED; 

61 586| x = x->Parent->Parent; 

61587| }else{ 

61588| 

61589| I* uncle is BLACK 7 

61590| if (x == x->Parent->Right) { 

61 591 1 I* make x a Left child 7 

61592| x = x->Parent; 

61 593| rotateLeft(Tree,x); 

61594| } 
61595| 

61 596| /* recolor and rotate 7 

61 597| x->Parent->Red = BLACK; 

61598| x->Parent->Parent->Red = RED; 

61599| rotateRight(Tree,x->Parent->Parent); 

61600| } 

61601| }else{ 

61602| 

61 603| /* mirror image of above code 7 

61 604| tTreeLeaf *y = x->Parent->Parent->Left; 

61605| if (y->Red == RED) { 

61606| 

61607| /* uncle is RED 7 

61 608| x->Parent->Red = BLACK; 

61609| y->Red = BLACK; 

61 61 0| x->Parent->Parent->Red = RED; 

61 61 1 1 x = x->Parent->Parent; 

61612| }else{ 

61613| 

61 61 4| /* uncle is BLACK 7 

61 61 5| if (x == x->Parent->Left) { 

61616| x = x->Parent; 

61 61 7| rotateRight(Tree,x); 

61618| } 

61619| x->Parent->Red = BLACK; 

61620| x->Parent->Parent->Red = RED; 

61 621 1 rotateLeft(Tree,x->Parent->Parent); 

61622| } 

61623| } 



61624| } 



61625 
61626 
61627 
61628 
61629 



61630 
61631 
61632 
61633 
61634 
61635 
61636 
61637 
61638 
61639 
61640 
|t= 
61641 
61642 
61643 
61644 
61645 
61646 
61647 
61648 
61649 
61650 
61651 
61652 
61653 
61654 
61655 
61656 
61657 
61658 
61659 
61660 
61661 
61662 
61663 
61664 
61665 
61666 
61667 
61668 
61669 
61670 
61671 
61672 



Tree->Headl_eaf->Red = BLACK; 

} 
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int rbtreeJnsert(tTree Tree, tTreeLeaf *x ) { 
#ifndef _NO_TREE_STUFF_ 

ASSERT(++Tree->Writers==1 ); 

ASSERT(Tree->Readers==0); 

tTreeLeaf "current, *Parent; 
#ifdef DEBUG 

tTreeLeaf 'Grandpa; 
#endif 

// Debug(DEBUG_RBTREE_HUGE,("rbtree: insert 
3 /o08x, k=%016l64x, p=%08x\n",Tree,x->Key,x->Pos)); 

^* ********************************************** 

* allocate node for data and insert in tree * 

***********************************************^ 



DATAR EQ U EST ; 

/* find future Parent 7 

current = Tree->Headl_eaf; 

Parent = 0; 
#ifdef DEBUG 

Grandpa = 0; 
#endif 

while (current != NIL) { 
#ifdef DEBUG 

ASSERT((ULONG)current!=0xBAADF00D); 
#endif 

ASS E RT(cu rrent != N U LL) ; 

if (compEQ(x->Key, current->Key)) { 

D ATA_R E L E AS E ; 

ASSERT(--Tree->Writers==0); 

return STATUS_DUPLICATE_OBJECTID; 

} 

#ifdef DEBUG 

Grandpa = Parent; 
#endif 

Parent = current; 

current = compLT(x->Key, current->Key) ? 
current->Left : current->Right; 

} 

/* setup new node 7 



61673 
61674 
61675 
61676 
61677 
61678 
61679 
61680 
61681 
61682 
61683 
61684 
61685 
61686 
61687 
61688 
61689 
61690 
61691 
61692 
61693 
61694 
61695 
61696 
61697 
61698 
61699 
61700 
61701 
61702 
61703 
61704 
61705 
61706 
61707 
61708 
61709 
61710 
61711 
61712 

I- 
61713 
61714 
61715 
61716 
61717 
61718 
61719 
61720 
61721 



x->Parent = Parent; 
x->Left = NIL; 
x->Right = NIL; 
x->Red = RED; 

/* insert node in tree 7 
if (Parent) { 

if(compLT(x->Key, Parent->Key)) 
Parent->Left = x; 

else 

Parent->Right = x; 
} else { 

Tree->HeadLeaf = x; 

} 

insertFixup(Tree,x); 

#ifdef DEBUG 

pTreeLeaf Temp=rbtree_Search(Tree,x->Key); 

ASSERT(Temp==x); 

maxdepth = -1 ; 

depth = 0; 

if(Grandpa) { 

ASSERT(checkProperty(Tree,Grandpa)); 
} else 
if (Parent) { 

ASSERT(checkProperty(Tree,Parent)); 
} else { 

ASSERT(Tree->HeadLeaf == x); 

} 

#endif 

Tree->NumberNodes++; 
DATARELEASE; 
ASSERT(--Tree->Writers==0); 
#endif 

return STATUS_SUCCESS; 

} 

/* 
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STATIC void deleteFixup(tTree *Tree, tTreeLeaf *x) { 

^* ************************************ 

* maintain Red-Black tree balance * 

* after deleting node x 

************************************* J 

while (x != Tree->Headl_eaf && x->Red == BLACK) { 
if (x == x->Parent->Left) { 



61 722| tTreeLeaf *w = x->Parent->Right; 

61 723| if (w->Red == RED) { 

61724| w->Red = BLACK; 

61725| x->Parent->Red = RED; 

61 726| rotateLeft (Tree,x->Parent); 

61 727| w = x->Parent->Right; 

61728| } 

61 729| if (w->Left->Red == BLACK && w->Right->Red 

| == BLACK) { 

61730| w->Red = RED; 

61731| x = x->Parent; 

61732| }else{ 

61 733| if (w->Right->Red == BLACK) { 

61 734| w->Left->Red = BLACK; 

61735| w->Red = RED; 

61 736| rotateRight (Tree,w); 

61 737| w = x->Parent->Right; 

61738| } 

61 739| w->Red = x->Parent->Red; 

61 740| x->Parent->Red = BLACK; 

61 741 1 w->Right->Red = BLACK; 

61 742| rotateLeft (Tree,x->Parent); 

61 743| x = Tree->HeadLeaf ; 

61744| } 

61745| }else{ 

61 746| tTreeLeaf *w = x->Parent->Left; 

61 747| if (w->Red == RED) { 

61 748| w->Red = BLACK; 

61749| x->Parent->Red = RED; 

61 750| rotateRight (Tree,x->Parent); 

61 751 1 w = x->Parent->Left; 

61752| } 

61 753| if (w->Right->Red == BLACK && w->Left->Red 

| == BLACK) { 

61754| w->Red = RED; 

61 755| x = x->Parent; 

61756| }else{ 

61 757| if (w->Left->Red == BLACK) { 

61 758| w->Right->Red = BLACK; 

61759| w->Red = RED; 

61 760| rotateLeft (Tree,w); 

61 761 1 w = x->Parent->Left; 

61762| } 

61 763| w->Red = x->Parent->Red; 

61 764| x->Parent->Red = BLACK; 

61 765| w->Left->Red = BLACK; 

61 766| rotateRight (Tree,x->Parent); 

61 767| x = Tree->HeadLeaf ; 

61768| } 

61769| } 



61770 
61771 
61772 
61773 
61774 



61775 
61776 
61777 
61778 
61779 
61780 
61781 
61782 
|t=' 
61783 
61784 
61785 
61786 
61787 
61788 
61789 
61790 
61791 
61792 
61793 
61794 
61795 
61796 
61797 
61798 



61799 
61800 
61801 
61802 
61803 
61804 
61805 
61806 
61807 
61808 
61809 
61810 



61811 
61812 
61813 
61814 
61815 



} 

x->Red = BLACK; 

} 



• 7 

tTreeLeaf *rbtree_Delete(tTree Tree, keyType Key) { 
#ifndef _NO_TREE_STUFF_ 

ASSERT(++Tree->Writers==1 ); 

ASSERT(Tree->Readers==0); 

tTreeLeaf *x, *y, *z; 

// Debug(DEBUG_RBTREE_HUGE,("rbtree: delete 
5 /o08x, k=%01 6l64x\n",Tree,Key)); 

^* **************************** 

* delete node z from tree * 

***************************** J 

D ATA_R EQ U E ST ; 

/* find node in tree 7 

z = Tree->Headl_eaf; 

while(z != NIL) { 
#ifdef DEBUG 

ASSERT((ULONG)z!=0xBAADF00D); 
#endif 

if(compEQ(Key, z->Key)) 

break; 
else 

z = compLT(Key, z->Key) ? z->Left : 



I z->Right; 



} 

if (z==NIL) { 

DATA_RELEASE; 
ASSERT(--Tree->Writers==0); 
return NULL; 

} 

if (z->Left == NIL || z->Right == NIL) { 
/* y has a NIL node as a child 7 
y = z; 

} else { 

/* find tree successor with a NIL node as a 



| child 7 



y = z->Right; 

while (y->Left != NIL) y = y->Left; 

} 

/* x is y's only child 7 



61816 
61817 
61818 
61819 
61820 
61821 
61822 
61823 
61824 
61825 
61826 
61827 
61828 
61829 
61830 
61831 
61832 
61833 
61834 
61835 
61836 
61837 
61838 
61839 
61840 
61841 
61842 
61843 
61844 
61845 
61846 
61847 
61848 
61849 
61850 
61851 
61852 
61853 
61854 



61855 
61856 
61857 
61858 
61859 
61860 
61861 
61862 
61863 
61864 



if (y->Left != NIL) 

x = y->Left; 
else 

x = y->Right; 

/* remove y from the Parent chain 7 
x->Parent = y->Parent; 
if (y->Parent) 

if (y == y->Parent->Left) 
y->Parent->Left = x; 

else 

y->Parent->Right = x; 

else 

Tree->Headl_eaf = x; 

// we are actually going to delete the 
// next lowest number, and move its data 
// into our node 
if (y != z) { 

key Type Key=z->Key; 

ULONG Pos=z->Pos; 

z->Key = y->Key; 

z->Pos = y->Pos; 

y->Pos = Pos; 

y->Key = Key; 

} 



if (y->Red == BLACK) 
deleteFixup (Tree,x); 



#ifdef DEBUG 

// make sure theres not still one in the tree 
y->Parent = (tTree Leaf *) Ox BAA D F00 D ; 
y->Right = (tTreeLeaf*)0xBAADF00D; 
y->Left = (tTreeLeaf*)0xBAADF00D; 
if(Tree->NumberNodes>1) { 
// theres a bug somewhere in here when we 



| delete 



// the last node in the tree. I dont have time 
// to find it, and it only affects debug builds 
// rob - 4-7-2001 

ASSERT(rbtree_Search(Tree,y->Key)==NULL); 
} else { 

ASSERT(Tree->NumberNodes==1 ); 

} 

#endif 

Tree->NumberNodes-; 



61865| 
61866| 
|is) 
61867| 
61868| 
61869| 
61870| 
61871| 
61872| 
61873| 
61874| 
61875| 
61876| 
61877| 
61878| 
61879| 

I — 
61880| 
61881| 
61882| 
61883| 
61884| 
61885| 
61886| 
61887| 
61888| 
61889| 
61890| 
61891| 
61892| 
61893| 
61894| 
61895| 
61896| 
61897| 
61898| 

| ASSERT(lnterlockedDecrement(&Tree->Readers)>=0); 
return current; 
} else { 

current = compLT (Key, current->Key) ? 
current->Left : current->Right; 

} 

} 

D ATA_R EL E AS E ; 
#endif 

ASSERT(lnterlockedDecrement(&Tree->Readers)>=0); 
return NULL; 

} 



61899 
61900 
61901 
61902 
61903 
61904 
61905 
61906 
61907 
61908 
61909 
61910 
61911 



// y may not equal the node they searched for! (z 

DATARELEASE; 
ASSERT(-Tree->Writers==0); 

if(Tree->NumberNodes==0) { 
rbtreeJnit(Tree); 

} 

return y; 
#else 

return NULL; 
#endif 
} 

r 

*/ 

tTreeLeaf *rbtree_Search(tTree Tree, key Type Key ) { 
#ifndef _NO_TREE_STUFF_ 

ASS ERT( I nterlocked I ncrement(&Tree->Readers)>0) ; 

J* ****************************** 

* find node containing data * 

******************************* J 

tTreeLeaf *current = Tree->Headl_eaf; 

D ATA_R EQ U EST ; 

while(current != NIL) { 
#ifdef DEBUG 

ASSERT((ULONG)current!=0xBAADF00D); 
#endif 

if(compEQ(Key, current->Key)) { 
DATA_RELEASE; 



//- 



I 

61912| 

61913| tTreeLeaf *rbtree_GetNextlnOrder( tTree Tree, 

| tTreeLeaf *Current ) 
61914| { 

61915| ASSERT(lnterlockedlncrement(&Tree->Readers)>0); 
61916| if(Current->Right!=NIL) { 
61917| //find left most node which will be the next 
| highest 

61918| Current = Current->Right; 

61919| while(Current->Left!=NIL) { 

61 920| Current = Current->Left; 

61921| } 

61922| }else{ 

61923| //search until 

61924| while((Current->Parent!=NULL) && 

| (Current->Parent->Right==Current)) { 
61 925| Current=Current->Parent; 
61926| } 

61927| Current=Current->Parent; 
61928| } 

61929| ASSERT(lnterlockedDecrement(&Tree->Readers)>=0); 
61930| return Current; 
61931| } 
61932| 

61933| // 

| 

61934| 

61935| tTreeLeaf *rbtree_SearchUpperBound ( tTree *Tree, 

| key Type Key ) 
61936| { 

61937| ASSERT(lnterlockedlncrement(&Tree->Readers)>0); 
61938| 

61939| tTreeLeaf *upperBound = NULL; 
61940| tTreeLeaf *current = NIL; 
61941| 

61942| DATAREQUEST; 
61943| 

61944| current = Tree->HeadLeaf; 

61945| while ( current != NIL ) { 

61946| if(compEQ(Key, current->Key)) { 

61 947| DATARELEASE; 

61948| 

| ASSERT(lnterlockedDecrement(&Tree->Readers)>=0); 
61949| return current; 

61950| }else{ 

61 951 1 if ( compLT(Key,current->Key) ) { 

61952| upperBound = current; 

61 953| current = current->Left; 

61954| }else{ 



61955 
61956 
61957 
61958 
61959 
61960 
61961 
61962 
61963 
61964 
61965 
61966 

I- 
61967 



| (*FreeFunc)(void *Handle) ) 



61968 
61969 
61970 
61971 
61972 
61973 



| t=%08x\n",Tree)); 



61974 
61975 
61976 
61977 
61978 
61979 
61980 
61981 
61982 
61983 



61984 
61985 
61986 
61987 
61988 



61989 
61990 
61991 
61992 
61993 



current = current->Right; 

} 

} 

} 

DATA_RELEASE; 

ASSERT(lnterlockedDecrement(&Tree->Readers)>=0); 
return upperBound; 



r- 



• 7 

void rbtree_DeleteAII( tTree Tree, void 



{ 



tTreeLeaf *Node; 



ASSERT(Tree->Writers==0); 
ASSERT(Tree->Readers==0); 
// Debug(DEBUG_RBTREE_HUGE,("rbtree: deleteall : 



Node=Tree->HeadLeaf; 
while( Node!=NIL ) { 

FreeFunc( rbtree_Delete(Tree, Node->Key) ); 

Node = Tree->Headl_eaf; 

} 

// reinit tree... 
rbtree_lnit( Tree ); 



• 7 

void rbtree_DeleteAIIQuick( tTree *Tree ) 
{ 

ASSERT(Tree->Writers==0); 
ASSERT(Tree->Readers==0); 
// Debug(DEBUG_RBTREE_HUGE,("rbtree: deleteallq: 



t=%08x\n",Tree)); 



// reinit tree... 
rbtree_lnit( Tree ); 

} 

/* 

I ./ 

61994| void rbtree_lnit( tTree Tree ) { 
61995 

61996| // Debug(DEBUG_RBTREE_HUGE,("rbtree: init 

| t=%08x\n",Tree)); 
61997| DATA_REQUEST; 



61998 
61999 
62000 
62001 
62002 
62003 
62004 
62005 
62006 
62007 
62008 
62009 
62010 
62011 
62012 
62013 
62014 

I- 
62015 
62016 
62017 
62018 
62019 
62020 
62021 
62022 
62023 
62024 
62025 
62026 
62027 
62028 
62029 
62030 
62031 
62032 
62033 
62034 
62035 
62036 
62037 
62038 
62039 
62040 
62041 
62042 
62043 
62044 
62045 
62046 



Tree->TailLeaf = &Tree->TheTailStorage; 

Tree->TailLeaf->Left = NIL; 

Tree->TailLeaf->Right = NIL; 

Tree->TailLeaf->Red = BLACK; 

Tree->TailLeaf->Pos = INVALID_POSITION_VALUE; 

Tree->TailLeaf->Key = 0; 

Tree->HeadLeaf = NIL; 

Tree->NumberNodes = 0; 
#ifdef DEBUG 

Tree->Readers = 0; 

Tree->Writers = 0; 
#endif 

D ATA_R EL E AS E ; 

} 



File Listing: RBTREE.h 

#define MAXTREES MAXDEVICES 

/*lint -save -e6527 
#ifndef LONG 

#define LONG unsigned long 
#endif 

#ifndef ULONG 

#define ULONG unsigned long 
#endif 

#ifndef NULL 
#define NULL 0 
#endif 

#ifndef MAXDEVICES 
#define MAXDEVICES 32 
#endif 

#ifndef ULONGLONG 

#define ULONGLONG unsigned int64 

#endif 

#ifndef BYTE 

#define BYTE unsigned char 
#endif 

/*lint -restore*/ 



62047| 

62048| #ifndef STATUS_SUCCESS 

62049| typedef ULONG NTSTATUS; 

62050| #define STATUS_INSUFFICIENT_RESOURCES 

| ((NTSTATUS)0xC000009AL) // ntsubauth 
62051 1 #def ine STATUS_DUPLICATE_OBJECTID 

| ((NTSTATUS)0xC000022AL) 
62052| #define STATUS_NONEXISTENT_SECTOR 

| ((NTSTATUS)0xC0000015L) 
62053| #define STATUS_KEY_NOT_FOUND 

| STATUS_NONEXISTENT_SECTOR 
62054| #define STATUS_SUCCESS 

| ((NTSTATUS)0x00000000L) // ntsubauth 
62055| #endif 
62056| 

62057| typedef ULONGLONG keyType; /* type of key 7 

62058| 

62059| /* implementation independent declarations 7 
62060| /* Red-Black tree description 7 
62061 | 

62062| #define RED 1 
62063 1 #define BLACK 0 
62064| 

62065| typedef struct sTreeLeaf { 

62066| struct sTreeLeaf *Left; /* left child 7 

62067| struct sTreeLeaf *Right; /* right child 7 

62068| struct sTreeLeaf *Parent; /* parent 7 

62069| ULONG Pos:31; 

62070| ULONG Red:1; 

62071 1 keyType Key; /* key used for 

| searching 7 
62072 1 } tTreeLeaf, *pTreeLeaf; 
62073 1 

62074| // tTreeLeaf->Pos is only 31 bits 

62075| #define INVALID_POSITION_VALUE (0x7fffffff) 

62076| 

62077| typedef struct sTree { 
62078| tTreeLeaf *TailLeaf; 
62079| tTreeLeaf *HeadLeaf; 
62080| tTreeLeaf TheTailStorage; 
62081 1 ULONG NumberNodes; 
62082| #ifdef DEBUG 
62083| signed long Writers; 
62084| signed long Readers; 
62085| #endif 
62086| } tTree,*pTree; 
62087| 
62088| 
62089 1 

62090| void rbtree_lnit( tTree *Tree ); // must be 



I called prior to using this lib 
62091 1 int rbtree_lnsert( tTree *Tree, tTreeLeaf *Node ); 

| // 0 if so inserted otherwise error code 
62092 1 tTreeLeaf *rbtree_Search( tTree *Tree, key Type Key); 

| // returns ==TailLeaf if not found 
62093| tTreeLeaf *rbtree_Delete( tTree Tree, keyType Key); 

| // returns pointer to node deleted. 
62094| void rbtree_DeleteAII( tTree Tree, void 

| (*FreeFunc)(void *Handle) ); 
62095| tTreeLeaf *rbtree_SearchllpperBound ( tTree Tree, 

| keyType Key ); 
62096| tTreeLeaf *rbtree_SearchLowerBound ( tTree *Tree, 

| keyType Key ); 
62097| tTreeLeaf *rbtree_GetNextlnOrder( tTree Tree, 

| tTreeLeaf *Current ); 
62098| tTreeLeaf *rbtree_GetPrevlnOrder( tTree Tree, 

| tTreeLeaf *Current ); 
62099 | 
62100| 

62101 1 #ifdef RBTREE_TEST 

62102| void rbtree_DumpTree ( tTree Tree ); 

62103| int rbtree_CheckProperties(tTree Tree); 

62104| 

62105| void rbtree_Count ( tTree Tree, LONG *ls, LONG 
| *ShouldBe); 

62106| void rbtree_Audit ( tTree Tree, LONG *ls, LONG 

| *ShouldBe, LONG Total ); 
62107| void rbtree_GraphTree ( tTree Tree ); 
62108| #endif 
62109| 
62110| 
62111| 

62112| File Listing: READ.cpp 
62113| 

62114| #include "precomp.h" 

62115| 

62116| 

62117| /* 



62118| NTSTATUS 
62119| PSManRead( 

62120| IN PDEVICE_OBJECT DeviceObject, 

62121| IN PIRP Irp 

62122| ) 

62123| 

62124| /*++ 

62125| 

62126| Routine Description: 
62127| 

621 28| This is the driver entry point for read requests 



62129| to disks to which the PSMan driver has attached. 
62130| This driver collects statistics and then sets a 
| completion 

621 31 1 routine so that it can collect additional 

| information when 
62132| the request completes. Then it calls the next 

| driver below 
62133| it. 
62134| 

62135| Arguments: 
62136| 

62137| DeviceObject 
62138| Irp 
62139| 

62140| Return Value: 
62141| 

62142| NTSTATUS 

62143| 

62144| -7 

62145| 

62146| { 

621 47| switch(PsmGetObjectType(DeviceObject)) { 
62148| case OBJECTJNTERNAL 
62149| return PSManReadObject(DeviceObject, Irp); 

62150| case OBJECT_FILTEREDDISK : 
62151| return PSManReadDevice(DeviceObject, Irp); 

62152| case OBJ ECT_VIRTUALDISK : 
62153| return PSManReadVDisk(DeviceObject, Irp); 

62154| case OBJ ECT_FS_FILTER : 
62155| return PSManReadFSFilter(DeviceObject, 

I Irp); 

62156| caseOBJECT_FS_OBJECT : 

62157| return PSManReadFSObject(DeviceObject, 

I Irp); 
62158| default: 

62159| lrp->loStatus. Status = STATUS_NO_SUCH_DEVICE; 

62160| lrp->loStatus. Information = 0 ; 

62161 1 loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

621 62 1 return STATUS_NO_SUCH_DEVICE; 

62163| } 

62164| }//PSManRead 

62165| 

62166| 

62167| /* 



62168| STATIC NTSTATUS 

62169| PSManReadObject( 

62170| IN PDEVICE_OBJECT DeviceObject, 

62171| INPIRPIrp 

62172| ) 



62173| 
62174| /*++ 
62175| 

62176| Routine Description: 
62177| 

621 78| This is the driver entry point for read requests 
621 79| to disks to which the PSMan driver has attached. 
62180| This driver collects statistics and then sets a 
| completion 

621 81 1 routine so that it can collect additional 

| information when 
62182| the request completes. Then it calls the next 

| driver below 
62183| it. 
62184| 

62185| Arguments: 
62186| 

62187| DeviceObject 
62188| Irp 
62189| 

62190| Return Value: 
62191| 

62192| NTSTATUS 

62193| 

62194| -7 

62195| 

62196| { 

62197| NTSTATUS Status=STATUS_INVALID_PARAMETER; 

62198| NOT_REFERENCED(DeviceObject); 

62199| 

62200| Debug(DEBUG_PROCCALL,( M PSManReadObject Called\n M )); 
62201 1 lrp->loStatus.Status = Status; 
62202| lrp->loStatus. Information = 0; 
62203 | 

62204| loCompleteRequest(lrp, IO_NO_INCREMENT); 

62205| Debug(DEBUG_PROCCALL,( M PSManReadObject Done\n")); 

62206 1 return Status; 

62207| } // PSManReadObject 

62208| 

62209 | 

62210| /* 



62211| STATIC NTSTATUS 

62212| PSManReadDevice( 

62213| IN PDEVICE_OBJECT DeviceObject, 

62214| IN PIRP Irp 

62215| ) 

62216| 

62217| /*++ 

62218| 



62219| Routine Description: 
62220| 

62221 1 This is the driver entry point for read requests 
62222| to disks to which the PSMan driver has attached. 
62223| This driver collects statistics and then sets a 
| completion 

62224| routine so that it can collect additional 

| information when 
62225| the request completes. Then it calls the next 

| driver below 
62226| it. 
62227| 

62228| Arguments: 
62229 | 

62230 1 DeviceObject 
62231| Irp 
62232| 

62233| Return Value: 
62234| 

62235| NTSTATUS 

62236| 

62237| -7 

62238| 

62239| { 

62240| 

62241 | 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FILTEREDDI 
|SK); 

62242| // tell psm that we have an io pending 
62243| GetGlobalDeviceForRead(); 
62244| _try { 
62245| 

62246| #ifdef DEBUG 

62247| if(((PFILTERED_EXTENSION) 

| GetDeviceExtension(DeviceObject))->PSMed) { 
62248| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
62249| TRACE( TRACE_READ, 

62250| 0, 
62251 | 

| (long)(currentlrpStack->Parameters.Read.ByteOffset.QuadP 
| art/ 51 2), 

62252 1 cu rrent I rpStack-> Parameters . Read . Length 

1/512, 

62253 1 cu rrent I rpStack-> Parameters . Read . Key, 

62254| MM ); 
62255| } 
62256| #endif 
62257| #if 0 

62258| if(DevExt->PSMed) { 



62259| // for testing bad sector handling. 



62260| if(1) { 

62261| #define NUMBADSECTORS (1) 

62262| ULONG BadSector[] = { 8370841 }; 
62263 1 

62264| // if our thread, and the physical 

| object, inject some bad sectors 

62265| if((!Audit) && 

62266| (DevExt->lsPhysical)) { 

62267| int i; 

62268| ULARGEJNTEGER UL; 

62269| ULONG Remainder; 

62270| ULONG Sector,Count; 
62271 1 

62272| // physical sector on disk... 

62273| UL.QuadPart = 



| currentlrpStack->Parameters.Read.ByteOffset.QuadPart + 
62274| 

| DevExt->StartingOffset.QuadPart; 
62275| 

62276| Sector = RtlEnlargedUnsignedDivide 

| ( UL, DevExt->BytesPerSector, &Remainder); 

62277| Count = 

| currentlrpStack->Parameters. Read. Length / 
| DevExt->BytesPerSector; 

62278| 

62279| for(i=0;i<NUMBADSECTORS;i++) { 

62280| if( (BadSector[i] >= Sector) && 

| (BadSector[i] < Sector+Count)) { 
62281 1 // we have a sector in 

| range 
62282 1 

| Debug(DEBUG_READ,("Returning bad sector %d in read %d 

| for %d\n",BadSector[i],Sector, Count)); 
62283| lrp->loStatus.Status = 

| STATU S_D AT A_E R RO R ; 
62284| lrp->loStatus. Information = 

|0; 
62285| 

62286| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
62287| return STATU S_DATA_ERROR; 

62288| } 
62289| } 
62290 1 } 
62291| } 
62292| } 

62293| // end of testing for bad sectors handling. 

62294| #endif 

62295| 



62296| // acquire physical spin lock 
62297| { 

62298| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
62299| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
62300| KIRQL oldlrql; 

62301 1 pmAcquireSpinLock ( 

| &DevExt->StatisticsSpinLock, &oldlrql ); 
62302| // update the logical partition 

62303| DevExt->SectorsRead += 

| (currentlrpStack->Parameters. Read. Length / 

| DevExt->BytesPerSector ); 
62304| DevExt->NumberOfReadRequests++; 
62305| 

62306| // update the physical drive 

62307| //PhyExt->SectorsRead += 

| (currentlrpStack->Parameters. Read. Length / 

| PhyExt->BytesPerSector); 
62308| //PhyExt->NumberOfReadRequests++; 
62309| pmReleaseSpinLock( 

| &DevExt->StatisticsSpinLock, oldlrql ); 
62310| } 
62311| 
62312| 

| if((GetFilteredExtension(DeviceObject))->SignalRead) { 
62313| // inform about read. 

62314| 

| pmSetEvent(&(GetFilteredExtension(DeviceObject))->ReadEv 

I ent); 
62315| } 
62316| #if 0 

6231 7\ if(PhyExt->SignalRead) { 

62318| // inform about read. 

62319| pmSetEvent(&(PhyExt->ReadEvent)); 

62320| } 

62321|#endif 

62322 1 I* 

62323| if((DevExt->PSMed) || (PhyExt->PSMed)) { 
62324| Debug(DEBUG_INFO,("Read: 
| PsGetCurrentProcess=%08x " 



62325| 


"PsGetCurrentThread=%08x " 


62326| 


"loGetCurrentProcess=%08x " 


62327| 


"KeGetCurrentThread=%08x " 


62328| 


"User Thread=%08x\n", 


62329 1 


PsGetCurrentProcess(), 


62330 1 


PsGetCurrentThread(), 


62331 | 


loGetCurrentProcess(), 


62332 1 


KeGetCurrentThreadO, 


62333 1 


lrp->Tail.Overlay.Thread 



62334| )); 
62335| } 
62336| 7 
62337| 

62338| } ^finally { 

62339| ReleaseGlobalDeviceForRead(); 
62340| } 
62341 | 

62342| return PSManPassThru(DeviceObjectJrp); 
62343 1 

62344| } // PSManReadDevice 
62345| 

62346| r 



62347| STATIC NTSTATUS ReadPreProcessSpecialSectors ( 

| PDEVICE_OBJECT DeviceObject, 
62348| ULONG 

| LogSector, 
62349| ULONG 

| Count, 

62350 1 char 

| *Buffer ) 
62351 | { 

62352| NOTREFERENCED(DeviceObject); 
62353| NOT_REFERENCED(LogSector); 
62354| NOT_REFERENCED(Count); 
62355| NOTREFERENCED(Buffer); 
62356| return STATUS_SUCCESS; 
62357| } 
62358| 

62359| r 



62360| STATIC NTSTATUS ReadPostProcessSpecialSectors ( 

62361| PDEVICE_OBJECT DeviceObject, 

62362| ULARGEJNTEGER LogSector, 

62363| ULONG /*Count7, 

62364| char 'Buffer ) 

62365| { 

62366| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DeviceObject); 
62367| 

62368| if( (DevExt->lsPhysical) && 

| (LogSector.QuadPart==0)) { 
62369| // this updates the MBR with our special copy 
62370| // (Different Serial Numbers, etc., see 

| devcon.c for more 
62371 1 // info 

62372| //Debug(DEBUG_READ,("VDisk: Read: Physical 

| sector 0 before changes\n")); 
62373| //DumpSector(Buffer,512); 



62374| ((tMBR*)Buffer)->SerialNumber = 

| DevExt->SerialNumber; 
62375| //Debug(DEBUG_READ,("VDisk: Read: Physical 

| sector 0 after changes\n")); 
62376| //DumpSector(Buffer,512); 
62377| 

62378| //Debug(DEBUG_READ,("VDisk: Read: Modified 

| Master Boot Record\n M )); 
62379 1 } 

62380 1 // if a logical drive then change the serial 

| numbers. 
62381 1 

62382| if((!DevExt->lsPhysical) && 

| (LogSector.QuadPart==0)) { 
62383| //Debug(DEBUG_READ,("VDisk: Read: 



I \n M )); 

62384| #if DO_ALL_IO 

62385| Debug(DEBUG_READ,("VDisk: Read: Logical 

| sector 0 before changes\n")); 
62386| DumpBootSector( Buffer ); 

62387| #endif /*D0_ALL_I07 
62388| 

62389| switch(DevExt->Pi.PartitionType & 0x3f) { 
62390 | 

62391 1 // DOS Fat boot sector. 

62392| case PARTITION_XINT1 3 : // Win95 

| partition using extended int13 services 
62393| case PARTITION_FAT_12 

62394| case PARTITION_FAT_16 

62395| case PARTITION_HUGE 

62396| DoAsFATI 6: 

62397| // make sure it is fat... as nt has a 

| nasty habit of return type 6 
62398| if 

| (strncmp(((PNTFS_BOOT_SECTOR)Buffer)->Oemld, M NTFS M ,4)==0 

l){ 

62399| goto DoAsNTFS; 

62400| } 
62401 1 if 

| (strncmp(((PFAT32_BOOT_SECTOR)Buffer)->Oemld, M FAT32 M ,5)= 

l=0){ 

62402| goto DoAsFAT32; 

62403 1 } 

62404| //thisisaULONG 

62405| ((PFAT_BOOT_SECTOR)Buffer)->VolumelD = 

| (DevExt->SerialNumber & OxffffffOO) | DevExt->lnstance; 

62406| DevExt->Cluster0Offset = 

| (((PFAT_BOOT_SECTOR)Buffer)->ReservedSectors+ 

62407| 



I ((((PFAT_BOOT_SECTOR)Buffer)->SectorsPerFat* 
62408| 

I ((PFAT_BOOT_SECTOR)Buffer)->NumberOfFats))+ 
62409| 

| ((((PFAT_BOOT_SECTOR)Buffer)->RootDirectory*sizeof(FAT_D 
| IR_ENTRY))/DevExt->BPS)); 
62410| Debug(DEBUG_READ,("VDisk: Read: Changed 

| serial number on FAT1 2/1 6 volume '%S' to 

| %08x\n",DevExt->Name,((PFAT_BOOT_SECTOR)Buffer)->Volumel 
I D)); 

6241 1 1 break; 
62412| 

62413| // NTFS boot sector 

62414| case PARTITION J FS 

62415| DoAsNTFS: 

6241 6| // make sure it is fat... as nt has a 

| nasty habit of return type 6 
62417| if 

| (strncmp(((PFAT32_BOOT_SECTOR)Buffer)->Oemld,"FAT32",5)= 

l=0){ 

62418| goto DoAsFAT32; 

62419| } 
62420| if 

| (strncmp(((PFAT_BOOT_SECTOR)Buffer)->Oemld,"FAT1 6",5)==0 

l){ 

62421| goto DoAsFAT16; 

62422 1 } 
62423 1 if 

| (strncmp(((PFAT_BOOT_SECTOR)Buffer)->Oemld, M FAT12 M ,5)==0 

l){ 

62424| goto DoAsFAT16; 

62425| } 

62426| // this is a ULARGEJNTEGER 

62427| 

| ((PNTFS_BOOT_SECTOR)Buffer)->SerialNumber.LowPart = 
| DevExt->lnstance; 
62428| 

| ((PNTFS_BOOT_SECTOR)Buffer)->SerialNumber.HighPart = 

| DevExt->SerialNumber; 
62429 1 DevExt->Cluster0Offset = 0; 

62430| Debug(DEBUG_READ,("VDisk: Read: Changed 

| serial number on NTFS volume '%S' to 

| %08x%08x\n M ,DevExt->Name,((PNTFS_BOOT_SECTOR)Buffer)->Se 
| rialNumber.HighPart,((PNTFS_BOOT_SECTOR)Buffer)->SerialN 
| umber.LowPart)); 



62431| break; 
62432| 

62433| case P A RT I T I O N_F AT32 

62434| case PARTITION_FAT32_XINT13 : 



62435| DoAsFAT32: 



62436| // make sure it is fat... as nt has a 

| nasty habit of return type 6 
62437| if 

| (strncmp(((PNTFS_BOOT_SECTOR)Buffer)->Oemld, M NTFS",4)==0 

l){ 

62438| goto DoAsNTFS; 

62439| } 
62440| if 

| (strncmp(((PFAT_BOOT_SECTOR)Buffer)->Oemld, M FAT1 6",5)==0 

l){ 

62441| goto DoAsFAT16; 

62442 1 } 
62443 1 if 

| (strncmp(((PFAT_BOOT_SECTOR)Buffer)->Oemld,"FAT1 2",5)==0 

l){ 

62444| goto DoAsFAT16; 

62445| } 

62446| 

62447| //thisisaULONG 

62448| ((PFAT32_BOOT_SECTOR)Buffer)->VolumelD 

| = (DevExt->SerialNumber & OxffffffOO) | 

| DevExt->lnstance; 
62449 1 DevExt->Cluster0Offset = 

| (((PFAT32_BOOT_SECTOR)Buffer)->ReservedSectors+ 
62450 1 

| ((((PFAT32_BOOT_SECTOR)Buffer)->LargeSectorsPerFat* 
62451 | 

| ((PFAT32_BOOT_SECTOR)Buffer)->NumberOfFats))); 
62452| Debug(DEBUG_READ,("VDisk: Read: Changed 

| serial number on FAT32 volume '%S' to 

| %08x\n",DevExt->Name,((PFAT32_BOOT_SECTOR)Buffer)->Volum 

I elD)); 
62453 1 break; 
62454 1 

62455| case PARTITION_LDM 

62456| case PARTITION_EXTENDED 

62457| case PARTITION_XINT13_EXTENDED : // Same as 

| type 5 but uses extended int13 services 
62458| case PARTITION_ENTRY_UNUSED : 

62459| case PARTITION_PREP 

62460| case PARTITION_UNIX 

62461| case PARTITION_XENIX_1 

62462| case PARTITION_XENIX_2 

62463| Debug(DEBUG_READ,("VDisk: Read: 

| Unsupported partition type %d, Unable to change serial 

| numbers on volume 

| '%S'\n", DevExt->Pi. PartitionType, DevExt->Name)); 
62464| DevExt->Cluster0Offset = 0; 

62465| break; 
62466| default: 



62467| Debug(DEBUG_READ,("VDisk: Read: Unknown 

| Partition type %d, Unable to fudge serial numbers on 
| volume '%S'\n",DevExt->Pi.PartitionType,DevExt->Name)); 

62468| DevExt->ClusterOOffset = 0; 

62469| break; 

62470| } 

62471 | 

62472| //Debug(DEBUG_READ,("VDisk: Read: Logical 

| sector 0 after changes\n")); 
62473| //DumpSector(Buffer,512); 
62474| //DumpBootSector( Buffer ); 
62475| //Debug(DEBUG_READ,("VDisk: Read: 

I 

I Nn")); 
62476| 
62477| } 
62478| #if 0 
62479 1 { 

62480 1 ULONG i; 
62481 | 

62482| for(i=0;i<Count;i++) { 

62483| Debug(DEBUG_READ, ("Logical Sector %l64u, 

| Physical Sector 

| %d\n",i+LogSector.QuadPart,i+PhySector)); 
62484| DumpSector(&Buffer[i*512],512); 
62485| } 
62486| } 
62487| #endif 

62488| return STATUS_SUCCESS; 
62489 1 } 
62490 1 

62491 1 r 



62492 1 STATIC NTSTATUS TdWaitForReadWork() 
62493 1 { 

62494| PVOID ObjectTable[2] = { SVDiskExitingEvent, 

| &ReadVDiskSemaphore }; 
62495| 

62496| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
62497| return pmWaitForMultipleObjects(ObjectTable,2,NULL); 
62498| } 
62499 1 

62500| r 



62501 1 void ReadVDiskThread ( PVOID Context ) 
62502 1 { 

62503| ULONG Exiting=0; 
62504| NTSTATUS Status=0; 

62505| ULONG TempBufferSize=GRANULE_SIZE*2; 
62506| PCHAR TempBuffer=NULL; 



62507| 

62508| NOT_REFERENCED(Context); 

62509| PAGED_CODE(); 

62510| 

62511| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

62512| VDiskNumberOfThreads++; 

62513| pmReleaseMutex ( &VDiskThreadMutex); 

62514| 

62515| 

| TempBuffer=(char*)MemAllocatePoolWithTag(PagedPool,TempB 
| ufferSize,PSM_VDISK_BUFFER_TAG); 
62516| 

62517| RestartThreadFromError: 
62518| 

62519| _try{ 

62520| while(IExiting) { 

62521 1 Status = TdWaitForReadWork(); 

62522 1 

62523| if(Status == STATUS_WAIT_1 ) { 

62524| PLIST_ENTRY ListEntry=NULL; 

62525| 

62526| // we should not be at anything other, 

| if APCJ-EVEL. 
62527| ASSERT(KeGetCurrentlrql() == 

| PASSIVEJ.EVEL); 
62528| 

62529 1 GetAnother: 

62530| ListEntry = ExInterlockedRemoveHeadList 

l( 

62531 1 SReadVDiskQueue, // List Head 

62532| &ReadVDiskSpinLock // Lock 

62533 1 ); 
62534| 

62535| if((ListEntry) && 

| (ListEntry!=&ReadVDiskQueue)) { 
62536| tRead Request 

| *ReadRequest=NULL; 
62537| PVDISK_EXTENSION DevExt=NULL; 

62538| PIO_STACK_LOCATION 

| currentlrpStack=NULL; 
62539| CHAR lolncrement = 

| IO_NO_INCREMENT; 
62540| char *Buffer=NULL; 

62541| KIRQL oldlrql; 

62542| 

62543| Hint -save -6413 V 

62544| ReadRequest = CONTAINING_RECORD( 

| ListEntry, tReadRequest, ListEntry ); 
62545| Hint -restore V 

62546| 



62547| DevExt = GetVDiskExtension 

| (ReadRequest->DeviceObject); 
62548| 

62549 1 if ( I s Be i ng P rocessed Ex ( Read Req u est) ) 

|{ 

62550| BOOLEAN OnlyOne=FALSE; 

62551 | 

62552| pmAcquireSpinLock ( 

| &ReadVDiskSpinl_ock, &oldlrql ); 
62553 1 InsertTailList 

| (&ReadVDiskQueue,&ReadRequest->ListEntry); 
62554| 

62555| // if only one on list 

62556| if(ReadVDiskQueue.Flink == 

| &ReadRequest->ListEntry) { 
62557| OnlyOne=TRUE; 
62558| } 
62559 1 pmReleaseSpinl_ock( 

| &ReadVDiskSpinLock, oldlrql ); 
62560| if(OnlyOne) { 

62561 1 LARGEJNTEGER TimeToWait = 

|{0}; 

62562| TimeToWait.QuadPart = 

| RELATIVE(MILLISECONDS(1 )); 
62563| KeDelayExecutionThread( 

| (KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait ); 
62564| } 
62565| goto GetAnother; 

62566| } 
62567| 

62568| // Debug(DEBUG_INFO,("VDisk: Read: 

| Got work, lrp=%08x, De=%08x, 

| , %S , \n",lrp,DeviceObject,DevExt->Name)); 
62569 1 

62570| // make sure PSM is enabled for 

| this device., otherwise someone is accessing us 
62571 1 // without our approval... 

62572 1 // 

| ASSERT(((PFILTERED_EXTENSION)(GetDeviceExtension(DevExt- 
| >PSMDevice)))->PSMed); 
62573 1 

62574 1 current I rpStack = 

| loGetCurrentlrpStackLocation(ReadRequest->lrp); 
62575| 
62576| 

| ReadRequest->lrp->loStatus. Information = 0; 
62577| 

62578| // wait on outstanding requests to 

| finish if user said to. 
62579| // BEFORE we grab any resources!!! 



62580| if (PSManPSMFIags & 

| PSM_FLAG_PAUSE_ON_IO) { 
62581 1 LARGEJNTEGER TimeToWait; 

62582 1 

62583 1 Ti meTo Wait . Qu ad Part = 

| RELATIVE(MICROSECONDS(10)); 
62584| 

62585 1 // wait for work to get done. . . 

62586| while(OutstandingRequests) { 

62587| KeDelayExecutionThread( 
62588| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 

| WaitMode, 
62589| FALSE, // IN 

| BOOLEAN Alertable, 
62590| &TimeToWait // IN 

| PLARGEJNTEGER Interval 
62591| ); 
62592| } 
62593| 

62594| } 

62595| 

62596| 

62597| // acquire snapshot first so we do 

| not deadlock 
62598| GetSnapShotForRead(); 
62599| // since we are not scanning and 

| already have a pointer to the snapshot, we need to 
62600| // make sure that it has not been 

| deleted 
62601| 

62602| __try { 

62603| if(DevExt->SnapShot) { 

62604| 

| UseSnapShot(DevExt->SnapShot); 
62605| 

62606| //Debug(DEBUG_READ,("VDisk: 

| Read: Acquiring vdisk resource\n")); 
62607| AcquireVDiskResource(); 
62608| _try { 

62609| // protect this area so 

| we dont bring down NT 
62610| __try{ 
6261 1 | 

62612| // make sure the 

| device didnt disappear while 
62613| //waiting for 

| mutex 
62614| 

| if(DevExt->PartitionActive) { 



62615| 

62616| //if a read 

| (ie not a verify..) 
62617| 

| if(currentlrpStack->MajorFunction == IRP_MJ_READ) { 
62618| #if DO_ALL_IO 
62619| 

| PUNICODE_STRING FileName; 
62620| 

| //Debug(DEBUG_READ,("VDisk: Read : Irp %p F=%08x-FO %p 
| F=%08x-Sf=%08x 

| \n",ReadRequest->lrp,ReadRequest->lrp->Flags,ReadRequest 
| ->lrp->Tail. Overlay. OriginalFileObject,currentlrpStack-> 
I Flags)); 
62621 | 

| FileName=File_GetFullFileName(ReadRequest->lrp->Tail.Ove 
| rlay.OriginalFileObject); 
62622 1 

| Debug(DEBUG_READ,("VDisk: Read : %p-%p Log (%p)=%l64x 
| for %03x 

| '%wZ'\n",ReadRequest->lrp,ReadRequest->lrp->Tail. Overlay 
| .OriginalFileObject,ReadRequest->DeviceObject,ReadReques 
| t->RealSector,ReadRequest->RealCount,FileName)); 

62623 1 

| if(FileName) { 

62624| 

| FREE POINTER(FileName); 
62625| } 
62626| #endif 

62627| if ( 

| ReadRequest->lrp->MdlAddress != NULL ) { 
62628| ULONG 

| Info; 
62629 1 
62630 1 

62631| //we 

| are not going to use our caching logic on the reads 
| because 

62632| //1. 

| The hard drive is plenty fast 
62633| //2. 

| NT is caching the hard drive, so we would only 

| duplicate, and not 
62634| // 

| get very many hits. 
62635| 

62636| // 

| emtpy function so dont waste cycles for now. 
62637| 

| //ReadPreProcessSpecialSectors( 



I ReadRequest->DeviceObject, LogSector, Count, Buffer ); 
62638| 

62639| // this 

| routine will read from the device with out double 
| mapping 

62640| //the 
| address 

62641 1 // 

| 2-5-99 Make sure this stays as is! 
62642| //This 

| solves the problem where when "reading" from a file, NT 

| cache manager 
62643 1 // 

| would "write" back to it. The reason for this is a new 

| "Mdl" would describe 
62644| // the 

| range. When the Mdl is freed, it is marked dirty so 

| the original "Mdl" 
62645| // gets 

| written back to. 
62646| Status 

| = Sblo_ReadDeviceMdl( 
62647| 

| GetFilteredExtension(DevExt->PSMDevice)->TargetDeviceObj 
I ect, 
62648| 

| &ReadRequest->ByteOffset, 
62649 1 

| ReadRequest->ByteLength, 
62650 1 

| ReadRequest->lrp, ReadRequest->lrp->MdlAddress); 
62651 | 

62652 1 // but 

| as long as we got the revert, we need to double map. 

62653| #if _WIN32_WINNT >=0x0500 

62654| Buffer 
| = (char *)MmGetSystemAddressForMdlSafe( 
| ReadRequest->lrp->MdlAddress, NormalPagePriority ); 

62655| #else 

62656| Buffer 

| = (char *)MmGetSystemAddressForMdl( 

| ReadRequest->lrp->MdlAddress ); 
62657| #endif 
62658| 

| ASSERT(Buffer); 
62659 1 
62660 1 

| if (Buffer) { 
62661 | 

| Status = STATUS_INSUFFICIENT_RESOURCES; 



62662| } 

62663| 

62664| 

| if(NT_SUCCESS(Status)) { 
62665| 

| PCHAR BufferToUse= Buffer; 
62666| 

62667| I* 
62668| 

| 1-12-2001 - rob- 
62669 1 

| Since we did the Sblo_ReadDeviceMdl above, and we also 
| got a system virtual address for it, 
62670 1 

| When we send it to SblnternalRevertBuffer and the data 
| is in the cache file, The Virtual address 
62671 | 

| will be sent to the filesystem which then gets another 
| Mdl for the virtual address. We now have 2 Mdls 
62672 1 

| pointing to the same physical memory. When the second 
| one is freed (This is speculation here) the physical 
62673 1 

| pages are marked dirty, but since there is another Mdl, 
| the reference count for the pages is not zero, not 
| causing 
62674| 

| the pages to be freed. So some time later when the 
| MiMappedPageWriter thread runs he writes the "dirty" 
I pages 
62675| 

| back to the files, which is superfluous. The crux of 

| this is that when this happens, a virtual write occurs 

| wasting space in 
62676| 

| the cache file. 
62677| 
62678| 

| The workaround is to use another buffer to have the 
| file system fill in stuff from our cache file and then 
| merge the 
62679 1 

| two together. If not enough memory for the cache file 
| read, then we will use the actual buffer (which will 
| then generate 
62680 1 

| the extra virtual write). This case shouldnt happen 
| often. 

62681 1 7 
62682| #define SectorSize (DevExt->BPS) 



62683| 

| if(ReadRequest->RealCount*DevExt->BPS>TempBufferSize) { 
62684| 

| TempBufferSize = 

| ROUND_UP(ReadRequest->RealCount,SECTORS_PER_GRANULE)*Dev 

| Ext->BPS; 
62685| #undef SectorSize 
62686| 

| if(TempBuffer) { 
62687| 

| FREE_POINTER(TempBuffer); 
62688| 
1} 

62689| TryAllocTempBuffer: 
62690| 

| TempBuffer = 

| (char*)MemAllocatePoolWithTag(PagedPool,TempBufferSize,P 

| SM_VDISK_BUFFER_TAG); 
62691 | 

| if(TempBuffer) { 
62692 1 

| BufferToUse = TempBuffer; 
62693 1 
IJ 

62694| } 

| else 
62695| 

| if(TempBuffer) { 
62696| 

| BufferToUse=TempBuffer; 
62697| } 

| else { 
62698| 

| goto TryAllocTempBuffer; 
62699| } 
62700 1 

62701 1 // 

| if any changes to the filtered drive, put back the 

| original unchanged 
62702 1 // 

| data 
62703 1 

| if(BufferToUse==TempBuffer) { 
62704| 

| RtlMoveMemory(BufferToUse,Buffer,ReadRequest->RealCount* 

| DevExt->BPS); 
62705| } 
62706| 

| Status = SblnternalRevertBuffer( 
62707| 



I DevExt->PSM Device, 
62708| 

| DevExt, 
62709| 

| ReadRequest->RealSector, 
62710| 

| ReadRequest->RealCount, 
6271 1 | 

| FALSE, 
62712| 

| BufferToUse, 
62713| 

| &lnfo); 

62714| // 

| if info==0 then no changes occured, otherwise number of 

| sectors changed 
62715| 

| if((lnfo!=0) && (BufferToUse==TempBuffer)) { 
62716| 

| RtlMoveMemory(Buffer,BufferToUse,ReadRequest->RealCount* 

| DevExt->BPS); 
62717| } 
62718| }else 

|{ 
62719| 

| Debug(DEBUG_READ,("VDisk: Read: Error %08x reading from 

| device\n", Status)); 
62720| } 
62721 | 

| //Status = Cache_ReadSector( &VDiskCache, 
| DevExt->Physical Device, LogSector, Count, Buffer); 
62722 1 

| if(NT_SUCCESS(Status)) { 
62723 1 

| lolncrement= IO_DISK_INCREMENT; 
62724| 

| ReadRequest->lrp->loStatus. Information = 
| ReadRequest->Bytel_ength; 
62725| 

| ReadPostProcessSpecialSectors ( 
62726| 

| ReadRequest->DeviceObject, 
62727| 

| ReadRequest->RealSector, 
62728| 

| ReadRequest->RealCount, 
62729 1 

| Buffer); 
62730 1 
62731| 



I //Debug(DEBUG_READ,("VDisk: Read: Log (%p)=%d for 
| %d\n",DeviceObject,LogSector, Count)); 
62732| 

| //DumpSector(Buffer,currentlrpStack->Parameters.Read.Len 
I gth); 
62733| 

62734| // 

| Update stats about volume 
62735| // 

| dont need spin lock as only 1 read can occur at any 

| time 
62736| 

| DevExt->SectorsRead+=ReadRequest->RealCount; 
62737| 

| DevExt->NumberOfReadRequests++; 
62738| } else 

|{ 
62739| 

| Debug(DEBUG_READ,("VDisk: Read: Error %08x reading from 

| device (or cache file)\n",Status)); 
62740 1 } 
62741 1 } else { 

62742 1 

| Debug(DEBUG_READ,("VDisk: Read: Invalid MDL\n")); 
62743| Status 

| = STATUS_INVALID_USER_BUFFER; 
62744| } 
62745| } else { 

62746| 

| Debug(DEBUG_READ,("VDisk: Verify: Log (%p)=%l64d for 
| %d\n", 
62747| 

| ReadRequest->DeviceObject, 
62748| 

| ReadRequest->RealSector.QuadPart, 
62749 1 

| ReadRequest->RealCount)); 
62750 1 Status = 

| STATUS_SUCCESS; 
62751 | 

| ReadRequest->lrp->loStatus. Information = 

| ReadRequest->ByteLength; 
62752 1 } 
62753 1 } else { 

62754| 

| Debug(DEBUG_READ,("VDisk: Read: Device 

| disappeared\n")); 
62755| Status = 

| STATUS_NO_MEDIA_IN_DEVICE; 
62756| 



I ReadRequest->lrp->loStatus. Information = 0; 
62757| } 
62758| 

62759| // if media error, 

| say so... 

62760| switch (Status) { 

62761 1 case 

| STATUS_MEDIA_CHANGED : 
62762| case 

| STATUS_NO_MEDIA_IN_DEVICE : { 
62763 1 

| lnterlockedlncrement((PLONG)&DevExt->DiskChangeCount); 
62764| 

| DevExt->DriveNotReady = TRUE; 
62765| 
62766| 

| Debug(DEBUG_READ,("VDisk: Read: Media may have 

| changed\n")); 
62767| if ( 

| DevExt->DeviceObject->Vpb->Flags & VPB_MOUNTED ) { 
62768| 

| Debug(DEBUG_READ,("VDisk: Read: Informing File system 
| Me=%08x, DO=%08x, 

| RO=%08x\n M ,DevExt->DeviceObject,DevExt->DeviceObject->Vp 
| b->DeviceObject,DevExt->DeviceObject->Vpb->RealDevice)); 
62769 1 

| DevExt->DeviceObject->Flags |= DO_VERIFY_VOLUME; 
62770 1 Status 

| = STATUS_VERIFY_REQUIRED; 
62771 1 } else { 

62772 1 //we 

| may need to do this. 
62773 1 // 

| Status = STATUS_IO_DEVICE_ERROR; 
62774| } 
62775| break; 
62776| } 
62777| default: 
62778| break; 
62779 1 } 
62780| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

62781 1 Status = 

| GetExceptionCode(); 
62782| 

| Debug(DEBUG_READ,("VDisk: Read: Exception 

| %08x\n",Status)); 
62783 1 } 

62784| } ^finally { 

62785| ReleaseVDiskResource(); 



62786| 

| ReadRequest->lrp->loStatus.Status = Status; 
62787| // TESTTEST Keep "Media ejected, please 

| reinsert" from occuring 
62788| #if 1 
62789 1 

| if(lolsErrorUserlnduced(Status)) { 
62790 1 

| Debug(DEBUG_READ, ("Setting hard error for error 
| %08x\n",Status)); 
62791 | 

| loSetHardErrorOrVerifyDevice(ReadRequest->lrp,DevExt->De 

| viceObject); 
62792 1 } 
62793 1 #endif 

62794| if (Status !=0) { 

62795| 

| Debug(DEBUG_READ,("VDisk: Read: Device %08x lrp%08x 
| Error 

| %08x\n",DevExt->DeviceObject,ReadRequest->lrp,Status)); 
62796| 

62797| } 

62798| loCompleteRequest 

| (ReadRequest->lrp, lolncrement) ; 
62799 1 } 
62800 1 } else { 

62801 1 Debug(DEBUG_DCPSM,("Read: 
| Snapshot has been deleted while waiting or not 
| psmed\n")); 

62802 1 Status = 

| STATUS_NO_MEDIA_IN_DEVICE; 

62803 1 } 

62804| } ^finally { 

62805| if(DevExt->SnapShot) { 

62806| 

| DoneWithSnapShot(DevExt->SnapShot); 
62807| } 

62808| ReleaseSnapShotForRead(); 

62809 1 } 

62810| 

| pmAcquireSpinLock(&WriteSpinl_ock,&oldlrql); 
6281 1 | 

| RemoveEntryList(&(ReadRequest->ProcessingEntry)); 
62812| 

| pmReleaseSpinl_ock(&WriteSpinLock,oldlrql); 



62813| FREE_POINTER(ReadRequest); 
62814| }else{ 

62815| Debug(DEBUG_INFO,("VDisk: Read: 

| Error ListEntry is NULL\n")); 
62816| } 



62817| }else{ 
62818| Exiting = 1; 

62819| Debug(DEBUG_INFO,("VDisk: Read: Error 

| Status = %08x\n", Status)); 
62820| } 
62821| } 
62822| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

62823| Debug(DEBUG_READ,("VDisk: Read: Exception %08x 

| in thread\n",GetExceptionCode())); 
62824| } 
62825| 

62826| // cant goto from within exception handler... 
62827| if(IExiting) { 

62828| goto RestartThreadFrom Error; 

62829| } 

62830| 

62831| //ExitThread: 

62832| 

62833| 

62834| //ExitThreadFinal: 
62835| 

62836| if(TempBuffer) { 

62837| FREEPOINTER(TempBuffer); 

62838| } 

62839| Debug(DEBUG_READ,("VdiskRead: Exiting\n")); 
62840| AcquireVDiskResource(); 
62841 1 __try { 

62842| // free any writes to the volume 

62843| while(!lsListEmpty(&ReadVDiskQueue)) { 

62844| PLIST_ENTRY ListEntry=NULL; 

62845| tReadRequest *ReadRequest=NULL; 

62846| PIRP lrp=NULL; 

62847| KIRQL oldlrql; 

62848| 

62849| Debug(DEBUG_READ,("VdiskRead: Cleaning up 

| read on vdisk queue\n")); 
62850| ListEntry = ExInterlockedRemoveHeadList ( 

62851 1 &ReadVDiskQueue, // List Head 

62852| &ReadVDiskSpinLock // Lock 

62853 1 ); 
62854| Hint -save -e41 3 7 

62855| ReadRequest = CONTAIN ING_RECORD( ListEntry, 

| tReadRequest, ListEntry ); 
62856| Hint -restore 7 

62857| 

62858| Irp = ReadRequest->lrp; 

62859| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 

62860 1 

| RemoveEntryList(&(ReadRequest->ProcessingEntry)); 



62861 1 pm ReleaseSpi nLock(&WriteSpinLock,old I rql) ; 

62862| FREE_POINTER(ReadRequest); 
62863 | 

62864| lrp->loStatus. Information = 0; 

62865| lrp->loStatus.Status = 

| STATUS_NO_MEDIA_IN_DEVICE; 
62866| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

62867| } 

62868| } ^finally { 

62869| ReleaseVDiskResou rce() ; 

62870 1 } 
62871 | 
62872 1 

62873| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

62874| VDiskNumberOfThreads--; 

62875| pmReleaseMutex ( &VDiskThreadMutex); 

62876| 

62877| Debug(DEBUG_READ,("VdiskRead: ExitedXn")); 

62878| PsTerminateSystemThread( 0 ); 
62879 1 } 
62880| 

62881 1 STATIC NTSTATUS FillBufferWjthCompressableData( PCHAR 

| Buffer, ULONG size ) 
62882 1 { 

62883| CHAR b=0; 
62884| 

62885| while(size-) { 
62886| *Buffer++ = b++; 

62887| } 

62888 1 return 0; 
62889 1 } 
62890 1 

62891| I* 



62892| STATIC NTSTATUS PSManReadVDisk( 
62893| IN PDEVICE_OBJECT DeviceObject, 
62894| IN PIRP Irp 
62895| ) 
62896| { 

62897| NTSTATUS Status=STATUS_PENDING; 
62898| tReadRequest *ReadRequest=NULL; 
62899| PVDISK_EXTENSION DevExt = 

| GetVDiskExtension(DeviceObject); 
62900| 

62901 1 // Debug(DEBUG_READ | DEBUG_PROCCALL, 

| ("PSManReadVDisk Called\n")); 
62902 | 

62903| if (CheckMediaLoaded(DeviceObject, Irp 

| )!=STATUS_SUCCESS) { 
62904| Debug(DEBUG_READ,("VDisk: Read: Media not 



I loaded\n")); 
62905| Status = lrp->loStatus.Status; 
62906| loCompleteRequest(lrp, 0); 
62907| //Debug(DEBUG_READ | DEBUG_PROCCALL, 

| ("PSManReadVDisk Done %08x\n", Status)); 
62908| return Status; 
62909| } 
62910| 

6291 1 1 //if we get here, something is wrong.. 

62912| if(!VDiskNumberOfThreads) { 

62913| Debug(DEBUG_READ | DEBUG_PROCCALL, 

| ("PSManReadVDisk: No threads to handle request !!!\n")); 
62914| lrp->loStatus. Information = 0; 
62915| Status = lrp->loStatus.Status = 

| STATU S_l N VAL I D_D E VI C E_STATE ; 
62916| loCompleteRequest(lrp, 0); 
62917| return Status; 
62918| } 
62919| 

62920| const ULONG FillCode = gVDisklOHandling & 

| PSM_VDISK_FLAG_FILL_MASK; 
62921| if(FillCode) { 
62922| lrp->loStatus. Information = 

| loGetCurrentlrpStackLocation(lrp)->Parameters.Read.Lengt 

|h; 

62923| if(FillCode == PSM_VDISK_FLAG_BUFFER_NO_FILL) { 
62924| // leave buffer alone 

62925| } else 
62926| if(FillCode == 

| PSM_VDISK_FLAG_BUFFER_FILL_WITH_ZEROES) { 
62927| //fill with zeros 

62928| RtlZeroMemory(MmGetSystemAddressForMdl( 

| lrp->MdlAddress ),lrp->loStatus. Information); 
62929| } else 
62930| if(FillCode == 

| PSM_VDISK_FLAG_BUFFER_FILL_COMPRESS) { 
62931 1 // fill with compressable data 

62932| FillBufferWithCompressableData((char 

| *)MmGetSystemAddressForMdl( lrp->MdlAddress 

| ),lrp->loStatus. Information); 
62933 1 } 

62934| Status = I rp->loStatus. Status = STATUS_SUCCESS; 

62935| loCompleteRequest(lrp, 0); 

62936| return Status; 

62937| } 

62938| 

62939| ReadRequest = (tReadRequest 

| *)MemAllocatePoolWithTag(NonPagedPool, 

| sizeof (tReadRequest), READREQUESTTAG); 
62940 1 if ( Read Request) { 



62941 1 loMarklrpPending(lrp); 
62942 1 

62943| FilllnWriteRequest( ReadRequest, DeviceObject, 

| Irp, DevExt->BPS); 
62944| 

62945| // add to queue. . . 

62946| ExInterlockedlnsertTailList ( &ReadVDiskQueue, 
62947| 

| &(ReadRequest->ListEntry), 
62948| 

| &ReadVDiskSpinLock); 
62949 1 
62950 1 

62951 1 pmSignalSemaphore( &ReadVDiskSemaphore); 
62952 1 

62953 1 } else { 

62954| Debug(DEBUG_READ,("VDisk: Read: Out of memory 

| for read command\n")); 
62955| 

| Status=lrp->loStatus.Status=STATUS_INSUFFICIENT_RESOURCE 

IS; 

62956| lrp->loStatus. Information = 0; 

62957| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

62958| } 

62959 1 

62960| //Debug(DEBUG_READ | DEBUG_PROCCALL, 

| ("PSManReadVDisk Done %08x\n", Status)); 
62961 1 return Status; 
62962 1 } 
62963| 
62964| 

62965| /* 



62966| STATIC NTSTATUS 

62967| PSManReadFSObject( 

62968| IN PDEVICE_OBJECT DeviceObject, 

62969| IN PIRP Irp 

62970 1 ) 

62971 1 

62972 1 /*++ 

62973 1 

62974| Routine Description: 
62975| 

62976| This is the driver entry point for read requests 
62977| to disks to which the PSMan driver has attached. 
62978| This driver collects statistics and then sets a 
| completion 

62979 1 routine so that it can collect additional 

| information when 
62980| the request completes. Then it calls the next 



I driver below 
62981 | 
62982 1 
62983 1 
62984I 

DeviceObject 
Irp 



62985 
62986 
62987 
62988 
62989 
62990 
62991 
62992 
62993 
62994 
62995 
62996 
62997 
62998 



Called\n")); 



62999 
63000 
63001 
63002 
63003 
63004 
63005 
63006 
63007 
63008 

I- 
63009 
63010 
63011 
63012 
63013 
63014 
63015 
63016 
63017 
63018 
63019 
63020 
63021 
63022 
63023 



63024 
63025 
63026 



it. 

Arguments: 



Return Value: 
NTSTATUS 

--7 
{ 

NTSTATUS Status=STATUS_INVALID_PARAMETER; 
NOT_REFERENCED(DeviceObject); 

Debug(DEBUG_PROCCALL,("PSManReadFSObject 



I rp->loStatus. Status = Status; 
I rp->loStatus. Information = 0; 

loCompleteRequest(lrp, IO_NO_INCREMENT); 
Debug(DEBUG_PROCCALL,("PSManReadFSObject Done\n")); 
return Status; 
} // PSManReadFSObject 



I* 

7 

STATIC NTSTATUS 
PSManReadFSFilter( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 

/*++ 

Routine Description: 
Pass irp to handler 
Arguments: 

DriverObject - Pointer to device object to being 



shutdown by system. 



Irp - IRP involved. 
Return Value: 



63027| 

63028| NT Status 
63029| 
63030| ~7 
63031 | 
63032 1 { 

63033| NTSTATUS Status; 
63034| r 

63035| #ifdef DEBUG 

63036| if (Psm Active) { 

63037| Debug(DEBL) G_R E A D | 

| DEBUG_PROCCALL,("PSManReadFSFilter Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
63038| } 
63039| #endif 
63040 1 7 

63041 1 Status = PSManFSPassThru( DeviceObject, Irp ); 
63042 1 r 

63043| #ifdef DEBUG 

63044| if (Psm Active) { 

63045| Debug(DEBU G_R E A D | 

| DEBUG_PROCCALL,("PSManReadFSFilter Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 

63046| } 

63047| #endif 

63048| 7 

63049| return Status; 

63050| } // end PSManReadFSFilter() 

63051 | 

63052 1 

63053 1 

63054| File Listing: READ.h 
63055| 

63056| NTSTATUS 
63057| PSManRead( 

63058| IN PDEVICE_OBJECT DeviceObject, 
63059| IN PIRP Irp 
63060 1 ); 
63061 | 

63062 1 STATIC NTSTATUS 

63063| PSManReadObject( 

63064| IN PDEVICE_OBJECT DeviceObject, 

63065| IN PIRP Irp 

63066| ); 

63067| 

63068| STATIC NTSTATUS 

63069| PSManReadDevice( 

63070| IN PDEVICE_OBJECT DeviceObject, 

63071| IN PIRP Irp 

63072| ); 



63073 
63074 
63075 
63076 
63077 
63078 
63079 
63080 
63081 
63082 
63083 
63084 
63085 
63086 
63087 
63088 
63089 
63090 
63091 
63092 
63093 
63094 
63095 
63096 
63097 
63098 
63099 

I- 
63100 
63101 
63102 
63103 
63104 
63105 
63106 
63107 
63108 
63109 
63110 
63111 
63112 
63113 
63114 
63115 
63116 



| not exist 
63117 
63118 
63119 
63120 



STATIC NTSTATUS 
PSManReadVDisk( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSMan Read FSObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManReadFSFilter( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

void ReadVDiskThread ( PVOID Context ); 



File Listing: REG.cpp 

#include "precomp.h" 

/* 



7 

void Reg_GetULONGKey ( 

IN PUNICODE_STRING RegistryPath, 

IN PWCHAR Key, 

IN ULONG Default, 

OUT PULONG Result 

) 

/*++ 

Routine Description: 

Get a ULONG from the registry 

Arguments: 

RegistryPath the path to query 

Key Key to query 

Default Default value to return if Key does 



Return Value: 
The Key value 



63121| --7 
63122| 
63123| { 

63124| RTL QUERY REGISTRY TABLE paramTable[2]={0}; 
631 25| PWCHAR path=NULL; 
63126| 
63127| // 

63128| // Since the registry path parameter is a "counted" 

| UNICODE string, it 
63129| // might not be zero terminated. For a very short 

| time allocate memory 
63130| // to hold the registry path zero terminated so 

| that we can use it to 
631 31 1 // delve into the registry. 
63132| // 
63133| 

63134| path = (PWCHAR) MemAllocateString(256); 
63135| 

63136| if (path) { 
63137| 

63138| RtlZeroMemory( &paramTable[0], 

| sizeof(paramTable) ); 
63139| RtlZeroMemory( path, 

| Registry Path->Length+sizeof(WCHAR) ); 
63140| RtlMoveMemory( path, RegistryPath->Buffer, 

| RegistryPath->Length ); 
63141| 

63 1 42 1 paramTable[0] . Flags = 

| RTL_QUERY_REGISTRY_DIRECT; 
63143| paramTable[0].Name = Key; 
63144| paramTable[0].EntryContext = Result; 
63145| paramTable[0].DefaultType = REG_DWORD; 
63146| paramTable[0].DefaultData = &Default; 
63147| paramTable[0].Defaultl_ength = sizeof(ULONG); 
63148| 

63149| if (!NT_SUCCESS(RtlQueryRegistryValues( 
63150| RTL REGISTRY ABSOLUTE | 

| RTL_REGISTRY_OPTIONAL, 
63151| path, 
63 1 52 1 &paramTable[0] , 

63153| NULL, 
63154| NULL 
63155| ))){ 
63156| *Result = Default; 

63157| } 
63158| 

631 59| // We don't need that path anymore. 
63160| MemFreeString(path); 
63161| }else{ 

631 62| Debug(DEBUG_INFO,("Psman: Reg_GetULONGKey: Out 



I of memory\n")); 
63163| } 
63164| } 
63165| 

63166| r 



63167| void Reg_GetStringKey ( 

63168| IN PUNICODE_STRING RegistryPath, 

63169| IN PWCHAR Key, 

63170| IN PWCHAR Default, 

63171| OUT PUNICODE_STRING Result 

63172| ) 

63173| /*++ 

63174| 

63175| Routine Description: 
63176| 

631 77| Get a string from the registry 
63178| 

63179| Arguments: 
63180| 

63181| RegistryPath the path to query 

63182| Key Key to query 

63183| Default Default value to return if Key does 

| not exist 
63184| Return Value: 
63185| 

63186| The Key value 

63187| 

63188| --7 

63189| 

63190| { 

63191 1 RTL_QUERY_REGISTRY_TABLE paramTable[2]={0}; 

63192| PWCHAR path=NULL; 

63193| NTSTATUS Status; 

63194| 

63195| // 

631 96| // Since the registry path parameter is a "counted" 

| UNICODE string, it 
63197| // might not be zero terminated. For a very short 

| time allocate memory 
63198| // to hold the registry path zero terminated so 

| that we can use it to 
63199| // delve into the registry. 
63200| // 
63201 | 

63202| path = (PWCHAR) MemAllocatePoolWithTag( PagedPool, 

| RegistryPath->Length+sizeof(WCHAR),REGISTRYTAG); 
63203 1 

63204| if (path) { 
63205| 



63206| RtlZeroMemory( &paramTable[0], 

| sizeof(paramTable) ); 
63207| RtlZeroMemory( path, 

| Registry Path->Length+sizeof(WCHAR) ); 
63208| RtlMoveMemory( path, RegistryPath->Buffer, 

| RegistryPath->Length ); 
63209| 

63210| paramTable[0]. Flags = RTL_QUERY_REGISTRY_DIRECT 

| | RTL QUERY REGISTRY NOEXPAND; 
6321 1 1 paramTable[0].Name = Key; 
63212| paramTable[0].EntryContext = Result; 
63213| paramTable[0].DefaultType = REG_SZ; 
63214| paramTable[0].DefaultData = Default; 
63215| paramTable[0].Defaultl_ength = 

| wcslen(Default)*sizeof(WCHAR)+sizeof(WCHAR); 
63216| 

6321 7| Result->Length = 0; 

632 1 8| Resu lt->Maxi mu mLength=256 ; 

6321 9| Result->Buffer = (WCHAR 

| *)MemAllocatePoolWithTag(PagedPool,256,REGISTRYTAG); 
63220 | 

63221 1 Debug(DEBUGJNFO,("Path='%S\ 

| Key='%S , \n",path,Key)); 
63222 | 

63223| if (!NT_SUCCESS(Status = 

| RtlQueryRegistryValues( 
63224| RTL REGISTRY ABSOLUTE | 

| RTL_REGISTRY_OPTIONAL, 
63225| path, 
63226| &paramTable[0] , 

63227| NULL, 
63228| NULL 
63229| ))) { 

63230 | 

63231 1 Debug(DEBUG_INFO,("Error %08x reading 

| registry key '%S'\n M ,Status, path)); 
63232| if(Result->Buffer) { 

63233 | 

| RtlZeroMemory(Result->Buffer,Result->MaximumLength); 
63234| Result->Length = 

| wcslen(Default)*sizeof(WCHAR); 
63235| 

| RtlCopyMemory(Result->Buffer,Default,Result->Length); 
63236| Debug(DEBUG_INFO,("Setting default of 

| '%S'\n",Result->Buffer)); 
63237| } else { 

63238| Debug(DEBUG_INFO, ("Error! Out of 

| memoryVn")); 
63239 1 } 
63240| } else { 



63241 | 

| Debug(DEBUG_INFO,("Value='%S'\n",Result->Buffer)); 



63242 
63243 
63244 
63245 
63246 
63247 



| memory\n")); 



63248 
63249 
63250 
63251 
63252 
63253 
63254 
63255 
63256 
63257 
63258 
63259 
63260 



| Value, 



63261 
63262 
63263 
63264 
63265 
63266 
63267 
63268 
63269 
63270 
63271 
63272 
63273 
63274 
63275 
63276 
63277 
63278 
63279 
63280 
63281 
63282 
63283 
63284 
63285 
63286 
63287 



} 



// We don't need that path anymore. 
FREE_POINTER(path); 
} else { 

Debug(DEBUG_INFO,("Psman: Reg: GetUlong: Out of 



} 

} 



void Reg_FreeString( PUNICODE_STRING String ) 
{ 

String->Length = String->MaximumLength = 0; 

FREE_POINTER(String->Buffer); 

return; 

} 

NTSTATUS QueryValue( PVOID KeyHandle, 
WCHAR *KeyName, 
PKEY VALUE FULL INFORMATION 



ULONG *ValueSize) 

{ 

UNICODE_STRING UniName; 
ULONG DataSize; 
ULONG Err; 

RtllnitUnicodeString(&UniName,KeyName); 
Err = ZwQueryValueKey( 

KeyHandle, 

SUniName, 

KeyValueFulllnformation, 

Value, 

*ValueSize, 

SDataSize 

); 

*ValueSize = DataSize; 
return Err; 

} 



NTSTATUS Reg_GetBinaryKey( 

IN PUNICODE_STRING RegistryPath, 
IN PWCHAR Key, 
OUT PVOID *Buffer, 
OUT PVOID *Handle 
) 



63288| { 

63289| NTSTATUS Status; 

63290| PVOID KeyHandle; 

63291| OBJECT ATTRIBUTES ObjAttr; 

63292| 

63293| "Buffer = NULL; 

63294| 

63295| 

| lnitializeObjectAttributes(&ObjAttr,RegistryPath,OBJ_CAS 

| E_INSENSITIVE,NULL,NULL); 
63296| Status = ZwOpenKey( &KeyHandle, KEY_ALL_ACCESS, 

| SObjAttr ); 
63297| 

63298| if(NT_SUCCESS(Status)) { 
63299| ULONG 

| DataSize=sizeof(KEY_VALUE_FULL_INFORMATION); 
63300| KEY_VALUE_FULL_INFORMATION Size; 
63301| KEY_VALUE_FULL_INFORMATION *Data; 
63302| 

63303| Status = 

| QueryValue(KeyHandle,Key,&Size,&DataSize); 
63304| if(Status==STATUS_BUFFER_OVERFLOW) { 
63305| Data = (KEY_VALUE_FULL_INFORMATION 

| *)MemAllocatePoolWithTag(PagedPool,DataSize,REGISTRYTAG) 

I ; 

63306| if(Data) { 

63307| PCHAR BinData; 

63308| Status = 

| QueryValue(KeyHandle,Key,Data,&DataSize); 
63309| if(NT_SUCCESS(Status)) { 

63310| 

| BinData=((PCHAR)Data)+Data->DataOffset; 
6331 1 1 Debug(DEBUG_REG,("Reg_GetBinaryKey: 
| Data offset=%08x, size = %08x, 

| buffer=%08x\n",Data->DataOffset,Data->DataLength,BinData 

I)); 

63312| *Buffer=BinData; 
63313| *Handle=Data; 
63314| }else{ 

6331 5| Debug(DEBUG_REG,("Reg_GetBinaryKey : 

| Error %08x getting binary value from 

| registry\n", Status)); 
63316| } 
63317| }else{ 

63318| Status = STATUSJNSUFFICIENT_RESOURCES; 

63319| Debug(DEBUG_REG,("Reg_GetBinaryKey: out 

| of memory\n", Status)); 
63320| } 
63321 | } 

63322| ZwClose(KeyHandle); 



63323 
63324 



| opening key\n",Status)); 



63325 
63326 
63327 
63328 
63329 
63330 
63331 
63332 
63333 
63334 
63335 
63336 
63337 
63338 
63339 
63340 
63341 
63342 
63343 
63344 
63345 
63346 
63347 
63348 
63349 
63350 
63351 
63352 
63353 
63354 
63355 
63356 
63357 
63358 
63359 
63360 
63361 
63362 
63363 
63364 
63365 
63366 
63367 
63368 
63369 
63370 
63371 



} else { 

Debug(DEBUG_REG,("Reg_GetBinaryKey: Error %08x 



} 

return Status; 

} 

void Reg_FreeBinary( PVOID Handle) 
{ 

MemFreePool(Handle); 
return; 

} 



File Listing: REG.h 

void Reg_GetULONGKey ( 

IN PUNICODE_STRING RegistryPath, 
IN PWCHAR Key, 
IN ULONG Default, 
OUT PULONG Result 

); 

void Reg_GetStringKey ( 

IN PUNICODE_STRING RegistryPath, 

IN PWCHAR Key, 

IN PWCHAR Default, 

OUT PUNICODE_STRING Result 

); 

void Reg_FreeString( PUNICODE_STRING String ); 

NTSTATUS Reg_GetBinaryKey( 

IN PUNICODE_STRING RegistryPath, 
IN PWCHAR Key, 
OUT PVOID 'Buffer, 
OUT PVOID 'Handle 

); 

void Reg_FreeBinary( PVOID Binary); 



File Listing: resource.h 
//{{NO_DEPENDENCIES}} 

// Microsoft Developer Studio generated include file. 
// Used by SBPSMAN.RC 

// 

#define VER_PRODUCTBUILD 3 

#define VER_PRODUCTVERSION_W 0x0101 



63372| 

63373| // Next default values for new objects 
63374| // 

63375| #ifdef APSTUDIOJNVOKED 

63376| #ifndef APSTUDIO_READONLY_SYMBOLS 

63377| #define _APS_NO_MFC 1 

63378| #define _APS_NEXT_RESOURCE_VALUE 101 

63379 1 #define _APS_NEXT_COMMAND_VALUE 40001 

63380 1 #define _APS_NEXT_CONTROL_VALUE 1 000 

63381 1 #define _APS_NEXT_SYMED_VALUE 1 01 

63382 1 #endif 

63383 1 #endif 

63384| 

63385| 

63386| 

63387| File Listing: revert.cpp 
63388| 

63389| #include "precomp.h" 
63390| 

63391 1 #define RevertDebug(x) Debug(DEBUG_DCPSM,x) 
63392 | 

63393| STATIC BOOLEAN GlobalJnRevert = FALSE; 

63394| STATIC BOOLEAN Global_Need Result Update = FALSE; 

63395| STATIC ULONG IsSystemVolume ( const WCHAR *DeviceName 

I); 

63396| 

63397| // 

| 

63398| 

63399| struct RevertThreadParms { 

63400| pkSnapShotMaster Master; //IN: 

| snapshot master to revert to 
63401| ULONG Flags; //IN: 

| revert flags (see revert. h) 
63402| ULARGEJNTEGER StartingGranule; //IN: 

| granule to start at on starting volume 
63403| PDEVICE_OBJECT VolumeDeviceObject; // IN: 

| volume to revert 
63404| 

| if 

| 

63405| NTSTATUS Status; // OUT: 

| result of revert operation 
63406| ULONG RevertUndoSequence; // OUT: 

| master created for revert undo 
63407| }; 
63408| 

63409| // 



63410| 

6341 1 1 struct Volume Entry { 

63412| pkSnapShotEntry snapshot; 

63413| ULONG volumeld; 

6341 4| NTSTATUS setNameStatus; 

| // result of calling SbSetUserName 
63415| ULARGEJNTEGER cacheSlotsUsed; 

| // used in pre-test of revert to determine cache usage 
6341 6| ULONG saveOpenCloseAcquired; 

| // saves state of devExt->OpenCloseAcquired 
63417| PDEVICE_OBJECT volumeObject; 

| // volume device object for original filtered device 
63418| ULONG dismounted:1 ; 

| // is the volume currently dismounted? 
63419| ULONG locked:1; 

| // is the volume currently locked? 
63420| ULONG acquired:1; 

| // whether or not we need to do DoneWithSnapShot 
63421 1 ULONG openCloseDirty:1 ; 

| // whether or not we need to do 

| 'devExt->OpenCloseAcquired = saveOpenCloseAcquired;' 
63422| ULONG dismountFailed:1 ; 

| // only true if we tried to dismount volume but it 
| failed. 

63423| ULONG isSystemVolume:1 ; 

| // true if the volume is what we boot O/S from. 
63424| }; 
63425| 

63426| // 

| 

I- 
63427| 

63428| NTSTATUS UpdateRevertStatus ( DWORD StatusCode ); 
63429| NTSTATUS Update Last Re vert Result ( DWORD ErrorCode ); 
63430 1 

63431| NTSTATUS Update Revert Recovery Info ( 

63432| PDEVICE_OBJECT Volume, 

63433| ULONG SnapShotSequenceNumber, 

63434| ULARGEJNTEGER LastGranuleFinished ); 

63435| 

63436| // 

| 



63438| NTSTATUS CreateMasterListForSequence ( 

63439| ULONG masterSequence, 

63440| LARGEJNTEGER masterTime, //time 

| snapshot was created 
63441 1 pkSnapShotMaster *&masterList, 
63442| ULONG &num Masters In List ); 



63443| 

63444| NTSTATUS GetSequenceForMaster ( 

63445| pkSnapShotMaster master, 

63446| ULONG SsnapShotSequence ); 

63447| 

63448| void LogRevertEvent ( 
63449| ULONG message, 
63450| NTSTATUS status, 
63451 1 WCHAR *strings[], 
63452| ULONG numStrings ); 
63453 1 

63454| // 

I 

I- 
63455| 

63456| STATIC void CrashTestDummy() 
63457| { 

63458| #ifdef DEBUG 

63459| RevertDebug(("****************** CrashTestDummy 

63460| int *BadPointer = 0; 
63461| ++(*BadPointer); 
63462| #endif /"DEBUG*/ 
63463| } 
63464| 

63465| // 

| 

I- 
63466| 

63467| STATIC NTSTATUS ValidateDirectAccessFile ( 

| DirectAccessFile *direct, const char *whichOne ) 
63468| { 

63469| NTSTATUS status = STATUS_SUCCESS; 
63470| 

63471 1 __try { 

63472| if ( direct == NULL ) { 

63473| RevertDebug(("M! ValidateDirectAccessFile: 

| %s DirectAccessFile is NULL !!!\n", whichOne)); 
63474| status = STATUS_INVALID_PARAMETER; 

63475| } else { 

63476| if ( !direct->readyForDirectlo() ) { 

63477| RevertDebug(("!!! 

| ValidateDirectAccessFile: %s DirectAccessFile is not 

| ready for direct I/O !!!\n M , whichOne)); 
63478| status = STATUS_INVALID_PARAMETER; 

63479 1 } 
63480 1 } 
63481 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
63482| status = GetExceptionCode(); 



63483| RevertDebug(("!M ValidateDirectAccessFile: 

| Exception %08x\n", status)); 
63484| } 
63485| 

63486| ASSERT (status == STATUS_SUCCESS); 
63487| return status; 
63488| } 
63489| 

63490| // 



63491| 

63492| STATIC NTSTATUS RevertGranule ( 
63493| PFILTEREDEXTENSION DevExt, 
63494| LARGEJNTEGER ByteOffset, 
63495| const char *GranuleBuffer ) 

63496| { 

63497| bool granuleWasSplitUp = false; 
63498| 

63499| NTSTATUS status = ValidateDirectAccessFile 

| (DevExt->Cache.CacheFile.Direct, "cache"); 
63500| if ( NT_SUCCESS(status) ) { 
63501 1 status = ValidateDirectAccessFile 

| (DevExt->Cache.HeaderFile.Direct, "header"); 
63502| if ( NT_SUCCESS(status) ) { 
63503| status = ValidateDirectAccessFile 

| (DevExt->Cache.lndexFile. Direct, "index"); 
63504| } 
63505| } 
63506| 

63507| if ( !NT_SUCCESS(status) ) { 

63508| RevertDebug(("!!! RevertGranule bailing out 

| early due to invalid DirectAccessFile object\n")); 
63509 1 return status; 
63510| } 
6351 1 | 

63512| /*CrashTestDummy();7 //Don says: recovered 

| gracefully when tested with exception caused here 
63513| 

63514| // Go through each cluster in the granule and see 

| if it overlaps with a PSM file. 
63515| 

6351 6| ULONG ClusterSizelnBytes = 

| DevExt->Cache.CacheFile.Direct->getClusterSizelnBytes(); 
6351 7| ASSERT ( ClusterSizelnBytes > 0 ); 
63518| ASSERT ( GRANULE_SIZE % ClusterSizelnBytes == 0 ); 
63519| ASSERT ( GRANULE SIZE >= ClusterSizelnBytes ); 
63520| ULONG ClustersPerGranule = GRANULE_SIZE / 

| ClusterSizelnBytes; 
63521 1 LARGEJNTEGER ByteOffsetlnGranule = ByteOffset; 



63522| 

63523| #ifdef DEBUG 

63524| ULONG N urn Clusters Written = 0; 
63525| ULONG NumClustersSkipped = 0; 
63526| static ULONG TotalGranulesSplit = 0; 
63527| #endif r DEBUG*/ 
63528| 

63529| for ( ULONG ci=0; ci < ClustersPerGranule; ++ci ) { 
63530| LARGEJNTEGER FileOffset In Bytes = {0}; 
63531 1 LARGEJNTEGER ExtentLengthlnBytes = {0}; 
63532| NTSTATUS mapStatus = STATUS_SUCCESS; 
63533 1 

63534| pmAcquireReaderLock ( 

| &DevExt->Cache.DirectAccessResource, TRUE ); 
63535| __try { 

63536| // Does this cluster belong to the cache 

| file? 

63537| mapStatus = 

| DevExt->Cache.CacheFile.Direct->getFileOffset ( 
63538| ByteOffsetlnGranule, 
63539 1 F i leOff set I n Bytes, 

63540| ExtentLengthlnBytes ); 

63541 | 

63542| if ( mapStatus != STATUS_SUCCESS ) { 

63543| ASSERT ( mapStatus == STATUS_NOT_FOUND 

I); 

63544| // The cluster doesn't belong to the 

| cache file. 

63545| // See if it belongs to the index file. 

63546| mapStatus = 

| DevExt->Cache.lndexFile.Direct->getFileOffset ( 
63547| ByteOffsetlnGranule, 
63548 1 F i le Of f set I n Bytes , 

63549| ExtentLengthlnBytes ); 

63550 1 

63551 1 if ( mapStatus != STATUS_SUCCESS ) { 

63552| ASSERT ( mapStatus == 

| STATUS_NOT_FOUND ); 
63553 1 

63554| // The cluster didn't belong to the 

| index file either. 
63555| // Check the header file. 

63556| mapStatus = 

| DevExt->Cache.HeaderFile.Direct->getFileOffset ( 
63557 1 ByteOff set I nG ranu le, 

63558| FileOffsetlnBytes, 
63559| ExtentLengthlnBytes ); 

63560 1 

63561| ASSERT ( 

| mapStatus==STATUS_NOT_FOUND || 



I mapStatus==STATUS_SUCCESS ); 
63562| } 
63563| } 

63564| } ^finally { 

63565| pm Release ReaderLock ( 

| &DevExt->Cache.DirectAccessResource ); 
63566| } 
63567| 

63568| if ( mapStatus == STATUS_SUCCESS ) { 
63569| // The cluster belongs to one of the live 

| PSM files. 

63570| RevertDebug(("RevertGranule: *** Found live 

| cluster within granule (disk offset = %016l64x)! 

| ***\n",ByteOffsetlnGranule.QuadPart)); 
63571 1 if ( 'granuleWasSplitUp ) { 

63572| granuleWasSplitUp = true; 

63573| if ( ci > 0 ) { 

63574| // We didn't realize before now 

| that this granule needed to be split up. 
63575| // Therefore, we need to write the 

| front part of the granule. 
63576| status = Sblo_WriteDevice ( 

63577| DevExt->DeviceObject, 
63578| &ByteOffset, 
63579| ci * ClusterSizelnBytes, 

63580| GranuleBuffer ); 

63581 | 

63582| RevertDebug(( M RevertGranule: *** 

| Wrote first %08x cluster(s) of granule\n",ci)); 
63583 1 

63584| #ifdef DEBUG 

63585| NumClustersWritten = ci; 

63586| #endif TDEBUG7 

63587| } 

63588| } 

63589 1 

63590| #ifdef DEBUG 

63591 1 ++NumClustersSkipped; 

63592| RevertDebug(("RevertGranule: *** 

| Skipped cluster index %08x in granule\n",ci)); 
63593| #endif /* DEBUG*/ 

63594| } else { 

63595| ASSERT (mapStatus == STATUS_NOT_FOUND); 

63596| if ( granuleWasSplitUp ) { 

63597| // Write just this cluster... 

63598| status = Sblo_WriteDevice ( 

63599| DevExt->DeviceObject, 

63600| &ByteOffsetlnGranule, 

63601 1 ClusterSizelnBytes, 

63602| GranuleBuffer + 



I (ULONG)(ByteOffsetlnGranule.QuadPart - 
| ByteOffset. Quad Part) ); 
63603| 

63604| #ifdef DEBUG 

63605| ++NumClustersWritten; 

63606| RevertDebug(("RevertGranule: *** 

| Wrote cluster index %08x in granule\n",ci)); 
63607| #endif /*DEBUG7 

63608| } 
63609| } 
63610| 

6361 1 1 if ( !NT_SUCCESS(status) ) { 

63612| RevertDebug(( M RevertGranule: !!!!!!!! 

| breaking out of cluster loop early due to 

| %08x\n",status)); 
63613| break; 
63614| } 
63615| 

6361 6| ByteOffsetlnGranule.QuadPart += 

| ClusterSizelnBytes; 
63617| } 
63618| 

63619| #ifdef DEBUG 

63620| if ( granuleWasSplitUp ) { 

63621 1 RevertDebug(("*** Granule split into 

| clusters: wrote %08x, skipped %08x, total %08x\n", 
63622| NumClustersWritten, 
63623| NumClustersSkipped, 
63624| NumClustersWritten + 

| NumClustersSkipped)); 
63625| 

63626| RevertDebug(("*** Cluster Size = %08x, 

| Granule Size = %08x, Clusters Per Granule = %08x\n", 
63627| ClusterSizelnBytes, 
63628| GRANULE_SIZE, 
63629| ClustersPerGranule)); 
63630 1 

63631 1 ++TotalGranulesSplit; 

63632| RevertDebug(("*** Total granules split 

| since boot = %08x\n",TotalGranulesSplit)); 
63633 1 

63634| ASSERT ( ClustersPerGranule == 

| NumClustersWritten + NumClustersSkipped ); //each 
| cluster should either have been skipped or written 

63635| ASSERT ( NumClustersWritten > 0 ); 

| //skipping all clusters means the granule should not 
| have been PSM'ed in the first place!!! 

63636| ASSERT ( NumClustersSkipped > 0 ); //if we 

| didn't skip any, then why did we think we split up the 
| granule, hmmm??? 



63637| } 

63638| #endif TDEBUG7 
63639| 

63640| if ( SgranuleWasSplitUp && NT_SUCCESS(status) ) { 

63641 1 status = Sblo_WriteDevice ( 

63642| DevExt->DeviceObject, 

63643| &ByteOffset, 

63644| GRANULE_SIZE, 

63645| GranuleBuffer ); 

63646| } 

63647| 

63648| if ( !NT_SUCCESS(status) ) { 

63649| RevertDebug(("!!!!!!! RevertGranule returning 

| %08x - your drive is probably unhappy now\n", status)); 
63 650 1 ASS E RT( F ALS E) ; 
63651 1 } 
63652 1 

63653 1 return status; 

63654| } 

63655| 

63656| 

63657| // 

| 

I- 

63658| // FinalizeRevert was made a separate function so that 
| we could perform the same functions either after 

63659| // reverting (if not a system drive) or deferring them 
| until after boot (if system volume). 

63660 1 

63661 1 STATIC void FinalizeRevert ( NTSTATUS status ) 
63662 1 { 

63663| RevertDebug(("FinalizeRevert: status passed in is 

| %08x\n",status)); 
63664| UpdateLastRevertResult (status); 
63665| UpdateRevertStatus (PSMJDLE); 
63666| if ( NT_SUCCESS(status) ) { 

63667| LogRevertEvent ( PSMREVERTCOMPLETE, status, 

I NULL, 0); 
63668| } else { 

63669| LogRevertEvent ( PSM_REVERT_FAILED, status, 

I NULL, 0); 
63670 1 } 
63671 1 } 
63672 1 

63673 1 // 

| 



63675| STATIC NTSTATUS Perform RevertOperation ( 
63676| VolumeEntry &volume, 



63677| ULONG revertFlags, 

63678| unsigned int64 startingGranule, // 

| nonzero only during recovery 
63679| bool preTestFlag ) //if 

| true, does the revert, if false, just tests cache 

| usage 
63680| { 

63681 1 // For each granule that has changed since the 

| snapshot was taken, 
63682| // copy from the snapshot to the live volume. 
63683 1 

63684| RevertDebug(("Entering 

| PerformRevertOperation%s\n M ,(preTestFlag?" (CACHE TEST 

| ONLY)":""))); 
63685| volume.cacheSlotsUsed.QuadPart = 0; 
63686| 

63687| WCHAR *eventl_ogStrings[5] = {0}; 
63688| 

63689| if ( !(revertFlags & PSM_REVERT_FLAG_IN_PROGRESS) ) 
|{ 

63690| // Enforce sanity: don't allow starting revert 

| in the middle 
63691 1 // unless we are explicitly told this is being 

| done in recovery. 
63692| startingGranule = 0; 
63693 1 } 
63694| 

63695| NTSTATUS status = STATUS_SUCCESS; 
63696| PFILTERED_EXTENSION devExt = 0; 
63697| pkSnapShotEntry p = 0; 
63698| PVOID granuleBuffer = (PVOID) 

| MemAllocatePoolWithTag ( PagedPool, GRANULE_SIZE, 

| PSM_REVERT_BUFFER_TAG ); 
63699 1 if ( granuleBuffer ) { 

63700| ULARGEJNTEGER startingSector = {0}; 
63701 1 ULARGEJNTEGER dataSize = {0}; 
63702| ULARGEJNTEGER num Volume Sectors = {0}; 
63703 1 

63704| p = volume. snapshot; 

63705| devExt = GetFilteredExtension 

| (p->DeviceObject); 
63706| ULONG SectorSize = devExt->BytesPerSector; 
63707| numVolumeSectors.QuadPart = 

| devExt->Pi.PartitionLength.QuadPart / SectorSize; 
63708| 

63709| dataSize.QuadPart = GRANULE_SIZE; 
63710| 

6371 1 1 ULONG treeSearch Flags = 0; 
63712| if( 

| pPersistentDictionary(p->Dictionary)->lsReadWrite() ) { 



63713| // If virtual volume is read-write, then we 

6371 4 1 // want to revert modifications to snapshot 

| as well. 

63715| treeSearch Flags |= DICT_FLAG_VIRTUAL_IO; 

63716| RevertDebug(( M Perform RevertOperation: 

| snapshot is not read-only; including virtual 

| writes\n M )); 
63717| } 
63718| 

63719| RevertDebug(( 

63720| "PerformRevertOperation: starting revert%s 

| of volume=%08x, numSectors=0x%016l64x, ss=%08x\n", 
63721 1 (preTestFlag ? " test" : ""), 

63722 1 p->DeviceObject, 
63723| numVolumeSectors.QuadPart, 
63724| p)); 
63725| 

63726| RevertDebug(("Perform RevertOperation: 

| treeSearch Flags = %08x\n",treeSearchFlags)); 
63727| 

63728| eventl_ogStrings[0] = devExt->Name; 
63729 1 

63730| if ( Ivolume.isSystemVolume ) { 
63731 1 UpdateRevertStatus 

| (PSM_REVERT_IN_PROGRESS); 
63732| if ( SpreTestFlag ) { 

63733| LogRevertEvent ( 

63734| PSM_REVERT_STARTING_VOLUME, 

63735| PSM_REVERT_STARTING_VOLUME, 

63736| eventLogStrings, 

63737| 1 ); 

63738| } 

63739| } 

63740 1 

63741 1 ULARGEJNTEGER lastGranuleFinished = {0}; 
63742| lastGranuleFinished. QuadPart = startingGranule; 
63743 1 

63744| if ( SpreTestFlag ) { 

63745| // Don't commit to recovery of revert 

| before deciding whether we 
63746| // really want to do it! 

63747| 

63748| UpdateRevertRecoverylnfo ( 

63749 1 p-> DeviceObject, 

63750| p->Dictionary->GetSequenceNumber(), 

63751 1 lastGranuleFinished ); 

63752 1 } 

63753 1 

63754| const _int64 RECOVE RY_U P D ATE_I NTE RVAL = 
| SECONDS(10); 



63755| LARGEJNTEGER nextRecoveryUpdateTime = {0}; 
63756| KeQuerySystemTime (&nextRecoveryUpdateTime); 
63757| nextRecoveryUpdateTime. QuadPart += 

| RECOVE RY U P DATE I NTE RVAL; 
63758| 

63759| for ( startingSector. Quad Part = startingGranule 

| * SECTORS_PER_GRANULE; 
63760| startingSector.QuadPart < 

| numVolumeSectors. QuadPart; 
63761 1 startingSector.QuadPart += 

| SECTORS_PER_G RANULE ) { 
63762 1 

63763| ULONG countDid = 0; 

63764| 

63765| NTSTATUS searchStatus = 

63766| p->Dictionary->searchMultiple ( 

63767| devExt, 

| //PFILTERED_EXTENSION DevExt 
63768| startingSector, 

| //ULARGE_INTEGER StartingSector 
63769| SECTORS_PER_G RANULE, //ULONG 

| Count 

63770| countDid, //ULONG 

| &CountDid 
63771| NULL, 

| //P RTL_B ITM A P 
63772| dataSize, 

| //ULARGEJNTEGER DataSize 
63773 1 g ranu leBuf f er, HP VO I D 

| VirtualDataPointer 
63774| treeSearchFlags ); //ULONG 

I Flags 
63775| 

63776| if ( searchStatus==STATUS_SUCCESS && 

| countDid==SECTORS_PER_GRANULE ) { 
63777| ++(volume.cacheSlotsUsed. QuadPart); 

| // assume worst case: each granule written uses more 

| cache 

63778| if ( IpreTestFlag ) { 

63779| // Put the cached data granule back 

| onto the original drive. 
63780| 

63781| LARGEJNTEGER byteOffset; 

63782| byteOffset. Quad Part = 

| startingSector.QuadPart * SectorSize; 
63783| 

63784| RevertDebug(( 

63785| "PerformRevertOperation: 

| reverting volume=%08x ss=%08x startSector=%l64u\n", 
63786| p->DeviceObject, 



63787| p, 

63788| startingSector.QuadPart)); 
63789| 

63790| __try { 

63791 1 status = RevertGranule ( 

| devExt, byteOffset, (const char *)granuleBuffer ); 
63792| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
63793 1 status = GetExceptionCode(); 

63794| RevertDebug(( M !!! 

| PerformRevertOperation: Exception %08x in 

| RevertGranule\n",status)); 
63795| } 
63796| 

63797| if ( status == STATUS_SUCCESS ) { 

63798| // Check to see if this would 

| be a good time to update recovery info 
63799| LARGEJNTEGER currentTime = 

|{0}; 

63800| KeQuerySystemTime 

| (&currentTime); 
63801 1 if ( currentTime.QuadPart >= 

| nextRecoveryUpdateTime.QuadPart ) { 
63802 1 

| lastGranuleFinished.QuadPart = 
63803| startingSector.QuadPart 

| / SECTORS_PER_GRANULE; 
63804| 

63805| UpdateRevertRecoverylnfo ( 

63806| p->DeviceObject, 
63807| 

| p->Dictionary->GetSequenceNumber(), 
63808| lastGranuleFinished ); 

63809 1 
63810| 

| nextRecoveryUpdateTime.QuadPart = 
6381 1 1 currentTime.QuadPart + 

| RECOVERYJJPDATEJNTERVAL; 
63812| } 
63813| }else{ 
63814| RevertDebug(( M M! 

| PerformRevertOperation: RevertGranule returned 0x%08x 

| (ss=%08x 

| sector=%l64u)\n", status, p,startingSector.QuadPart)); 
63815| break; // This is really 

| bad... we are in the middle of reverting and have 

| probably screwed up the volume 
63816| } 
63817| } 
63818| } 



63819| } 
63820| 

63821 1 FREE_POINTER (granuleBuffer); 
63822 1 } else { 

63823| RevertDebug(("PerformRevertOperation: Out of 

| memory (granuleBuffer)\n")); 
63824| status = STATUSJNSUFFICIENT_RESOURCES; 
63825| } 
63826| 

63827| if ( Ivolume.isSystemVolume ) { 
63828| UpdateRevertStatus (PSM_IDLE); 
63829 1 } 
63830 1 

63831| if ( SpreTestFlag ) { 

63832| // Only do the finalize (registry write and 
| logged event) if this is NOT the system drive 

63833| if ( volume. isSystemVolu me ) { 

63834| RevertDebug(( M PerformRevertOperation 
| (SysRevert): Skipping FinalizeRevertAn")); 

63835| } else { 

63836| FinalizeRevert (status); 

63837| } 

63838| 

63839| // 

63840| // We call CancelRevertAtBootForVolume when we 

| complete any revert operation 
63841 1 // so that we won't attempt to do the same 

| revert again during the next boot. 
63842| // If we never get here (say someone hits the 

| computer's reset button) then the next 
63843| // boot will automatically continue reverting 

| at the volume and granule 
63844| // indicated by the last call to 

| UpdateRevertRecoverylnfo. 
63845| // 

63846| if ( NT_SUCCESS(status) ) { 

63847| CancelRevertAtBootForVolume (&volume, 

| p->DeviceObject); 
63848| } else { 

63849| RevertDebug(("PerformRevertOperation: 
| Revert failed due to status=%08x. Will try revert 
| again at next bootAn", status)); 

63850 1 } 

63851 | 

63852 1 #if 0 
63853 1 { 

63854| // For debugging deadlock issues, we 

| artificially delay in debug builds... 
63855| 

63856| const int SecondsToWait = 30; 



63857| RevertDebug(("@$@$@$@$ Start Post-Revert 

| Test Delay (%d seconds) @$@$@$@$\n",SecondsToWait)); 
63858| 

63859| LARGEJNTEGER TimeToWait; 

63860| TimeToWait. Quad Part = 

| RELATIVE(SECONDS(SecondsToWait)); 
63861 1 KeDelayExecutionThread( 
63862| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE WaitMode, 
63863| FALSE, // IN BOOLEAN 

| Alertable, 

63864| &TimeToWait ); // IN PLARGEJNTEGER 

| Interval 
63865| 

63866| RevertDebug(( M @$@$@$@$ End Post-Revert 

| Test Delay @$@$@$@$\n")); 
63867| } 

63868| #endif TDEBUG7 
63869 1 } 
63870 1 

63871 1 RevertDebug(("PerformRevertOperation%s returning 

| %08x\n",(preTestFlag ? " (CACHE TEST 

| ONLY)":""),status)); 
63872 1 return status; 
63873 1 } 
63874| 

63875| // 

| 

I- 
63876| 

63877| STATIC NTSTATUS Remount Affected Volumes ( 
63878| VolumeEntry *volumeList, 
63879| ULONG numVolumes, 
63880| ULONG revertFlags ) 

63881 1 { 

63882 1 Revert Debug ((" E nteri ng Remou nt Affected Vo lu mes ; 
| numVolumes=%u, 

| volumeList=%08x\n",numVolumes,volumeList)); 
63883| NTSTATUS status = STATUS_SUCCESS; 
63884| 

63885| #ifdef DEBUG 
63886| #if 0 

63887| // Delay for testing purposes... this way I can 

| check to see if mount 
63888| // request for the volume(s) really fails 
63889| RevertDebug(("@$@$@$@$ Start Pre-Mount Test 

| Delay @$@$@$@$\n")); 
63890 1 

63891 1 LARGEJNTEGER TimeToWait; 

63892| TimeToWait.QuadPart = RELATIVE(SECONDS(2*60)); 



63893| KeDelayExecutionThread( 

63894| (KPROCESSOR_MODE)KernelMode, // IN 

| KPROCESSOR_MODE WaitMode, 
63895| FALSE, // IN BOOLEAN Alertable, 

63896| &TimeToWait ); // IN PLARGEJNTEGER 

| Interval 
63897| 

63898| RevertDebug(( M @$@$@$@$ End Pre-Mount Test 

| Delay @$@$@$@$\n")); 
63899| #endif 
63900| #endif TDEBUG7 
63901| 

63902| __try { 

63903| // Unlock and remount all involved volumes. 
63904| for ( ULONG volumelndex=0; 

| volumelndex<numVolumes; ++volumelndex ) { 
63905| VolumeEntry &thisEntry = 

| volumeList[volumelndex]; 
63906| //pkSnapShotEntry p = thisEntry.snapshot; 

63907| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension 

| (volumeList[volumelndex].volumeObject); 
63908| 

63909| devExt->lsReverting = FALSE; // 

| otherwise remount will be failed by filesystem filter 
63910| 

63911| if ( thisEntry.locked ) { 

63912| PFILE_OBJECT VolumeFileObject = NULL; 

63913| HANDLE VolumeHandle = 

| INVALID_HANDLE_VALUE; 
6391 4| NTSTATUS openStatus = 

| Sblo_OpenVolumeHandle (devExt->Name, VolumeHandle, 

| VolumeFileObject, 0); 
63915| if ( NT_SUCCESS(openStatus) ) { 

6391 6| NTSTATUS unlockStatus = 

| FS_UnlockVolume (VolumeFileObject); 
63917| if ( NT_SUCCESS(unlockStatus) ) { 

63918| thisEntry.locked = 0; 

63919| 

| RevertDebug(("RemountAffectedVolumes: volume '%S' 

| unlocked.\n M ,devExt->Name)); 
63920| } else { 

63921| 

| RevertDebug(("RemountAffectedVolumes: !!! Error %08x 
| unlocking volume '%S'\n",unlockStatus,devExt->Name)); 
63922| } 

63923| Sblo_CloseVolumeHandle 

| (VolumeHandle, VolumeFileObject); 
63924| } else { 

63925| 



I RevertDebug(("RemountAffectedVolumes: !!! Error %08x 

| opening volume '%S' for 

| unlock\n",openStatus,devExt->Name)); 



63926| } 
63927| } 
63928| 

63929| if ( thisEntry.dismounted ) { 

63930| SbTouchVolume (devExt->Name); 

63931 1 thisEntry.dismounted = 0; 

63932| RevertDebug(("RemountAffectedVolumes: 

| volume '%S' remounted.\n",devExt->Name)); 
63933| } else if ( thisEntry.dismountFailed ) { 

63934| RevertDebug(("RemountAffectedVolumes: 

| volume '%S' previously failed dismount - starting 

| part2\n",devExt->Name)); 
63935| 

63936| HANDLE ThreadHandle = 



| INVALID_HANDLE_VALUE; 
63937| 

| pmStartThread(PersistentDictionary::Part20fRebuildForVol 
| ume,devExt->DeviceObject,&ThreadHandle); 
63938| 

| ZwWaitForSingleObject(ThreadHandle,FALSE,NULL); 
63939| ZwClose(ThreadHandle); 
63940 1 

63941 1 RevertDebug(("RemountAffectedVolumes: 

| after waiting for part2 thread to finish on 

| '%S'\n",devExt->Name)); 
63942 1 } 
63943 1 } 
63944 1 } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
63945| status=GetExceptionCode(); 
63946| RevertDebug(("RemountAffectedVolumes: Error! 

| Exception %08x\n", status)); 
63947| } 
63948| 

63949| RevertDebug(("RemountAffectedVolumes returning 

| %08x\n",status)); 
63950 1 return status; 
63951 1 } 
63952 1 

63953 1 // 

| 

I- 
63954| 

63955| STATIC NTSTATUS DismountVolumeEntry ( VolumeEntry 

| &volumeEntry ) 
63956| { 

63957| NTSTATUS status = STATUS_SUCCESS; 



63958| PFILTERED_EXTENSION devExt = Get Filtered Extension 

| (volumeEntry.volumeObject); 
63959| 

63960| __try { 

63961 1 PFILE_OBJECT VolumeFileObject = NULL; 

63962| HANDLE VolumeHandle = INVALID_HANDLE_VALUE; 

63963 1 

63964| ASSERT ( !volu me Entry, dismounted ); 
63965| ASSERT ( IvolumeEntry. locked ); 
63966| 

63967| status = Sblo_OpenVolumeHandle (devExt->Name, 

| VolumeHandle, VolumeFileObject, GENERIC_READ); 
63968| 

63969| if ( NT_SUCCESS(status) ) { 
63970| ASSERT ( VolumeFileObject != NULL ); 

63971 1 ASSERT ( IsValidHandle(VolumeHandle) ); 

63972| status = FS_DismountVolume ( 

| VolumeFileObject ); 
63973| RevertDebug(("DismountVolumeEntry: 

| FS_DismountVolume returned %08x for 

| '%S'\n n ,status,devExt->Name)); 
63974| if ( NT_SUCCESS(status) ) { 

63975| volumeEntry. dismounted = 1 ; 

63976| } 

63977| Sblo_CloseVolumeHandle ( VolumeHandle, 

| VolumeFileObject ); 
63978| } 
63979 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
63980| status = GetExceptionCode(); 
63981 1 RevertDebug(( M M! Exception %08x in 

| DismountVolumeEntry\n",status)); 
63982 1 } 
63983 1 

63984| if ( !NT_SUCCESS(status) ) { 

63985| RevertDebug(("DismountVolumeEntry: Dismount 

| failed for '%S'\n", devExt->Name)); 
63986| volumeEntry. dismountFailed = 1 ; // set flag 

| so later we know we need to run part2 to reload 

| snapshots. 
63987| } 
63988| 

63989 1 return status; 

63990 1 } 

63991| 

63992| // 



63993| 

63994| NTSTATUS DismountVolumeList ( 



63995| VolumeEntry *volumel_ist, 

63996| ULONG num Volumes ) 
63997| { 

63998| NTSTATUS status = 0; 

63999| ULONG dismountedCount = 0; 
64000| 

64001 1 for ( ULONG volumelndex=0; volumelndex<numVolumes; 

| ++volumelndex ) { 

64002| status = DismountVolumeEntry 

| (volumeList[volumelndex]); 

64003| if ( NT_SUCCESS(status) ) { 

64004| ++dismountedCount; 

64005| } else { 

64006| break; 

64007| } 

64008| } 
64009 | 

64010| RevertDebug(("DismountVolumeList: dismounted %u 

| volume%s; status=%08x\n", 

6401 1 1 dismountedCount, 

64012| dismountedCount==1 ? "" : "s", 

64013| status)); 
64014| 

64015| return status; 

64016| } 

64017| 

64018| // 

| 

I- 
64019| 

64020| STATIC NTSTATUS PrepareVolumeList ( 

64021 1 pkSnapShotMaster master, 

64022| PDEVICE_OBJECT volumeDeviceObject, 

64023| VolumeEntry *volumeList, 

64024| const ULONG maxNumVolumes, 

64025| ULONG &numVolumes, 

64026| ULONG enableSystemVolumeRevert ) 

64027| { 

64028| RevertDebug(( 

64029| "Entering PrepareVolumeList; master=%08x, 

| volDevObj=%08x, volumeList=%08x\n", 

64030| master, 

64031 1 volumeDeviceObject, 

64032| volumeList)); 
64033 | 

64034| NTSTATUS status = STATUS_SUCCESS; 

64035| numVolumes = 0; 

64036| pkSnapShotEntry p = 0; 

64037| GetSnapShotForRead(); 

64038| __try { 



64039| p = GetTopSnapShotForMaster ( 

| &master->SnapShots ); 
64040| while ( p ) { 
64041 | 

| // 



64042| // If volumeDeviceObject==NULL, it means 

| that we want to include every volume 
64043| // in the snapshot. Otherwise, it is 

| interpreted to be the specific device object 
64044| // belonging to the single volume to do. 

64045| // 

64046| if ( volumeDeviceObject==NULL || 

| p->DeviceObject==volumeDeviceObject ) { 
64047| 

| // 

64048| // Make sure we don't overflow the 

| array... 
64049 1 // 

64050| if ( numVolumes >= maxNumVolumes ) { 

64051 1 RevertDebug(("PrepareVolumel_ist 

| (revert): More than %u volumes found !\n", 

| maxNumVolumes)); 
64052 1 

64053| // fail the snapshot 

64054| DoneWithSnapShot(p); // because 

| we called either GetTopSnapShotForMaster or 

| GetNextSnapShotForMaster 
64055| status = 

| STATUS_INSUFFICIENT_RESOURCES; 
64056| break; 
64057| } 
64058| 

64059| RevertDebug(("PrepareVolumel_ist: 

| list[%d] = ss %08x\n",numVolumes,p)); 
64060| VolumeEntry &thisEntry = 

| volumel_ist[numVolumes++]; 
64061| UseSnapShot(p); //increment 

| reference counter until we are done with ss 
64062| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension ( p->DeviceObject ); 
64063| 

64064| thisEntry. snapshot = p; 

64065| thisEntry.volumeld 

| devExt->Volumeld; 
64066| thisEntry.dismounted = 0; 

64067| thisEntry. locked = 0; 

64068| thisEntry.acquired = 1 ; 

64069| thisEntry.dismountFailed = 0; 

64070| thisEntry. isSystemVolume = 



I lsSystemVolume(devExt->Name) ? 1 : 0; 
64071 1 thisEntry.volumeObject 

| p->DeviceObject; 
64072 1 

64073 1 

| // 



64074| // Check for enabled/disabled system 

| drive revert... 
64075| // 

64076| if ( lenableSystemVolumeRevert && 



| thisEntry.isSystemVolume ) { 
64077| 

| if 
| 

64078| // This means the single- or 

| multi-volume snapshot contains the system drive, 

64079| // but reverting the system drive 

| is not allowed. We fail it now. 

64080 1 

64081 1 ASSERT(numVolumes>0 && 

| numVolumes<=maxNumVolumes); //we must have added at 

| least one volume to the list. 
64082| -numVolumes; // this erases the 

| current entry 'thisEntry' (i.e. the last entry) in the 

| list. 

64083 1 RevertDebug(("( Revert) 

| PrepareVolumeList: Failing snapshot that contains the 
| system volume!\n")); 

64084| 

64085| // fail the snapshot 

64086| DoneWithSnapShot(p); //call once 

| for UseSnapShot() and ... 
64087| DoneWithSnapShot(p); //...twice 

| for Get[Top|Next]SnapShotForMaster. 
64088| status = PSM_REVERT_FAILED; // 

| FIXFIXFIX: When we can re-localize, add new error for 

| "System Volume Revert Disabled". 
64089 1 break; 
64090 1 } 
64091| 

64092| devExt->lsReverting = TRUE; // 

| tells filesystem filter to prevent mounts and snapshot 
| reloads 

64093| } 

64094| 

64095| p = 

| GetNextSnapShotForMaster(&master->SnapShots,p); 
64096| } 
64097| } finally { 



64098| ReleaseSnapShotForRead(); 

64099| } 

64100| 

641 01 1 if ( numVolumes == 0 ) { 

641 02 1 if ( NT_SUCCESS(status) ) { 

641 03| // This is here to make sure we return an 

| error if we have no volumes in the snapshot. 
641 04| // We need to return an error code to make 

| sure the failure gets event logged. 
641 05| status = STATUS_NOT_FOUND; 

64106| } 

641 07| RevertDebug(( M PrepareVolumeList (revert) : Could 

| not find any volumes for master!\n")); 
64108| }else{ 

641 09| if ( volumeDeviceObject != NULL ) { 

641 1 0| // If a particular volume was specified, no 

| more than one snapshot 
641 1 1 1 // should have been found! 

64112| ASSERT (numVolumes == 1); 

64113| } 
64114| } 
64115| 

641 1 6| RevertDebug(("PrepareVolumeList returning 

| %08x\n",status)); 
64117| return status; 
64118| } 
64119| 

64120| // 

| 

I- 
64121| 

64122| STATIC ULONG CalcDeviceNamesLengthlnBytes ( 
64123| VolumeEntry *volumeList, 
64124| ULONG numVolumes) 
64125| { 

641 26| ULONG numChars = 1 ; // account for extra '\0' 

| at end of list 
64127| 

64128| for ( ULONG i=0; knumVolumes; ++i ) { 
641 29 1 PFILTERED_EXTENSION devExt = 

| GetFilteredExtension (volumeList[i].volumeObject); 
64130| numChars += wcslen(devExt->Name) + 1 ; 
64131| } 
64132| 

64133| return numChars * sizeof(WCHAR); 

64134| } 

64135| 

64136| // 



64137| 

64138| NTSTATUS GetSequenceForMaster ( 
64139| pkSnapShotMaster master, 
64140| ULONG &snapShotSequence ) 

64141| { 

64142| NTSTATUS status = STATUS_NOT_FOUND; 

641 43| snapShotSequence = 0; 

64144| 

64145| if ( !master){ 

64146| RevertDebug(( M GetSequenceForMaster: NULL 

| master encountered !\n")); 
64147| status = STATUS_INVALID_PARAMETER; 
64148| }else{ 

641 49| GetSnapShotForRead(); 
64150| __try{ 

64151 1 PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
64152| while(DevObj) { 

64153| 

| if(PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK) { 
641 54| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
641 55| pkSnapShotEntry p = GetTopSnapShot 

| ( &(DevExt->SnapShots) ); 
64156| while (p){ 

64157| if ( p->Dictionary ) { 

64158| if ( master == 

| p->MasterSnapShot ) { 
64159| snapShotSequence = 

| p->Dictionary->GetSequenceNumber(); 
64160| 

| RevertDebug(("GetSequenceForMaster: found 

| sequence=%08x from 

| snapshot=%08x\n",snapShotSequence,p)); 
641 61 1 DoneWithSnapShot(p); 
64162| status = 

| STATUS_SUCCESS; 
64163| break; 
64164| } 
64165| } 
64166| 

64167| p = 

| GetNextSnapShot(&(DevExt->SnapShots),p); 
64168| } 
64169| } 
64170| 

641 71 1 if ( status == STATUS_SUCCESS ) { 

64172| break; 
64173| } 
64174| 



64175| DevObj = DevObj->NextDevice; 

64176| } 

64177| } ^finally { 

641 78| ReleaseSnapShotForRead(); 
64179| } 



64180| } 
64181| 

641 82 1 RevertDebug(("GetSequenceForMaster: status=%08x, 
| in master=%08x, out seq=%08x\n", 



64183| status, 

64184| master, 

641 85| snapShotSequence)); 

64186| 



64187| return status; 

64188| } 

64189| 

64190| // 

| 

I- 
64191| 

64192| NTSTATUS GetMasterForSequenceAndVolume ( 
64193| ULONG snapShotSequence, 
64194| LARGEJNTEGER snapShotTime, 
64195| PDEVICE_OBJECT volumeDeviceObject, 
64196| pkSnapShotMaster &master ) 
64197| { 

64198| NTSTATUS status = STATUS_NOT_FOUND; 
64199| master = 0; 

64200| RevertDebug(("GetMasterForSequenceAndVolume: 
| sequence=%08x, volumeDeviceObject=%08x\n", 
| snapShotSequence, volumeDeviceObject)); 

64201| 

64202| ASSERT ( volumeDeviceObject != NULL ); 

64203| PFILTEREDEXTENSION devExt = GetFilte red Extension 

| (volumeDeviceObject); 
64204| ASSERT ( devExt != NULL ); 
64205| 

64206| GetSnapShotForRead(); 
64207| __try { 

64208| pkSnapShotEntry p = GetTopSnapShot ( 

| &(devExt->SnapShots) ); 
64209| while ( p ) { 
6421 0| if ( p->Dictionary ) { 

64211| ULONG seq = 

| p->Dictionary->GetSequenceNumber(); 
64212| int64time = 

| p->Dictionary->GetSnapShotTime(); 
64213| if ( time == snapShotTime.QuadPart ) { 

64214| ASSERT ( p->MasterSnapShot != NULL 

I); 



64215| ASSERT (seq == snapShotSequence); 

6421 6| if ( p->MasterSnapShot ) { 

6421 7| master = p->MasterSnapShot; 

64218| status = STATUS_SUCCESS; 

64219| }else{ 

64220| RevertDebug(("!!! 

| GetMasterForSequenceAndVolume: MasterSnapShot==NULL in 

| snapshot entry %08x\n",p)); 

64221 | } 

64222| DoneWithSnapShot(p); 

64223 1 break; 

64224| } 

64225| } 

64226| p = GetNextSnapShot(&(devExt->SnapShots), 

IP); 

64227| } 

64228| } ^finally { 

64229| ReleaseSnapShotForRead(); 

64230 1 } 

64231| 

64232| RevertDebug(("GetMasterForSequenceAndVolume 

| returning %08x, master=%08x\n M ,status, master)); 
64233| return status; 
64234| } 
64235| 

64236| // 

| 

I- 
64237| 

64238| NTSTATUS GetMasterListForSequence ( 
64239| ULONG snapShotSequence, 
64240| LARGEJNTEGER snapShotTime, 
64241 1 pkSnapShotMaster masterList[], 
64242| ULONG masterListM ax Entries, 

64243| ULONG &num Masters Found ) 

64244| { 

64245| NTSTATUS status = STATUS_SUCCESS; 
64246| RevertDebug(("GetMasterListForSequence: 

| sequence=%08x\n",snapShotSequence)); 
64247| numMastersFound = 0; 
64248| 

64249| pkSnapShotMaster master = 0; 
64250 1 GetSnapShotForRead(); 
64251 1 _try { 

64252| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
64253| while(DevObj && NT_SUCCESS(status)) { 
64254| 

| if(PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK) { 
64255| PFILTERED_EXTENSION DevExt = 



I GetFilteredExtension(DevObj); 
64256| 

64257| pkSnapShotEntry p = GetTopSnapShot ( 

| &(DevExt->SnapShots) ); 
64258| while ( p ) { 

64259| if ( p->Dictionary ) { 

64260| ULONG seq = 

| p->Dictionary->GetSequenceNumber(); 
64261 1 ASSERT ( p->MasterS nap Shot != 

| NULL); 

64262| if ( p->MasterSnapShot != NULL 

l){ 

64263| if ( 

| p->MasterSnapShot->SnapShotTime.QuadPart == 

| snapShotTime.QuadPart ) { 
64264| bool Already I nList = 

| false; 

64265| for ( ULONG mi=0; mi < 

| numMastersFound; ++mi ) { 
64266| if ( masterList[mi] 

| == p->MasterSnapShot ) { 
64267| Alreadyl nList = 

| true; 

64268| break; 
64269| } 
64270 1 } 
64271 1 

64272 1 if ( ! Already I nList ) { 

64273| ASSERT ( seq == 

| snapShotSequence ); 
64274| if ( 

| numMastersFound >= masterListMaxEntries ) { 
64275| status = 

| PSM_ERROR_INSUFFICIENT_BUFFER; 
64276| 

| RevertDebug(("GetMasterListForSequence: 

| masterListMaxEntries=%08x is not big 

| enough !\n", masterListMaxEntries)) ; 
64277| 

| DoneWithSnapShot(p); 
64278| break; 
64279 1 } 
64280 1 
64281 1 

| RevertDebug(("GetMasterListForSequence: Adding master 
| %08x to 

| masterList[%08x]\n",p->MasterSnapShot,numMastersFound)); 
64282 1 

| masterList[numMastersFound++] = p->MasterSnapShot; 
64283 1 } 



64284| } else { 

64285| 

| RevertDebug(("GetMasterListForSequence: NOTE: master 
| %08x has same sequence, but time %016l64x does not 
| match!\n",p->MasterSnapShot,p->MasterSnapShot->SnapShotT 
| ime.QuadPart)); 

64286| } 

64287| } 

64288| } 

64289| p = 

| GetNextSnapShot(&(DevExt->SnapShots), p); 

64290 1 } 

64291 1 } 

64292| DevObj = DevObj->NextDevice; 

64293 1 } 

64294| } ^finally { 

64295| ReleaseSnapShotForRead(); 

64296| } 

64297| 

64298| if ( NT_SUCCESS(status) ) { 
64299| if ( numMastersFound == 0 ) { 
64300| status = STATUS_NOT_FOUND; 

64301 | } 
64302 1 } 
64303| 

64304| RevertDebug(("GetMasterListForSequence returning 

| %08x, numMastersFound=%08x\n",status,numMastersFound)); 
64305| return status; 
64306| } 
64307| 

64308| // 

| 

I- 
64309| 

64310| NTSTATUS CreateRevertUndoSnapShot ( 
64311 1 VolumeEntry *volumeList, 
64312| ULONG numVolumes, 
64313| ULONG revertFlags, 
64314| ULONG SrevertUndoSequence ) 

64315| { 

6431 6| NTSTATUS status = STATUS_SUCCESS; 
6431 7| ULONG volumelndex = 0; 

64318| RevertDebug(("Entering CreateRevertUndoSnapShot; 

| numVolumes=%u\n",numVolumes)); 
64319| revertUndoSequence = 0; 
64320| 

64321| pOTJJSER user = 

| FindPSMUser(PsGetCurrentProcess(),(_ETHREAD*)(-2)); 
64322| if ( luser ) { 

64323| RevertDebug(("CreateRevertUndoSnapShot: 



I FindPSMUserO returned NULL!\n")); 
64324| status = PSM_ERROR_UNSUCCESSFUL; 
64325| } else { 

64326| const ULONG tempStringChars = 256; 

64327| const ULONG tempStringBytes = sizeof(WCHAR) * 

| tempStringChars; 
64328| WCHAR *tempString = (WCHAR *) MemAllocateString 

| (tempStringChars); 
64329| 

64330| if ( tempString ) { 

64331 1 ULONG DeviceNamesLengthlnBytes = 

| CalcDeviceNamesLengthlnBytes ( 
64332| volumeList, 
64333| numVolumes ); 

64334| 

64335| const ULONG PointerBytes = (1 + numVolumes) 

| * sizeof (WCHAR*); 
64336| const ULONG ExtraBytesAtEnd = PointerBytes 

| + DeviceNamesLengthlnBytes; 
64337| const ULONG OTISize = 

| sizeof(tOpenTransactionlnlnternal) + ExtraBytesAtEnd; 
64338| 

64339| tOpenTransactionlnlnternal *oti = 

| (tOpenTransactionlnlnternal *)MemAllocatePoolWithTag ( 
64340| Paged Pool, 

64341 1 OTISize, TEMPTAG ); 

64342 1 

64343| const ULONG OTOSize = 

64344| sizeof (tOpenTransactionOutlnternal) + 

64345| sizeof(WCHAR*) * numVolumes + 

64346| sizeof(WCHAR) * (1 00 * numVolumes); 

64347| 

64348| tOpenTransactionOutlnternal *oto = 

| (tOpenTransactionOutlnternal *)MemAllocatePoolWithTag ( 
64349| Paged Pool, 

64350| OTOSize,TEMPTAG ); 

64351 | 

64352 1 if ( !oti || !oto ) { 

64353| RevertDebug(("CreateRevertUndoSnapShot: 

| cannot allocate oti/oto\n")); 
64354| status = STATUS_INSUFFICIENT_RESOURCES; 

64355| } else { 

64356| RtlZeroMemory ( oto, OTOSize ); 

64357| RtlZeroMemory ( oti, OTISize ); 

64358| oti->NumberOf Devices = numVolumes; 

64359 1 

64360| ULONG NextNameOffset = 

| sizeof(tOpenTransactionlnlnternal) + PointerBytes; 

64361 1 WCHAR *NextName = (WCHAR *) ((char*)oti 

| + NextNameOffset); 



64362| 

64363| for ( volumelndex=0; 

| volumelndex<numVolumes; ++volumelndex ) { 
64364| //pkSnapShotEntry p = 

| volumeList[volumelndex]. snapshot; 
64365| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension 

| (volumeList[volumelndex].volumeObject); 
64366| wcscpy ( NextName, devExt->Name ); 

64367| oti->DeviceName[volumelndex] = 

| NextNameOffset; 
64368| ULONG CharsToSkip = 1 + 

| wcslen(devExt->Name); 
64369| NextName += CharsToSkip; 

64370| NextNameOffset += sizeof(WCHAR) * 

| CharsToSkip; 
64371 1 } 
64372 1 

64373| *NextName = 0; 

64374| oti->DeviceName[volumelndex] = 0; 

64375| 

64376| oti->NumToKeep = -1 ; 

64377| oti->Priority =254; 

64378| oti->lnternalFlags = 

| PSM_IFLAG_PERSISTENT; 
64379| oti->QuiescentTimeout = 5; 

64380| oti->QuiescentWait = 60; 

64381 1 oti->SnapShotFlags = 

| PSM_SS_FLAG_P_READONLY; 
64382 1 

64383 1 tkSnapShotMaster 

| *revertUndoSnapShotMaster = 0; 
64384| 

64385| status = WaitForQuiescentPeriod ( 

64386| user, 
64387| oti, 

64388| SrevertUndoSnapShotMaster ); 

64389 1 

64390| RevertDebug(("CreateRevertUndoSnapShot: 
| WaitForQuiescentPeriod returned %08x\n M ,status)); 

64391 1 if ( NT_SUCCESS(status) ) { 

64392| RevertDebug(("PSM Opened revert 

| undo snapshot=%08x\n",revertUndoSnapShotMaster)); 

64393| lnterlockedlncrement((PLONG) 
| &GlobalData->NumActive); 

64394| 

| RevertDebug(("CreateRevertUndoSnapShot: Incremented 
| NumActive to %08x\n",GlobalData->NumActive)); 

64395| PsmActive = TRUE; 

64396| lnterlockedlncrement((PLONG) 



I &user->Open); 
64397| 

| LogOpen(oti,revertUndoSnapShotMaster); 
64398| 

64399| // map drives and get instance 

| number 
64400| status = 

| VDiskMaplnDrives(revertUndoSnapShotMaster,oti,OTOSize,ot 

|o); 
64401| 

64402| if(!NT_SUCCESS(status)) { 

64403| // failed, clean up.. 

64404| 

| RevertDebug(("CreateRevertUndoSnapShot: 
| VdiskMaplnDrives Failed %08x for %08x 
| %08x\n",status,user,revertUndoSnapShotMaster)); 
64405| 

| lnternalClosePSM(user,revertUndoSnapShotMaster); 
64406| 

64407| } else { 

64408| 

| if(OTOSize>=sizeof(tOpenTransactionOutlnternal)) { 
64409| // return back pointer to 

| this so they can pass it to use on close 
6441 0| oto->KernelSnapShotPointer 

| = revertUndoSnapShotMaster; 
6441 1 1 oto->SnapShotTime = 

| revertUndoSnapShotMaster->SnapShotTime; 
64412| oto->lnstance = 

| revertUndoSnapShotMaster->lnstance; 
64413| 

64414| GetSnapShotForReadQ; 

64415| __try{ 

6441 6| pkSnapShotEntry s = 

| GetTopSnapShotForMaster(&revertUndoSnapShotMaster->SnapS 

| hots); 

64417| if(s){ 
64418| 

| s->Dictionary->GetOutParams(oto->CacheFileName); 
64419| revertUndoSequence 

| = s->Dictionary->GetSequenceNumber(); 
64420| 

| DoneWithSnapShot(s); 
64421 1 } 

64422| } ^finally { 

64423 1 

| ReleaseSnapShotForRead(); 
64424| } 
64425| } 
64426| } 



64427| 

64428| for ( volumelndex=0; 

| volumelndex<numVolumes; ++volumelndex ) { 
64429| pkSnapShotEntry p = 

| volumeList[volumelndex]. snapshot; 
64430| // Create snapshot path name 

| for the revert undo snapshot... 
64431| 

64432| swprintf ( tempString, 

| L M %s\\revert.%u M , gSnapShotDirName, revertUndoSequence 

I); 

64433| NTSTATUS sns = 

| volumeList[volumelndex].setNameStatus = SbSetUserName ( 
64434| revertUndoSnapShotMaster, 
64435| tempString, 
64436| tempStringBytes ); 

64437| 

64438| if ( !NT_SUCCESS(sns) ) { 

64439| 

| RevertDebug(("CreateRevertUndoSnapShot: 

| SetNameStatus=%08x, volumelndex=%u, 

| pkSnapShotEntry=%08x\n M ,sns,volumelndex,p)); 



64440| } 
64441 1 } 
64442 1 } 
64443 1 } 
64444| 

64445| if ( oti ) { 

64446| FREE_POINTER (oti); 

64447| } 

64448| 

64449 1 if ( oto ) { 

64450| FREE_POINTER (oto); 

64451 1 } 

64452 1 

64453| MemFreeString(tempString); 
64454| } else { 

64455| RevertDebug(( M CreateRevertUndoSnapShot: 

| Cannot allocate memory for 'tempStringYi")); 
64456| status = STATUS_INSUFFICIENT_RESOURCES; 

64457| } 
64458| } 
64459| 



64460| RevertDebug(("CreateRevertUndoSnapShot returning 

| %08x\n M ,status)); 
64461 1 return status; 
64462 1 } 
64463 1 

64464| // 

| 




STATIC void DoneWithRevertVolumes ( 
VolumeEntry *volumel_ist, 
ULONG numVolumes, 
boo I revertAtBoot ) 



64467| 
64468| 
64469| 



64470| { 

64471 1 GetSnapShotForRead(); 
64472 1 __try { 

64473| for ( ULONG volumelndex=0; 

| volumelndex<numVolumes; ++volumelndex ) { 
64474| pkSnapShotEntry p = 

| volumeList[volumelndex]. snapshot; 
64475| ASSERT ( p != NULL ); 

64476| if ( p != NULL ) { 

64477| // Do not enable remount on the volume 

| if it is the system volume being reverted at boot... 

64478 1 // This is because we are about to halt 

| the machine and tell the user to reboot. 

64479 1 

64480| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension 

| (volumeList[volumelndex].volumeObject); 
64481 1 if ( revertAtBoot && 

| volumeList[volumelndex].isSystemVolume ) { 
64482| RevertDebug(("DoneWithRevertVolumes 

| (SysRevert): Skipping mount enable for '%S'\n", 

| devExt->Name)); 
64483| //ASSERT(numVolumes == 1); // 

| confirm that doing revert-at-boot of system drive 

| reverts only that one drive. 
64484| } else { 

64485| RevertDebug(( M DoneWithRevertVolumes 

| (non SysRevert): Enabling remount on 

| '%SYi",devExt->Name)); 
64486| devExt->lsReverting = FALSE; // 

| because sometimes we don't call RemountAffectedVolumes 



64487| 
64488| 
64489 1 



if ( volumeList[volumelndex]. acquired ) 



|{ 



64490 1 
64491| 



DoneWithSnapShot (p); 
volumeList[volumelndex]. acquired = 



10; 



64492| 
64493| 
64494| 
64495| 
64496| 
64497| 



} finally { 

ReleaseSnapShotForRead(); 



64498| } 
64499| 
64500| //■ 



64501| 
64502| 
64503| 
64504| 
64505| 
64506| 



NTSTATUS RevertVolumeAtNextBoot ( 
PDEVICE_OBJECT Volume, 
ULONG SnapShotSequenceNumber, 
LARGE_INTEGER SnapShotTime, 
ULONG CancelOnlyRevertFlags ) 



64507| { 

64508| NTSTATUS status = PSM_ERROR_REBOOT_NEEDED; 
64509| 

64510| tRevertlnfo revertlnfo = {0}; 

6451 1 1 revertlnfo. LastKnownGranuleFinished.QuadPart = 0; 
64512| revertlnfo. SnapShotSequenceNumber = 

| SnapShotSequenceNumber; 
64513| revertlnfo. SnapShotTime = SnapShotTime; 
64514| 

64515| if ( SnapShotSequenceNumber == 0 ) { 
6451 6| // This is really a "cancel revert at boot" 
| operation. 

6451 7| II We use CancelOnlyRevertFlags here. It can 

| be either 0 (revert is complete) 
64518| // or PSM_REVERT_FLAG_FINALIZE_REVERT (system 

| drive was reverted, need to log 
64519| // events and update registry RevertStatus on 

| next boot). 
64520| 

64521 1 RevertDebug(("RevertVolumeAtNextBoot 

| (SysRevert): Using CancelOnlyRevertFlags\n")); 
64522| revertlnfo. RevertFlags = CancelOnlyRevertFlags; 
64523 1 } else { 

64524| revertlnfo. RevertFlags = 

| PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT; 
64525| } 
64526| 

64527 1 Revert Debug ((" Revert Vo lu meAtN extBoot (Sys Revert) : 

| Setting persistent RevertFlags to %08x\n", 

| revertlnfo. RevertFlags)); 
64528| PersistentDictionary::SetRevertBootlnfo (Volume, 

| revertlnfo); 
64529 1 

64530| status = PersistentDictionary::SaveHeader (Volume); 

64531 1 if ( NT_SUCCESS(status) ) { 

64532| if ( SnapShotSequenceNumber != 0 ) { 

64533| status = PSM_ERROR_REBOOT_NEEDED; 

64534| WCHAR ssSequenceString[32]; 

64535| Jtow ( SnapShotSequenceNumber, 



I ssSequenceString, 16, sizeof(ssSequenceString)-1 ); 
64536| WCHAR *eventl_ogStrings[] = { 

| ssSequenceString }; 
64537| LogRevertEvent ( 

| PSM_SCHEDULED_REVERT_AT_BOOT, status, eventLogStrings, 

1 1 ); 

64538 1 Update RevertStatus 

| (PSM_STATUS_REVERT_AT_BOOT); 
64539 1 } 
64540 1 } else { 

64541| RevertDebug(("RevertVolumeAtNextBoot: Error 

| %08x saving header!\n M ,status)); 
64542| } 
64543| 

64544| RevertDebug(("RevertVolumeAtNextBoot: in seq=%08x, 

| out status=%08x\n",SnapShotSequenceNumber,status)); 
64545| return status; 
64546| } 
64547| 

64548| // 

| 

I- 

64549| // UpdateRevertRecoverylnfo 
64550| // 

64551 1 // This function saves information about the state of 

| the revert operation 
64552| // in progress every now and then. If the computer 

| gets rebooted in the 
64553| // middle of a revert in progress, the revert boot 

| check will notice and 
64554| // continue where the interrupted revert left off. 
64555| 

64556| NTSTATUS UpdateRevertRecoverylnfo ( 
64557| PDEVICE_OBJECT Volume, 
64558| ULONG SnapShotSequenceNumber, 
64559| ULARGEJNTEGER LastGranule Finished ) 
64560 1 { 

64561 1 NTSTATUS status = STATUS_SUCCESS; 
64562| RevertDebug(("UpdateRevertRecoverylnfo: 

| ssSeq=%08x, volDevObj=%08x, granule=%016l64x\n", 
64563| SnapShotSequenceNumber, 
64564| Volume, 

64565| LastGranuleFinished.QuadPart)); 
64566| 

64567| tRevertlnfo revertlnfo = {0}; 

64568| revertlnfo. SnapShotSequenceNumber = 

| SnapShotSequenceNumber; 
64569| revertlnfo. LastKnownGranuleFinished = 

| LastGranuleFinished; 
64570| revertlnfo. RevertFlags 



I PSM_REVERT_FLAG_IN_PROGRESS; 
64571 1 

64572| // NOTE: We did not set 

| PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT 
64573| // on purpose: by the time we actually save 

| the 

64574| // recovery info to the header we either (a) 
| did want 

64575| // an undo snapshot and already created it 
| (and it will 

64576| // still be there when we boot), or (b) we 

| didn't want it. 
64577| 

64578| PersistentDictionary::SetRevertBootlnfo (Volume, 

| revertlnfo); 
64579 1 

64580| status = PersistentDictionary::SaveHeader (Volume); 
64581 1 RevertDebug(("UpdateRevertRecoverylnfo returning 

| %08x\n",status)); 
64582| ASSERT(NT_SUCCESS(status)); 
64583 1 

64584 1 return status; 

64585| } 

64586| 

64587| // 

| 

I- 
64588| 

64589| NTSTATUS CancelRevertAtBootForVolume ( VolumeEntry 

| *volumeEntry, PDEVICE_OBJECT Volume ) 
64590 1 { 

64591 1 RevertDebug(("Entering CancelRevertAtBootForVolume; 

| volumeEntry=%08x, Volume=%08x\n",volumeEntry,Volume)); 
64592| LARGEJNTEGER NullTime = {0}; 
64593| bool isSystemVolume = volumeEntry ? 

| (volumeEntry->isSystemVolume==1) : false; 
64594| 

64595| // The CancelRevertFlags allows us to determine 

| whether we want to finalize revert 
64596| // on the next boot (due to encountering system 

| drive). 

64597| // Finalize means log event and write to registry 

| that revert is complete. 
64598| 

64599| ULONG CancelRevertFlags = isSystemVolume ? 

| PSM_REVERT_FLAG_FINALIZE_REVERT : 0; 
64600| RevertDebug(("CancelRevertAtBootForVolume 

| (Sys Revert): CancelRevertFlags = 

| %08x\n",CancelRevertFlags)); 
64601 1 NTSTATUS status = RevertVolumeAtNextBoot (Volume, 



I ULONG(O), NuNTime, CancelRevertFlags); 
64602| if ( status == PSM_ERROR_REBOOT_NEEDED ) { 
64603| status = STATUS_SUCCESS; 
64604| // Do not risk I/O to system volume if it we 

| just reverted it. 
64605| if ( isSystemVolume ) { 

64606| RevertDebug(( M CancelRevertAtBootForVolume 
| (SysRevert): deferring events and status changeAn")); 

64607| } else { 

64608| LogRevertEvent ( 

| PSM_CANCELED_REVERT_AT_BOOT, status, NULL, 0 ); 

64609| Update RevertStatus 

| (PSM_STATUS_REVERT_AT_BOOT); 

64610| } 

6461 1 1 } 

64612| 

64613| RevertDebug(("CancelRevertAtBootForVolume returning 

| %08x\n",status)); 
64614| return status; 
64615| } 
64616| 

64617| // 

| 

I- 
64618| 

64619| NTSTATUS Cancel Revert At Boot ForAI I Volumes ( 
64620| pkSnapShotMaster master ) 
64621| { 

64622| NTSTATUS status = STATUS_SUCCESS; 
64623| RevertDebug(("CancelRevertAtBootForAIIVolumes: 

| master=%08x\n", master)); 
64624| 

64625| // Cancel revert at boot for every volume 

| referenced by 'master' independently. 
64626| 

64627| PersistentDictionary::BeginUpdate(); 
64628| __try { 

64629| GetSnapShotForRead(); 

64630| __try { 

64631| pkSnapShotEntry p = 

| GetTopSnapShotForMaster ( &master->SnapShots ); 
64632| while ( p ) { 

64633| status = CancelRevertAtBootForVolume ( 

| NULL, p->DeviceObject ); 
64634| if ( !NT_SUCCESS(status) ) { 

64635| 

| RevertDebug(("CancelRevertAtBootForAIIVolumes: 
| CancelRevertAtBootForVolume(%08x) returned 
| %08x\n",p,status)); 
64636| DoneWithSnapShot(p) ; 



64637| break; 
64638| } 
64639| 

64640| p = GetNextSnapShotForMaster ( 

| &master->SnapShots, p ); 
64641 1 } 

64642| } ^finally { 

64643| ReleaseSnapShotForRead(); 
64644| } 
64645| } ^finally { 

64646| PersistentDictionary::EndUpdate(); 

64647| } 

64648| 

64649| RevertDebug(("CancelRevertAtBootForAIIVolumes: in 

| master=%08x, out status=%08x\n",master,status)); 
64650 1 return status; 
64651 1 } 
64652 1 

64653 1 // 

| 



64655| NTSTATUS RevertAtNextBoot ( ULONG snapShotSequence, 

| LARGE INTEGER snapShotTime ) 
64656| { 

64657| NTSTATUS status = STATUS_NOT_FOUND; 
64658| ULONG numScheduled = 0; 
64659| // Schedule revert at boot for every volume 
64660 1 // referenced by 'master' independently. 
64661 1 

64662| pkSnapShotMaster *masterList = 0; 

64663| ULONG numMasters = 0; 

64664| status = CreateMasterListForSequence ( 

| snapShotSequence, snapShotTime, masterList, numMasters 

I); 

64665| if ( NT_SUCCESS(status) ) { 

64666| PersistentDictionary::BeginUpdate(); 

64667| __try { 

64668| GetSnapShotForRead(); 
64669 1 __try { 

64670| for ( ULONG masterlndex=0; masterlndex 

| < numMasters; ++masterlndex ) { 
64671 1 pkSnapShotEntry p = 

| GetTopSnapShotForMaster ( 

| &(masterList[masterlndex]->SnapShots) ); 
64672| while ( p ) { 

64673| NTSTATUS scheduleStatus = 

| Revert VolumeAtNext Boot ( p->DeviceObject, 

| snapShotSequence, snapShotTime, 0 ); 
64674| if ( scheduleStatus == 



I PSM_ERROR_REBOOT_NEEDED ) { 
64675| ++numScheduled; 
64676| } else if ( scheduleStatus != 

| STATUS_SUCCESS ) { 
64677| status = scheduleStatus; 

64678| } 

64679| p = GetNextSnapShotForMaster ( 

| &(masterList[masterlndex]->SnapShots), p ); 
64680| } 
64681 1 } 

64682| } finally { 

64683| ReleaseSnapShotForReadQ; 
64684| } 
64685| } ^finally { 

64686| PersistentDictionary::EndUpdate(); 

64687| } 

64688| 

64689| FREE_POINTER(masterList); 
64690| masterList = 0; 
64691 1 n urn Masters = 0; 
64692 1 } 
64693 1 

64694| if ( NT_SUCCESS(status) ) { 
64695| if ( numScheduled > 0 ) { 

64696| status = PSM_ERROR_REBOOT_NEEDED; 

64697| } 
64698| } 
64699 1 

64700| RevertDebug(("RevertAtNextBoot: in sequence=%08x, 

| out status=%08x\n",snapShotSequence,status)); 
64701 1 return status; 
64702 1 } 
64703 1 

64704| // 

| 

I- 
64705| 

64706| NTSTATUS A nalyzeRevertC ache Requirements ( 
64707| VolumeEntry *volumeList, 
64708| ULONG numVolumes ) 

64709 1 { 

6471 0| NTSTATUS status = STATUS_SUCCESS; 

6471 1 1 const ULONG SafetyMarginlnBytes = 4096 * 1 024; 

64712| const ULONG SafetyMarginlnGranules = 

| SafetyMarginlnBytes / GRANULE_SIZE; 
64713| 

64714| // Find out if there is enough cache space right 
| now 

6471 5| // to perform the revert. 
64716| 



64717| for ( ULONG volumelndex=0; volumelndex < 

| numVolumes; ++volumelndex ) { 
64718| // Passing preTestFlag=true to 

| PerformRevertOperation makes it just 
6471 9| // figure out the upper limit on cache usage 

| without doing anything to the disk... 
64720 1 

64721| __try{ 

64722| status = PerformRevertOperation ( 

| volumel_ist[volumelndex], 0, 0, true ); 
64723| } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
64724| status = GetExceptionCode(); 

64725| RevertDebug(("M! 

| AnalyzeRevertCacheRequirements: Exception %08x 

| occurred in pre-revert cache test\n", status)); 
64726| } 
64727| 

64728| if ( NT_SUCCESS(status) ) { 

64729| status = PSM_INSUFFICIENT_CACHE; // 

| assume worst case until we know it's safe 
64730| // The number of granules that would be 

| modified on disk is returned in 
64731 1 // volumeList[volumelndex].cacheSlotsUsed. 

64732 1 

| RevertDebug(("AnalyzeRevertCacheRequirements: 
| volumeList[%08x].cacheSlotsUsed = %016l64x\n'\ 

64733 1 volu mel ndex, 

64734| 

| volumeList[volumelndex].cacheSlotsUsed.QuadPart)); 
64735| 

64736| ASSERT ( 

| volumeList[volumelndex].cacheSlotsUsed.HighPart == 0 ); 
64737| if ( 

| volumeList[volumelndex].cacheSlotsUsed.HighPart == 0 ) 

|{ 

64738| // Everything you ever wanted to know 

| about cache usage is in the device extension... 

64739| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension( 
| volumeList[volumelndex].volumeObject ); 

64740 1 

64741 1 // Figure out how many cache slots are 

| available on the given volume. 
64742| int64 CacheGranuleslnUse = 

| int64(devExt->Cache.CurrentCacheFileSize); 

64743| int64 CacheGranulesTotal = 

| int64(devExt->Cache.PSManBitMapSize); 

64744| int64 CacheGranulesNeeded = 

| int64(volumeList[volumelndex].cacheSlotsUsed.QuadPart) 



I ; 

64745| 
64746| 

| RevertDebug(("AnalyzeRevertCacheRequirements: 

| DevExt=%08x, CacheGranuleslnUse=%08l64x, 

| CacheGranulesTotal=%08l64x\n",devExt,CacheGranuleslnL)se, 

| CacheGranulesTotal)); 
64747| ASSERT ( CacheGranuleslnUse <= 

| CacheGranulesTotal ); 
64748| if ( CacheGranuleslnUse + 

| CacheGranulesNeeded + SafetyMarginlnGranules < 

| CacheGranulesTotal ) { 
64749| status = STATUS_SUCCESS; 

64750| 

| RevertDebug(("AnalyzeRevertCacheRequirements: 
| volumel_ist[%08x] passes cache test!\n",volumelndex)); 

64751 1 } else { 

64752 1 

| RevertDebug(("AnalyzeRevertCacheRequirements: !!! 
| volumel_ist[%08x] FAILS CACHE TEST !!!\n",volumelndex)); 
64753 1 

| LogRevertEvent(PSM_INSUFFICIENT_CACHE_FOR_REVERT,PSM_INS 

| UFFICIENT_CACHE_FOR_REVERT,NULL,0); 
64754| } 
64755| } 
64756| } 
64757| 

64758| if ( !NT_SUCCESS(status) ) { 
64759| break; 
64760 1 } 
64761 | } 
64762 1 

64763 1 RevertDebug ((" AnalyzeRevertCacheRequ irements 

| returning %08x\n",status)); 
64764| return status; 
64765| } 
64766| 

64767| // 

I 

I- 
64768| 

64769| NTSTATUS RelocateSnapShotEntry ( 
64770| pkSnapShotMaster master, 
64771| VolumeEntry &volumeEntry ) 
64772| { 

64773| NTSTATUS status = STATUS_NOT_FOUND; 

64774| volumeEntry.snapshot = NULL; 

64775| pkSnapShotEntry p = GetTopSnapShotForMaster ( 

| &master->SnapShots ); 
64776| while ( p ) { 



64777| PFILTERED_EXTENSION devExt = 

| GetFilteredExtension(p->DeviceObject); 
64778| if ( devExt->Volumeld == volumeEntry.volumeld ) 

|{ 

64779| volumeEntry.snapshot = p; 

64780| status = STATUS_SUCCESS; 

64781| //NOTE: We deliberately refrain from 

| calling DoneWithSnapShot 
64782| // so that we still have a reference 

| to the snapshot. 
64783| // We will call 

| DoneWithRevertVolumes later. 
64784| volumeEntry.acquired = 1 ; // remember to 

| call DoneWithSnapShot later 
64785| break; 
64786| } 
64787| 

64788| p = 

| GetNextSnapShotForMaster(&master->SnapShots,p); 
64789 1 } 
64790 1 

64791 1 return status; 
64792 1 } 
64793 1 

64794| // 

| 

I- 
64795| 

64796| NTSTATUS RegenerateVolumeListFromMasterList ( 

64797| VolumeEntry *volumeList, 

64798| ULONG numVolumes, 

64799 1 pkS napS hotM aste r m asterl_ist[] , 

64800| ULONG numMasters ) 

64801 1 { 

64802| NTSTATUS status = STATUS_SUCCESS; 
64803| ASSERT ( masterList != NULL ); 
64804| ASSERT ( numMasters > 0 ); 
64805| 

64806| GetSnapShotForRead(); 
64807| _try { 

64808| for ( ULONG i=0; i < numVolumes; ++i ) { 
64809| status = STATUS_NOT_FOUND; 

64810| for ( ULONG m=0; m < numMasters; ++m ) { 

6481 1 1 status = RelocateSnapShotEntry ( 

| masterList[m], volumeList[i] ); 
64812| if ( status == STATUS_SUCCESS ) { 

64813| break; 
64814| } 
64815| } 
64816| 



64817| ASSERT ( status == STATUS_SUCCESS ); 

64818| if ( status != STATUS_SUCCESS ) { 

6481 9| RevertDebug(("RegenerateVolumeList: 

| error finding volumeld=%08x, index=%08x\n", 

| volumeList[i].volumeld, i)); 
64820 1 break; 
64821 1 } 
64822 1 } 

64823| } ^finally { 

64824| ReleaseSnapShotForRead(); 

64825| } 

64826| 

64827 1 Revert Debug ((" Regenerate Vo lu meList retu rn i ng 

| %08x\n M ,status)); 
64828| return status; 
64829 1 } 
64830| 

64831| // 



64832| 

64833| NTSTATUS CreateMasterListForSequence ( 
64834| ULONG masterSequence, 
64835| LARGEINTEGER masterTime, 
64836| pkSnapShotMaster *&masterList, 
64837| ULONG &num Masters In List ) 

64838| { 

64839| NTSTATUS status = STATUS_SUCCESS; 
64840| ULONG masterListArraySize = 1024; 
64841 1 do { 

64842| masterList = (pkSnapShotMaster *) 

| MemAllocatePoolWithTag ( 
64843| PagedPool, 
64844| 

| sizeof(pkSnapShotMaster)*masterListArraySize, 
64845| TEMPTAG ); 

64846| 

64847| if ( masterList ) { 

64848| status = GetMasterListForSequence ( 

64849 1 masterSequence, 

64850| masterTime, 

64851 1 masterList, 

64852 1 m aste rL ist A r ray S ize , 

64853| numMasterslnList ); 

64854| 

64855 1 if ( status == 

| PSM_ERROR_INSUFFICIENT_BUFFER) { 
64856| // try an array with twice as many 

| elements... 
64857| MemFreePool(masterList); 



64858| masterList = 0; 

64859| numMasterslnList = 0; 

64860| masterListArraySize *= 2; 

64861 1 } 

64862 1 } else { 

64863| RevertDebug(("M! 

| CreateMasterListForSequence: Out of memory allocating 

| master list!\n")); 

64864| status = STATUS_INSUFFICIENT_RESOURCES; 

64865| numMasterslnList = masterListArraySize = 0; 

64866| break; 

64867| } 

64868| } while ( status == PSM_ERROR_INSUFFICIENT_BUFFER 

I); 

64869 1 

64870| #ifdef_DEBUG 

64871 1 RevertDebug(("CreateMasterListForSequence: in 
| sequence=%08x time=%016l64x | out status=%08x, 
[ numMasters=%08x\n",masterSequence,masterTime.QuadPart,st 
| atus, numMasterslnList)); 

64872| for ( ULONG masterlndex=0; masterlndex < 
| numMasterslnList; ++masterlndex ) { 

64873 1 RevertDebug(( M masterList[%08x] = 
| %08x\n",masterlndex,masterList[masterlndex])); 

64874| } 

64875| #endif 

64876| 

64877| if ( !NT_SUCCESS(status) ) { 

64878| // The caller should have to free memory only 

| if we return success. 
64879 1 if ( masterList ) { 
64880| FREEPOINTER(masterList); 
64881| masterList = 0; 

64882| } 
64883| 

64884| numMasterslnList = 0; 

64885| } 

64886| 

64887| return status; 

64888| } 

64889| 

64890| // 

| 

I- 
64891| 

64892| NTSTATUS RegenerateVolumeList ( 
64893| VolumeEntry *volumeList, 
64894| ULONG numVolumes, 
64895| ULONG masterSequence, 
64896| LARGEJNTEGER masterTime ) 



64897| { 

64898| NTSTATUS status = STATUS_SUCCESS; 
64899| ULONG numMasterslnList = 0; 
64900| pkSnapShotMaster *masterl_ist = 0; 
64901| 

64902| status = CreateMasterListForSequence 

| (masterSequence, masterTime, masterList, 

| numMasterslnList); 
64903| if ( NT_SUCCESS(status) ) { 
64904| ASSERT ( numMasterslnList > 0 ); 
64905| Regenerate VolumeListFromMasterList ( 

| volumeList, numVolumes, masterList, numMasterslnList ); 
64906| } else { 
64907| numVolumes = 0; 

64908| RevertDebug(( M !M! Big problem %08x !!!! 

| Revert could not re-generate master list!\n",status)); 
64909| } 
64910| 

64911| if ( masterList ) { 

64912| MemFreePool (masterList); 

64913| masterList = 0; 

64914| numMasterslnList = 0; 

64915| } 

64916| 

64917| return status; 

64918| } 

64919| 

64920| // 

| 

I- 
64921| 

64922| STATIC void Revert_CleanupOpenCloseResource ( 
64923| ULONG numVolumes, 
64924| VolumeEntry *volumeList ) 
64925| { 

64926| if ( volumeList ) { 

64927| ASSERT (numVolumes > 0); 

64928| for ( ULONG volumelndex=0; volumelndex < 

| numVolumes; ++volumelndex ) { 
64929| if ( volumeList[volumelndex].openCloseDirty 

IH 

64930| PFILTERED EXTENSION devExt = 

| GetFilteredExtension 

| (volumeList[volumelndex].volumeObject); 
64931| 

| RevertDebug(("Revert_ReleaseOpenCloseResource: 
| index=%d, saved 

| oca=%08x\n",volumelndex,volumeList[volumelndex].saveOpen 
| CloseAcquired)); 
64932| devExt->OpenCloseAcquired = 



I volumeList[volumelndex].saveOpenCloseAcqujred; 
64933| volumeList[volumelndex].openCloseDirty 

1 = 0; 
64934| } 
64935| } 
64936| } 
64937| } 
64938| 

64939| // 



64940| 

64941| STATIC NTSTATUS SbRevertToSnapShotJnternal ( 

64942| pkSnapShotMaster master, 

64943| ULONG revertFlags, 

64944| ULONG &revertUndoSequence, 

64945| PDEVICE_OBJECT volumeDeviceObject, 

64946| unsigned int64 startingGranule ) 

64947| { 

64948| NTSTATUS status = STATUS_SUCCESS; 
64949| ULONG OpenCloseAcquired = FALSE; 
64950| ULONG numVolumes = 0; 
64951 1 VolumeEntry *volumeList = 0; 
64952 1 

64953 1 _Jry { 

64954| //!!!!!!!!!!!!!!!!! turn off revert undo 

| snapshot for beta !!!!!!!!!!!!!!!!!!!!!!!! 
64955| revertFlags &= 

| ~PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT; 
64956| //!!!!!!!!!!!!!!!!! turn off revert undo 

| snapshot for beta !!!!!!!!!!!!!!!!!!!!!!!! 
64957| 

64958| RevertDebug(( 

64959| "Entering SbRevertToSnapShotJnternal; 

| master=%08x, volumeDevObj=%08x, flags=%08x\n", 
64960| master, 
64961 1 volumeDeviceObject, 
64962| revertFlags)); 
64963 1 

64964| revertUndoSequence = 0; 

64965| 

64966| 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
64967| // Hack to avoid multi-volume revert bug: 
64968| // If registry key EnableMultiVolumeRevert is 

| zero, do not allow revert 
64969| // on a snapshot with more than one volume in 

lit. 

64970| ULONG EnableMultiVolumeRevert = 0xf00f1e; 



64971 1 

| Reg_GetULONGKey(&gRegistryPath,L"EnableMultiVolumeRevert 
| M ,0xf00f1e,&EnableMultiVolumeRevert); 
64972 1 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
64973 | 
64974| 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
64975| // Registry option for disabling revert 

| on system drive: 
64976| ULONG E nab leSystem Volume Revert = 0; 
64977| 

| Reg_GetULONGKey(&gRegistryPath,L"EnableSystemVolumeRever 
| t",0,&EnableSystemVolumeRevert); // sys vol revert 
| disabled by default 
64978| 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
| !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
64979 | 

64980| RevertDebug(("SbRevertToSnapShot_lnternal: 

| EnableMultiVolumeRevert=Ox%x, 

| EnableSystemVolumeRevert=Ox%x\n", 
64981 1 EnableMultiVolumeRevert, 
64982| EnableSystemVolumeRevert)); 
64983 1 

64984| if ( GlobalJnRevert ) { 

64985| status = STATUS_UNSUCCESSFUL; 

64986| ASSERT ( IGlobalJn Revert ); 

64987| RevertDebug(("SbRevertToSnapShot_lnternal: 

| !!! Already in revert !!!\n")); 
64988| } else { 

64989| GlobalJnRevert = TRUE; 

64990 1 __try { 

64991 1 ULONG masterSequence = 0; 

64992| status = GetSequenceForMaster (master, 

| masterSequence); 
64993| if ( !NT_SUCCESS(status) ) { 

64994| 

| RevertDebug(("SbRevertToSnapShot_lnternal: Could not 
| get sequence number for master! 
| status=%08x\n",status)); 
64995| } else { 

64996| LARGEJNTEGER masterTime = 

| master->SnapShotTime; 
64997| 

| RevertDebug(("SbRevertToSnapShot_lnternal: master=%08x 
| has time=%016l64x\n",master,masterTime)); 
64998| if ( revertFlags & 



I PSM_REVERT_FLAG_ATBOOT ) { 
64999| status = RevertAtNextBoot 

| (masterSequence, masterTime); 
65000| } else if ( revertFlags & 

| PSM_REVERT_FLAG_CANCEL_ATBOOT ) { 
65001 1 status = 

| Cancel RevertAtBootForAIIVolumes (master); 
65002 1 } else { 

65003| const ULONG maxNumVolumes = 

1512; 

65004| const ULONG 

| volumeListBytesAllocated = maxNumVolumes * 

| sizeof(VolumeEntry); 
65005| volumeList = (VolumeEntry *) 

| MemAllocatePoolWithTag ( 
65006| Paged Pool, 

65007| volumeListBytesAllocated, 
65008| TEMPTAG ); 

65009 | 

65010| if ( IvolumeList ) { 

65011| 

| RevertDebug(("SbRevertToSnapShot_lnternal: Out of 

| memory (volumeList)\n M )); 
65012| status = 

| STATUS_INSUFFICIENT_RESOURCES; 
65013| }else{ 
65014| __try{ 
6501 5| // Make sure everything 

| in the array is initialized to zero (especially flags 

| and pointers). 
6501 6| RtlZeroMemory ( 

| volumeList, volumeListBytesAllocated ); 
65017| 

65018| status = 

| PrepareVolumeList ( 
65019| master, 
65020| volumeDeviceObject, 
65021 1 volumeList, 
65022| maxNumVolumes, 
65023| numVolumes, 
65024| 

| EnableSystemVolumeRevert ); 
65025| 

65026| if ( NT_SUCCESS(status) 

l){ 

65027| if ( 

| SEnableMultiVolumeRevert && numVolumes>1 ) { 
65028| 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
| !!!!!!!!!!!!!!!!!!!!! 



65029| //hack to 

| avoid multi-volume revert issue 
65030| 

| RevertDebug(("SbRevertToSnapShot_lnternal: 

| Multi-volume revert disabled 

| (numVolumes=%08x)\n",numVolumes)); 
65031 1 status = 

| PSM_M U LTI_VO LUME_REVE RT_D IS AB LED; 
65032 1 Log RevertEvent 

| ( PSM_MULTI_VOLUME_REVERT_DISABLED, 

| PSM_M U LT l_VO LUME_REVE RT_D IS AB LED, NULL, 0 ); 
65033 1 

| UpdateLastRevertResult 

| (PSM MULTI VOLUME REVERT DISABLED); 
65034| 

| //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 

| !!!!!!!!!!!!!!!!!!!!! 
65035| } else { 

65036| if ( 

| revertFlags & PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT ) { 
65037| status = 

| CreateRevertUndoSnapShot ( 
65038| 

| volumeList, 
65039 1 

| numVolumes, 
65040 1 

| revertFlags, 
65041 | 

| revertUndoSequence ); 
65042 1 } 
65043 1 

65044| if ( 

| NT_SUCCESS(status) ) { 
65045| _try { 

65046| status 

| = AnalyzeRevertCacheRequirements (volumeList, 

| numVolumes); 
65047| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
65048| status 

| = GetExceptionCode(); 
65049 1 

| RevertDebug(("M! SbRevertToSnapShot_lnternal: 

| Exception %08x in AnalyzeCacheRequirements\n",status)); 

65050 1 } 

65051 | 

65052 1 if ( 

| NT_SUCCESS(status) ) { 
65053| if ( 



I revertFlags & PSM_REVERT_FLAG_DISMOUNT_AFFECTED_VOLUMES 
l){ 

65054| // 
65055| // 

| !!!! WARNING WARNING WARNING !!!! 
65056| // 
65057| // 

| As soon as we do the dismount, we cannot use the 

| 'master' 

65058| // 

| pointer anymore. Must use masterSequence to refer to 
65059| // 

| the master in question. 
65060| // 
65061 | 

| status = DismountVolumeList (volumeList, numVolumes); 
65062 1 } 
65063 1 

65064| master 

| = 0; //make sure we don't use pointer (see warning 

| above) 
65065| 

65066| if ( 

| NT_SUCCESS(status) ) { 
65067| 

| NTSTATUS AcquireStatus = STATUS_WAIT_0; 
65068| if 
| ( revertFlags & 

| PSM_REVERT_FLAG_DISMOUNT_AFFECTED_VOLUMES ) { 
65069 1 

| // If we were told to dismount the volumes, it means 
| that we are not doing this at boot. 
65070 1 

| // Therefore we need to acquire the OpenClose resource. 
65071 1 

| // We must *NOT* acquire OpenClose when booting up 

| because LoadSnapShotsForVolume 
65072 1 

| // has already done this. 
65073 1 
65074| 

| AcquireStatus = AcquireOpenCloseResource(); 
65075| 

| if ( AcquireStatus == STATU S_WAIT_0 ) { 
65076| 

| OpenCloseAcquired = TRUE; 
65077| 

| RevertDebug(("SbRevertToSnapShot_lnternal: OpenClose 
| resource has been acquiredAn")); 
65078| 



I } else { 
65079| 

| RevertDebug(("SbRevertToSnapShot_lnternal: !!! 
| OpenClose resource NOT acquired: 
| %08x\n",AcquireStatus)); 
65080| 
1} 

65081 1 } 
65082 1 

65083 1 if 

| ( AcquireStatus == STATUS_WAIT_0 ) { 
65084| 

| for ( ULONG volumelndex=0; volumelndex < numVolumes; 

| ++volumelndex ) { 
65085| 

| // pkSnapShotEntry p = 

| volumeList[volumelndex]. snapshot; 
65086| 

| PFILTERED_EXTENSION devExt = GetFiltered Extension 
| (volumeList[volumelndex].volumeObject); 
65087| 

| if ( OpenCloseAcquired ) { 
65088| 

| volumeList[volumelndex].saveOpenCloseAcquired = 
| devExt->OpenCloseAcquired; 
65089 1 

| volumeList[volumelndex].openCloseDirty = 1; 
65090 1 

| devExt->OpenCloseAcquired = TRUE; 
65091 | 

\) 
65092 1 

| RevertDebug(("SbRevertToSnapShot_lnternal: About to 

| call PerformRevertOperation with 

| volumelndex=%08x\n",volumelndex)); 
65093 1 
65094| 

I _try { 
65095| 

| status = PerformRevertOperation ( 
65096| 

| volumel_ist[volumelndex], 
65097| 

| revertFlags, 
65098| 

| startingGranule, 
65099 1 

| false ); 
65100| 

| } except( ExceptionFilter(GetExceptionlnformation()) 



I){ 

65101| 

| status = GetExceptionCodeQ; 
65102| 

| RevertDebug(("M! SbRevertToSnapShot_lnternal: 
| Exception %08x in PerformRevertOperation\n",status)); 
65103| 

1} 
65104| 
65105| 

| startingGranule = 0; 
65106| 

| if ( !NT_SUCCESS(status) ) { 
65107| 

| RevertDebug(("M! SbRevertToSnapShotJnternal: breaking 
| out of volume loop early due to error %08x\n",status)); 

65108| 
| break; 

65109| 

1} 
65110| 

1} 

651 1 1 | } 

| else { 
65112| 

| RevertDebug(("M! SbRevertToSnapShotJnternal: Could 
| not acquire Open/Close resource 
| (%08x)\n",AcquireStatus)); 
65113| 

| status = PSM_CANCELED_BY_USER; //??? Is this really 

| the right thing to return ??? 
65114| } 
65115| }else 

I { 
65116| 

| status = RevertAtNextBoot (masterSequence, masterTime); 
65117| } 
65118| }else{ 
65119| //Not 

| enough cache to perform the revert... 
65120| if( 

| revertFlags & PSM_REVERT_FLAG_CREATE_UNDO_SNAPSHOT ) { 
65121| // 

| !!! Delete the revert undo snapshot 
65122| 

| ASSERT(FALSE); 
65123| } 
65124| } 
65125| } 
65126| } 



65127| } 
65128| 

65129| if ( revertFlags & 

| PSM_REVERT_FLAG_DISMOUNT_AFFECTED_VOLUMES ) { 
651 30| // We are doing a 

| command line revert, not a revert at boot. 
65131| //Before 

| remounting the dismounted volumes, we must let go of 

| their snapshots. 
65132| 

| DoneWithRevertVolumes ( volumeList, numVolumes, false 

I); 

65133| 

65134| // Must remount 

| whether or not an error occurred... 
65135| // The call will 

| only remount volumes whose VolumeEntry::dismounted 
65136| //flag is set, 

| meaning they really were dismounted. 
65137| 

| RemountAffectedVolumes ( volumeList, numVolumes, 
| revertFlags ); 
65138| 

65139| if( 

| OpenCloseAcquired ) { 
65140| __try{ 
65141| 

| Revert_CleanupOpenCloseResource (numVolumes, 

| volumeList); 

65142| } ^finally { 

65143| 

| ReleaseOpenCloseResource(); 
65144| 

| OpenCloseAcquired = FALSE; 
65145| 

| RevertDebug(("SbRevertToSnapShot_lnternal: post-revert 
| (1): OpenClose resource has been released An")); 

65146| } 

65147| } 

65148| 

65149| //*** IMPORTANT 

| *** The remount has caused all of our 
65150| //snapshot 

| pointers and master pointers to become invalid. 
65151| //We need to 

| re-acquire everything based on persistent identifiers 
65152| // like snapshot 

| sequence numbers and volume IDs. 
65153| NTSTATUS 

| reGenStatus = RegenerateVolumeList ( volumeList, 



I numVolumes, masterSequence, masterTime ); 
65154| if( 

| !NT_SUCCESS(reGenStatus) ) { 
65155| numVolumes = 0; 

| // keep us from using invalid volume entries 
65156| } 
65157| } 

65158| } ^finally { 

65159| DoneWithRevertVolumes ( 

| volumeList, numVolumes, true ); 
65160| } 
65161| } 
65162| } 
65163| } 

65164| } ^finally { 

65165| _try{ 

651 66| if ( OpenCloseAcquired ) { 

65167| _try{ 

65168| 

| Revert_CleanupOpenCloseResource (numVolumes, 

| volumeList); 

65169| } ^finally { 

651 70| ReleaseOpenCloseResourceQ; 
651 71 1 OpenCloseAcquired = FALSE; 

65172| 

| RevertDebug(("SbRevertToSnapShot_lnternal: post-revert 
| (2): OpenClose resource has been released An")); 

65173| } 

65174| } 

65175| } ^finally { 

651 76| Globaljn Revert = FALSE; 

65177| if ( volumeList ) { 

65178| FREE_POINTER (volumeList); 

65179| 

| RevertDebug(("SbRevertToSnapShot_lnternal: volumeList 

| array has been freedAn")); 
65180| } 
651 81 1 numVolumes = 0; 

65182| } 
65183| } 
65184| } 
65185| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
651 86| status=GetExceptionCode(); 
65187| RevertDebug(("SbRevertToSnapShot_lnternal: 

| Error! Exception %08x\n",status)); 
65188| } 
65189| 

65190| RevertDebug(("SbRevertToSnapShot_lnternal returning 
| 0x%08x\n",status)); 



65191| return status; 

65192| } 

65193| 

65194| // 



65195| 

65196| void SbRevertThreadFunc ( RevertThreadParms 

| *revertParms ) 
65197| { 

65198| __try{ 

65199| if ( revertParms != NULL ) { 
65200| Debug(DEBUG_DEVCON,( 
65201 1 "Entering SbRevertThreadFunc; 

| revertParms=%08x, KernelPointer=%08x\n", 
65202| revertParms, 
65203 1 revert Parms->Master)); 

65204| 

65205| revertParms->Status = 

| SbRevertToSnapShotJnternal ( 
65206| revertParms->Master, 
65207| revertParms->Flags, 
65208| revertParms->RevertUndoSequence, 
65209| revertParms->VolumeDeviceObject, 
6521 0| revertParms->StartingGranule.QuadPart 

I); 

65211| }else{ 

65212| RevertDebug(( M M! SbRevertThreadFunc: 

| revertParms==NULL !!!\n")); 
65213| } 
65214| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
65215| // Not much we can do here... the exception 

| might have been caused 
65216| // by revertParms being an invalid pointer, so 

| don't try to set return code. 
6521 7| NTSTATUS code = GetExceptionCode(); 
65218| RevertDebug(("M! Exception %08x in 

| SbRevertThreadFunc !!!\n",code)); 
65219| } 
65220| } 
65221| 
65222| // 

| 

I- 
65223| 

65224| NTSTATUS SbRevertToSnapShot_SeparateThread_lnternal ( 

65225| tkSnapShotMaster *master, 

65226| PDEVICE_OBJECT volumeDeviceObject, 

65227| ULONG revertFlags, 



65228| ULONG &revertUndo Sequence, 

65229| unsigned int64 startingGranule ) 

65230| { 

65231 1 NTSTATUS Status = STATUS_PENDING; 
65232| RevertThreadParms RevertParms = {0}; 
65233 1 RevertParms. Master = master; 

65234| RevertParms. Flags 

| revertFlags; 
65235 1 RevertParms. Status 

| STATUS_PENDING; 
65236| RevertParms. RevertUndoSequence = 0; 
65237| RevertParms. StartingGranule. QuadPart = 

| startingGranule; 
65238| RevertParms. VolumeDeviceObject 

| VolumeDeviceObject; 
65239 | 

65240| Debug(DEBUG_DEVCON,("PSMAN: About to start revert 

| thread. .An")); 
65241 1 HANDLE RevertTh read Handle = NULL; 
65242| Status = pmStartThread( 

65243| (PKSTART_ROUTINE)SbRevertThreadFunc, 

65244 1 & Reve rt Parms, 

65245| &RevertThreadHandle ); 

65246| 

65247| if(NT_SUCCESS(Status)) { 

65248| Debug(DEBUG_DEVCON,("PSMAN: Revert thread has 

| been startedAn")); 
65249 1 

| ZwWaitForSingleObject(RevertThreadHandle,FALSE,NULL); 
65250| ZwClose(RevertThreadHandle); 
65251 1 RevertThreadHandle = NULL; 
65252| Status = RevertParms. Status; 

65253| Debug(DEBUG_DEVCON,("PSMAN: Revert returned 

| status=%08x\n",Status)); 
65254| } else { 

65255| Debug(DEBUG_DEVCON, ("Error %08x starting revert 

| thread\n",Status)); 
65256| } 
65257| 

65258| revertUndoSequence = 

| RevertParms. RevertUndoSequence; 
65259 1 return Status; 
65260 1 } 
65261 | 

65262 1 // 

| 



65264| NTSTATUS SbRevertToSnapShot_SeparateThread ( 
65265| tkSnapShotMaster *master, 



65266| PDEVICE_OBJECT volumeDeviceObject, 
65267| ULONG revertFlags, 
65268| ULONG &revertUndoSequence ) 

65269| { 

65270| NTSTATUS status = STATUS_SUCCESS; 
65271 | 

65272 1 _try { 
65273 1 status = 

| SbRevertToSnapShot_SeparateThread_lnternal ( 
65274| master, 
65275| volumeDeviceObject, 
65276| revertFlags, 
65277| revertUndoSequence, 
65278| 0 ); 

65279 1 } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
65280| status = GetExceptionCode(); 
65281| RevertDebug(( M M! 

| SbRevertToSnapShot_SeparateThread: Exception %08x 

| !!!\n",status)); 
65282| } 
65283| 

65284| return status; 

65285| } 

65286| 

65287| // 

| 

I- 
65288| 

65289| void MyDumpRevertlnfo ( pRevertlnfo r ) 
65290| { 

65291 1 RevertDebug((" Revertlnfo = %08x An", r )); 
65292| RevertDebug((" SnapSeqNum = %08x\n", 

| r->SnapShotSequenceNumber)); 
65293| RevertDebug((" LastGran = %016l64x\n", 

| r->LastKnownGranuleFinished)); 
65294| RevertDebug((" Flags = %08x\n", 

| r->RevertFlags)); 
65295| RevertDebug((" SnapTime = %016l64x\n", 

| r->SnapShotTime)); 
65296| } 
65297| 

65298| // 

| 

I- 
65299| 

65300| void MyDumpHeader ( pHeader header ) 
65301| { 

65302| RevertDebug(("Dump of header=%08x An", header)); 
65303| RevertDebug((" Version = %08x\n", 



I header->Version)); 
65304| RevertDebug((" Size = %08x\n M , 

| header->Size)); 
65305| RevertDebug((" Signature = %08x\n", 

| header->Signature)); 
65306| RevertDebug((" GranSize = %08x\n", 

| header->GranuleSizelnBytes)); 
65307| RevertDebug((" LoadWheel = %08x\n M , 

| header->lndexLoadWheel)); 
65308| Revert Debug ((" HiSnapNum = %08x\n M , 

| header->HighestSnapNumber)); 
65309| RevertDebug((" DateTimeWr = %016l64x\n", 

| header->DateTimeWritten)); 
6531 0| MyDumpRevertlnfo ( &(header->Revertlnfo) ); 
65311| } 
65312| 

65313| // 

| 

I- 
65314| 

65315| STATIC ULONG IsSystemVolume ( const WCHAR *DeviceName ) 
65316| { 

65317| UNICODE_STRING System Part it ion St ring = {0}; 
65318| UNICODE_STRING RegistryPathString = {0}; 
65319| const WCHAR * const RegistryPath = 

| U'WReg istryWM ach i neWSystemWSetu p\\" ; 
65320| RtllnitUnicodeString (&RegistryPathString, 

| RegistryPath); 
65321| 

| Reg_GetStringKey(&RegistryPathString,L M SystemPartition M , 

| L m \&SystemPartitionString); 
65322| RevertDebug(("lsSystemVolume: Found 

| System Partition='%S' in 

| registry\n",SystemPartitionString. Buffer)); 
65323| ULONG system = 

| (wcscmp(SystemPartitionString. Buffer, DeviceName)==0) ? 

| TRUE : FALSE; 
65324| Reg_FreeString(&SystemPartitionString); 
65325| RevertDebug(("lsSystemVolume '%S' returning 

| %08x\n M ,DeviceName,system)); 
65326| return system; 
65327| } 
65328| 

65329| // 



65331 1 extern "C" { 

65332| NTKERNELAPI void InbvEnableDisplayString ( DWORD 
I Flag ); 



65333| } 
65334| 

65335| NTSTATUS RevertCheckAtVolumeMount ( PDEVICE_OBJECT 

| volumeDeviceObject ) 
65336| { 

65337| NTSTATUS status = STATUS_SUCCESS; 

65338| ULONG Do Reboot= FALSE; 

65339| RevertDebug(("RevertCheckAtVolumeMount: 

| volumeDevObj=%08x\n", volumeDeviceObject)); 
65340| 

65341 1 ASSERT ( volumeDeviceObject != NULL ); 

65342| PFILTERED_EXTENSION devExt = GetFilte red Extension 

| (volumeDeviceObject); 
65343| ASSERT ( devExt != NULL ); 
65344| ULONG isSystemVolume = 

| lsSystemVolume(devExt->Name); 
65345| 

65346| if ( Global_lnRevert ) { 

65347| RevertDebug(("RevertCheckAtVolumeMount: 

| Already in revert; ignoring checkAn")); 
65348| } else { 

65349| ULONG revertUndoSequence = 0; 
65350 1 

65351 1 pHeader header = devExt->Cache. Header; 

65352 1 if ( header ) { 

65353| MyDumpHeader(header); 

65354| tRevertlnfo &revertlnfo = 

| header->Revertlnfo; 
65355| if ( revertlnfo.SnapShotSequenceNumber != 0 

l){ 

65356| // Looks like we have been requested to 

| do revert for this volume... 
65357| RevertDebug(("RevertCheckAtVolumeMount: 

| !!! Found revert request !!! seq=%08x, 

[ time=%016l64x\n", 
65358| revertlnfo.SnapShotSequenceNumber, 
65359| revertlnfo.SnapShotTime.QuadPart)); 
65360 1 

65361 1 Global_NeedResultUpdate = TRUE; 

65362 1 

65363| pkSnapShotMaster masterToRevertTo = 0; 

65364| 

65365| status = GetMasterForSequenceAndVolume 

l( 

65366| revertlnfo.SnapShotSequenceNumber, 
65367| revertlnfo.SnapShotTime, 
65368| volumeDeviceObject, 
65369| masterToRevertTo ); 

65370 1 

65371 1 if ( NT_SUCCESS(status) ) { 



65372| ASSERT ( masterToRevertTo != NULL 



I); 

65373| if ( masterToRevertTo ) { 

65374| status = 



| SbRevertToSnapShot_SeparateThread_lnternal ( 
65375| masterToRevertTo, 
65376| volumeDeviceObject, 
65377| revertlnfo.RevertFlags, 
65378| revertUndoSequence, 
65379| 



| revertlnfo.LastKnownGranuleFinished.QuadPart ); 
65380| if(NT_SUCCESS(status)) { 

65381 1 DoReboot = TRUE; 

65382 1 } 
65383 1 } else { 

65384| RevertDebug(("!!! 



| RevertCheckAtVolumeMount: internal error: status=%08x 
| but masterToRevertTo=NULL\n", status)); 



65389 1 

| RevertDebug(("RevertCheckAtVolumeMount: could not find 
| master for sequence number %08x\n", 
65390 1 

| revertlnfo.SnapShotSequenceNumber)); 
65391 1 } 
65392 1 } 
65393 1 } else { 

65394| RevertDebug(("RevertCheckAtVolumeMount: 
| header==NULL for 

| volDevObj=%08x\n",volumeDeviceObject)); 
65395| status = STATUS_INVALID_PARAMETER; 

65396| } 
65397| } 
65398| 

65399| if((DoReboot) && 

| (!PersistentDictionary::GetSystemReady())) { 
65400| // The revert has been performed, and we are 

| before system ready time. 
65401 1 // See if the volume we just reverted is the 

| system volume. 
65402| if ( isSystemVolume ) { 
65403| GlobaLNeedResultUpdate = FALSE; 



65385| 
65386| 
65387| 
65388| 



status = STATUS_NOT_FOUND; 



} else { 

status = STATUS_NOT_FOUND; 



65404| 
65405| 
65406| 

|//- 



#if 0 



65407| // Before generating intentional BSOD, 

| give system a delay to do hardware flush (?) 

65408| 

| // 



65409| const int SecondsToWait = 1 0; 

6541 0| LARGEJNTEGER TimeToWait; 

6541 1 1 TimeToWait.QuadPart = 

| RELATIVE(SECONDS(SecondsToWait)); 
6541 2| KeDelayExecutionThread 

| ((KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait); 

65413| 

| // 

| 

65414| #endif 
65415| 

65416| #if0 
65417| 

| // 



65418| // Cause an intentional blue screen of 

| death... 

65419| // We must in order to prevent booting 

| with both old drive data (before revert) 
65420| // mixed with post-revert data after 

| the revert. 
65421| 

| // 

| 

65422| KeBugCheck(PSM_REVERT_COMPLETE); 

65423| #endif 

65424| 

65425| #if 1 

65426| 

| // 

| 

65427| // This code is for displaying a 

| human-readable message instead of causing an 
| intentional 

65428| // BSOD. 

65429 1 

| // 



65430| lnbvEnableDisplayString(1 ); 

65431 1 char message[] = "Please restart the 

| computer to boot with reverted system driveAn"; 
65432| HalDisplayString (message); 

65433| RevertDebug(("RevertCheckAtVolumeMount: 

| Just called HalDisplayString to nofity user to 

| reboot\n")); 



65434| for(;;) { 

65435| 

| RevertDebug(('*RevertCheckAtVolumeMount: SYSTEM IS HUNG 

| - WAITING FOR POST-REVERT RESTARTAn")); 
65436| const int SecondsToWait = 30; 

65437| LARGEJNTEGER TimeToWait; 

65438| TimeToWait.QuadPart = 

| RELATIVE(SECONDS(SecondsToWait)); 
65439| KeDelayExecutionThread 

| ((KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait); 
65440| } 
65441 1 #endif 
65442 1 } 
65443 1 } 
65444| 

65445| if ( Global_NeedResultUpdate ) { 
65446| UpdateLastRevertResult(status); 
65447| } 
65448| 

65449| RevertDebug(("RevertCheckAtVolumeMount returning 

| %08x\n",status)); 
65450 1 return status; 
65451 1 } 
65452 1 

65453 1 // 

| 

I- 
65454| 

65455| void LogRevertEvent ( 
65456| ULONG message, 
65457| NTSTATUS error, 
65458| WCHAR *strings[], 
65459| ULONG numStrings ) 
65460 1 { 

65461| Log Error ( 



65462| (PDEVICE_OBJECT) PSManDriverObject, 

65463| NULL, 

65464| message, 

65465| error, 

65466| NULL, 

65467| 0, 

65468| strings, 

65469| numStrings ); 

65470| 



65471 1 RevertDebug(("LogRevertEvent: message=%08x, 
| error=%08x, 

| numStrings=%08x\n",message,error,numStrings)); 
65472| for ( ULONG i=0; i<numStrings; ++i ) { 
65473| RevertDebug(("LogRevertEvent: string[%d] = 

| '%S'\n", i, strings[i])); 



65474| } 
65475| } 
65476| 

65477| // 

| 

I- 
65478| 

65479| NTSTATUS UpdateRevertStatus ( DWORD Status ) 
65480| { 

65481 1 return UpdateDriverSubSystemStatus ( Status, 

| L"RevertStatus" ); 
65482 1 } 
65483| 

65484| // 

| 

I- 
65485| 

65486| NTSTATUS UpdateLastRevertResult ( DWORD ErrorCode ) 
65487| { 

65488| Global_NeedResultUpdate = FALSE; 

65489| if ( NT_SUCCESS(ErrorCode) ) { 

65490| ErrorCode = PSM_OPERATION_SUCCESSFUL; 

65491 1 } 

65492| return UpdateDriverSubSystemStatus ( ErrorCode, 

| U'LastRevertResult" ); 
65493 1 } 
65494| 

65495| // 

I 



65496| 

65497| /*— end of file revert.cpp —7 
65498| 
65499 1 
65500 1 

65501 1 File Listing: revert. h 
65502 1 

65503 1 // 



65504| // SbRevertVolumeToSnapShot 

65505| // Passed in a pkSnapShotMaster representing the 

| snapshot of volume(s) 
65506| // to be reverted to. Only the specified volume is 

| reverted. 
65507| // 

65508| // NOTE: YevertUndoSequence' is the where the 

| sequence number of the revert 
65509| // undo snapshot that was created by this call 

| will be put. 

6551 0| // If no undo snapshot was created, this value 



I will be set to zero. 
6551 1 1 // 



65512| NTSTATUS SbRevertVolumeToSnapShot ( 

65513| PDEVICE_OBJECT volume, 

65514| pkSnapShotMaster master, 

65515| ULONG revertFlags, 

65516| ULONG &revertUndoSequence ); 

65517| 

65518| 

65519| // 



65520| // SbRevertVolumeToSnapShot_SeparateThread 
65521 1 // Creates a separate thread for 

| SbRevertVolumeToSnapShot to run in, 
65522| // and waits for it to complete. This is so that Sb 

| functions 

65523| // for doing I/O are allowed access to the cache file 

| handle. 
65524| // 

65525| // NOTE: YevertUndoSequence' is the where the 

| sequence number of the revert 
65526| // undo snapshot that was created by this call 

| will be put. 

65527| // If no undo snapshot was created, this value 

| will be set to zero. 
65528| // 

65529| NTSTATUS SbRevertVolumeToSnapShot_SeparateThread ( 

65530| PDEVICE_OBJECT volume, 

65531 1 pkSnapShotMaster master, 

65532| ULONG revertFlags, 

65533| ULONG &revertUndoSequence ); 

65534| 

65535| // 
| 

65536| // SbRevertToSnapShot_SeparateThread 
65537| // Creates a separate thread for SbRevertToSnapShot to 
| run in, 

65538| // and waits for it to complete. This is so that Sb 
| functions 

65539| // for doing I/O are allowed access to the cache file 

| handle. 
65540 1 // 

65541 1 // NOTE: YevertUndoSequence' is the where the 

| sequence number of the revert 
65542| // undo snapshot that was created by this call 

| will be put. 

65543| // If no undo snapshot was created, this value 
| will be set to zero. 



65544| //- 



65545| NTSTATUS SbRevertToSnapShot_SeparateThread ( 

65546| pkSnapShotMaster master, 

65547| PDEVICE_OBJECT volumeDeviceObject, 

65548| ULONG revertFlags, 

65549| ULONG SrevertUndoSequence ); 

65550| 

65551 1 // 



65552| // RevertCheckAtVolumeMount 
65553 1 // 

65554| // This function is called when PSM mounts a volume. 
65555| // It determines whether a revert operation needs to be 
65556| // initiated/completed on that volume, based on 

| information in 
65557| // the header associated with that volume. 
65558| // 

I 

65559| NTSTATUS RevertCheckAtVolumeMount ( PDEVICE_OBJECT 

| volumeDeviceObject ); 
65560 1 
65561 1 

65562| // 



65563| // CancelRevertAtBootForAIIVolumes 
65564| // 

65565| // This function cancels revert at boot for all volumes 
| that 

65566| // have a revert scheduled. 

65567| // 

I 

65568| NTSTATUS CancelRevertAtBootForAIIVolumes(); 
65569 1 

65570 1 // 

I 

65571 1 // CancelRevertAtBootForVolume 
65572 1 // 

65573| // This function cancels revert at boot for a specified 
| volume. 

65574| // 

I 

65575| struct VolumeEntry; 

65576| NTSTATUS CancelRevertAtBootForVolume ( VolumeEntry *, 

| PDEVICE_OBJECT ); 
65577| 

65578| /*— end of file revert.h —7 
65579 1 
65580 1 
65581 | 



65582| File Listing: RTL.h 
65583| 

65584| #if _WIN32_WINNT<0x0500 
65585| // 

65586| // BitMap routines. The following structure, 

| routines, and macros are 
65587| // for manipulating bitmaps. The user is responsible 

| for allocating a bitmap 
65588| // structure (which is really a header) and a buffer 

| (which must be longword 
65589| // aligned and multiple longwords in size). 
65590| // 
65591| 

65592| typedef struct _RTL_BITMAP { 

65593| ULONG SizeOfBitMap; // Number 

| of bits in bit map 
65594| PULONG Buffer; // Pointer 

| to the bit map itself 
65595| } RTL_BITMAP; 

65596| typedef RTL_BITMAP *PRTL_BITMAP; 

65597| 

65598| // 

65599| // The following routine initializes a new bitmap. It 

| does not alter the 
65600| // data currently in the bitmap. This routine must be 

| called before 
65601 1 // any other bitmap routine/macro. 
65602 1 // 
65603 1 

65604| NTSYSAPI 

65605| VOID 

65606| NTAPI 

65607| RtllnitializeBitMap ( 

65608| PRTL_BITMAP BitMapHeader, 

65609| PULONG BitMapBuffer, 

6561 0| ULONG SizeOfBitMap 

65611| ); 

65612| 

65613| // 

65614| // The following two routines either clear or set all 

| of the bits 
65615| // in a bitmap. 
65616|// 
65617| 

65618| NTSYSAPI 

65619| VOID 

65620| NTAPI 

65621| RtlClearAIIBits ( 

65622| PRTL_BITMAP BitMapHeader 

65623| ); 



65624| 

65625| NTSYSAPI 

65626| VOID 

65627| NTAPI 

65628| RtlSetAIIBits ( 

65629| PRTL_BITMAP BitMapHeader 

65630| ); 

65631| 

65632| // 

65633| // The following two routines locate a contiguous 

| region of either 
65634| // clear or set bits within the bitmap. The region 

| will be at least 

65635| // as large as the number specified, and the search of 

| the bitmap will 
65636| // begin at the specified hint index (which is a bit 

| index within the 
65637| // bitmap, zero based). The return value is the bit 

| index of the located 
65638| // region (zero based) or -1 (i.e., Oxffffffff) if 

| such a region cannot 
65639 1 // be located 
65640 1 // 
65641 | 

65642| NTSYSAPI 

65643| ULONG 

65644| NTAPI 

65645| RtlFindClearBits ( 

65646| PRTL_BITMAP BitMapHeader, 

65647| ULONG NumberToFind, 

65648| ULONG Hintlndex 

65649 1 ); 

65650 1 

65651 1 NTSYSAPI 

65652 1 ULONG 

65653| NTAPI 

65654| RtlFindSetBits ( 

65655| PRTL_BITMAP BitMapHeader, 

65656| ULONG NumberToFind, 

65657| ULONG Hintlndex 

65658| ); 

65659 1 

65660 1 // 

65661 1 // The following two routines locate a contiguous 

| region of either 
65662| // clear or set bits within the bitmap and either set 

| or clear the bits 
65663| // within the located region. The region will be as 

| large as the number 
65664| // specified, and the search for the region will begin 



I at the specified 
65665| // hint index (which is a bit index within the bitmap, 

| zero based). The 
65666| // return value is the bit index of the located region 

| (zero based) or 
65667| // -1 (i.e., Oxffffffff) if such a region cannot be 

| located. If a region 
65668| // cannot be located then the setting/clearing of the 

| bitmap is not performed. 
65669 1 // 
65670 1 

65671 1 NTSYSAPI 
65672| ULONG 
65673| NTAPI 

65674| RtlFindClearBitsAndSet ( 
65675| PRTL_BITMAP BitMapHeader, 
65676| ULONG NumberToFind, 
65677| ULONG Hintlndex 
65678| ); 
65679 1 

65680| NTSYSAPI 
65681| ULONG 
65682| NTAPI 

65683| RtlFindSetBitsAndClear ( 

65684| PRTL_BITMAP BitMapHeader, 

65685| ULONG NumberToFind, 

65686| ULONG Hintlndex 

65687| ); 

65688| 

65689| // 

65690| // The following two routines clear or set bits within 

| a specified region 
65691 1 // of the bitmap. The starting index is zero based. 
65692 1 // 
65693 1 

65694| NTSYSAPI 

65695| VOID 

65696| NTAPI 

65697| RtlClearBits ( 

65698| PRTL_BITMAP BitMapHeader, 

65699| ULONG Startinglndex, 

65700| ULONG NumberToClear 

65701| ); 

65702| 

65703| NTSYSAPI 
65704| VOID 
65705| NTAPI 
65706| RtlSetBits ( 

65707| PRTL_BITMAP BitMapHeader, 
65708| ULONG Startinglndex, 



65709| ULONG NumberToSet 
65710| ); 
6571 1 | 
65712| // 

65713| // The following two routines locate the longest 

| contiguous region of 
65714| // clear or set bits within the bitmap. The returned 

| starting index value 
65715| // denotes the first contiguous region located 

| satisfying our requirements 
65716| // The return value is the length (in bits) of the 

| longest region found. 
65717| // 
65718| 

65719| NTSYSAPI 
65720| ULONG 
65721 1 NTAPI 

65722| RtlFindLongestRunClear ( 
65723| PRTLBITMAP BitMapHeader, 
65724| PULONG Startinglndex 
65725| ); 
65726| 

65727| NTSYSAPI 
65728| ULONG 
65729| NTAPI 

65730| RtlFindLongestRunSet ( 

65731 1 PRTL BITMAP BitMapHeader, 

65732| PULONG Startinglndex 

65733 1 ); 

65734| 

65735| // 

65736| // The following two routines locate the first 

| contiguous region of 
65737 1 // clear or set bits within the bitmap. The returned 

| starting index value 
65738| // denotes the first contiguous region located 

| satisfying our requirements 
65739| // The return value is the length (in bits) of the 

| region found. 
65740 1 // 
65741 | 

65742| NTSYSAPI 
65743 1 ULONG 
65744| NTAPI 

65745| RtlFindFirstRunClear ( 

65746| PRTL_BITMAP BitMapHeader, 

65747| PULONG Startinglndex 

65748| ); 

65749 1 

65750| NTSYSAPI 



65751 1 ULONG 

65752| NTAPI 

65753| RtlFindFirstRunSet ( 

65754| PRTLBITMAP BitMapHeader, 

65755| PULONG Startinglndex 

65756| ); 

65757| 

65758| // 

65759| // The following macro returns the value of the bit 

| stored within the 
65760| // bitmap at the specified location. If the bit is 

| set a value of 1 is 
65761 1 // returned otherwise a value of 0 is returned. 
65762 1 // 

65763 1 // ULONG 

65764| // RtlCheckBit ( 

65765| // PRTL BITMAP BitMapHeader, 

65766| // ULONG BitPosition 

65767| // ); 

65768| // 

65769 1 // 

65770| // To implement CheckBit the macro retrieves the 

| longword containing the 
65771 1 // bit in question, shifts the longword to get the bit 

| in question into the 
65772| // low order bit position and masks out all other 

| bits. 
65773 1 // 
65774| 

65775| #define RtlCheckBit(BMH,BP) ((((BMH)->Buffer[(BP) / 

| 32]) » ((BP) % 32)) & 0x1) 
65776| 
65777| // 

65778| // The following two procedures return to the caller 

| the total number of 
65779| // clear or set bits within the specified bitmap. 
65780 1 // 
65781 | 

65782| NTSYSAPI 
65783 1 ULONG 
65784| NTAPI 

65785| RtlNumberOfClearBits ( 

65786| PRTL_BITMAP BitMapHeader 

65787| ); 

65788| 

65789| NTSYSAPI 
65790 1 ULONG 
65791 1 NTAPI 

65792| RtlNumberOfSetBits ( 

65793| PRTL BITMAP BitMapHeader 



65794 
65795 
65796 
65797 



| boolean value 



65798 



| clear or set. 



65799 
65800 
65801 
65802 
65803 
65804 
65805 
65806 
65807 
65808 
65809 
65810 
65811 
65812 
65813 
65814 
65815 
65816 
65817 
65818 
65819 
65820 
65821 
65822 
65823 
65824 
65825 
65826 
65827 
65828 
65829 
65830 
65831 
65832 
65833 
65834 
65835 
65836 
65837 
65838 
65839 
65840 
65841 



); 



// 

// The following two procedures return to the caller a 



// indicating if the specified range of bits are all 



// 



NTSYSAPI 
BOOLEAN 
NTAPI 

RtlAreBitsClear ( 

PRTL BITMAP BitMapHeader, 
ULONG Startinglndex, 
ULONG Length 

); 

NTSYSAPI 
BOOLEAN 
NTAPI 

RtlAreBitsSet ( 

PRTL_BITMAP BitMapHeader, 
ULONG Startinglndex, 
ULONG Length 

); 

#endif 



File Listing: SBPSMAN.cpp 

#include "precomp.h" 
#include "buildnum.h" 

#ifdef DEBUG 

extern "C" void DumpSizeofs(void); 
#endif 

#ifdef ALLOC_PRAGMA 

#pragma alloc_text(INIT, DriverEntry) 
#ifdef DEBUG 

#prag m a al loc_text( I N I T, Du m pS izeof s) 
#endif 

#endif 



#ifdef DEBUG 

GLOBALTYPE ULONG DebugLevel=0x00000000; 



65842| GLOBALTYPE ULONG DebugPrints=0; 

65843| #endif 

65844| 

65845| GLOBALTYPE PDRIVER_OBJECT PSManDriverObject = NULL; 
65846| GLOBALTYPE PDEVICE_OBJECT PSManObject=NULL; 
65847| #ifdef DEBUG 

65848| GLOBALTYPE PSBPSMAN_EXTENSION 

| PSManObjectExtension=NULL; 
65849| #endif 

65850| GLOBALTYPE WCHAR 

| gSnapShotDirName[200]={0}; 
65851 1 GLOBALTYPE BOOLEAN 
65852| GLOBALTYPE BOOLEAN 
65853| GLOBALTYPE KSEMAPHORE 
65854| GLOBALTYPE KEVENT 
65855| GLOBALTYPE KEVENT 
65856| GLOBALTYPE KSEMAPHORE 
65857| GLOBALTYPE KSEMAPHORE 

| WriteAfterReadSemaphore={0}; 
65858| GLOBALTYPE KEVENT 
65859 1 

65860| GLOBALTYPE ULONG 

| NumberOfThreads=NUMTHREADS_DEF; 



Psm Active= FALS E ; 
PSManPSMInited = FALSE; 
ThreadSemaphore={0}; 
WorkerThread Event={0} ; 
ThreadOlnited={0}; 

WriteSemaphore={0}; 



PSManExitingEvent={0}; 



65861| GLOBALTYPE ULONG 
65862| GLOBALTYPE PMY_THREAD 
65863| GLOBALTYPE tMY_THREAD 
65864| 

65865| GLOBALTYPE LIST_ENTRY 
65866| GLOBALTYPE KSPIN_LOCK 
| ThreadsWorkToDoSpinLock={0}; 
65867| 

65868| GLOBALTYPE LIST_ENTRY 
65869| GLOBALTYPE KSPIN_LOCK 

| WriteAfterReadSpinLock={0}; 
65870| 

65871 1 GLOBALTYPE LIST_ENTRY 
65872| GLOBALTYPE LIST_ENTRY 
65873| GLOBALTYPE KSPIN_LOCK 
65874| 

65875| GLOBALTYPE ULONG 
65876| volatile GLOBALTYPE ULONG 

| Outstanding Requests=0; 
65877| GLOBALTYPE ULONG 
65878| GLOBALTYPE FAST_MUTEX 
65879| GLOBALTYPE FAST MUTEX 

| // Mutex for threshold handling 
65880| GLOBALTYPE FAST_MUTEX 
65881 1 GLOBALTYPE KSEMAPHORE 

| PSMOpenCloseSemaphore={0}; 
65882| #ifdef DEBUG_SNAPSHOTS 



GlobalThreadCount=0; 
ThreadObjects=NULL; 
WriteThreadObject={0}; 

ThreadsWorkToDoQueue={0}; 



WriteAfterReadQueue={0}; 



ProcessingQueue={0} ; 

WriteQueue={0}; 

WriteSpinLock={0}; 

DoPagingFile=0; 



PSManPSMFIags=0; 

WorkerThreadMutex={0}; 
CacheThresholdMutex={0}; 

PSMUserMutex={0}; 



PSMSnapShotSemaphore; 



PSMVDiskSemaphore={0}; 



65883| GLOBALTYPE KSEMAPHORE 

| // Semaphore for read/write snapshots 
65884| #endif 

65885| GLOBALTYPE KSEMAPHORE 
65886| GLOBALTYPE NTSTATUS 

| LastErrorStatus=STATUS_SUCCESS; 
65887| GLOBALTYPE FAST_MUTEX PSManMemoryMutex={0}; // 

| mutex for memory routines 
65888| GLOBALTYPE ULONG MaxWriteQueueDepth=0; 
65889| GLOBALTYPE ULONG WriteQueueDepth=0; 
65890| volatile GLOBALTYPE ULONG ThreadsAwake=0; 
65891 1 GLOBALTYPE ULONG 

| NewThreadStartDelay=NEWTHREADDELAY_DEF; // in 

| microseconds (1000000 = 1 second) 
65892| GLOBALTYPE ULONG 

| M axTh reads= M AXTH R E A DS_D E F ; 
65893| GLOBALTYPE ULONG 

| PSManCreateOptions=CREATEOPTIONS_DEF; 
65894| GLOBALTYPE ULONG 

| PSManOpenOptions=OPENOPTIONS_DEF; 
65895| GLOBALTYPE ULONG 

| PSManFillOnWrite=FILLONWRITES_DEF; 
65896| GLOBALTYPE ULONG 

| gHungSystemTimeOut=HUNGSYSTEMTIMEOUT_DEF; 
65897| GLOBALTYPE ULONG gLogErrors=1 ; 

65898| GLOBALTYPE ULONG gFailFreed=0; 
65899| GLOBALTYPE ULONG gLogOpenClose=1 ; 

65900| #ifdef DEBUG 

65901 1 GLOBALTYPE KSEMAPHORE PSM_DebugSemaphore={0}; 

| // Semaphore to write to log file 
65902| GLOBALTYPE ULONG gDebugToLog=TRUE; 

| // whether to log debug to log file or not 
65903| GLOBALTYPE LIST_ENTRY 

| Queue for threads 
65904| GLOBALTYPE KSPIN_LOCK 

| // spinlock 
65905| #endif 

65906| GLOBALTYPE ULONG 
65907| 

65908| //from tdrom.c 
65909| GLOBALTYPE KEVENT 
65910| 

65911| GLOBALTYPE 
65912| GLOBALTYPE 
65913| GLOBALTYPE 
65914| 

65915| GLOBALTYPE 
65916| GLOBALTYPE 
65917| GLOBALTYPE 



PSM_DebugQueue={0}; // 
PSM_DebugSpinLock={0}; 

gVDisklOHandling=0x0000; 



LIST_ENTRY 
KSPIN_LOCK 
KSEMAPHORE 

LISTENTRY 
KSPIN_LOCK 
KSEMAPHORE 



VDiskExitingEvent={0}; 

ReadVDiskQueue={0}; 
ReadVDiskSpinLock={0}; 
ReadVDiskSemaphore={0}; 

WriteVDiskQueue={0}; 
WriteVDiskSpinLock={0}; 



| WriteVDiskSemaphore={0}; 



65918| 

65919| GLOBALTYPE ULONG VDiskNumberOfThreads=0; 
65920| GLOBALTYPE FAST_MUTEX VDiskThreadMutex={0}; 
65921| 

65922| //GLOBALTYPE ULONG 

| gNumberOfBuffers=NUMBEROFBUFFERS_DEF; 
65923| //GLOBALTYPE ULONG 

| gBufferSize=BUFFERSIZE_DEF; 
65924| 

65925| GLOBALTYPE ULONG 

| gAllowWrites=ALLOWWRITES_DEF; 
65926| //GLOBALTYPE ULONG 

| gWriteCacheMaxSize=WRITECACHEMAXSIZE_DEF; 
65927| //GLOBALTYPE ULONG gScanLuns=0; 
65928| 

65929| GLOBALTYPE UNICODE_STRING gRegistryPath={0}; 
65930| 

65931| //GLOBALTYPE struct sCache VDiskCache={0}; 
65932| GLOBALTYPE HANDLE 

| gVDiskRootDirHandle=NULL; 
65933| GLOBALTYPE ULONG GlobalBuildNumber = 

| _BuildNumber_; 
65934| GLOBALTYPE ULONG GlobalVersionMajor = 

| (PSM_CURRENT_VERSION & OxffOO) » 8; 
65935| GLOBALTYPE ULONG GlobalVersionMinor = 

| PSM_CURRENT_VERSION & OxOOff; 
65936| GLOBALTYPE PEPROCESS GlobalSystemProcessld=0; 
65937| 

65938| //GLOBALTYPE ULONG gDoSeek=0; 
65939| //GLOBALTYPE ULONG 

| gCacheFlags=CACHEFLAGS_DEF; 
65940| // end from tdrom.c 
65941 | 

65942| #ifdef DEBUG 

65943| KBUGCHECK_CALLBACK_RECORD BugCheckCallbackRecord={0}; 

65944| PVOID BugCheckMemory=NULL; 

65945| char *BugCheckName="PSMAN Bugcheck 

| data"; 
65946| #endif 
65947| 

65948| #if _WIN32_WINNT>=0x0500 

65949| // {5066C2B1-0F70-421 1-B304-68E3629EE386} 

65950| DEFINE_GUID(PSManGuid, 0x5066c2b1 , 0xf70, 0x4211, 0xb3, 

| 0x4, 0x68, 0xe3, 0x62, 0x9e, 0xe3, 0x86); 
65951 | 

65952| WMIGUIDREGINFO PSManGuidList[] = 
65953 1 { 

65954| { &PSManGuid, 
65955| 1 , 
65956| 0 



65957| } 
65958| }; 
65959| #endif 
65960| 

65961 1 extern "C" { 

65962| extern PSHORT NtBuildNumber; 

65963 1 } 

65964| 

65965| #ifdef DEBUG 

65966| /* 



65967| extern "C" void DumpSizeofs(void) 
65968| { 

65969| // ntddk.h 

65970| Debug(DEBUG_INIT,("ntddk.h\n")); 
65971| Debug(DEBUG_INIT,(" 

| sizeof(LIST_ENTRY)=%d\n",sizeof(LIST_ENTRY))); 
65972| Debug(DEBUG_INIT,(" 

| sizeof(ERESOURCE)=%d\n",sizeof(ERESOURCE))); 
65973| Debug(DEBUG_INIT,(" 

| sizeof(KSPIN_LOCK)=%d\n",sizeof(KSPIN_LOCK))); 
65974| Debug(DEBUG_INIT,(" 

| sizeof(KEVENT)=%d\n",sizeof(KEVENT))); 
65975| Debug(DEBUG_INIT,(" 

| sizeof(PARTITION_INFORMATION)=%d\n",sizeof(PARTITION_INF 

| ORMATION))); 
65976| Debug(DEBUG_INIT,(" 

| sizeof(KSEMAPHORE)=%d\n",sizeof(KSEMAPHORE))); 
65977| Debug(DEBUG_INIT,(" 

| sizeof(FAST_MUTEX)=%d\n",sizeof(FAST_MUTEX))); 
65978| Debug(DEBUG_INIT,(" 

| sizeof(RTL_BITMAP)=%d\n",sizeof(RTL_BITMAP))); 
65979| Debug(DEBUG_INIT,(" 

| sizeof(FILE_OBJECT)=%d\n",sizeof(FILE_OBJECT))); 
65980| Debug(DEBUG_INIT,(" 

| sizeof(DEVICE_OBJECT)=%d\n",sizeof(DEVICE_OBJECT))); 
65981| Debug(DEBUG_INIT,(" 

| sizeof(DRIVER_OBJECT)=%d\n",sizeof(DRIVER_OBJECT))); 
65982| 

65983| //sbpsman.h 

65984| Debug(DEBUG_INIT,("sbpsman.h\n")); 
65985| Debug(DEBUG_INIT,(" 

| sizeof(DEVICE_EXTENSION)=%d\n",sizeof(DEVICE_EXTENSION)) 

I); 

65986| Debug(DEBUG_INIT,(" 

| sizeof(SBPSMAN_EXTENSION)=%d\n",sizeof(SBPSMAN_EXTENSION 

I))); 

65987| Debug(DEBUG_INIT,(" 

| sizeof(FILTERED_EXTENSION)=%d\n",sizeof(FILTERED_EXTENSI 
I ON))); 



65988| Debug(DEBUG_INIT,(" 

| sizeof(VDISK_EXTENSION)=%d\n",sizeof(VDISK_EXTENSION))); 
65989| Debug(DEBUG_INIT,(" 

| sizeof (tMY_THREAD)=%d\n",sizeof(tMY_THREAD))); 
65990| Debug(DEBUG_INIT,(" 

| sizeof(tPHYSICAL_DEVICE)=%d\n",sizeof(tPHYSICAL_DEVICE)) 

I); 

65991| Debug(DEBUG_INIT,(" 

| sizeof(tLOGICAL_DEVICE)=%d\n",sizeof(tLOGICAL_DEVICE))); 
65992| Debug(DEBUG_INIT,(" 

| sizeof(tOT_USER)=%d\n",sizeof(tOT_USER))); 
65993| Debug(DEBUG_INIT,(" 

| sizeof(tWriteRequest)=%d\n",sizeof(tWriteRequest))); 
65994| Debug(DEBUG_INIT,(" 

| sizeof(tReadRequest)=%d\n",sizeof(tReadRequest))); 
65995| Debug(DEBUG_INIT,(" 

| sizeof(tOpenPsmThread)=%d\n",sizeof(tOpenPsmThread))); 
65996| Debug(DEBUG_INIT,(" 

| sizeof(tkSnapShotEntry)=%d\n",sizeof(tkSnapShotEntry))); 
65997| Debug(DEBUG_INIT,(" 

| sizeof(tkSnapShotMaster)=%d\n",sizeof(tkSnapShotMaster)) 

I); 

65998| 

65999| // ioctl.h 

66000| Debug(DEBUG_INIT,("ioctl.h\n")); 
66001| Debug(DEBUG_INIT,(" 

| sizeof(tPSM_FreeVolume)=%d\n",sizeof(tPSM_FreeVolume))); 
66002| Debug(DEBUG_INIT,(" 

| sizeof(tOpenTransactionlnlnternal)=%d\n",sizeof(tOpenTra 

| nsactionlnlnternal))); 
66003| 

66004| // rbtree.h 

66005| Debug(DEBUG_INIT ! ("tree.h\n")); 
66006| Debug(DEBUG_INIT,(" 

| sizeof (tTreeLeaf)=%d\n",sizeof (tTreeLeaf))) ; 
66007| Debug(DEBUG_INIT,(" 

| sizeof (tTree)=%d\n",sizeof(tTree))); 
66008| 

66009| //psm.h 

6601 0| Debug(DEBUG_INIT,("psm.h\n")); 
66011| Debug(DEBUG_INIT,(" 

| sizeof(tPSM_Versionlnfo)=%d\n",sizeof(tPSM_Versionlnfo)) 

I); 

66012| Debug(DEBUG_INIT,(" 

| sizeof (tOpenTransactionln)=%d\n",sizeof(tOpenTransaction 
I In))); 

66013| Debug(DEBUG_INIT,(" 

| sizeof(tOpenTransactionOutW)=%d\n",sizeof(tOpenTransacti 

| onOutW))); 
66014| Debug(DEBUG_INIT,(" 



I sizeof(tPSM_GetErrorOut)=%d\n",sizeof(tPSM_GetErrorOut)) 

I ); 

66015| Debug(DEBUG_INIT,(" 

| sizeof(tPSM_GetProgressOut)=%d\n",sizeof(tPSM_GetProgres 

I sOut))); 
66016| Debug(DEBUG_INIT,(" 

| sizeof(tPSM_RangeList)=%d\n",sizeof(tPSM_RangeList))); 
66017| Debug(DEBUG_INIT,(" 

| sizeof(tPSM_FreeRanges)=%d\n",sizeof(tPSM_FreeRanges))); 
66018| 

66019| //ondisk.h 

66020| Debug(DEBUG_INIT,("ondisk.h\n")); 
66021| Debug(DEBUG_INIT,(" 

| sizeof(tPartRec)=%d\n",sizeof(tPartRec))); 
66022| Debug(DEBUG_INIT,(" 

| sizeof(tMBR)=%d\n",sizeof(tMBR))); 
66023| Debug(DEBUG_INIT,(" 

| sizeof(NTFS_BOOT_SECTOR)=%d\n",sizeof(NTFS_BOOT_SECTOR)) 

I); 

66024| Debug(DEBUG_INIT,(" 

| sizeof(FAT_BOOT_SECTOR)=%d\n",sizeof(FAT_BOOT_SECTOR))); 
66025| Debug(DEBUG_INIT,(" 

| sizeof(FAT32_BOOT_SECTOR)=%d\n",sizeof(FAT32_BOOT_SECTOR 

I))); 

66026| Debug(DEBUG_INIT,(" 

| sizeof(FSINFO_SECTOR)=%d\n",sizeof(FSINFO_SECTOR))); 
66027| } 
66028| #endif 
66029| 
66030| VOID 
66031 1 lnitAfterFileSys( 

66032| IN PDRIVER_OBJECT DriverObject, 

66033| IN PVOID Param, 

66034| IN ULONG Count 

66035| ) 

66036| 

66037| { 

66038 1 return; 
66039 1 } 
66040 1 
66041 | 

66042| r 



66043 1 

66044| extern "C" 
66045| NTSTATUS 
66046| DriverEntry( 

66047| IN PDRIVER_OBJECT DriverObject, 

66048| IN PUNICODE_STRING RegistryPath 

66049| ) 



66050| 
66051 1 /*++ 
66052 1 

66053| Routine Description: 
66054| 

66055| This is the routine called by the system to 

| initialize the disk 
66056| performance driver. The driver object is set up and 

| then the 

66057| driver calls PSManlnitialize to attach to the boot 

| devices. 
66058| 

66059| IRQL = PASSIVELEVEL 
66060| Arguments: 
66061 | 

66062| DriverObject - The disk performance driver object. 
66063 1 

66064| Return Value: 
66065| 

66066| NTSTATUS 

66067| 

66068| --*/ 

66069 1 

66070 1 { 

66071| NTSTATUS ntStatus=0; 

66072| WCHAR deviceNameBuffer[100]={0}; 

66073| UNICODE_STRING deviceNameUnicodeString={0}; 

66074| WCHAR deviceLinkBuffer[100]={0}; 

66075| UNICODE_STRING deviceLinkUnicodeString={0}; 

66076| UNICODE_STRING Uni={0}; 

66077| ULONG DispCopy=1; 

66078| ULONG DispNotice=0; 

66079| ULONG LogVersion=1 ; 

66080| #ifdef DEBUG 

66081 1 ULONG shouldBreak=0; 

66082| #endif 

66083 1 

66084| PAGED_CODE(); 
66085| 

66086| #if TRACK_CONTENTIONS 

66087| KelnitializeSpinLock(&ContentionSpinLock); 

66088| #endif 

66089 1 

66090 1 MemTrackl nit( Registry Path) ; 

66091| lnitProfiler(); 

66092| 

66093| 

| swprintf(deviceNameBuffer,L"%s_%04x",SBPSMAN_DEVICE_NAME 
| ,PSM_LOW_COMPATIBLE_VERSION); 
66094| 



I swprintf(deviceLinkBuffer,L ,,o /oS_%04x M ,SBPSMAN_WIN32_NAME, 
| PSM_LOW_COMPATIBLE_VERSION); 
66095| 

66096| GlobalSystemProcessId = PsGetCurrentProcess(); 
66097| 

66098| #ifdef DEBUG 

66099| // get Debug info first... 

66100| 

| Reg_GetULONGKey(RegistryPath,L"BreakOnEntry",0,&shouldBr 
I eak); 
66101| 

| Reg_GetULONGKey(RegistryPath,L"DebugLevel",0x0,&DebugLev 
I el); 
66102| 

66103| DbgPrint("Psman: DebugLevel = %08lx, 

| Flags=%08x\n M , DebugLevel, DriverObject->Flags); 
66104| 

66105| if ( shouldBreak ) { 

661 06| DbgPrint("Breaking in Psman driver entry\n M ); 

66107| DbgBreakPoint(); 

66108| } 

66109| 

66110| 

661 1 1 | 

| KelnitializeSemaphore(&PSM_DebugSemaphore,0,MAXLONG); 
661 12| lnitializeListHead(&PSM_DebugQueue); 
66113| KelnitializeSpinLock(&PSM_DebugSpinLock); 
66114| 
66115| 

| pmRegisterObject(&PSM_DebugSpinLock,"PSM_DebugSpinLock", 
| pmSpinLock); 
66116| 

| pmRegisterObject(&ContentionSpinLock,"ContentionSpinLock 
| M ,pmSpinl_ock); 
66117| 

| pmRegisterObject(&WriteSpinLock,"WriteSpinLock M ,pmSpinLo 

|ck); 
66118| 
66119| 

| pmRegisterObject(&PSM_DebugSemaphore,"PSM_DebugSemaphore 
| M ,pmSemaphore); 
66120| 

| pmRegisterObjec^&PSMOpenCloseSemaphore/'PSMOpenCloseSem 
| aphore",pmSemaphore); 
66121| 

| pmRegisterObject(&PSMVDiskSemaphore, M PSMVDiskSemaphore", 
| pmSemaphore); 
66122| 

| pmRegisterObject(&WriteVDiskSemaphore,"WriteVDiskSemapho 
| re", pmSemaphore); 



66123| 

| pmRegisterObject(&ReadVDiskSemaphore,"ReadVDiskSemaphore 
| M ,pmSemaphore); 
66124| 

| pmRegisterObject(&ThreadSemaphore, M ThreadSemaphore M ,pmSe 
| maphore); 
66125| 

| pmRegisterObject(&WriteSemaphore/WriteSemaphore M ,pmSema 
I phore); 
66126| 

| pmRegisterObject(&WriteAfterReadSemaphore,"WriteAfterRea 

| dSemaphore",pmSemaphore); 
66127| #ifdef DEBUG_SNAPSHOTS 
66128| 

| pmRegisterObject(&PSMSnapShotSemaphore, H PSMSnapShotSemap 

| hore",pmSemaphore); 
66129| #endif 
66130| 
66131| 

| pmRegisterObject(&WorkerThreadMutex, M WorkerThreadMutex", 
| pmMutex); 
66132| 

| pmRegisterObject(&PSMUserMutex;PSMUserMutex",pmMutex); 
66133| 

| pmRegisterObject(&PSManMemoryMutex;PSManMemoryMutex M ,pm 
| Mutex); 
66134| 

| pmRegisterObject(&VDiskThreadMutex,"VDiskThreadMutex",pm 
| Mutex); 
66135| 

66136| DumpSizeofs(); 

66137| #endif 

66138| 

66139| 

661 40| // write the build number to the registry 
66141| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,RegistryPath 
| ->Buffer,L"Build",REG_DWORD,&GlobalBuildNumber,sizeof(DW 
I ORD)); 
66142| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,RegistryPath 
| ->Buffer,L"VersionHi",REG_DWORD,&GlobalVersionMajor,size 
| of(DWORD)); 
66143| 

| RtlWriteRegistryValue(RTL_REGISTRY_ABSOLUTE,RegistryPath 
| ->Buffer,L"VersionLo",REG_DWORD,&GlobalVersionMinor,size 
| of(DWORD)); 
66144| 

661 45| // display our copyright 
66146| 



I Reg_GetULONGKey(RegistryPath,L"DisplayCopyright",0,&Disp 

I Copy); 
66147| if ( DispCopy ) { 
66148| WCHAR Buff [80]; 

66149| swprintf(Buff,L"Persistent Storage Manager (tm) 
| version %d.%02x build %d 

| %s\n",GlobalVersionMajor,GlobalVersionMinor,GlobalBuildN 

| umber, 
66150| #ifdef DEBUG 
66151| L"debug" 
66152| #else 
66153| L' m 
66154| #endif 
66155| ); 

66156| RtllnitUnicodeString (&Uni, Buff); 
66157| ZwDisplayString( &Uni ); 
66158| 

66159| RtllnitUnicodeString (&Uni, U'Copyright (c) 
| 1995-2001 Columbia Data Products, Inc. All Rights 
| Reserved !\n"); 

661 60| ZwDisplayString( &Uni ); 

66161| 

66162| } 

66163| 

661 64 1 Debug(DEBUG_INIT,("Persistent Storage Manager (tm) 
| version %d.%02x build 

| %d\n",GlobalVersionMajor,GlobalVersionMinor,GlobalBuildN 

| umber)); 
66165| 
66166| 

| Reg_GetULONGKey(RegistryPath,L"LogVersion",1 ,&LogVersion 

I); 

66167| if ( LogVersion ) { 
661 68| WCHAR VersionHigh[5]; 
661 69 1 WCHAR Versionl_ow[5]; 
66170| WCHAR Build[5]; 
661 71 1 WCHAR Message[1 0]; 
661 72 1 WCHAR *Strings[4]; 

66173| swprintf(VersionHigh,L"%d",GlobalVersionMajor); 
66174| 

| swprintf(VersionLow,L"%02x",GlobalVersionMinor); 
66175| swprintf(Build,L M %d",GlobalBuildNumber); 
661 76| swprintf (Message, L"%s", 
66177| #ifdef DEBUG 
66178| U'debug" 
66179| #else 
66180| L"" 
66181| #endif 
66182| ); 
661 83 1 Strings[0] = VersionHigh; 



661 84 1 Strings[1 ] = VersionLow; 
66185| Strings[2] = Build; 
66186| Strings[3] = Message; 
66187| 

66188| Hint -save -e740 7 
66189| 

| LogError((PDEVICE_OBJECT)DriverObject,NULL,PSM_VERSION_l 

| NFORMATION,0,NULL,0,Strings,4); 
66190| Hint -restore 7 
66191| } 
66192| 

66193| #if _WIN32_WINNT>=0x0500 
661 94| // compiling win2k (5.x) version 
66195| if ( *NtBuildNumber<=1381 ) { 
66196| Hint -save -e740 7 
66197| 

| LogError((PDEVICE_OBJECT)DriverObject,NULL,PSM_ERROR_WRO 

| NG_VERSION,0,NULL,0,NULL,0); 
66198| Hint -restore 7 
66199| #ifdef DEBUG 
66200| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,4,ntSt 

| atus,0); 
66201|#endif 
66202 | 

66203| return PSM_ERROR_WRONG_VERSION; 
66204| } 
66205| #else 

66206| // compiling 3.5x/4.x version 
66207| if ( *NtBuildNumber>1381 ) { 
66208| Hint -save -e740 7 
66209 | 

| LogError((PDEVICE_OBJECT)DriverObject,NULL,PSM_ERROR_WRO 

| NG_VERSION,0,NULL,0,NULL,0); 
66210| Hint -restore 7 
66211| #ifdef DEBUG 
66212| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,4,ntSt 
| atus,0); 
66213| #endif 

66214| return PSM_ERROR_WRONG_VERSION; 
66215| } 
66216| #endif 
66217| 

6621 8| // display user notice 
66219| 

| Reg_GetULONGKey(RegistryPath,L"DisplayNotice M ,0,&DispNot 
I ice); 

66220| if ( DispNotice ) { 
66221| ULONG i=0; 



66222| WCHAR Buff[128]={0}; 

66223 | 

66224| 

| Reg_GetStringKey(RegistryPath,L"Notice",L M Notice",&Uni); 

66225| ZwDisplayString( &Uni ); 

66226| Reg_FreeString(&Uni); 

66227| RtllnitUnicodeString (&Uni, L"\n"); 

66228| ZwDisplayString( &Uni ); 
66229 | 

66230| for ( i=2;k=9;i++ ) { 

66231 1 swprintf(Buff,L"Notice%d",i); 

66232 1 

| Reg_GetStringKey(RegistryPath,Buff,L M \t",&Uni); 

66233| if ( !((Uni.Buffer[0] == L'\t') && 

| (Uni.Buffer[1]== 0)) ) { 

66234| ZwDisplayString( &Uni ); 

66235| Reg_FreeString(&Uni); 

66236| RtllnitUnicodeString (&Uni, L"\n M ); 

66237| ZwDisplayString( &Uni ); 

66238| } else { 

66239 1 Reg_FreeSt ri ng (& U n i) ; 

66240 1 break; 

66241 1 } 

66242 1 } 

66243 1 } 
66244| 

66245| // if displayed text, add a extra line between it 

| and the devices being PSMed. 

66246| if ( (DispCopy) || (DispNotice) ) { 

66247| RtllnitUnicodeString (&Uni, L" \n"); 

66248| ZwDisplayString( &Uni ); 

66249 1 } 
66250 1 

66251 1 SbGetRegistrySettings( Registry Path ); 
66252 1 

66253 1 { 

66254| LARGEJNTEGER Perf; 

66255| KeQueryPerformanceCounter( &Perf ); 

66256| Debug(DEBUG_INIT,("Performance frequency = 

| %08x%08x\n",Perf.HighPart,Perf.LowPart)); 

66257| } 
66258| 
66259 1 

66260 1 PSManDriverObject = DriverObject; 
66261 | 

66262| // Create an NON EXCLUSIVE device object (multiple 
| threads 

66263 1 // can make requests to this device) 
66264| 

66265| RtllnitUnicodeString (SdeviceNameUnicodeString, 



66266| 



deviceNameBuffer); 



66267| 
66268| { 

66269| #ifdef DEBUG_EXTENSION 
66270| ULONG SizeOf Device Ext = 

| sizeof(DEVICE_EXTENSION); 
66271 1 #else 

66272| ULONG SizeOf Device Ext = SBPSMAN_EXTENSION_SIZE; 

66273| #endif 

66274| 

66275| #if _WIN32_WINNT >= 0x0500 
66276| #define OTMAN_SECURE_OPTION 

| FILE_DEVICE_SECURE_OPEN 
66277| #else 

66278| #define OTMAN_SECURE_OPTION 0 
66279| #endif 
66280 1 

66281 1 ntStatus = loCreateDevice (DriverObject, 
66282| SizeOfDeviceExt, 



66289| #undef OTMAN_SECURE_OPTION 

66290 1 } 

66291| 

66292| if ( NT_SUCCESS(ntStatus) ) { 

66293| PSBPSMAN_EXTENSION DevExt=NULL; 

66294| ULONG ullndex; 

66295| PDRIVER_DISPATCH * dispatch=NULL; 

66296| 

66297| Debug(DEBUG_INIT,("lnit: Changing security for 

| %p\n",PSManObject)); 
66298| 

66299| // Fix up the device object's security 

| descriptor by removing 
66300| // access to non-administrators. Don't check 

| the return code because 
66301 1 // in the bizarre case this would fail, we end 

| up with default security. 
66302 1 // 

66303| // Here I reach right into the device object to 

| pull out and 
66304| // replace its security descriptor. An 

| alternate way to accomplish 
66305| // the equivalent is to call 

| NtQuery Security Object and NtSetSecurityObject. 



66283 1 

| &deviceNameUnicodeString, 



66284| 
66285| 
66286| 
66287| 



FILEDEVICEUNKNOWN, 

OTMAN_SECURE_OPTION, 

FALSE, 

&PSManObject 



66288| ); 



66306| // Both these functions require a handle to the 

| device object, however. 
66307| // 
66308| 

66309| #if _WIN32_WINNT < 0x0500 

6631 0| ntStatus = NTI Remove Wo rid Ace( 

| PSManObject->SecurityDescriptor, 

| &PSManObject->SecurityDescriptor ); 
66311| #endif 
66312| 

66313| Debug(DEBUG_INIT,("lnit: Internal Device %p 
| created for driver %p\n",PSManObject,DriverObject)); 
66314| 

66315| PSManObject->Flags |= DO_BUFFERED_IO; 
66316| 

66317| #ifdef DEBUG_EXTENSION 
66318| 

| ((PDEVICE_EXTENSION)(PSManObject->DeviceExtension))->Obj 
| ectType = OBJECTJNTERNAL; 
66319| 

| ((PDEVICE_EXTENSION)(PSManObject->DeviceExtension))->Rea 
| IDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,SBPSMAN_EXTENSION_SI 
| ZE,DEVEXTTAG); 
66320| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(PSManObject->DeviceEx 
| tension))->RealDeviceExtension,SBPSMAN_EXTENSION_SIZE); 

66321| #endif 

66322| 

66323| DevExt = (PSBPSMAN_EXTENSION) 

| GetDeviceExtension(PSManObject); 
66324| 

66325| #ifdef DEBUG 

66326| PSManObjectExtension= DevExt; 

66327| #endif 

66328| 

66329| DevExt->DeviceObject = PSManObject; 
66330| DevExt->DriverObject = DriverObject; 
66331 1 DevExt->ObjectType = OBJECTJNTERNAL; 
66332| DevExt->LargestBPS = 0; 
66333| DevExt->NumActive = 0; 
66334| DevExt->ShutDownCalled = 0; 
66335| DevExt->PSMUsers = NULL; 
66336| 

66337| lnitializeListHead(&DevExt->WaitQueue); 
66338| 

| KelnitializeSpinLock(&DevExt->WaitQueueSpinLock); 
66339 1 

| pmRegisterObject(&DevExt->WaitQueueSpinLock,"DevExt->Wai 
| tQueueSpinLock",pmSpinLock); 



66340| 
66341 | 

| ExlnitializeResourceLite(&DevExt->DeviceResource); 
66342 1 

| ExlnitializeResourceLite(&DevExt->SnapShotResource); 
66343 1 

| pmRegisterObject(&DevExt->DeviceResource,"DevExt->Device 
| Resource", pmRwLock); 
66344| 

| pmRegisterObject(&DevExt->SnapShotResource,"DevExt->Snap 
| ShotResource",pmRwLock); 
66345| 

66346| lnitWriteModule(); 
66347| 

66348| // Set up the device driver entry points. 
66349| Debug(DEBUG_INIT,("lnitializing supported 

| functions\n")); 
66350 1 

66351 1 // 

66352 1 // Create dispatch points 
66353 1 // 

66354| for ( ullndex = 0, dispatch = 

| DriverObject->MajorFunction; 
66355| ullndex <= IRP_MJ_MAXIMUM_FUNCTION; 

66356| ullndex++, dispatch++ ) { 

66357| 

66358| // Use PSManFSPassThru instead of 

| PSManPassThru so it doesnt 
66359| // modify the OutstandingRequests variable, 

| otherwise we may get an 
66360| // issue when the filesystem filter 

| forwards requests through the 
66361 1 // system, which goes through the disk 

| driver 

66362| *dispatch = PSManFSPassThru; 

66363 1 } 

66364| 

66365| DriverObject->MajorFunction[IRP_MJ_CREATE] 

| = PSManCreate; 
66366| DriverObject->MajorFunction[IRP_MJ_CLOSE] 

| = PSManClose; 
66367| DriverObject->MajorFunction[IRP_MJ_READ] 

| = PSManRead; 
66368| DriverObject->MajorFunction[IRP_MJ_WRITE] 

| = PSManWrite; 
66369 1 

| DriverObject->MajorFunction[IRP_MJ_FLUSH_BUFFERS] 
| = PSManFlush; 
66370 1 

| DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] 



I = PSManDeviceControl; 
66371| DriverObject->MajorFunction[IRP_MJ_SHUTDOWN] 

| = PSManShutdown; 
66372| DriverObject->MajorFunction[IRP_MJ_CLEANUP] 

| = PSManCleanup; 
66373| 

66374| #if _WIN32_WINNT>=0x0500 

66375| // we do not support wmi yet. FIXFIXFIX 

66376| // 

| DriverObject->MajorFunction[IRP_MJ_SYSTEM_CONTROL] = 
| PSManWmi; 

66377| DriverObject->MajorFunction[IRP_MJ_PNP] 
| = PSManPnp; 

66378| DriverObject->MajorFunction[IRP_MJ_POWER] 

| = PSManPower; 
66379| DriverObject->DriverExtension->AddDevice 

| = PSManAdd Device; 
66380 1 D ri verObject-> D riverU n load 

| = PSManUnload; 
66381 1 

66382| Debug(DEBUG_INIT,("DriverFlags: 

| %08x\n M ,DriverObject->Flags)); 
66383| #endif 
66384| 

66385| // This is ONLY needed if not a disk driver, 

| iow the disk class driver 
66386| // has already done it for us, and it will call 

| us with shutdown 
66387| // requests. If we wanted to recieve them for 

| our PSManObject, 
66388 1 // then we would need call it. Call for every 

| Object you want to 
66389| // recieve shutdown notification. 
66390| loRegisterShutdownNotification( PSManObject ); 
66391| 

66392| // Create a symbolic link, e.g. a name that a 

| Win32 app can specify 
66393| // to open the device 
66394| 

66395| RtllnitUnicodeString(&deviceLinkUnicodeString, 

66396| deviceLinkBuffer); 

66397| 

66398| ntStatus = loCreateSymbolicLink 

| (&devicel_inkUnicodeString, 
66399| 

| &deviceNameUnicodeString); 
66400| 
66401| 

66402| // Call the initialization routine for the 
| first time. 



66403| if ( NT_SUCCESS(ntStatus) ) { 
66404| 

66405| // mutex for user sync 

66406| ExlnitializeFastMutex(&PSML)serMutex); 

66407| 

66408| // semaphore for Open/close syncing 

66409| 

| KelnitializeSemaphore(&PSMOpenCloseSemaphore,1,1); 
66410| 

6641 1 1 // semaphore for vdisk deletion 

66412| 

| KelnitializeSemaphore(&PSMVDiskSemaphore,1 ,1); 
66413| 

66414| #ifdef DEBUG_SNAPSHOTS 
6641 5| // semaphore for Snapshot 

66416| 

| KelnitializeSemaphore(&PSMSnapShotSemaphore,1 ,1 ); 
66417| #endif 
66418| 

66419| // mutex for memory functions 

66420| ExlnitializeFastMutex(&PSManMemoryMutex); 

66421 | 

66422| Debug(DEBUG_INIT | DEBUG_INFO,("Calling 

| InitVDiskfunctionVn")); 
66423 1 ntStatus = 

| lnitVDisk(DriverObject,RegistryPath); 
66424| if ( NT_SUCCESS(ntStatus) ) { 

66425| 

66426| #ifdef DEBUG 

66427| // see if we want to display our bug 

| check data. 
66428| 

| Reg_GetULONGKey(RegistryPath,L"BugCheckData",0,&DispCopy 

I ); 

66429| if ( DispCopy ) { 

66430 1 ULONG 

| MemNeeded=MAX_BACK_LOG_FOR_DEBUG*255+1 024; 
66431 | 

| KelnitializeCallbackRecord(&BugCheckCallbackRecord); 
66432 1 

| BugCheckMemory=MemAllocatePoolWithTag(NonPagedPool,MemNe 

| eded,BUGCHECK_TAG); 
66433| if ( BugCheckMemory ) { 

66434| 

| KeRegisterBugCheckCallback(&BugCheckCallbackRecord,BugCh 
| eckCallBack,BugCheckMemory,MemNeeded, (unsigned char 
| *)BugCheckName); 

66435| } 

66436| } 

66437| 



66438| 

66439| Reg_GetStringKey ( 

| RegistryPath,L"DebugLogFile M ,L M \t M ,&Uni); 
66440| if ( !((Uni.Buffer[0] == L'\t') && 

| (Uni.Buffer[1]== 0)) ) { 
66441 1 HANDLE Temp Handle; 

66442 1 

66443| Reg_FreeString(&Uni); 
66444| 

66445| ntStatus = pmStartThread( 

66446| 

| (PKSTART_ROUTINE)DebugLogThread, //IN PKSTART_ROUTINE 

| StartRoutine, 
66447| (PVOID)O, 

| // IN PVOID StartContext 
66448| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
66449 1 ); 
66450| if ( NT_SUCCESS(ntStatus) ) { 

66451 1 ZwClose(TempHandle) ; 

66452 1 } else { 

66453 1 ntStatus = 0; 

66454| goto NoDebugLog; 

66455| } 
66456| } else { 

66457| Reg_FreeString(&Uni); 
66458| NoDebugLog: 
66459 1 

66460 1 // free what has been put on list 

66461 1 { 

66462| PLIST_ENTRY ListEntry; 

66463| gDebugToLog= FALSE; 

66464| 

66465| ListEntry = 

| ExInterlockedRemoveHeadList ( 
66466| 

| &PSM_DebugQueue, // List Head 
66467| 

| &PSM_DebugSpinLock // Lock 
66468| 

I); 

66469| 

66470| while ( (ListEntry) && 

| (ListEntry!=&PSM_DebugQueue) ) { 
66471| Hint -save -e41 3 7 

66472 1 

| ExFreePool(CONTAINING_RECORD( ListEntry, 

| tDebugLogEntry, ListEntry )); 
66473| Hint -restore 7 

66474| 



66475| ListEntry = 

| ExInterlockedRemoveHeadList ( 
66476| 

| &PSM_DebugQueue, // List Head 
66477| 

| &PSM_DebugSpinLock // Lock 
66478| 

I); 

66479| 

66480| } 
66481 | } 
66482 1 } 
66483 1 

66484| #endif 
66485| 

66486| #if _WIN32_WINNT <0x0500 
66487| // done for us automatically in win2k 

| drivers 

66488| Debug(DEBUG_INIT | DEBUG_INFO,("Calling 

| lnitfunction\n")); 
66489| PSManlnitialize(DriverObject, 0, 0); 

66490| #endif 
66491 | 

66492 1 ntStatus = 

| FilterDriverEntry(DriverObject,RegistryPath); 
66493| if ( NT_SUCCESS(ntStatus) ) { 

66494| 

66495| } else { 

66496| #ifdef DEBUG 
66497| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,4,ntSt 

I atus,0); 
66498| #endif 
66499 1 

66500 1 } 
66501 | 

66502 1 } else { 

66503| #ifdef DEBUG 
66504| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,3,ntSt 

| atus,0); 
66505| #endif 
66506| 

66507| } 
66508| } else { 
66509| #ifdef DEBUG 
66510| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,2,ntSt 
| atus,0); 
6651 1 1 #endif 



66512| 
66513| } 
66514| }else{ 
66515| #ifdef DEBUG 
66516| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,1 ,ntSt 

| atus,0); 
66517| #endif 
66518| } 
66519| 

66520| #if _WIN32_WINNT >=0x0500 

66521 1 // ok register callback so we can be callbacked 

| after the boot time drivers 
66522| // have finished initing (including the filesystem) 
66523 1 

66524| ULONG DefaultMemSizelnMegs =1; 
66525| ULONG DefaultStepSizelnMegs = 1 ; 
66526| 

66527| if(MmlsThisAnNtAsSystemO) { 

66528| DefaultMemSizelnMegs =10; 

66529 1 DefaultStepSizelnMegs = 2; 

66530 1 } 

66531| 

66532| 

| Reg_GetULONGKey(&gRegistryPath,L"NodelnitialSize",Defaul 
| tMemSizelnMegs,&DefaultMemSizelnMegs); 
66533| 

| Reg_GetULONGKey(&gRegistryPath,L"NodeStepSize",DefaultSt 

| epSizelnMegs,&DefaultStepSizelnMegs); 
66534| ULONG DefaultStepSizelnNodes = 

| (DefaultStepSizelnMegs*1 024*1 024)/sizeof(tTreeLeaf); 
66535| 

66536| // always keep one reference count (needed for 

| other components than just the volume 
66537| //trees) 

66538| IncreaseNodeMemory ( DefaultMemSizelnMegs, 

| DefaultStepSizelnNodes ); 
66539| // loRegisterDriverReinitialization(DriverObject, 

| InitAfterFileSys, (PVOID)O); 
66540 1 #endif 
66541 | 

66542 1 // internal system user hasnt been created, lets 

| create it 
66543 1 

| lnternalCreateUser(GlobalSystemProcessld,(_ETHREAD*)-2,N 
I ULL); 
66544| 

66545| Debug(DEBUG_INIT,("Returning %08x to 

| NT\n M ,ntStatus)); 
66546| 



66547| #ifdef DEBUG 
66548| if ( ntStatus!=0 ) { 
66549| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,Oxa,nt 

| Status,0); 
66550| } 
66551 1 #endif 
66552 1 

66553| return(ntStatus); 
66554| 

66555| } // DriverEntry 

66556| 

66557| 

66558| #if _WIN32_WINNT <0x0500 
66559 1 r 

66560| This routine is called at 2 places 
66561 1 1 . during boot. 

66562| 2. when changes have been made to the disk 

| (IOCTL_SET_PARTITION_LAYOUT) 
66563 1 

66564| We need to add new partitions, and delete old ones. 
66565| 

66566| Make sure that the device passed in, is a physical 

| device 
66567| 
66568| 7 

66569| I* 



66570| NTSTATUS PSManMakePartitionObjects( 
66571| PDEVICE_OBJECT 
| PartitionO, 

66572| BOOLEAN BootTime 

66573| ) 
66574| { 

66575| PFILTERED_EXTENSION ZeroExt = 
| GetFilteredExtension(PartitionO); 



66576| 


PFILTERED EXTENSION DevExt=NULL; 


66577| 


PDEVICE_OBJECT DevObj=NULL; 


66578| 


NTSTATUS Status= 


STATUSJJNSUCCESSFUL; 


66579| 


PFILE_OBJECT fileObject=NULL; 


66580| 


PDRIVE_LAYOUT_INFORMATION partitionlnfo=NULL; 


66581 | 


ULONG partNumber=0; 


66582 1 


CCHAR 


ntNameBuffer[64]={0}; 


66583 1 


STRING 


ntNameString={0}; 


66584| 


BOOLEAN 


UpdatingPart; 


66585| 


BOOLEAN 


Disabled Part; 


66586| 


UNICODE_STRING 


ntU nicodeStri ng={0} ; 


66587| 






66588| 


PAGED_CODE(); 




66589 1 







66590| ASSERT(ZeroExt->lsPhysical); 
66591 | 

66592| Debug(DEBUG_INIT,("Getting Partition Info for 

| %08x\n",ZeroExt->TargetDeviceObject)); 
66593 1 
66594| // 

66595| // Read partition table 

66596| // 

66597| 

66598| Status = loReadPartitionTable( 
66599 1 

| ZeroExt->TargetDeviceObject, 
66600| 512, 
66601| TRUE, 
66602| Spartitionlnfo); 
66603| 

66604| // if that failed, try sending ioctl to get drive 
| layout. 

66605| if ( (Ipartitionlnfo) || (!NT_SUCCESS(Status)) ) { 
66606| Debug(DEBUG_INIT,("Error! %08x 

| loReadPartitionTable on %08x\n",Status,Partition0)); 
66607| // 

66608| // Allocate buffer for drive layout. 

66609| // 

66610| 

6661 1 1 //do not use MemAllocatePool, because 

| loReadPartitionTable above doesnt, and this 
6661 2| // simplifies the code for deallocating the 

| block of memory 
66613| partitioning = 

| (PDRIVE_LAYOUT_INFORMATION)ExAllocatePoolWithTag(PagedPo 

| ol, (128 * sizeof(PARTITIONJNFORMATION) + 4),TEMPTAG); 
66614| 

66615| if ( Ipartitionlnfo ) { 
6661 6| Debug(DEBUG_INIT,("Error! Out of 

| memory\n")); 

66617| return STATUS_INSUFFICIENT_RESOURCES; 

66618| } 

66619| // no point in this if no media.. 

66620| if ( Status!=STATUS_NO_MEDIA_IN_DEVICE ) { 

66621 1 Status = Sblo_GetDriveLayout( 

| ZeroExt->TargetDeviceObject, 
66622 1 

| partition Info, 
66623 1 128* 

| sizeof(PARTITIONJNFORMATION) + 4); 
66624| } 

66625| } // if ((Ipartitionlnfo) || (!NT_SUCCESS(Status))) 
66626| 

66627| if ( !NT_SUCCESS(Status) ) { 



66628| Debug(DEBUG_INIT,("Error! %08x sending 

| partitioninfo to %08x\n",Status,PartitionO)); 
66629| // removable drives always create a device 

| object... 

66630| partitionlnfo->PartitionCount=1 ; 
66631| 

| partitionlnfo->PartitionEntry[0].StartingOffset.QuadPart 

I =0; 
66632| 

| partitionlnfo->PartitionEntry[0].PartitionLength.QuadPar 

I I = 0; 

66633| partitionlnfo->PartitionEntry[0].HiddenSectors 

1 = 0; 

66634| partitionlnfo->PartitionEntry[0].PartitionType 

1 = 0; 
66635| } 
66636| 

66637| ZeroExt->Physical. Signature = 

| partitionlnfo->Signature; 
66638| 

| Debug(DEBUG_INIT,("Signature=%08x\n M ,ZeroExt->Physical.S 

| ignature)); 
66639| 
66640| 

66641 1 // okay, now delete any partitions that may have 

| been deleted. 
66642| for ( 

| partNumber=partitionlnfo->PartitionCount;partNumber<Zero 
| Ext->Physical.LastPartitionNumber;partNumber++ ) { 

66643| WCHAR Name[64]; 

66644| 

| swprintf(Name,L"\\Device\\Harddisk%d\\Partition%d",ZeroE 

| xt->DiskNumber,partNumber+1); 
66645| DevObj = GetObjectFromName(Name); 
66646| if ( DevObj ) { 
66647| ULONG DD; 

66648| 

66649| DevExt=GetFilteredExtension(DevObj); 
66650 1 

66651 1 Debug(DEBUG_IN IT, ("Logical device %08x 

| being deativated\n", DevObj)); 
66652 1 DevExt->NotActive = 1 ; 

66653 1 
66654| 

| Reg_GetULONGKey(&gRegistryPath,L"LogDrives",1 ,&DD); 
66655| if ( DD ) { 

66656| WCHAR Drive[5]; 

66657| WCHAR Partition[5]; 

66658| WCHAR *Strings[2]; 

66659| 



I swprintf(Drive,L"%d",DevExt->DiskNumber); 
66660| swprintf (Partition, L"%d",partNu mber) ; 

66661 1 Strings[0] = Drive; 

66662| Strings[1] = Partition; 

66663 1 
66664| 

| LogError(DevObj,NULL,PSM_DRIVES_DELETED_INFORMATION,0,NU 

| LL,0,Strings,2); 
66665| } 
66666| } 
66667| } 
66668| 

66669 1 // okay we need to either "change" what we know 

| about the device 
66670| // or add a device. 
66671 | 

66672| for ( partNumber = 1 ; 

66673| partNumber <= partitionlnfo->PartitionCount; 

66674 1 partNumber++ ) { 

66675| 

66676| // assume we are adding a partition 
66677| UpdatingPart = FALSE; 
66678| DisabledPart = FALSE; 
66679 1 

66680| Debug(DEBUG_INIT,("Partition 

| %d/%d\n",partNumber,partitionlnfo->PartitionCount)); 
66681 | 

66682 1 // 

66683| // Create device name for partition. 

66684| // 

66685| 

66686| sprintf(ntNameBuffer, 

66687| "\\Device\\Harddisk%d\\Partition%d" ! 

66688| ZeroExt->DiskNumber, 

66689| partNumber); 

66690 1 

66691| RtllnitAnsiString(&ntNameString, ntNameBuffer); 
66692| RtlAnsiStringToUnicodeString(&ntUnicodeString, 

| SntNameString, TRUE); 
66693| 

66694| if ( 

| (DevObj=GetObjectFromName(ntUnicodeString.Buffer))!=NULL 
I ){ 

66695| UpdatingPart=TRUE; 
66696| if ( 

| (GetFilteredExtension(DevObj))->NotActive ) { 
66697| DisabledPart = TRUE; 

66698| } 
66699| } 
66700| 



66701 1 if ( IllpdatingPart ) { 
66702 1 

66703 1 // Get target device object so we can see: 

66704| // 1 . it exists 

66705| // 2. it is not mounted 

66706| 

66707| Status = 



| loGetDeviceObjectPointer(&ntUnicodeString, 
66708| 

| FILE_READ_ATTRIBUTES, 
66709 1 

| SfileObject, 
66710| &DevObj); 
6671 1 1 

66712| if ( !NT_SUCCESS(Status) ) { 

66713| Debug(DEBUG_INIT,("Error! %08x getting 

| Object pointer for %s\n",Status,ntNameBuffer)); 
6671 4| RtlFreeUnicodeString(&ntL)nicodeString); 
66715| continue; 
66716| } 
66717| 

66718| if(!DevObj){ 

66719| Debug(DEBUG_INIT,("Error! DeviceObject 

| is NULL\n")); 

66720| RtlFreeUnicodeString(&ntUnicodeString); 

66721 1 continue; 

66722 1 } 

66723 1 

66724| 

66725| // 

66726| // Check if this device is already mounted. 

66727| // 

66728| 

66729| if ( !DevObj->Vpb || (DevObj->Vpb->Flags & 

| VPB_MOUNTED) ) { 
66730| // Can't attach to a device that is 

| already mounted. 
66731 1 

66732| Debug(DEBUG_INIT,("%s is already 

| mounted\n",ntNameBuffer)); 
66733| // something must be wrong, we have a 

| mounted volume 
66734| // but we have no object to it.. 

66735| // if this ever does happen, we will 

| not be psming this partition 
66736| // FIXFIXFIX 

66737| Debug(DEBUG_INIT,("No device found for 

| mounted volume\n")); 
66738| ASSERT(FALSE); 
66739 1 ObDereferenceObject(fileObject); 



66740| fileObject = NULL; 

66741 1 RtlFreeUnicodeString(&ntUnicodeString); 

66742| continue; 

66743 1 } 

66744| 

66745| // we are now done with deviceobject 

| (always free fileobject when given both) 
66746| 

66747| ObDereferenceObject(fileObject); 
66748| fileObject = NULL; 

66749 1 

66750 1 // 

66751 1 // Create device object for this partition. 

66752 1 // 
66753 1 

66754| { 

66755| #ifdef DEBUG_EXTENSION 

66756| ULONG SizeOf DeviceExt = 

| sizeof(DEVICE_EXTENSION); 
66757| #else 

66758| ULONG SizeOf DeviceExt = 

| sizeof(FILTERED_EXTENSION); 
66759| #endif 
66760 1 Status = 

| loCreateDevice(ZeroExt->DriverObject, 
66761 | 

| SizeOfDeviceExt, 
66762| NULL, 
66763| 

| FILE_DEVICE_DISK, 
66764| 0, 
66765| FALSE, 
66766| &DevObj); 
66767| } 
66768| 

66769| if ( !NT_SUCCESS(Status) ) { 

66770| Debug(DEBUG_INIT,("Error! %08x Unable 

| to create device for %s\n",Status,ntNameBuffer)); 
66771 1 RtlFreeUnicodeString(&ntUnicodeString); 
66772| continue; 
66773 1 } 
66774| 

66775| Debug(DEBUG_INIT,("lnit: Filtered Device %p 

| created for driver %p 

| '%wZ'\n",DevObj,ZeroExt->DriverObject,&ntUnicodeString)) 

I ; 

66776| 

66777| #ifdef DEBUG_EXTENSION 
66778| 

| ((PDEVICE_EXTENSION)(DevObj->DeviceExtension))->ObjectTy 



I pe = OBJECT_FILTEREDDISK; 
66779| 

| ((PDEVICE_EXTENSION)(DevObj->DeviceExtension))->RealDevi 
| ceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,sizeof(FILTERED_EXTE 
| NSION),DEVEXTTAG); 
66780| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(DevObj->DeviceExtensi 
| on))->RealDevjceExtension,sizeof(FILTERED_EXTENSION)); 

66781 1 #endif 

66782 1 

66783| DevExt = GetFilteredExtension(DevObj); 

66784| ASSERT(DevExt); 

66785| 

66786| DevExt->DeviceObject = DevObj; 

66787| DevExt->DiskNumber = ZeroExt->DiskNumber; 

66788| DevExt->DriverObject = 

| ZeroExt->DriverObject; 
66789| DevExt->ObjectType = OBJECTFILTEREDDISK; 

66790 1 

66791| Debug(DEBUG_DEVCON,("MakePartitionObjects: 
| directio=%d, Setting to false\n",DevExt->DirectlO)); 

66792| DevExt->lnLoadUnload = FALSE; 

66793| DevExt->DoDirectlO = FALSE; 

66794| DevExt->lsMounted = FALSE; 

66795| Debug(DEBUG_DEVCON,("Just set IsMounted to 

| FALSE for DevExt=%08x, DevObj=%08x\n", DevExt, DevObj)); 

66796| Debug(DEBUG_DEVCON, ("direct maps 

| cleared\n")); 

66797| 

| RtlZeroMemory(&DevExt->Cache,sizeof(tCachelnfo)); 
66798| 

66799| DevExt->Cache.HeaderFile.FileHandle = 

66800| DevExt->Cache.lndexFile.FileHandle = 

66801 1 DevExt->Cache.CacheFile.FileHandle = 

| INVALID_HANDLE_VALUE; 
66802 1 

66803| DevExt->Cache.HeaderFile.WaitHandle = 

66804| DevExt->Cache.lndexFile.WaitHandle = 

66805| DevExt->Cache.CacheFile.WaitHandle = 

| INVALID_HANDLE_VALUE; 
66806| 

| lnitializeListHead(&DevExt->Cache.SnapShotHead); 



66807| 

66808| // Store pointer to physical device. 

66809| DevExt->PhysicalDevice = PartitionO; 

6681 0| DevExt->lsPhysical = 0; 
6681 1 | 

66812| DevExt->ChangeCount = // for 



| removables. 



66813| 

| DevExt->SignalRead = 
66814| 

| DevExt->SignalWrite = 
66815| 

| DevExt->PSMed 
66816| 

| DevExt->NumberOfReadRequests = 
66817| 

| DevExt->SectorsRead = 
66818| 

| DevExt->NumberOfWriteRequests = 
66819| 

| DevExt->SectorsWritten = 
66820| 

| DevExt->OpenCount = 0; // number of times it 
| has been opened 
66821| 

66822| DevExt->DeviceShutDown = 0; 

66823| 

66824| // initialize Read and write events 

66825| KelnitializeEvent ( &DevExt->ReadEvent, 

66826| SynchronizationEvent, 

| // type (notification or sync) 
66827| FALSE 

| // signaled 
66828| ); 
66829| 

66830| KelnitializeEvent ( &DevExt->WriteEvent, 

66831 1 SynchronizationEvent, 

| // type (notification or sync) 
66832 1 FALSE 

| // signaled 
66833 1 ); 
66834| 

66835| // init spin lock 

66836| KelnitializeSpinLock ( 

| &DevExt->StatisticsSpinLock ); 
66837| 

| pmRegisterObject(&DevExt->StatisticsSpinLock,"DevExt->St 

| atisticsSpinLock",pmSpinLock); 
66838| 
66839 1 

| ExlnitializeResourceLite(&DevExt->DeviceExtResource); 
66840 1 

| pmRegisterObject(&DevExt->DeviceExtResource,"DevExt->Dev 

| iceExtResource",pmRwLock); 
66841 1 lnitializeListHead(&DevExt->SnapShots); 
66842 1 

66843| // 



66844| // Attach to the partition. This call links 

| the newly created 
66845| // device to the target device, returning 

| the target device object. 
66846| // 
66847| 

66848| Status = loAttachDevice(DevObj, 

66849 1 & ntU n icodeSt ri ng , 

66850| 

| &DevExt->TargetDeviceObject); 
66851 | 

66852| if ( !NT_SUCCESS(Status) ) { 

66853| Debug(DEBUG_INIT,("Error! %08x Unable 

| to attach to %s\n",Status,ntNameBuffer)); 
66854 1 Ex Delete Resou rce L ite ( 

| &DevExt->DeviceExtResource ); 
66855| 

| pmDeRegisterObject(&DevExt->DeviceExtResource); 
66856| loDeleteDevice(DevObj); 
66857| continue; 
66858| } 
66859 1 

66860 1 // 

66861 1 // Propogate driver's alignment 

| requirements. 
66862 1 // 
66863 1 

66864| ASSERT(DevObj); 
66865| 

66866| DevObj->Flags |= DO_DIRECT_IO; 

66867| 

66868| DevObj->AlignmentRequirement = 

| DevExt->TargetDeviceObject->Alignment Requirement; 
66869 1 

66870 1 DevObj->StackSize 

| DevExt->TargetDeviceObject->StackSize+1 ; 

66871 1 DevObj->DeviceType 

| DevExt->TargetDeviceObject->DeviceType; 

66872 1 DevObj->Characteristics = 

| DevExt->TargetDeviceObject->Characteristics; 

66873 1 

66874| } else { 

66875| Hint -save -e61 3*/ 

66876| DevExt = GetFilteredExtension(DevObj); 

66877| Hint -restore 7 

66878| } 

66879 1 

66880 1 // 

66881 1 // Maintain the last partition number created. 
66882| // 



66883| 

66884| ZeroExt->Physical.LastPartitionNumber = 

| partNumber; 
66885| 

66886| // store the name 

66887| wcscpy(DevExt->Name,ntUnicodeString. Buffer); 
66888| 

66889| RtlFreeUnicodeString(&ntUnicodeString); 
66890| 

66891| DevExt->Pi.StartingOffset = 

| partitionlnfo->PartitionEntry[partNumber-1].StartingOffs 
I et; 

66892| DevExt->Pi.PartitionLength = 

| partitionlnfo->PartitionEntry[partNumber-1].PartitionLen 
Igth; 

66893| DevExt->Pi.HiddenSectors = 

| partitionlnfo->PartitionEntry[partNumber-1].HiddenSector 

Is; 

66894| DevExt->Pi.PartitionType = 

| partitionlnfo->PartitionEntry[partNumber-1].PartitionTyp 

|e; 

66895| DevExt->lsPhysical = FALSE; 
66896| DevExt->Not Active = 0; 
66897| DevExt->Cylinders 

| ZeroExt->Cylinders; 
66898| DevExt->MediaType 

| ZeroExt->MediaType; 
66899| DevExt->TracksPerCylinder 

| ZeroExt->TracksPerCylinder; 
66900 1 DevExt->SectorsPerTrack 

| Zero Ext->SectorsPerT rack; 
66901 1 DevExt->BytesPerSector 

| ZeroExt->BytesPerSector; 
66902 | 
66903| 

66904| Debug(DEBUG_INIT,("%s: %d (%08x):%d (%08x): 
| Offset=%08x%08x, Length=%08x%08x, Hidden=%d, 
| Type=%d\n", 

66905| UpdatingPart ? "Updating" : 

| "Creating", 

66906| DevExt->DiskNumber, 

66907| PartitionO, 

66908| partNumber, 

66909 1 DevObj, 

66910| 

| DevExt->Pi.StartingOffset.HighPart, 
66911| 

| DevExt->Pi.StartingOffset.LowPart, 
66912| 

| DevExt->Pi.PartitionLength.HighPart, 



66913| 

| DevExt->Pi.PartitionLength.LowPart, 
66914| DevExt->Pi.HiddenSectors, 
66915| DevExt->Pi.PartitionType 
66916| )); 
66917| 

66918| if ( BootTime ) { 

66919| // can only call HalDisplayString during 

| boot 

66920| ULONG DD=1; 

66921| 

66922| 

| Reg_GetULONGKey(&gRegistryPath,L"DisplayDrives M ,0,&DD); 
66923| if ( DD ) { 

66924| WCHAR Buff[256]={0}; 

66925| UNICODE_STRING Uni={0}; 

66926| 

66927| swprintf(Buff,L M Persistent Storage 

| Manager activated for drive %d partition 

| %d\n",DevExt->DiskNumber,partNumber); 
66928| RtllnitUnicodeString (&Uni, Buff); 

66929| 

66930| ZwDisplayString( &Uni ); 

66931 1 //HalDisplayString(Buff); 
66932 1 } 
66933 1 } 
66934| 

66935| // log to event viewer if attaching to a new 
| device 

66936| // or reenabling a disabled device 
66937| if ( (!UpdatingPart) || ((UpdatingPart) && 

| (DisabledPart)) ) { 
66938| ULONG DD=1; 

66939 | 
66940 1 

| Reg_GetULONGKey(&gRegistryPath,L"LogDrives M ,1 ,&DD); 
66941| if ( DD ) { 

66942| WCHAR Drive[5]; 

66943| WCHAR Partition[5]; 

66944| WCHAR *Strings[2]; 

66945| 

| swprintf(Drive,L"%d",DevExt->DiskNumber); 
66946| swprintf(Partition,L"%d",partNumber); 
66947| Strings[0] = Drive; 

66948| Strings[1 ] = Partition; 

66949 1 
66950 1 

| LogError(DevObj,NULL,PSM_DRIVES_INFORMATION,0,NULL,0,Str 
I ings,2); 
66951 1 } 



66952| } 
66953| 

66954| Debug(DEBUG_INIT,("%s successfully 

| attached\n",ntNameBuffer)); 
66955| 

66956| // Clear the device's init flag as per NT DDK 

| KB article on creating device 
66957| // objects from a dispatch routine 
66958| // From this point on, we will get Irp's 
66959| if ( IBootTime ) { 
66960| Hint -save -e61 3 7 

66961 1 DevObj->Flags &= ~DO_DEVICE_INITIALIZING; 

66962| Hint -restore 7 

66963 1 } 

66964| } 

66965| 

66966| ExFreePool(partitionlnfo); 
66967| return STATUS_SIICCESS; 
66968| } 
66969| 

66970| NTSTATUS AttachToVeritasLDMVolumeW( WCHAR *VolumeName ) 
66971 | { 

66972| NTSTATUS status; 

66973| PDEVICE_OBJECT filterDeviceObject; 

66974| PFILTERED_EXTENSION deviceExtension; 

66975| UNICODE_STRING ntUnicodeString; 

66976| PIRP irp; 

66977| ULONG SizeOfDeviceExt; 

66978| PDISK_GEOMETRY Geometry; 

66979 1 

66980| PAGED_CODE(); 
66981 | 
66982 1 // 

66983| // Create a filter device object for this device 

| (partition). 
66984| // 
66985| 

66986| RtllnitUnicodeString( SntUnicodeString, 

| VolumeName); 
66987| Debug( DEBUG_I N IT,("VeritasLDM : '%wZ'\n", 

| SntUnicodeString)); 
66988| 

66989| #ifdef DEBUG_EXTENSION 

66990| SizeOfDeviceExt = sizeof(DEVICE_EXTENSION); 
66991 1 #else 

66992| SizeOfDeviceExt = sizeof(FILTERED_EXTENSION); 
66993| #endif 

66994| status = loCreateDevice(PSManDriverObject, 
66995| SizeOfDeviceExt, 
66996| NULL, 



66997| 
66998| 
66999| 
67000| 



FILE_DEVICE_DISK, 
0, 

FALSE, 

&filterDeviceObject); 



67001| 

67002| if ( !NT_SUCCESS(status) ) { 

67003| Debug(DEBUG_INIT,("VeritasLDM: Cannot create 

| filterDeviceObject\n")); 
67004| #ifdef DEBUG 
67005| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,0x20,0 

1,0); 
67006| #endif 
67007| return status; 
67008| } 
67009| 

67010| filterDeviceObject->Flags |= DO_DIRECT_IO; 
67011| 

67012| #ifdef DEBUG_EXTENSION 
67013| 

| ((PDEVICE_EXTENSION)(filterDeviceObject->DeviceExtension 
| ))->ObjectType = OBJECT FILTEREDDISK; 
67014| 

| ((PDEVICE_EXTENSION)(filterDeviceObject->DeviceExtension 
| ))->RealDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,sizeof(FILTERED_EXTE 
| NSION),DEVEXTTAG); 
67015| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(filterDeviceObject->D 
| eviceExtension))->RealDeviceExtension,sizeof(FILTERED_EX 
| TENSION)); 
67016| #endif 

67017| device Extension = 

| GetFilteredExtension(filterDeviceObject); 
67018| 

67019| RtlZeroMemory(deviceExtension, 

| FILTERED EXTENSION SIZE); 
67020| 

67021 1 deviceExtension->DeviceObject = filterDeviceObject; 
67022 1 device Extension->ObjectType = 

| OBJECT_FILTEREDDISK; 
67023| deviceExtension->DiskNumber = -1 ; 
67024| // until we know better 
67025| deviceExtension->lsPhysical = FALSE; 
67026| deviceExtension->Physical.LastPartitionNumber = 0; 
67027| deviceExtension->DriverObject = PSManDriverObject; 
67028| 

67029| Debug(DEBUG_DEVCON,( M AttachToVeritasLDMVolumes: 

| directio=%d, Setting to false\n",DevExt->DirectlO)); 
67030| deviceExtension->lnLoadUnload = FALSE; 



67031 1 deviceExtension->DoDirectlO = FALSE; 

67032| deviceExtension->lsMounted = FALSE; 

67033| Debug(DEBUG_DEVCON,( M AttachToVeritasLDMVolumes: 
| Just set IsMounted to FALSE for DevExt=%08x, 
| DevObj=%08x\n M ,deviceExtension,filterDeviceObject)); 

67034| 

| RtlZeroMemory(&deviceExtension->Cache,sizeof(tCachelnfo) 

I); 

67035| 

67036| deviceExtension->Cache.HeaderFile.FileHandle = 
67037| deviceExtension->Cache.lndexFile.FileHandle = 
67038| deviceExtension->Cache.CacheFile.FileHandle = 

| INVALID_HANDLE_VALUE; 
67039 | 

67040| deviceExtension->Cache.HeaderFile.WaitHandle = 
67041 1 deviceExtension->Cache.lndexFile.WaitHandle = 
67042| deviceExtension->Cache.CacheFile.WaitHandle = 

| INVALID_HANDLE_VALUE; 
67043 1 

67044| ExInitializeResourceLite ( 

| &(deviceExtension->Cache.DirectAccessResource) ); 
67045| pmRegisterObject ( 

| &(deviceExtension->Cache.DirectAccessResource), 

| "DirectAccessResource", pmRwLock); 
67046| 
67047| 

| lnitializeListHead(&deviceExtension->Cache.SnapShotHead) 



67049 1 

67050| deviceExtension->ChangeCount = //for 

| removables. 
67051 1 

| deviceExtension->SignalRead = 
67052 1 

| deviceExtension->SignalWrite = 
67053 1 

| deviceExtension->PSMed 
67054| 

| deviceExtension->NumberOfReadRequests = 
67055| 

| deviceExtension->SectorsRead = 
67056| 

| deviceExtension->NumberOfWriteRequests = 
67057| 

| deviceExtension->SectorsWritten = 
67058| 

| deviceExtension->OpenCount = 0; // number of 
| times it has been opened 
67059| 



67060| deviceExtension->DeviceShutDown = 0; 
67061 | 

67062| // init linked list of snapshots. 

67063| lnitializeListHead(&deviceExtension->SnapShots); 

67064| 

67065| // initialize Read and write events 

67066| KelnitializeEvent ( &deviceExtension->ReadEvent, 

| SynchronizationEvent, FALSE ); 
67067| KelnitializeEvent ( &deviceExtension->WriteEvent, 

| SynchronizationEvent, FALSE ); 
67068| 

67069| // Initialize spinlocks 
67070| 

67071 1 KelnitializeSpinLock ( 

| &deviceExtension->StatisticsSpinLock ); 
67072 1 

| pmRegisterObject(&deviceExtension->StatisticsSpinLock,"d 

| eviceExtension->StatisticsSpinLock",pmSpinLock); 
67073 1 
67074| // 

67075| // Attaches the device object to the highest device 

| object in the chain and 
67076| // return the previously highest device object, 

| which is passed to 
67077| // loCallDriver when pass IRPs down the device 

| stack 
67078| // 
67079 1 
67080 1 

| wcscpy(deviceExtension->Name,ntUnicodeString. Buffer); 
67081 | 

67082 1 status = loAttachDevice(filterDeviceObject, 
67083| &ntUnicodeString, 
67084| 

| &deviceExtension->TargetDeviceObject); 
67085| 
67086| 

67087| if ( !NT_SUCCESS(status) ) { 

67088| loDeleteDevice(filterDeviceObject); 

67089| Debug(DEBUG_INIT,( M VeritasLDM: Unable to attach 

| %X to target '%S'\n M ,filterDeviceObject, VolumeName)); 
67090| #ifdef DEBUG 
67091| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,0x21 ,0 
l,0); 
67092| #endif 

67093| return STATUS_NO_SUCH_DEVICE; 
67094| } 
67095| 
67096| // 



67097| // Save the filter device object in the device 

| extension 
67098| // 

67099| deviceExtension->DeviceObject = filterDeviceObject; 

67100| 

67101| 

| ExlnitializeResourceLite(&deviceExtension->DeviceExtReso 
| urce); 
67102| 

| pmRegisterObject(&deviceExtension->DeviceExtResource, M de 
| viceExtension->DeviceExtResource",pmRwLock); 
67103| 

67104| Debug(DEBUGJNIT,("Gettinggeometry\n")); 
67105| Geometry = (PDISKGEOMETRY) 

| MemAllocatePoolWithTag(PagedPool,sizeof(DISK_GEOMETRY),T 

| EMPTAG); 
67106| 

67107| if ( Geometry ) { 
67108| 

67109| status = 

| Sblo_GetGeometry(deviceExtension->TargetDeviceObject,Geo 

I metry); 
67110| 

671 1 1 1 if ( !NT_SUCCESS(status) ) { 
67112| Debug(DEBUG_IN IT, ("Error! %08x sending 

I disk_geo metry to 

| '%S'\n", status, deviceExtension->Name)); 
671 13| // keep going, incase there is no cartridge 

| in drive. 

671 14| Geometry->Cylinders.QuadPart = 0; 

67115| Geometry->MediaType 

| RemovableMedia; 
67116| Geometry->TracksPerCylinder =0; 

671 1 7| Geometry->SectorsPerTrack = 0; 

67118| Geometry->BytesPerSector = 512; 

67119| status = 0; 

67120| } 
67121| 

671 22| // get the disk geometry 
671 23| deviceExtension->Cylinders 

| Geometry->Cylinders; 
671 24| deviceExtension->MediaType 

| Geometry->MediaType; 
671 25| deviceExtension->TracksPerCylinder 

| Geometry->TracksPerCylinder; 
671 26| deviceExtension->SectorsPerTrack 

| Geo metry->SectorsPerT rack; 
671 27| deviceExtension->BytesPerSector 

| Geometry->BytesPerSector; 
67128| 



671 29 1 // save largest BPS request 

671 30| if ( deviceExtension->BytesPerSector > 

| GlobalData->LargestBPS ) { 
671 31 1 GlobalData->LargestBPS = 

| deviceExtension->BytesPerSector; 
67132| } 
67133| 
67134| 

67135| Debug(DEBUG_INIT,("Device='%S', Cyls=%d, 
| Heads=%d, SPT=%d, BPS=%d\n", 



671 36| deviceExtension->Name, 

671 37| Geometry->Cylinders.LowPart, 

671 38| Geometry->TracksPerCylinder, 

671 39| Geometry->SectorsPerTrack, 

671 40| Geometry->BytesPerSector 

67141| )); 

67142| 



67143| FREE_POINTER(Geometry); 
67144| }else{ 

67145| Debug(DEBUG_IN IT, ("Error! Out of memory\n")); 
671 46| deviceExtension->Cylinders.QuadPart 
l = 0; 

671 47| deviceExtension->MediaType 
| FixedMedia; 

67148| deviceExtension->TracksPerCylinder = 0; 

67149| deviceExtension->SectorsPerTrack = 0; 

67150| deviceExtension->BytesPerSector = 512; 

67151| } 

67152| 

67153| 

67154| // 

67155| //Clear the DO_DEVICE_INITIALIZING flag 

67156| // 

67157| 

671 58 1 f ilterDeviceObject->Flags &= 

| ~DO_DEVICE_INITIALIZING; 
67159| 

67160| Debug(DEBUG_INIT,("VeritasLDM: FilterObject %X 

| attached to VoS^filterDeviceObject,VolumeName)); 
67161| 

671 62| return STATUS_SUCCESS; 

67163| } 

67164| 

67165| NTSTATUS AttachToVeritasLDMVolumeA( char *VolumeName ) 
67166| { 

671 67| STRING ntNameString; 

67168| UNICODE_STRING ntUnicodeString; 

67169| NTSTATUS Status; 

67170| 

671 71 1 RtllnitAnsiString(&ntNameString, VolumeName); 



67172| RtlAnsiStringToUnicodeString(&ntUnicodeString, 

| &ntNameString, TRUE); 
67173| 

67174| Status = 

| AttachToVeritasLDMVolumeW(ntUnicodeString. Buffer); 
67175| 

671 76| RtlFreeUnicodeString(&ntUnicodeString); 

67177| return Status; 

67178| } 

67179| 

67180| 

67181| NTSTATUS Attac hTo Ve r it as L D M Volume By Object ( 

| PDEVICE_OBJECT DeviceObject ) 
67182| { 

67183| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
67184| POB J ECT_N AM E_l N FORMATION OBI=NULL; 
67185| ULONG Returned=0; 
67186| 

671 87| // get buffer length need for name 

67188| Status = ObQueryNameString( DeviceObject, NULL, 0, 

| & Returned ); 
67189| 

67190| if ( (Status==STATUS_INFO_LENGTH_MISMATCH) && 

| (Returned>0) ) { 
67191| 

671 92| // allocate memory for it 

67193| OBI = (POBJECTNAMEINFORMATION) 

| MemAllocatePoolWithTag(PagedPool,Returned,FILENAMETAG); 
67194| if (OBI) { 
67195| //get name 

67196| Status = ObQueryNameString( DeviceObject, 

| OBI, Returned, &Returned ); 
67197| 

67198| if ( NT_SUCCESS(Status) ) { 

67199| Status = 

| AttachToVeritasLDMVolumeW(OBI->Name.Buffer); 
67200| if ( !NT_SUCCESS(Status) ) { 

67201 1 Debug(DEBUG_l NIT, ("Error %08x 

| attaching to Veritas LDM '%s'\n",Status,&OBI->Name)); 
67202 1 } 
67203| } else { 

67204| Debug(DEBUG_INIT,("Error %08x 

| ObQueryNameString2 returned %08x\n",Status,Returned)); 
67205| } 

67206| FREEPOINTER(OBI); 
67207| } else { 

67208| Debug(DEBUG_INIT,("Out of memory for Object 

| name\n")); 

67209| Status = STATUS_INSUFFICIENT_RESOURCES; 

67210| } 



67211| }else{ 

67212| Debug(DEBUG_l NIT, ("Error %08x ObQueryNameString 

| returned %08x\n M ,Status,Returned)); 
67213| } 

67214| return Status; 

67215| } 

67216| 

67217| PDEVICE_OBJECT Get OurObject From Target Object ( 

| PDEVICE_OBJECTTargetObject ) 
67218| { 

67219| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
67220| 

67221| while ( DevObj ) { 
67222| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
67223| PFILTERED EXTENSION DevExt = 

| GetFilteredExtension(DevObj); 
67224| 

67225| if ( DevExt->TargetDeviceObject == 

| TargetObject ) { 
67226| return DevObj; 

67227| } 
67228| } 
67229| 

67230| DevObj = DevObj->NextDevice; 

67231| } 

67232| 

67233| Debug(DEBUG_INIT,("Target object %08x not 

| found\n",TargetObject)); 
67234| return NULL; 
67235| 
67236| } 
67237| 

67238| NTSTATUS Detach From VeritasLDMVolumeByObject( 

| PDEVICE_OBJECT DeviceObject ) 
67239| { 

67240| PDEVICE_OBJECT DevObj = 

| GetOurObjectFromTargetObject(DeviceObject); 

67241 1 PFILTERED_EXTENSION 

| DevExt=GetFilteredExtension(DevObj); 

67242 1 

67243| Debug(DEBUG_INIT,("Detaching %08x from device 

| %08x\n", DevObj, DevExt->Target DeviceObject)); 
67244| loDetachDevice( DevExt->TargetDeviceObject ); 
67245| 

67246| Debug(DEBUG_INIT,("Deleting Device object\n")); 
67247| ExDeleteResourceLite( &DevExt->DeviceExtResource); 
67248| pmDeRegisterObject(&DevExt->DeviceExtResource); 
67249| 



67250| loDeleteDevice( DevObj ); 
67251 1 return STATUS_SUCCESS; 
67252 1 } 
67253 1 

67254| void VeritasLDMCreateCallBack( PDEVICE_OBJECT 

| DeviceObject ) 
67255| { 

67256| NTSTATUS Status = AttachToVeritasLDMVolumeByObject( 

| DeviceObject ); 
67257| if ( NT_SUCCESS(Status) ) { 
67258| Debug(DEBUG_INIT,("VeritasLDM: Success 

| attaching to %08x\n M , DeviceObject)); 
67259 1 } else { 

67260| Debug(DEBUG_INIT,("VeritasLDM: Unable to attach 

| %08x to %08x\n",Status, DeviceObject)); 
67261 1 } 
67262 1 } 
67263 | 

67264| void VeritasLDMDeleteCallBack( PDEVICE_OBJECT 

| DeviceObject ) 
67265| { 

67266| NTSTATUS Status = 

| DetachFromVeritasLDMVolumeByObject( DeviceObject ); 
67267| if ( NT_SUCCESS(Status) ) { 
67268| Debug(DEBUG_INIT,("VeritasLDM: Success 

| attaching to %08x\n", DeviceObject)); 
67269 1 } else { 

67270| Debug(DEBUG_INIT,("VeritasLDM: Unable to detach 

| %08x to %08x\n",Status, DeviceObject)); 
67271 1 } 
67272 1 } 
67273 1 
67274| 

67275| NTSTATUS RegisterVeritasLDMCallBacks( ) 
67276| { 

67277| NTSTATUS Status=STATUS_SUCCESS; 
67278| struct volk_PSM_callbacks CallBacks; 
67279| HANDLE Handle; 
67280 1 

67281 1 // Open the Volume manager info device object 
67282| Status = vold_devfile_open(&Handle, 

| VOL I N FO_D E V_N AM E) ; 
67283 1 

67284| if ( NT_SUCCESS(Status) ) { 

67285| Debug(DEBUG_INFO,("VeritasLDM: 

| IslnstalledXn")); 
67286| 

67287| // get the number of volumes 
67288| CallBacks. PSM_create_callback = 
| VeritasLDMCreateCallBack; 



67289| CallBacks.PSM_delete_callback = 

| VeritasLDMDeleteCallBack; 
67290| 

67291 1 Status = vold_driver_ioctl(Handle, 

| VOL_SET_PSM_CALLBACKS, &CallBacks); 
67292 | 

67293| if ( NT_SUCCESS(Status) ) { 

67294| Debug(DEBUG_INFO,("VeritasLDM: Success 

| registering callBacks\n")); 
67295| } else { 

67296| Debug(DEBUG_INFO,("VeritasLDM: Error %08x 

| sending ioctl\n", Status)); 
67297| } 
67298| 

67299| ZwClose(Handle); 
67300| } else { 

67301 1 Debug(DEBUG_INFO,("VeritasLDM: Not 

| installed\n")); 
67302 1 } 

67303 1 return Status; 

67304| } 

67305| 

67306| NTSTATUS ScanForVeritasLDMVolumes() 
67307| { 

67308| NTSTATUS Status=0; 

67309| struct volkdevnum_dump kdevn={0}; 

67310| ULONG i=0; 

6731 1 1 HANDLE Handle=0; 

67312| 

67313| // Open the Volume manager info device object 
6731 4| Status = vold_devfile_open(&Handle, 

| VOL I N FO_D E V_N AM E) ; 
67315| 

6731 6| if ( NT_SUCCESS(Status) ) { 

67317| Debug(DEBUG_INFO,("VeritasLDM: 

| lslnstalled\n")); 
67318| 

67319| // get the number of volumes 
67320| Status = vold_driver_ioctl(Handle, 

| VOL_GET_VDEV_VOLNUMS, &kdevn); 
67321| 

67322| if ( NT_SUCCESS(Status) ) { 
67323| 

67324| Debug(DEBUG_INFO,("VeritasLDM: %08x volumes 

| configured\n",kdevn.kvdev_cnt)); 
67325| 

67326| // allocate a buffer and get the volumes 

67327| if ( kdevn.kvdev_cnt ) { 

67328| kdevn.kvdev_name = (char *) 

| MemAllocatePoolWithTag(PagedPool,kdevn.kvdev_cnt * 



I 128,TEMPTAG); 
67329 1 

67330| if ( kdevn.kvdev_name ) { 

67331 1 Status = vold_driver_ioctl(Handle, 

| VOL_GET_VDEV_VOLNUMS, &kdevn); 
67332 1 

67333| if ( NT_SUCCESS(Status) ) { 

67334| for ( i = 0; i < 

| kdevn.kvdev_cnt; i++ ) { 
67335| // dev 

| '\Device\HarddiskDmVolumes\DynamicGroup\Volume1 ' 
67336| 

| Debug ( D EB U G_l N FO, (" Ve ritasL D M : '%s'\n'\ 

| &kdevn.kvdev_name[i*128])); 
67337| Status = 

| AttachToVeritasLDMVolumeA(&kdevn.kvdev_name[i*1 28]); 
67338| if ( !NT_SUCCESS(Status) ) 

|{ 
67339| 

| Debug(DEBUG_INFO,("VeritasLDM: Error %08x attaching to 

| Veritas LDM volume\n", Status)); 
67340 1 } 
67341 | } 
67342 1 } else { 

67343| Debug(DEBUG_INFO,("VeritasLDM: 

| Error %08x sending ioctl 2\n",Status)); 
67344| } 
67345| 

67346| MemFreePool(kdevn.kvdev_name); 
67347| } else { 

67348| Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
67349 1 Debug(DEBUG_INFO, (" VeritasLDM : 

| Error %08x getting memory\n", Status)); 
67350 1 } 
67351 1 } else { 

67352| Debug(DEBUG_INFO,("VeritasLDM: No 

| volumes configured\n")); 
67353 1 } 
67354| } else { 

67355| Debug(DEBUG_INFO,("VeritasLDM: Error %08x 

| sending ioctl\n", Status)); 
67356| } 
67357| 

67358| ZwClose(Handle); 
67359 1 } else { 

67360| Debug(DEBUG_INFO,("VeritasLDM: Not 

| installed\n")); 
67361 | } 
67362| 



67363| return Status; 

67364| } 

67365| 

67366| 

67367| /* 



67368| VOID 

67369| PSManlnitialize( 

67370| IN PDRIVER_OBJECT DriverObject, 

67371| IN PVOID NextDisk, 

67372| IN ULONG Count 

67373| ) 

67374| 

67375| /*++ 

67376| 

67377| Routine Description: 
67378| 

67379| Attach to new disk devices and partitions. 
67380| Set up device objects for counts and times. 
67381 1 If this is the first time this routine is called, 
67382| then register with the IO system to be called 
67383| after all other disk device drivers have initiated. 
67384| 

67385| Arguments: 
67386| 

67387| DriverObject - Disk performance driver object. 
67388| NextDisk - Starting disk for this part of the 
| initialization. 

67389| Count - Not used. Number of times this routine has 

| been called. 
67390 | 

67391 1 Return Value: 
67392 | 

67393 1 NTSTATUS 

67394| 

67395| -7 

67396| 

67397| { 

67398| PCONFIGURATIONJNFORMATION 

| configurationlnformation=NULL; 
67399| CCHAR ntNameBuffer[64]={0}; 
67400| STRING ntNameString={0}; 
67401 1 UNICODE_STRING ntUnicodeString={0}; 
67402| PDEVICE_OBJECT physical Device=NULL; 

67403| PFILTEREDEXTENSION zeroExtension=NULL; 
67404| PDISK_GEOMETRY Geometry=NULL; 
67405| NTSTATUS status=0; 
67406| ULONG diskNumber=0; 
67407| PSBPSMAN_EXTENSION 

| SbotExt=(PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObje 



let); 
67408| 

67409| PAGED_CODE(); 
67410| 

6741 1 1 Debug(DEBUG_PROCCALL,("PSManlnitialize Called, 

| ND=%ld, Count=%ld\n",(ULONG)NextDisk,Count)); 
67412| 
67413| 
67414| // 

6741 5| // Get the configuration information. 

67416| // 

67417| 

67418| configurationlnformation = 
| loGetConfigurationlnformation(); 
67419| 
67420| // 

67421 1 // Find disk devices. 
67422 1 // 
67423 1 

67424| for ( diskNumber = (ULONG)NextDisk; 
67425| diskNumber < 

| configurationlnformation->DiskCount; 
67426| diskNumber++ ) { 
67427| 

67428| Debug(DEBUG_INIT,("On Disk 

| %d/%d\n",diskNumber,configurationlnformation->DiskCount) 

I); 

67429 1 // 

67430| // Create device name for the physical disk. 
67431 1 // 
67432 1 

67433| sprintf(ntNameBuffer, 

67434| "\\Device\\Harddisk%d\\PartitionO", 

67435| diskNumber); 

67436| 

67437| RtllnitAnsiString(&ntNameString, 
67438| ntNameBuffer); 
67439 1 

67440| RtlAnsiStringToUnicodeString(&ntUnicodeString, 
67441 1 SntNameString, 
67442 1 TRUE); 
67443 1 

67444| // 

67445| // Create device object for partition 0. 
67446| // 
67447| 
67448| { 

67449| #ifdef DEBUG_EXTENSION 
67450 1 ULONG SizeOfDeviceExt = 

| sizeof(DEVICE_EXTENSION); 



67451 1 #else 

67452| ULONG SizeOfDeviceExt = 

| sizeof(FILTERED_EXTENSION); 
67453| #endif 

67454| status = loCreateDevice(DriverObject, 

67455 1 S izeOf Device Ext, 

67456| NULL, 

67457| FILE_DEVICE_DISK, 

67458| 0, 

67459| FALSE, 

67460| &physicalDevice); 

67461 1 } 

67462 1 

67463| if ( !NT_SUCCESS(status) ) { 

67464| Debug(DEBUG_INIT,("Error! %08x creating 

| device for %s\n",status,ntNameBuffer)); 
67465| continue; 
67466| } 
67467| 

67468| if ( SphysicalDevice ) { 

67469| Debug(DEBUG_IN IT, ("Error! physicalDevice is 

| NULL\n")); 
67470| continue; 
67471 1 } 
67472 1 

67473| Debug(DEBUG_INIT,("lnit: Filtered Device %p 
| created for driver %p 

| VowZ'Vn^physicalDevice^riverObject&ntUnicodeString)); 
67474| // 

67475| // Point device extension back at device object 

| and remember 
67476| // the disk number. 
67477| // 
67478| 

67479| #ifdef DEBUG_EXTENSION 
67480 1 

| ((PDEVICE_EXTENSION)(physicalDevice->DeviceExtension))-> 
| ObjectType = OBJECT_FILTEREDDISK; 
67481 | 

| ((PDEVICE_EXTENSION)(physicalDevice->DeviceExtension))-> 
| RealDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,sizeof(FILTERED_EXTE 
| NSION),DEVEXTTAG); 
67482 1 

| RtlZeroMemory(((PDEVICE_EXTENSION)(physicalDevice->Devic 
| eExtension))->RealDeviceExtension,sizeof(FILTERED_EXTENS 
I ION)); 

67483| #endif 

67484| 

67485| zero Extension = 



I GetFilteredExtension(physicalDevice); 
67486| 

67487| // store the name 
67488| 

| wcscpy(zeroExtension->Name,ntUnicodeString. Buffer); 
67489| 

67490| zero Extensions DeviceObject = physicalDevice; 
67491| zeroExtension->ObjectType = 

| OBJECT FILTEREDDISK; 
67492| zeroExtension->DiskNumber = diskNumber; 
67493| zeroExtension->lsPhysical = TRUE; 
67494| zeroExtension->Physical.LastPartitionNumber = 

10; 

67495| zero Extensions DriverObject = DriverObject; 
67496| 

67497| Debug(DEBUG_DEVCON,("PSManlnitialize: 
| directio=%d, Setting to false\n",DevExt->DirectlO)); 

67498| zeroExtension->lnLoadL)nload = FALSE; 

67499| zeroExtension->DoDirectlO = FALSE; 

67500| zeroExtension->lsMounted = FALSE; 

67501 1 Debug(DEBUG_DEVCON,("PSManlnitialize: just set 
| IsMounted to FALSE for DevExt=%08x, 
| DevObj=%08x\n M ,DevExt,physicalDevice)); 

67502| Debug(DEBUG_DEVCON,("direct maps cleared\n")); 

67503 1 

| RtlZeroMemory(&zeroExtension->Cache,sizeof(tCachelnfo)); 
67504| 

67505| zeroExtension->Cache.HeaderFile.FileHandle = 
67506| zeroExtension->Cache.lndexFile.FileHandle = 
67507| zeroExtension->Cache.CacheFile.FileHandle = 

| INVALID_HANDLE_VALUE; 
67508| 

67509| zeroExtension->Cache.HeaderFile.WaitHandle = 
67510| zeroExtension->Cache.lndexFile.WaitHandle = 
6751 1 1 zeroExtension->Cache.CacheFile.WaitHandle = 

| INVALID_HANDLE_VALUE; 
67512| 

67513| ExInitializeResourceLite ( 

| &(zeroExtension->Cache.DirectAccessResource) ); 
67514| pmRegisterObject ( 

| &(zeroExtension->Cache.DirectAccessResource), 

| "DirectAccessResource", pmRwLock); 
67515| 
67516| 
67517| 

| lnitializeListHead(&zeroExtension->Cache.SnapShotHead); 
67518| 
67519| 

67520| zeroExtension->ChangeCount = // 
| for removables. 



67521| 

| zeroExtension->SignalRead = 
67522| 

| zeroExtension->SignalWrite = 
67523| 

| zeroExtension->PSMed 
67524| 

| zeroExtension->NumberOfReadRequests = 
67525| 

| zeroExtension->SectorsRead = 
67526| 

| zeroExtension->NumberOfWriteRequests = 
67527| 

| zeroExtension->SectorsWritten = 
67528| 

| zeroExtension->OpenCount = 0; // number of 
| times it has been opened 
67529| 

67530| zeroExtension->DeviceShutDown = 0; 
67531| 

67532| // resource for rbtree functions 
67533| // Supposed to call ExDeleteResourcel_ite() 
| before 

67534| // freeing mem, but since we never free, lets 
| not worry 

67535| // about it until we add support for unloading. 

67536| 

67537| 

| ExlnitializeResourceLite(&zeroExtension->DeviceExtResour 
I ce); 
67538| 

| pmRegisterObject(&zeroExtension->DeviceExtResource,"zero 
| Extension->DeviceExtResource",pmRwLock); 

67539| // init linked list of snapshots. 

67540| lnitializeListHead(&zeroExtension->SnapShots); 

67541 | 

67542| // This is the physical device object. 

67543| zeroExtension->PhysicalDevice = physicalDevice; 

67544| 

67545| // Attach to partitionO. This call links the 

| newly created 
67546| // device to the target device, returning the 

| target device object. 
67547| status = loAttachDevice(physicalDevice, 
67548| &ntUnicodeString, 
67549 1 

| &zeroExtension->TargetDeviceObject); 
67550 1 

67551 1 if ( !NT_SUCCESS(status) ) { 

67552| Debug(DEBUG_IN IT, ("Error! %08x attaching to 



I device %s\n",status,ntNameBuffer)); 
67553| ExDeleteResourcel_ite( 

| &zeroExtension->DeviceExtResource ); 
67554| 

| pmDeRegisterObject(&zeroExtension->DeviceExtResource); 
67555| loDeleteDevice(physical Device); 

67556| continue; 
67557| } 
67558| 

67559| RtlFreeUnicodeString(&ntUnicodeString); 
67560| 

67561 1 // Propogate driver's alignment requirements. 
67562| physicalDevice->Flags |= DO_DIRECT_IO; 
67563 1 

67564| physicalDevice->AlignmentRequirement = 

| zeroExtension->TargetDeviceObject->AlignmentRequirement; 
67565| 

67566| physicalDevice->StackSize = 

| zeroExtension->TargetDeviceObject->StackSize+1 ; 

67567 1 physical Device->DeviceType = 

| zeroExtension->TargetDeviceObject->DeviceType; 

67568| physicalDevice->Characteristics = 

| zeroExtension->TargetDeviceObject->Characteristics; 

67569 1 

67570| // initialize Read and write events 

67571 1 KelnitializeEvent ( &zeroExtension->ReadEvent, 

67572| Synchronization Event, // 

| type (notification or sync) 
67573 1 FALSE // 

| signaled 
67574| ); 
67575| 

67576| KelnitializeEvent ( &zeroExtension->WriteEvent, 
67577| Synchronization Event, // 

| type (notification or sync) 
67578| FALSE // 

| signaled 
67579 1 ); 
67580 1 
67581 | 
67582 | 

67583 1 // 

67584| // Initialize spinlocks 

67585| // 

67586| 

67587| KelnitializeSpinLock ( 

| &zeroExtension->StatisticsSpinLock ); 
67588| 

| pmRegisterObject(&zeroExtension->StatisticsSpinLock,"zer 
| oExtension->StatisticsSpinLock",pmSpinLock); 



67589| 

07590 | J* ***************************** ************************* 
| **************** J 

67591| // 

67592| // Allocate buffer for disk geometry. 

67593| // 

67594| 

67595| Debug(DEBUG_INIT,( M Gettinggeometry\n")); 
67596| Geometry = (PDISKGEOMETRY) 

| MemAllocatePoolWithTag(PagedPool,sizeof(DISK_GEOMETRY),T 

| EMPTAG); 
67597| 

67598| if ( IGeometry ) { 

67599| Debug(DEBUG_INIT,("Error! Out of 

| memoryVn")); 
67600| continue; 
67601 1 } 
67602 1 

67603 1 status = 

| Sblo_GetGeometry(zeroExtension->TargetDeviceObject,Geome 

I try); 
67604| 

67605| if ( !NT_SUCCESS(status) ) { 

67606| Debug(DEBUG_INIT,("Error! %08x sending 

| disk_geometry to %s\n M , status, ntNameBuffer)); 
67607| // keep going, incase there is no cartridge 

| in drive. 

67608| Geometry->Cylinders.QuadPart = 0; 

67609| Geometry->MediaType 

| RemovableMedia; 
67610| Geometry->TracksPerCylinder =0; 

6761 1 1 Geometry->SectorsPerTrack = 0; 

67612| Geometry->BytesPerSector = 512; 

67613| } 
67614| 

6761 5| // get the disk geometry 
67616| zeroExtension->Cylinders 

| Geometry->Cylinders; 
67617| zeroExtension->MediaType 

| Geometry->MediaType; 
67618| zeroExtension->TracksPerCylinder 

| Geometry->TracksPerCylinder; 
67619| zeroExtension->SectorsPerTrack 

| Geo metry->SectorsPerT rack; 
67620| zeroExtension->BytesPerSector 

| Geometry->BytesPerSector; 
67621| 

67622| zeroExtension->lsPhysical = 1 ; 
67623 1 

67624| // save largest BPS request 



67625| if ( zeroExtension->BytesPerSector > 

| SbotExt->LargestBPS ) { 
67626| SbotExt->LargestBPS = 

| zeroExtension->BytesPerSector; 
67627| } 
67628| 
67629| 

67630| Debug(DEBUG_INIT,("Device=%p, Cyls=%d, 

| Heads=%d, SPT=%d, BPS=%d\n", 
67631 1 physicalDevice, 
67632| Geometry->Cylinders.LowPart, 
67633| Geometry->TracksPerCylinder, 
67634| Geometry->SectorsPerTrack, 
67635| Geometry->BytesPerSector 
67636| )); 
67637| 

67638| FREEPOINTER(Geometry); 
67639 1 

g-^g^Q | J* ***************************** ************************* 
| **************** j 

67641 | 

67642| // make partitions for this physical device. 

67643| PSManMakePartitionObjects( physicalDevice, TRUE 

I); 

67644| } 
67645| 

67646| RegisterVeritasLDMCallBacks(); 
67647| 

67648| // scan for Veritas Logical Disk Manager volumes 
67649 1 Scan Fo rVe ritas L D M Vo lu mes () ; 
67650 1 
67651 1 // 

67652| // Check if this is the first time this routine has 

| been called. 
67653 1 // 
67654| 

67655| if ( INextDisk ) { 
67656| 

67657| // 

67658| // Register with IO system to be called a 

| second time after all 
67659| // other device drivers have initialized. 
67660 1 // 
67661 | 

67662| loRegisterDriverReinitialization(DriverObject, 
67663 1 

| PSManlnitialize, 
67664| 

| (PVOID)configurationlnformation->DiskCount); 
67665| } 



67666| 

67667| Debug(DEBUG_PROCCALL,("PSManlnitialize Done\n")); 

67668| return; 

67669| 

67670| } // end PSManlnitialize() 

67671 1 #endif // _WIN32_WINNT < 0x0500 

67672 1 

67673 1 

67674| GLOBALTYPE WCHAR 
| gRegistryPathStore[256]={0}; 
67675| 

67676| r 



67677| void VdGetRegistrySettings ( IN PUNICODE_STRING 

| RegistryPath ) 
67678| { 

67679| PAGED_CODE(); 
67680 1 
67681 | 

| Reg_GetULONGKey(RegistryPath,L"AllowWrites",ALLOWWRITES_ 

| DEF,&gAllowWrites); 
67682 1 r 
67683 1 

| Reg_GetULONGKey(RegistryPath,L"NumberOfBuffers",NUMBEROF 
| BUFFERS_DEF,&gNumberOfBuffers); 
67684| 

| Reg_GetULONGKey(RegistryPath,L"ScanLuns",SCANLUNS_DEF,&g 
| ScanLuns); 
67685| 

| Reg_GetULONGKey(RegistryPath,L"BufferSize",BUFFERSIZE_DE 
| F,&gBufferSize); 
67686| 

| Reg_GetULONGKey(RegistryPath,L"WriteCacheMaxSize",WRITEC 
| ACHEMAXSIZE_DEF,&gWriteCacheMaxSize); 
67687| 

| Reg_GetULONGKey(RegistryPath,L"DoSeek",DOSEEK_DEF,&gDoSe 
|ek); 
67688| 

| Reg_GetULONGKey(RegistryPath,L"CacheFlags",CACHEFLAGS_DE 

| F,&gCacheFlags); 
67689 1 7 
67690 1 } 
67691 | 

67692| I* 



67693| NTSTATUS 
67694| lnitVDisk( 

67695| IN PDRIVER_OBJECT DriverObject, 
67696| IN PUNICODE_STRING RegistryPath 
67697| ) 



67698| 
67699| /*++ 
67700| 

67701| Routine Description: 
67702| 

67703| This is the routine called by the system to 

| initialize the disk 
67704| performance driver. The driver object is set up and 

| then the 

67705| driver calls Tdrom Initialize to attach to the boot 

| devices. 
67706| 

67707| IRQL = PASSIVELEVEL 

67708| Arguments: 

67709| 

6771 0| DriverObject - The disk performance driver object. 
6771 1 | 

67712| Return Value: 
67713| 

67714| NTSTATUS 

67715| 

67716| -7 

67717| 

67718| { 

67719| NTSTATUS ntStatus=0; 

67720| WCHAR Name[80]={0}; 

67721 1 UNICODE_STRING NameUnicode={0}; 

67722| NTSTATUS Status=0; 

67723| OBJECT_ATTRIBUTES ObjectAttributes={0}; // for 

| the directory object 
67724| 

67725| NOTREFERENCED(DriverObject); 

67726| PAG E D_CO D E () ; 

67727| 

67728| 

| RtlCopyMemory(gRegistryPathStore,RegistryPath->Buffer,Re 

| gistryPath->Length); 
67729| // NULL terminate, since counted Unicode strings 

| are not necessarily null 
67730| //terminated 

67731 1 gRegistryPathStore[RegistryPath->Length / 2] = 0; 
67732 1 

| RtllnitUnicodeString(&gRegistryPath,gRegistryPathStore); 
67733 1 

67734| Debug(DEBUG_INIT,("RegistryPath = 

| %wZ\n M ,&gRegistryPath)); 
67735| VdGetRegistrySettings ( &g Registry Path ); 
67736| 

67737| // Create a permanent object directory for 
| partitions, then make it 



67738| // temporary so that we can close it at any time 

| and it will go away. 
67739| 
67740| 

| swprintf(Name,L M \\Device\\PsmDevices_%04x M ,PSM_LOW_COMPA 
| TIBLE_VERSION); 
67741 | 

67742| RtllnitUnicodeString( &NameUnicode, Name); 
67743 1 

67744| lnitializeObjectAttributes( 



67745 1 &Object Attri butes , 

67746| &NameUnicode, 

67747| OBJ_PERMANENT, 

67748| NULL, 

67749| NULL); 
67750| 



67751 1 Status = ZwCreateDi rectory Object ( 
67752 1 

| &gVDiskRootDirHandle, 
67753 1 

| DIRECTORY_ALL_ACCESS, 
67754| &ObjectAttributes 

I); 

67755| 

67756| if ( NT_SUCCESS( Status ) ) { 

67757| ZwMakeTemporaryObject( gVDiskRootDirHandle ); 
67758| } 
67759 1 

67760| //InitExit: 
67761 | 

67762| Debug(DEBUG_INIT,("VDisk init returning %08x to 

| NTAn M ,ntStatus)); 
67763| return(ntStatus); 
67764| 

67765| } // InitVDisk 

67766| 

67767| 

67768| #if _WIN32_WINNT>=0x0500 
67769 1 NTSTATUS 
67770 1 PSManAddDevice( 

67771 1 IN PDRIVER_OBJECT DriverObject, 

67772| IN PDEVICE_OBJECT Physical DeviceObject 

67773 1 ) 
67774| /*++ 

67775| Routine Description: 
67776| 

67777| Creates and initializes a new filter device object 
| FiDOforthe 

67778| corresponding PDO. Then it attaches the device 
| object to the device 



67779| stack of the drivers for the device. 
67780| 

67781 1 Note: You can NOT access the PDO as it has not yet 

| been assigned any resources or 
67782| started. Do device stuff in 

| I R P_M N_ST A RT D E V I C E 
67783 1 

67784| Arguments: 
67785| 

67786| DriverObject - Disk performance driver object. 
67787| Physical DeviceObject - Physical Device Object from 

| the underlying layered driver 
67788| 

67789| Return Value: 
67790 1 

67791 1 NTSTATUS 
67792 1 -7 
67793 1 { 

67794| NTSTATUS status; 

67795| PDEVICE_OBJECT filter DeviceObject; 

67796| PFILTERED_EXTENSION deviceExtension; 

67797| PWMILIB_CONTEXT wmilibContext; 

67798| PCHAR buffer; 

67799| ULONG buffersize; 

67800| ULONG SizeOfDeviceExt; 

67801| 

67802 1 PAG E DCOD E () ; 

67803| 

67804| // 

67805| // Create a filter device object for this device 

| (partition). 
67806| // 
67807| 

67808| Debug(DEBUG_INIT,("PSManAddDevice: Driver %X Device 

| %X\n", DriverObject, PhysicalDeviceObject)); 
67809| 

67810| #ifdef DEBUG_EXTENSION 

6781 1 1 SizeOfDeviceExt = sizeof(DEVICE_EXTENSION); 
67812| #else 

67813| SizeOfDeviceExt = sizeof(FILTERED_EXTENSION); 
67814| #endif 

67815| status = loCreateDevice(DriverObject, 



6781 6| SizeOfDeviceExt, 

67817| NULL, 

67818| FILE_DEVICE_DISK, 

67819| 0, 

67820| FALSE, 

67821 1 &filterDeviceObject); 

67822 1 



67823| if ( !NT_SUCCESS(status) ) { 



67824| Debug(DEBUG_IN IT, ("PSMan Add Device: Cannot 

| create filterDeviceObject\n")); 
67825| #ifdef DEBUG 
67826| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,0x20,0 

1,0); 
67827| #endif 
67828| return status; 
67829| } 
67830| 

67831 1 filterDeviceObject->Flags |= DO_DIRECT_IO; 
67832 1 

67833| #ifdef DEBUG_EXTENSION 
67834| 

| ((PDEVICE_EXTENSION)(filterDeviceObject->DeviceExtension 
| ))->ObjectType = OBJECT_FILTEREDDISK; 
67835| 

| ((PDEVICE_EXTENSION)(filterDeviceObject->DeviceExtension 
| ))->RealDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,sizeof(FILTERED_EXTE 
| NSION),DEVEXTTAG); 
67836| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(filterDeviceObject->D 
| eviceExtension))->RealDeviceExtension,sizeof(FILTERED_EX 
| TENSION)); 
67837| #endif 

67838| device Extension = (PFILTERED_EXTENSION) 

| GetDeviceExtension(filterDeviceObject); 
67839 1 

67840| RtlZeroMemory(deviceExtension, 

| FILTERED_EXTENSION_SIZE); 
67841 | 

67842| deviceExtension->DeviceObject = filterDeviceObject; 
67843 1 device Extension->ObjectType = 

| OBJECT_FILTEREDDISK; 
67844| deviceExtension->DiskNumber = -1 ; 
67845| // until we know better 
67846| deviceExtension->lsPhysical = FALSE; 
67847| deviceExtension->Physical.LastPartitionNumber = 0; 
67848| deviceExtension->DriverObject = DriverObject; 
67849 1 

67850| Debug(DEBUG_DEVCON,("AddDevice: directio=%d, 
| Setting to false\n",deviceExtension->DoDirectlO)); 

67851 1 deviceExtension->lnl_oad(Jnload = FALSE; 

67852| deviceExtension->DoDirectlO = FALSE; 

67853| deviceExtension->lsMounted = FALSE; 

67854| Debug(DEBUG_DEVCON,("PSManAdd Device: Just set 
| IsMounted to FALSE for DevExt=%08x, 
| DevObj=%08x\n",deviceExtension,filterDeviceObject)); 

67855| Debug(DEBUG_DEVCON, ("direct maps cleared\n")); 



67856| 

| RtlZeroMemory(&deviceExtension->Cache,sizeof(tCachelnfo) 

I); 

67857| 

67858| deviceExtension->Cache.HeaderFile.FileHandle = 
67859| deviceExtension->Cache.lndexFile.FileHandle = 
67860| deviceExtension->Cache.CacheFile.FileHandle = 

| INVALID_HANDLE_VALUE; 
67861 | 

67862| deviceExtension->Cache.HeaderFile.WaitHandle = 
67863| deviceExtension->Cache.lndexFile.WaitHandle = 
67864| deviceExtension->Cache.CacheFile.WaitHandle = 

| INVALID_HANDLE_VALUE; 
67865| 

67866| ExInitializeResourceLite ( 

| &(deviceExtension->Cache.DirectAccessResource) ); 
67867| pmRegisterObject ( 

| &(deviceExtension->Cache.DirectAccessResource), 

| "DirectAccessResource", pmRwLock ); 
67868| 
67869 1 

| lnitializeListHead(&deviceExtension->Cache.SnapShotHead) 



67871 1 deviceExtension->ChangeCount = // for 

| removables. 
67872 1 

| deviceExtension->SignalRead = 
67873 1 

| deviceExtension->SignalWrite = 
67874| 

| deviceExtension->PSMed 
67875| 

| deviceExtension->NumberOfReadRequests = 
67876| 

| deviceExtension->SectorsRead = 
67877| 

| deviceExtension->NumberOfWriteRequests = 
67878| 

| deviceExtension->SectorsWritten = 
67879 1 

| deviceExtension->OpenCourit = 0; // number of 
| times it has been opened 
67880 1 

67881| deviceExtension->DeviceShutDown =0; 

67882| // init linked list of snapshots. 

67883| lnitializeListHead(&deviceExtension->SnapShots); 

67884| 

67885| // initialize Read and write events 

67886| KelnitializeEvent ( &deviceExtension->ReadEvent, 



I SynchronizationEvent, FALSE ); 
67887| KelnitializeEvent ( &deviceExtension->WriteEvent, 

| SynchronizationEvent, FALSE ); 
67888| 

67889| // Initialize spinlocks 
67890| 

67891 1 KelnitializeSpinLock ( 

| &deviceExtension->StatisticsSpinLock ); 
67892 1 

| pmRegisterObject(&deviceExtension->StatisticsSpinLock,"d 
| eviceExtension->StatisticsSpinLock",pmSpinLock); 
67893 1 

67894| KeQuerySystemTime(&deviceExtension->LastldleClock); 

67895| 

67896| // 

67897| // Allocate per processor counters. NOTE: To save 

| some memory, it does 
67898| // allocate memory beyond QueryTime. Remember to 

| expand size if there 
67899| // is a need to use anything beyond this 
67900 1 // 

67901 1 deviceExtension->Processors = (ULONG) 

| *KeNumberProcessors; 
67902| buffersize= PROCESSOR_COUNTERS_SIZE * 

| deviceExtension->Processors; 
67903| buffer = (PCHAR) 

| MemAllocatePoolWithTag(NonPagedPool, 

| buffersize,TEMPTAG); 
67904| if ( buffer != NULL ) { 
67905| RtlZeroMemory(buffer, buffersize); 
67906| deviceExtension->DiskCounters = 

| (PDISK PERFORMANCE) buffer; 
67907| } else { 
67908| 

| LogError(filterDeviceObject,NULL,IO_ERR_INSUFFICIENT_RES 
| OURCES,STATUS_INSUFFICIENT_RESOURCES,NULL,0,NULL,0); 

67909 1 } 

67910| 

67911| // 

67912| // Attaches the device object to the highest device 

| object in the chain and 
67913| // return the previously highest device object, 

| which is passed to 
67914| // loCallDriver when pass IRPs down the device 

| stack 
67915| // 
67916| 

6791 7| deviceExtension->PhysicalDeviceObject = 

| Physical DeviceObject; 
67918| 



67919| deviceExtension->TargetDeviceObject = 

| loAttachDeviceToDeviceStack(filterDeviceObject, 

| PhysicalDeviceObject); 
67920| 

67921 1 if ( deviceExtension->TargetDeviceObject == NULL ) 
|{ 

67922| loDeleteDevice(filterDeviceObject); 

67923| Debug(DEBUG_IN IT, ("PSManAdd Device: Unable to 

| attach %X to target %X\n",filterDeviceObject, 

| PhysicalDeviceObject)); 
67924| #ifdef DEBUG 
67925| 

| PSManBugCheck(SB_BUG_FILE_INIT,SB_BUG_INIT_FAILED,0x21 ,0 
h0); 
67926| #endif 

67927| return STATUS_NO_SUCH_DEVICE; 
67928| } 
67929 | 
67930 1 // 

67931 1 // Save the filter device object in the device 

| extension 
67932 1 // 

67933| deviceExtension->DeviceObject = filterDeviceObject; 
67934| 

67935| deviceExtension->PhysicalDiskloNotifyRoutine = 
| NULL; 

67936| deviceExtension->PhysicalDeviceName. Buffer = 

| deviceExtension->PhysicalDeviceNameBuffer; 
67937| 
67938| 

| KelnitializeEvent(&deviceExtension->PagingPathCountEvent 
| , NotificationEvent, TRUE); 
67939 1 

67940 1 // per device resources that need to be freed 

67941 1 // this is freed no matter what when DELETE_DEVICE 

| is called... 
67942| // is this right??? FIXFIXFIX 
67943 1 

| ExlnitializeResourceLite(&deviceExtension->DeviceExtReso 
| urce); 
67944| 

| pmRegisterObject(&deviceExtension->DeviceExtResource,"de 

| viceExtension->DeviceExtResource",pmRwLock); 
67945| 
67946| // 

67947| // Initialize WMI library context 
67948| // 

67949| wmilibContext = &deviceExtension->WmilibContext; 
67950| RtlZeroMemory(wmilibContext, 
| sizeof(WMILIB_CONTEXT)); 



67951 1 wmilibContext->GuidCount = PSManGuidCount; 
67952| wmilibContext->GuidList = PSManGuidList; 
67953| wmilibContext->QueryWmiReglnfo = 

| PSManQueryWmiReglnfo; 
67954| wmilibContext->QueryWmiDataBlock = 

| PSManQueryWmiDataBlock; 
67955| wmilibContext->WmiFunctionControl = 

| PSManWmiFunctionControl; 
67956| 
67957| // 

67958| // default to DO_POWER_PAGABLE 
67959 1 // 
67960 1 

67961 1 filterDeviceObject->Flags |= DO_POWER_PAGABLE; 
67962 1 
67963 1 // 

67964| // Clear the DO_DEVICEJNITIALIZING flag 

67965| // 

67966| 

67967| filterDeviceObject->Flags &= 

| ~DO_DEVICE_INITIALIZING; 
67968| 

67969| Debug(DEBUG_INIT ! ("PSManAddDevice: FilterObject %X 

| attached to target %X\n",filterDeviceObject, 

| PhysicalDeviceObject)); 
67970| return STATUS_SUCCESS; 
67971 | 
67972 1 } 
67973| #endif 
67974| 
67975| 
67976| 

67977| File Listing: SBPSMAN.h 
67978| 

67979| #define SBPSMAN_WIN32_NAME L"\\DosDevices\\PSMan" 
67980| #define SBPSMAN_DEVICE_NAME L"\\Device\\PSMan" 
67981| #define PROGRAMLONGNAME L'SnapBack Live" 
67982| #define_PROGRAMSHORTNAME L"SnapBack" 
67983| 

67984| #define MAXDEVICES 32 
67985| 

67986| #define GLOBALTYPE 
67987| 

67988| #define MAX_PATH MAXIMUM_FILENAME_LENGTH 
67989| 

67990| #define NUMTHREADS_DEF 10 
67991 1 #define NUMTHREADS_MIN 1 
67992| #define NUMTHREADS_MAX 1000 
67993 1 

67994| #define MAXTHREADS_DEF 32 



67995| #define MAXTHREADS_MAX NUMTHREADS_MAX 
67996| 

67997| // number of microseconds to wait before creating 

| another thread when busy 
67998| #define NEWTHREADDELAY_DEF 1000000 
67999 1 #define N E WTH RE AD D EL AYM I N 1 
68000| #define N EWTH READ D ELAY_M AX 60000000 
68001| 

68002| // can be FILE_DELETE_ON_CLOSE and FILE_NO_COMPRESSION, 
| etc... 

68003| #define CREATEOPTIONS_DEF (FILE_NO_COMPRESSION) 
68004| #define OPENOPTIONS_DEF (FILE_NO_COMPRESSION | 

| FILE_WRITE_THROUGH | FILE_NO_INTERMEDIATE_BUFFERING) 
68005| 

68006| // timeout for when system is hung default is 30 
| seconds. 

68007| #define HUNGSYSTEMTIMEOUT DEF 30000000 

68008| #define HUNGSYSTEMTIMEOUT_MIN 1 

68009| #define HUNGSYSTEMTIMEOUT_MAX 2000000000 

68010| 

68011| //from tdrom.h 

68012| #define NUMBEROFBUFFERS_DEF 0 

68013| #define BUFFERSIZE_DEF (128*1024) /* 128k 7 

68014| #define ALLOWWRITES_DEF 0 

68015| #define WRITECACHEMAXSIZE_DEF 2048 /* 1 MB (1048576 
|/512) 7 

6801 6| #def ine DOSEEK DEF 1 

6801 7| #define SCANLUNS_DEF 1 

68018| #define CACHEFLAGS_DEF 0 

68019| #define MAKEPHYSICAL_DEF 0 

68020| 

68021| 

68022| 



68023| 


#def 


ne 


DEBUG. 


.INFO 


0x02000000 


68024| 


#def 


ne 


DEBUG. 


.ERROR 


0x04000000 


68025| 


#def 


ne 


DEBUG. 


.PROCCALL 0x08000000 


68026| 












68027| 


#def 


ne 


DEBUG. 


JNIT 


0x00000001 


68028| 


#def 


ne 


DEBUG. 


.THREAD 


0x00000002 


68029| 


#def 


ne 


DEBUG. 


.TREE 


0x00000004 


68030| 


#def 


ne 


DEBUG. 


.FILE 


0x00000008 


68031| 


#def 


ne 


DEBUG. 


.READ 


0x00000010 


68032| 


#def 


ne 


DEBUG. 


.CACHE 


0x00000020 


68033| 


#def 


ne 


DEBUG. 


.DEVCON 


0x00000040 


68034| 


#def 


ne 


DEBUG. 


.REG 


0x00000080 


68035| 


#def 


ne 


DEBUG. 


.DEVSUP 


0x00000100 


68036| 


#def 


ne 


DEBUG. 


.SHUTDOWN 0x00000200 


68037| 


#def 


ne 


DEBUG. 


.CLEANUP 


0x00000400 


68038| 


#def 


ne 


DEBUG. 


_MISC 


0x00000800 


68039| 


#def 


ne 


DEBUG. 


.CREATE 


0x00001000 



68040 
68041 
68042 
68043 
68044 
68045 
68046 
68047 
68048 
68049 
68050 
68051 
68052 
68053 
68054 
68055 
68056 
68057 
68058 
I little 



68059 1 




68060 1 


#def 


68061 | 


#def 


68062 1 


#def 


68063 1 


#def 


68064| 


#def 


68065| 


#def 


68066| 


#def 


68067| 


#def 


68068| 


#def 


68069 1 


#def 


68070 1 


#def 


68071 | 


#def 


68072 1 


#def 


68073 1 


#def 


68074| 


#def 


68075| 


#def 


68076| 


#def 


68077| 


#def 


68078| 


#def 


68079 1 


#def 


68080 1 


#def 


68081 | 


#def 


68082 1 


#def 


68083 1 


#def 


68084| 


#def 


68085| 


#def 


68086| 


#def 


68087| 


#def 


68088I 


#def 



#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 
#defi 



ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 
ne 



DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG. 
DEBUG 



CLOSE 

FLUSH 

DCPSM 

WRITE 

VDISK 

MEMORY 

PASSTHRU 



0x00002000 
0x00004000 
0x00008000 
0x00010000 
0x00020000 
0x00040000 
0x00080000 



PSMFILES 0x00100000 
PNP 0x00200000 
POWER 0x00400000 
WMI 0x00800000 
DICT 0x01000000 
SFILTER 0x02000000 



#define DEBUG TRACE 



0x80000000 



// Keep sorted so it is easy to see duplicates. 
// Each name looks backwards but it will be forwards in 
endian. 



ne FREETAG 'EERF 

ne SBMEM16TAG '61 SP 

ne BUGCH ECK TAG 'cbSP' 

ne BITMAPTAG 'mbSP' 

ne BUFFTAG 'ubSP' 

ne DEBUG_ENTRY_TAG 'bdSP' 

ne DEVEXTTAG 'edSP' 

ne PSM_DISPATCH_TABLE_TAG 'tdSP* 

ne PSM_EVENT_ENTRY_TAG 'eeSP' 

ne PSM_EVENT_TAG 'teSP' 

ne EVENTTAG VeSP' 

ne FILENAMETAG 'nfSP 

ne P S M_ F R E E_S P A C E_T AG 'sfSP' 

ne GETSTATSTAG 'sgSP' 

ne P S M_ D I CT_H E A D E R_TAG 'ehSP' 

ne IRPTAG YiSP' 

ne PSM_INTERNAL_SNAPSHOT 'siSP' 

ne PSM_MASTER_SNAPSHOT 'amSP' 

ne MBRTAG 'bmSP' 

ne NODEBITTAG 'bnSP' 

ne NODEMEMTAG 'mnSP' 

ne NODETAG 'onSP 

ne OPENTHREADTAG 'toSP' 

ne PAGEDSECTAG 'spSP' 

ne QTAG 'tqSP' 

ne PSM_REVERT_BUFFER_TAG 'brSP' 

ne PSM_READONLY_FILE_TAG 'orSP 

ne READREQUESTTAG YrSP 

ne REGISTRYTAG 'trSP' 



68089| #define PSMSECTORBITTAG 'bsSP' 
68090| #define PSM_SECURITY_TAG 'esSP' 
68091 1 #define PSM_DICT_SHARED_TAG 'hsSP' 
68092| #define PSM_SKIP_FILE_TAG 'ksSP' 
68093| #define PSM_SNAPSHOT_ENTRY 'ssSP' 
68094| #define STRINGTAG 'tsSP' 
68095| #define THREADTAG 'htSP 
68096| #define TEMPTAG 'mtSP' 
68097| #define TreeTAG 'rtSP' 
68098| #define USERTAG 'suSP' 
68099| #define PSM_VDISK_BUFFER_TAG 'bvSP' 
681 00| #def ine VDISKWRITETAG 'wvSP' 
681 01 1 #define WRITEREQUESTTAG 'rwSP' 
68102| 
68103| 

68104| #ifdef DEBUG 

68105| #define TRACE(Code,Arg1 ,Arg2,Arg3,Arg4,Msg) 

| SbTrace2((Code),(Arg1),(Arg2),(Arg3),(Arg4),(Msg),_FILE 
I _,_LINE_) 

68106| #else 

68107| #define TRACE(Code,Arg1,Arg2,Arg3,Arg4,Msg) 

68108| #endif 

68109| 

68110| //device.c 

681 1 1 1 #define TRACE_PASSTHRU "PassThru" // 

| high, low, count, key 
68112| #define T R AC E_C R EAT E "Create" // 

| Security, Options, Attributes, EaLength 
68113| #define TRACE_READ "Read" // 

| high, low, count, key 
68114| #define TRACE_WRITE "Write" // 

| high, low, count, key 
68115| #define TRACE_READFORWRITE "Read For Write" 

| // high, low, count, key 
681 1 6| #define TRACE_PASSTHRU_COMP "PassThruComp" 

| // high, low, count, key 
681 1 7\ #def ine TRACE FLUSH "Flush" // 0, 

I 0, 0, 0 

68118| #define TRACEJOCTL "loCtl" // 

| OutputBuffer Length, Input Buffer Length, lo Control 
| Code, Type 3 Input Buffer 

68119| #define TRACE SHUTDOWN "Shutdown" // 

I 0, 0, 0, 0 

68120| #def ine TRACE_CLEANUP "Cleanup" // 

I 0, 0, 0, 0 

68121 1 #define T R AC E_C LOSE "Close" // 0, 

I 0, 0, 0 
68122| 

68123| //Thread.c 

68124| #define TRACE_THREADUPDATE "Thread Update" 



I // Up, Threads Awake, Number of threads, 0 
68125| #define TRACE_WRITEANDWAIT "WriteAndWait" 

| // high, low, count, 0 
68126| #define TRACE WRITEANDWAITCOMP 

| "WriteAndWaitComp" // high, low, count, 0 
68127| #define TRACE LOOKINGFORDUPS "LookingForDups" 

| // 0, Sector, Count, 0 
68128| #define TRACE_ADDTOTREE "AddToTree" // 

| 0, Sector, Count, Bit 
68129| #define TRACE_THREADLOOP "ThreadLoop" 

| // 0, 0, 0, 0 

68130| #defineTRACE_GETWORK "GetWork" // 

I 0, 0, 0, 0 

68131 1 #define TRACE_PROCESSSECTOR "ProcessSector" 

| // 0, Sector, Count, 0 
68132| #define TRACE_THREADCLEANUP "ThreadCleanup" 

| // 0, Sector, Count, 0 
68133| #define TRACE_THREADEXIT "ThreadExit" 

| // 0, 0, 0, 0 

68134| #define TRACE_MAKETHREAD "MakeThread" 
| // 0, 0, 0, 0 

68135| #define TRACE_WAITWRITEFROMNT 

| "WaitForWriteFromNT" // 0, 0, 0, 0 
68136| #define TRACE COMPLETENEXTWRITEONQUEUE 

| "CompleteNextWrite" // 0, 0, 0, 0 
68137| #define TRACE_COMPLETEWRITESONQUEUE 

| "CompleteAIIWrites" // 0, 0, 0, 0 
68138| #define TRACE_ALLOCATERESOURCES 

| "AllocateResources" // 0, 0, Byte Count, 0 
68139| #define TRACE_WORKERGET "WorkerGet" // 

I 0, 0, 0, 0 

68140| #define TRACE SETTINGUP "SettingUp" // 

| 0, Sector, Count, 0 
68141| #define TRACE SENDINGREADFORWRITE 

| "SendingReadForWrite" // 0, Sector, Count, 0 
68142| #define TRACE_READFORWRITE_COMP 

| "ReadForWriteComp" // 0, Sector, Count, 0 
68143| #define TRACE_SENDINGORIGWRITE 

| "SendingOrigWrite" // high, low, count, key 
68144| #define TRACE_SENDINGORIGWRITECOMP 

| "SendingOrigWriteComp" // high, low, count, key 
68145| #define TRACE READANDWAIT "ReadAndWait" 

| // high, low, count, 0 
68146| 
68147| 
68148| 

68149| //time manipulation macros. 

68150| // NT keeps track of time in 100 Nanosecond increments. 
68151 1 // this means the Smallest nano second is a multiple of 
| 100, so 



68152| // only use microseconds and above, unless you need 
I it... 



68153 
68154 
68155 
68156 



68157 



| int64)(micros)) * NANOSECONDS(IOOOL)) 



68158 

l_ 
68159 

l_ 
68160 
68161 
68162 
68163 
68164 
68165 



(level)) == (level)) DbgPrint _x_ 



68166 



| == (level)) DebugPrintSave _x_ 



68167 
68168 
68169 
68170 
68171 
68172 
68173 
68174 
68175 
68176 
68177 
68178 
68179 
68180 
68181 
68182 
68183 
68184 
68185 
68186 
68187 
68188 
68189 
68190 
68191 
68192 
68193 
68194 



#define ABSOLUTE(wait) (wait) 
#define RELATIVE(wait) (-(wait)) 

#define NANOSECONDS(nanos) (((signed 
int64)(nanos))/100L) 

#define MICROSECONDS(micros) (((signed 



#define MILLISECONDS(milli) (((signed 
int64)(milli)) * MICROSECONDS(1000L)) 
#define SECONDS(seconds) (((signed 
int64)(seconds)) * MILLISECONDS(1000L)) 

Hint -emacro(740, Debug)*/ 
#ifdef DEBUG 

void BugCheckCallBack( PVOID Buffer, ULONG Length ); 
void DebugPrintSave(char *fmt, ...); 
// #define Debug(level,_x_) if ((DebugLevel & 



#define Debug(level,_x_) if ((DebugLevel & (level)) 



#else 

#define Debug(level,_x_) 
#endif 



#define 


STATE 


_UNKNOWN 


0 


#define 


_STATE_ 


_WAITING_FOR_ 


_WORK 1 


#define 


_STATE_ 


_WAITING_FOR_ 


.THREAD 2 


#define 


_STATE_ 


_WAITING_FOR_ 


_WRITE 3 


#define 


_STATE_ 


_WAITING_FOR_ 


EVENT 4 


#define 


_STATE_ 


_WAITING_FOR_ 


TREEREAD 5 


#define 


_STATE_ 


_WAITING_FOR_ 


_TREE_WRITE 6 


#define 


STATE 


_WAITING_FOR_ 


_CACHE_BIT 7 


#define 


_STATE_ 


_WAITING_FOR_ 


.MEMORY 8 


#define 


_STATE_ 


.WORKING 


50 


#define 


_STATE_ 


.CLEANUP 


51 


#define 


_STATE_ 


DEINIT 


254 


#define 


_STATE_ 


JNIT 


255 



typedef struct sMY_THREAD { 
PVOID ThreadObject; 

#ifdef SYNC 

PVOID FileObject; 

#endif 

#ifdef DEBUG 
ULONG State; 
ULARGEJNTEGER Sector; 
ULONG Count; 
ULARGEJNTEGER Current; 



68195| PDEVICE_OBJECT DeviceObject; 
68196| PIRPIrp; 
68197| #endif 

68198| } tMY THREAD, *PMY_THREAD; 
68199| 

68200| #ifdef DEBUG 

68201 1 extern GLOBALTYPE ULONG DebugLevel; 
68202| extern GLOBALTYPE ULONG DebugPrints; 
68203| 



68204| 


extern 


GLOBALTYPE 


ULONG 


FIRST 


_DATA_SEG_^ 


68205| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR1 ; 


68206| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR2; 


68207| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR3; 


68208| 


extern 


GLOBALTYPE 


ULONG 


DATA 


_SEG_ 


ADDR4; 


68209 | 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR5; 


68210| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR6; 


68211| 


extern 


GLOBALTYPE 


ULONG 


DATA 


_SEG_ 


ADDR7; 


68212| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDR8; 


68213| 


extern 


GLOBALTYPE 


ULONG 


DATA 


_SEG_ 


ADDR9; 


68214| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRA; 


68215| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRB; 


68216| 


extern 


GLOBALTYPE 


ULONG 


DATA 


_SEG_ 


ADDRC; 


68217| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRD; 


68218| 


extern 


GLOBALTYPE 


ULONG 


DATA, 


_SEG_ 


ADDRE; 


68219| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRF; 


68220| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRG; 


68221 | 


extern 


GLOBALTYPE 


ULONG 


DATA 


_SEG_ 


ADDRH; 


68222 | 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ADDRI; 


68223 | 


extern 


GLOBALTYPE 


ULONG 


DATA, 


_SEG_ADDRJ; 


68224| 


extern 


GLOBALTYPE 


ULONG 


DATA_ 


_SEG_ 


ADDRK; 



68225| extern GLOBALTYPE ULONG D AT A_S E G_ A D D R L ; 
68226| extern GLOBALTYPE ULONG DATA_SEG_ADDRM; 
68227| extern GLOBALTYPE ULONG DATA_SEG_ADDRN; 
68228| extern GLOBALTYPE ULONG D ATA S EG_AD D RO; 
68229| extern GLOBALTYPE ULONG DATA_SEG_ADDRP; 
68230| extern GLOBALTYPE ULONG E N D_D AT A_S E G_A DDR; 
68231| 
68232| 

68233| #endif 
68234| 

68235| extern GLOBALTYPE WCHAR 

| gSnapShotDirName[200]; 
68236| extern GLOBALTYPE PDRIVER_OBJECT 

| PSManDriverObject; // our driver object 
68237| extern GLOBALTYPE PDEVICE_OBJECT PSManObject; 

| // our object that user opens 
68238| extern GLOBALTYPE BOOLEAN PsmActive; 

| // is psm enabled? 
68239| extern GLOBALTYPE BOOLEAN PSManPSMInited; 

| // Is psm ready? 



68240| extern GLOBALTYPE KSEMAPHORE ThreadSemaphore; 
| // limits threads for "writing to cache file" that can 
| run at once 

68241 1 extern GLOBALTYPE KSEMAPHORE WriteSemaphore; 
| // Number of writes pending for "write dispatch" to 
| threads 

68242| extern GLOBALTYPE KSEMAPHORE 

| WriteAfterReadSemaphore; // Number of writes 

| pending for dispatch to lower driver 
68243| extern GLOBALTYPE KEVENT 

| WorkerThreadEvent; // Set when a thread is available 

| to work 

68244| extern GLOBALTYPE KEVENT ThreadOlnited; 

| // used to sync threads 
68245| extern GLOBALTYPE KEVENT 

| PSMan Exiting Event; // Set when time for psm to be 

| disabled (not actual unload of psm) 
68246| extern GLOBALTYPE ULONG NumberOfThreads; 

[ // Number of Threads for psm 
68247| extern GLOBALTYPE ULONG 

| GlobalThreadCount; // Number of threads running 
68248| extern GLOBALTYPE PMYTHREAD Thread Objects; 

| // List if each threads data 
68249| extern GLOBALTYPE tMY THREAD 

| WriteThreadObject; // writer thread data 
68250| extern GLOBALTYPE LIST_ENTRY 

| ThreadsWorkToDoQueue; // Queue for threads 
68251 1 extern GLOBALTYPE KSPIN_LOCK 

| ThreadsWorkToDoSpinLock; // spinlock 
68252| extern GLOBALTYPE LIST_ENTRY 

| WriteAfterReadQueue; // Queue for writes to be sent 

| after a read has occured 
68253| extern GLOBALTYPE KSPIN_LOCK 

| WriteAfterReadSpinLock; // spinlock 
68254| extern GLOBALTYPE LIST_ENTRY ProcessingQueue; 

| // Processing queue (from nt system) 
68255| extern GLOBALTYPE LIST ENTRY WriteQueue; 

| // Write queue (from nt system) 
68256| extern GLOBALTYPE KSPIN_LOCK WriteSpinLock; 

| // spin lock for it 
68257| extern GLOBALTYPE ULONG DoPagingFile; 

| // Set if we need to do the paging file 
68258| extern volatile GLOBALTYPE ULONG 

| Outstanding Requests; // Number of lOs outstanding 

| to all volumes 

68259| extern GLOBALTYPE ULONG PSManPSMFIags; 

| // see PSM_FLAG_* 
68260| extern GLOBALTYPE FAST_MUTEX 

| WorkerThreadMutex; // Mutex for threads 
68261 1 extern GLOBALTYPE FAST_MUTEX 



I CacheThresholdMutex; // Mutex for threshold 
| handling 

68262| extern GLOBALTYPE FAST_MUTEX PSMUserMutex; 

| // Mutex to keep track of psm users 
68263| extern GLOBALTYPE KSEMAPHORE 

| PSMOpenCloseSemaphore; // Keep open/close out of each 

| others hair 
68264| #ifdef DEBUG 

68265| extern GLOBALTYPE KSEMAPHORE 

| PSM_DebugSemaphore; // Semaphore to write to log 
| file 

68266| extern GLOBALTYPE ULONG gDebugToLog; 

| // whether to log debug to log file or not 
68267| extern GLOBALTYPE LIST ENTRY PSM_DebugQueue; 

| // Queue for threads 
68268| extern GLOBALTYPE KSPIN_LOCK 

| PSM_DebugSpinLock; //spinlock 
68269| #endif 

68270| extern GLOBALTYPE ULONG gLogErrors; 
68271 1 extern GLOBALTYPE ULONG gFailFreed; 
68272| extern GLOBALTYPE ULONG gLogOpenClose; 
68273| extern GLOBALTYPE KSEMAPHORE 

| PSMVDiskSemaphore; // Semaphore for read/write 

| vdisk volumes 
68274| #ifdef DEBUG_SNAPSHOTS 
68275| extern GLOBALTYPE KSEMAPHORE 

| PSMSnapShotSemaphore; // Semaphore for read/write 

| snapshots 
68276| #endif 

68277| extern GLOBALTYPE NTSTATUS LastErrorStatus; 

| // error to report to PSM users 
68278| extern GLOBALTYPE FAST MUTEX 

| PSManMemoryMutex; // mutex for memory routines 
68279| extern GLOBALTYPE ULONG 

| MaxWriteQueueDepth; // stats for writes 
68280| extern GLOBALTYPE ULONG WriteQueueDepth; 

| // stats 

68281 1 extern volatile GLOBALTYPE ULONG 

| ThreadsAwake; // Number of threads 

| "actively" processing requests 
68282| extern GLOBALTYPE ULONG 

| NewThreadStartDelay; // Number of milliseconds to 

| start a new thread when all others are busy 
68283| extern GLOBALTYPE ULONG MaxThreads; 

| // Max number of threads to create 
68284| extern GLOBALTYPE ULONG 

| PSManCreateOptions; // Options for "creating" the 

| cache file 
68285| extern GLOBALTYPE ULONG 

| PSManOpenOptions; // Options for "opening" the 



I cache file 
68286| extern GLOBALTYPE ULONG 

| PSManFillOnWrite; // Actually write to the cache 
| file? 

68287| extern GLOBALTYPE ULONG 

| gHungSystemTimeOut; // Number of milliseconds to 

| wait to see if the system is deadlocked 
68288| extern GLOBALTYPE ULONG 

| gVDisklOHandling; // when set any reads/writes 

| to vdisk are completed successfuly without IO 
68289| 

68290| //from tdrom.h 

68291 1 extern GLOBALTYPE KEVENT 

| VDiskExitingEvent; // Vdisks told to disappear 
68292 | 

68293| extern GLOBALTYPE LIST_ENTRY ReadVDiskQueue; 

| // Queue for reads to virtual volume 
68294| extern GLOBALTYPE KSPIN_LOCK 

| ReadVDiskSpinLock; // keep in sync 
68295| extern GLOBALTYPE KSEMAPHORE 

| ReadVDiskSemaphore; // 
68296| 

68297| extern GLOBALTYPE LIST_ENTRY WriteVDiskQueue; 

| // Queue for writes to virtual volume 
68298| extern GLOBALTYPE KSPIN_LOCK 

| WriteVDiskSpinLock; // keep in sync 
68299| extern GLOBALTYPE KSEMAPHORE 

| WriteVDiskSemaphore; 
68300 | 

68301 1 extern GLOBALTYPE ULONG 

| VDiskNumberOfThreads; // Number of threads running 

| (2, reader and writer) 
68302| extern GLOBALTYPE FAST_MUTEX 

| VDiskThreadMutex; // Keep in sync 
68303 | 

68304| //extern GLOBALTYPE ULONG 

| gNumberOfBuffers; // not used anymore 
68305| //extern GLOBALTYPE ULONG gBufferSize; 

| // not used anymore 
68306| 

68307| extern GLOBALTYPE ULONG gAllowWrites; 

| // allow writes to virtual volumes? we now allow 

| writes to all volumes, but 
68308| 

| // left here to show how to make volumes read only 
68309| //extern GLOBALTYPE ULONG 

| gWriteCacheMaxSize; // not used anymore 
68310| //extern GLOBALTYPE ULONG gScanLuns; 

| // not used 
68311| 



68312| extern GLOBALTYPE UNICODE_STRING gRegistryPath; 

| // our entry in the registry 
68313| 

68314| //extern GLOBALTYPE struct sCache VDiskCache; 
68315| extern GLOBALTYPE HANDLE 

| gVDiskRootDirHandle; // our "\Devices\PsmDevices\" 

| directory handle 
68316| 

68317| //extern GLOBALTYPE ULONG gDoSeek; 
| // Not used 

68318| //extern GLOBALTYPE ULONG gCacheFlags; 

| // Not used 
68319| // end from tdrom.h 
68320| 
68321| // 

68322| // Device Extension 

68323| // 

68324| 

68325| #define OBJECT INTERNAL 0 
68326| #define OBJECT_FILTEREDDISK 1 
68327| #define OBJECT_VIRTUALDISK 2 
68328| #define OBJECT_FS_OBJECT 3 
68329| #define OBJECT_FS_FILTER 4 
68330 | 

68331 1 // generic structure that is common to all extensions. 
68332| typedef struct _DEVICE_EXTENSION { 
68333 | 

68334| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
68335| PDRIVER_OBJECT DriverObject; //The 

| driver object for use on repartitioning. 
68336| ULONG ObjectType; 
68337| 

68338| #ifdef DEBUG_EXTENSION 

68339| PVOID RealDeviceExtension; 

68340 1 #endif 

68341| } DEVICE_EXTENSION, *PDEVICE_EXTENSION; 
68342| 

68343| typedef struct _PHYSICAL_DEVICE { 

68344| ULONG Signature; 

68345| ULONG LastPartitionNumber; 

68346| } tPHYSICAL_DEVICE, *pPHYSICAL_DEVICE; 

68347| 

68348| typedef struct _M Y_D I S K_EXT E N TS { 
68349| // from DISK EXTENTS in ntddvol.h 
68350| ULONG DiskNumber; 
68351| LARGE INTEGER StartingOffset; 
68352| LARGE_INTEGER ExtentLength; 
68353| 

68354| LISTENTRY ListEntry; 



68355 
68356 
68357 
68358 
68359 
68360 
68361 
68362 
68363 
68364 
68365 
68366 
68367 
68368 
68369 
68370 
68371 
68372 
68373 
68374 
68375 
68376 
68377 
68378 
68379 
68380 

l*P 
68381 
68382 
68383 
68384 
68385 
68386 
68387 
68388 
68389 
68390 
68391 
68392 
68393 
68394 
68395 
68396 
68397 
68398 
68399 
68400 
68401 
68402 
68403 



} MY_DISK_EXTENTS, *pMY_DISK_EXTENTS; 

typedef struct _LOGICAL_DEVICE { 
#if _WIN32_WINNT >= 0x0500 

LIST_ENTRY DiskExtents; 
#else 

ULONG Placeholder; 
#endif 

} tl_OGICAL_DEVICE, *pLOGICAL_DEVICE; 
#define PSMAN_MAXSTR 64 

// 

// Disk notification or callout 

// 

typedef 
VOID 

(*PPHYSICAL_DISK_IO_NOTIFY_ROUTINE)( 
IN ULONG DiskNumber, 
IN PIRP Irp, 

IN PDISK_PERFORMANCE PerfCounters 

); 

typedef struct PersistentDictionary::sHeader *pHeader; 
typedef struct PersistentDictionary::slnternalSnapShot 
nternalSnapShot; 

#define CACHE_ACTION_NOTHING 0 
#define CACHE_ACTION_DENY_WRITES 1 
#define CACHE_ACTION_BSOD 2 
#define CACHE_ACTION_DELETE_ALWAYS_KEEPS 

struct RETRIEVAL_POINTERS_BUFFER; 

typedef struct _PSM_FILE_INFO { 

PFILE_OBJECT FileObject; 

HANDLE FileHandle; 

PVOID WaitObject; 

HANDLE WaitHandle; 

DirectAccessFile * Direct; 

WCHAR FileName[256]; 

WCHAR Location[256]; 
} tPsmFilelnfo, *pPsmFilelnfo; 

typedef struct _CACHE_INFO { 
tPsmFilelnfo HeaderFile; 
tPsmFilelnfo IndexFile; 
tPsmFilelnfo CacheFile; 
ERESOURCE DirectAccessResource; //for 



I doing reader-writer locks on usage of DirectAccessFile 
| objects 
68404| 

68405| FAST MUTEX PSManBitMapMutex; 

68406| ULONG CurrentCacheFileSize; 

68407| ULONG PSManBitHint; 

68408| PRTL BITMAP PSManBitMapBuffer; 

68409| ULONG PSManCacheCanGrow; 

6841 0| pHeader Header; 

6841 1 1 ULONG HeaderReferenceCount; 

68412| ULONG ReferenceCount; 

68413| LIST_ENTRY SnapShotHead; 

68414| ULONG PSManBitMapSize; 

68415| ULONG PSManBitMapMaxSize; 

68416| ULONGLONG MostRecentSnapshotTime; 

6841 7| plnternalSnapShot MostRecentSnapshot; 

68418| 

68419| 

68420| // config stuff from registry 

68421 1 ULONG CacheWarningThresholdPercent; 

68422| ULONG CacheFullThresholdPercent; 

68423| ULONG CacheWarning Interval; 

68424| ULONG CacheFullActionPercent; 

68425| ULONG CacheFullAction; 

68426| ULONG Initialize; 

68427| ULONG MaxSize; 

68428| } tCachelnfo,*pCachelnfo; 

68429 1 

68430 1 

68431 1 typedef struct _FILTERED_EXTENSION { 
68432| // common header 

68433| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
68434| PDRIVER_OBJECT DriverObject; //The 

| driver object for use on repartitioning. 
68435| ULONG ObjectType; 
68436| 

68437| // extension specific 
68438| 

68439| // global to all filtered devices 

68440| PDEVICE_OBJECT Target DeviceObject; //Target 

| Device Object 
68441 1 #if _WIN32_WINNT < 0x0500 

68442| PDEVICE_OBJECT PhysicalDevice; //Target 

| Device Object 
68443| #endif 

68444| ULONG IsPhysicaM ; // Device 

| is physical device 
68445| ULONG NotActive:1; 
68446| ULONG lnLoadUnload:1 ; // set when 



I [Load|Unload]SnapShotsForVolume is running 
68447| ULONG DoDirectlO:1 ; //when 

| set, we will do direct io to the files 
68448| ULONG lsMounted:1; //whether 

| volume is mounted or not 
68449| ULONG lsReverting:1 ; //whether 

| this volume is currently being reverted 
68450| ULONG OpenCloseAcquired:1 ; //whether 

| the open close resource is acquired, this is to get 

| around a deadlock 
68451| //when 

| opening my files, and the volume isnt mounted, so i 

| then get a mount 
68452| ULONG Dismounting:1 ; 

68453 1 

68454| ULONG DiskNumber; // only valid if 

| Is Physical is set 
68455| 

68456| UNICODE_STRING UniName; 
68457| WCHAR Name[256]; 
68458| 

68459| KSPIN_LOCK StatisticsSpinLock; 

68460| ULONG NumberOf Read Requests; 

68461 1 ULONG SectorsRead; 

68462| ULONG NumberOfW rite Requests; 

68463| ULONG Sectors Written; 

68464| ULONG ChangeCount; // used for 

| removable devices 
68465| 

68466| ULONG CacheWrites; //number of 

| writes sent to cache file for this device 
68467| 

68468| ULONG SignalRead; 

68469| ULONG SignalWrite; 

68470| ULONG PSMed; 

68471| ULONG OpenCount; //number of 

| times it has been opened 
68472| 

68473| KEVENT ReadEvent; // a read occured 

68474| KEVENT WriteEvent; // a write occured 
68475| 

68476| PARTITIONJNFORMATION Pi; // Partition 

| info 

68477| LARGEJNTEGER Cylinders; 
68478| MEDIATYPE MediaType; 
68479| ULONG TracksPerCylinder; 
68480| ULONG Sectors PerTrack; 

68481 1 ULONG Bytes PerSector; 

68482 1 

68483| union { 



68484| tPHYSICAL_DEVICE Physical; 
68485| tl_OGICAL_DEVICE Logical; 

68486| }; 
68487| 

68488| ERESOURCE Device Ext Resource; // used for 

| misc changes to pointers in this structure. 
68489| // that can 

| change OUTSIDE of open and close 
68490| 

68491| tCachelnfo Cache; 

68492| ULONG FileSystem; // file system 

| that will attach to us. see F I L E_S YSTE M_* 

68493 1 LA RG E_l NTEGER LastMou ntTime; 

68494| // Valid only when PSM enabled 
68495| 

68496| LIST_ENTRY Snapshots; // linked list of 

| snapshots. Newer times at head of list 
68497| 

68498| #if _WIN32_WINNT >= 0x0500 

68499| // 

68500| // Physical device object 

68501| // 

68502| PDEVICE_OBJECT Physical DeviceObject; 

68503| 

68504| // 

68505| // Use to keep track of Volume info from ntddvol.h 

68506| // 

68507| 

68508| WCHAR StorageManagerName[8]; 

68509| 

68510| // 

6851 1 1 // Disk performance counters 

68512| // and locals used to compute counters 

68513| // 

68514| 

68515| ULONG Processors; 

6851 6| PDISK PERFORMANCE DiskCounters; // per processor 
| counters 

6851 7| LARGEJNTEGER LastldleClock; 

68518| LONG QueueDepth; 

68519| LONG CountersEnabled; 
68520| 

68521| // 

68522| // must synchronize paging path notifications 

68523| // 

68524| KEVENT PagingPathCountEvent; 

68525| ULONG PagingPathCount; 
68526| 

68527| // 

68528| // Physical Device name or WMI Instance Name 



68529| // 
68530| 

68531 1 UNICODE_STRING Physical DeviceName; 

68532| WCHAR PhysicalDeviceNameBuffer[PSMAN_MAXSTR]; 

68533 1 

68534| // 

68535| // Notification routine for tracing 
68536| // 

68537| PPHYSICAL_DISK_IO_NOTIFY_ROUTINE 

| PhysicalDiskloNotifyRoutine; 
68538| 
68539 1 // 

68540| // Private context for using WmiLib 
68541 1 // 

68542| WMILIB_CONTEXT WmilibContext; 
68543 1 

68544| // unique volume id for this volume, based on the 

| volume guid 
68545| ULONG Volumeld; 

68546| WCHAR VolumeGuid [40]; // string of the form 

| 'C8e56d0c-93c5-1 1 d4-991 0-806d61 72696f 
68547| #define LENGTH OF UNIQUE 

| (((1 6*sizeof (WCHAR))*2)+(sizeof(WCHAR)*2)) 
68548| WCHAR Uniqueld[LENGTH_OF_UNIQUE]; // string in 

| the form of '123456781234567812345678' 
68549 1 #endif 

68550| ULONG DeviceShutDown; 
68551 | 

68552| ULONG NextlndexSequenceNumber; 
68553 1 

68554| } FILTERED_EXTENSION, *PFILTERED_EXTENSION; 
68555| 

68556| #define FILTERED_EXTENSION_SIZE 

| sizeof(FILTERED EXTENSION) 
68557| 

68558| typedef struct _FS_FILTER_EXTENSION { 
68559| // common header 

68560| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
68561| PDRIVER_OBJECT DriverObject; //The 

| driver object 
68562| ULONG ObjectType; 
68563| 

68564| // extension specific 

68565| PDEVICE_OBJECT Target DeviceObject; 

68566| ULONG Attached:1 ; // If this 

| device is attached to a lower device 
68567| ULONG VirtuaM ; // whether 

| the storage class object is a filtered disk or a 

| virtual disk 



68568| ULONG FileSystem:1 ; // whether 

| this is a file system filter, or volume filter 
68569| ULONG lsRaw:1 ; // whether 

| this file system is the raw file system 
68570| ULONG lsNtfs:1; 
68571| ULONG lsFat:1; 

68572| PDEVICE_OBJECT PSMStorageObject; //our 
| storage class object that this file system filter is 
| filtering 

68573| } FS_FILTER_EXTENSION, *PFS_FILTER_EXTENSION; 
68574| 

68575| #define FS_FILTER_EXTENSION_SIZE 

| sizeof(FS_FILTER_EXTENSION) 
68576| 

68577| typedef struct _FS_OBJECT_EXTENSION { 
68578| // common header 

68579| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
68580| PDRIVER_OBJECT DriverObject; //The 

| driver object 
68581| ULONG ObjectType; 
68582| 

68583| // extension specific 

68584| } FS_OBJECT_EXTENSION, *PFS_OBJECT_EXTENSION; 
68585| 

68586| #define FS_OBJECT_EXTENSION_SIZE 

| sizeof(FS_OBJECT_EXTENSION) 
68587| 
68588| 

68589| #define PROCESSOR_COUNTERS_SIZE 

| FIELD_OFFSET(DISK_PERFORMANCE, QueryTime) 
68590| 

68591 1 typedef struct _OT_USER_ { 
68592 1 struct _OT_USER_ *Next; 
68593| PEPROCESS ProcessID; 
68594| PETHREAD ThreadID; 
68595| ULONG Open; // if psm was opened by 

| this user 

68596| PFILE_OBJECT FileObject; // file object 

| associated with the create request. 
68597| PKEVENT ErrorEvent; 
68598| PKEVENT AbortEvent; 
68599| ULONG NumOpenSnapShots; 
68600| LISTENTRY Snapshots; 
68601 1 ULONG Persistent:1 ; 

68602| ULONG SaveTempOnExit:1 ; 

68603| } tOT_USER, *pOT_USER; 
68604| 

68605| // global memory 

68606| // dont change the position of DeviceObject as this 



I structure is 

68607| // used as a DEVICE_EXTENSION in some places (ie 

| unload) 
68608| 

68609| typedef struct _SBPSMAN_EXTENSION { 
6861 0| // common header 

68611| PDEVICE_OBJECT DeviceObject; // 0 Back 

| pointer to device object 
68612| PDRIVER_OBJECT DriverObject; // 4 The 

| driver object for use on repartitioning. 
68613| ULONG ObjectType; // 8 

68614| 

6861 5| // extension specific 

68616| KSPIN_LOCK WaitQueueSpinLock; // c 
6861 7| LIST_ENTRY WaitQueue; // 1 0 

68618| 

68619| ULONG LargestBPS; //18 

68620| ERESOURCE DeviceResource; //1c used 

| to sync access for psm 
68621| ERESOURCE SnapShotResource; // 54 used 

| to sync access to snapshots 
68622| 

68623| pOTJJSER PSMUsers; //8c list 

| of threads who have psm open. 
68624| ULONG NumActive; // 90 

| number of active opens 
68625| ULONG ShutDownCalled; 
68626| 

68627| } SBPSMAN_EXTENSION, *PSBPSMAN_EXTENSION; 
68628| 

68629| #define SBPSMAN_EXTENSION_SIZE 

| sizeof(SBPSMAN_EXTENSION) 
68630| 

68631 1 typedef struct _VDISK_EXTENSION { 
68632| // common header 

68633| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
68634| PDRIVER_OBJECT DriverObject; //The 

| driver object for use on repartitioning. 
68635| ULONG ObjectType; 
68636| 

68637| // extension specific 

68638| PDEVICE_OBJECT PSMDevice; //device 

| being PSMed 
68639| ULONG lsPhysical:1 ; // Device 

| is physical device 
68640| ULONG MountDisabled:1 ; //we set 

| this bit to refuse mounts in certain situations 
68641 | 

68642| KSPIN_LOCK StatisticsSpinLock; 



NumberOfReadRequests; 
Sectors Read; 
NumberOfWriteRequests; 
SectorsWritten; 



68643| ULONG 
68644| ULONG 
68645| ULONG 
68646| ULONG 
68647| 

68648| tkSnapShotEntry *SnapShot; // pointer to snapshot 

| this volume is suppose to be of. 
68649| tkSnapShotMaster *MasterSnapShot; // Master 

| pointer for quick reference 
68650| 



68651 1 


ULONG 


SerialNumber; 


68652 1 






68653 1 


PARTITION. 


.INFORMATION Pi; // Ps 


| info 






68654| 


LARGEJNTEGER Cylinders; 


68655 1 


ULONG 


Heads; 


68656 1 


ULONG 


SPT; 


68657 1 


ULONG 


BPS; 


68658| 






68659 1 


ULONG 


Instance; 


68660 1 


WCHAR 


Name[256]; 


68661 1 


WCHAR 


VolumeGuid[100]; 


68662 1 






68663| 


BOOLEAN 


DriveNotReady; 


68664| 


BOOLEAN 


PartitionActive; 


68665| 


ULONG 


DiskChangeCount; 


68666| 


ULONG 


LockCount; 


68667| 


ULONG 


KeepWritelnMemory; 


68668| 


BOOLEAN 


O rig i n al Write P rotected ; 


68669 1 






68670 1 


// how much went to cache because of "write' 


| virtual drive 




68671 | 


ULONG 


CacheWrites; 


68672 | 


ULONG 


ClusterOOffset; 


68673 1 






68674| 


ULONG 


DeviceShutDown; 



68675| 

68676| } VDISK_EXTENSION, *PVDISK_EXTENSION; 
68677| 

68678| #define VDISK_EXTENSION_SIZE sizeof(VDISK_EXTENSION) 

68679 1 

68680| 

68681 1 typedef struct sWriteRequest { 

68682| PDEVICE_OBJECT DeviceObject; 

68683| PIRP Irp; 

68684| LIST_ENTRY ListEntry; 

68685| LISTENTRY ProcessingEntry; 

68686| ULARGEJNTEGER RoundedSector; //starting 

| sector to pre-read; always on a granule boundary 
68687| ULONG RoundedCount; //number 



I of sectors to pre-read; always an integer number of 
| granules 

68688| LARGEJNTEGER RoundedSectorlnBytes; // 

| RoundedSector multiplied by bytes/sector 
68689| LARGEJNTEGER RoundedCountln Bytes; // 

| RoundedCount multiplied by bytes/sector 
68690| U LARGEJNTEGER RealSector; //original 

| write request's starting sector 
68691| ULONG RealCount; //original 

| write request's sector count 
68692| PVOID Buffer; 
68693| LARGEJNTEGER ByteOffset; 
68694| ULONG ByteLength; 
68695| } tWriteRequest; 
68696| 

68697| #define tReadRequest tWriteRequest 
68698| 

68699| typedef struct sOpenPsmThread { 

68700| PIRP Irp; 

68701 1 pOTJJSER User; 

68702| PVOID OTI; 

68703| ULONG OTISize; 

68704| ULONG OTOSize; 

68705| } tOpenPsmThread, *pOpenPsmThread; 

68706| 

68707| typedef struct sDebugLog Entry { 

68708| LIST ENTRY ListEntry; 

68709| char Log Entry [255]; 

68710| } tDebugLogEntry; 

6871 1 | 

68712| 

68713| // 

68714| // Function declarations 

68715| // 

68716| 

68717| 

68718| extern "C" NTSTATUS 
68719| DriverEntry( 

68720| IN PDRIVER_OBJECT DriverObject, 

68721 1 IN PUNICODE_STRING RegistryPath 

68722 1 ); 

68723 1 

68724| VOID 

68725| PSManlnitialize( 

68726| IN PDRIVER_OBJECT DriverObject, 
68727| IN PVOID NextDisk, 
68728| IN ULONG Count 
68729 1 ); 
68730 1 

68731 1 NTSTATUS 



68732| lnitVDisk( 

68733| IN PDRIVER_OBJECT DriverObject, 
68734| IN PUNICODE_STRING RegistryPath 
68735| ); 

68736| NTSTATUS PSManMakePartitionObjects( 

68737| PDEVICE_OBJECT PartitionO, 

68738| BOOLEAN BootTime 

68739| ); 

68740| 

68741 | 

68742 1 /* 

68743| Note: If enabling debug_extension be careful not to 
68744| have many device add/removes, as everywhere where 
| we 

68745| scan from PSMANDriverObject->DeviceObject there is 
| the 

68746| possibility that it is still NULL (ie, 

| loCreateDevice) 
68747| was successful, but the MemAllocatePool hasnt 

| happened yet. 
68748| 

68749| This was seen on dual processor 800MHz with cluster 

| enabled. 
68750 1 
68751 1 7 

68752| #ifdef DEBUG_EXTENSION 

68753| inline PVOID GetDeviceExtension(PDEVICE_OBJECT 

| DevObj) 
68754| { 

68755| PDEVICE_EXTENSION DE = 

| (PDEVICE_EXTENSION)((PDEVICE_EXTENSION)(DevObj)->DeviceE 

| xtension)->RealDeviceExtension; 
68756| #if MEMDBG 
68757| MemCheckPool(DE); 
68758| #endif 
68759| return DE; 
68760 1 } 
68761 1 #else 

68762| #define GetDeviceExtension(DevObj) 

| ((DevObj)->DeviceExtension) 
68763 1 #endif 
68764| 

68765| #define GlobalData 

| ((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
68766| 
68767| 

68768| inline PFILTERED EXTENSION 

| lnline_GetFilteredExtension ( PDEVICE_OBJECT DevObj 
68769| #ifdef DEBUG 

68770| , const char *SourceFile, int SourceLine 



68771 |#endif/*DEBUG7 
68772 1 ) 
68773 1 { 

68774| ASSERT(DevObj != NULL); 

68775| PFILTERED_EXTENSION DevExt = 

| PFILTERED_EXTENSION(GetDeviceExtension(DevObj)); 
68776| ASS E RT( Dev Ext != NULL); 
68777| 

68778| #ifdef DEBUG 

68779| ULONG ObjectType = 

| PDEVICE_EXTENSION(DevExt)->ObjectType; 
68780| if ( ObjectType != OBJECT_FILTEREDDISK ) { 
68781| Debug(DEBUG_DCPSM,("!!! GetFiltered Extension: 

| Expected filtered extension (%d) but found object type 

| = %d\n" , O B J ECT_FI LTEREDDISK, ObjectType) ) ; 
68782| Debug(DEBUG_DCPSM,("!!! DevObj=%08x, called 

| from %s(%d)\n",DevObj,SourceFile,SourceLine)); 
68783| ASSERT(FALSE); 
68784| } 

68785| #endif /"DEBUG*/ 
68786| 

68787| return DevExt; 

68788| } 

68789| 

68790| inline PVDISK_EXTENSION lnline_GetVDiskExtension ( 

| PDEVICE_OBJECT DevObj 
68791 1 #ifdef DEBUG 

68792| , const char *SourceFile, int SourceLine 
68793| #endif /*DEBUG7 
68794| ) 
68795| { 

68796| ASS ERT( DevObj != NULL); 

68797| PVDISK_EXTENSION DevExt = (PVDISK_EXTENSION) 

| GetDeviceExtension(DevObj); 
68798| ASSERT(DevExt != NULL); 
68799 1 

68800| #ifdef DEBUG 

68801 1 ULONG ObjectType = 

| PDEVICE_EXTENSION(DevExt)->ObjectType; 
68802| if ( ObjectType != OBJ ECT_VIRTUAL DISK ) { 
68803| Debug(DEBUG_DCPSM,("!!! GetVDiskExtension: 

| Expected vdisk extension (%d) but found object type = 

| %d\n",OBJECT_VIRTUALDISK, ObjectType)); 
68804| Debug(DEBUG_DCPSM,("!M DevObj=%08x, called 

| from %s(%d)\n", DevObj, SourceFile,SourceLine)); 
68805| ASSERT(FALSE); 
68806| } 

68807| #endif /* DEBUG*/ 
68808| 

68809| return DevExt; 



******************************************************* 
********************** 

******************************************************** 



68810| } 
6881 1 | 

6881 2|#ifdef DEBUG 

68813| #define GetFilteredExtension(DevObj) 

| lnline_GetFilteredExtension((DevObj), FILE , LINE ) 

68814| #define GetVDiskExtension(DevObj) 

| lnline_GetVDiskExtension((DevObj), FILE , LINE ) 

68815| #else /*DEBUG7 

68816| #define GetFilteredExtension(DevObj) 

| lnline_GetFilteredExtension(DevObj) 
68817| #define GetVDiskExtension(DevObj) 

| lnline_GetVDiskExtension(DevObj) 
68818| #endif /* DEBUG*/ 
68819| 
68820| 
68821 1 r* 
I 

68822| 

| ********************** 

68823 1 ** 

| ** 

68824| ** To prevent deadlocks the following hierarchy must 

| be maintained! 

68825| ** 
I ** 

68826| ** Snapshot resource 

I ** 

68827| ** VDisk semaphore 

I ** 

68828| ** Global resource 

I ** 

68829 1 ** Rbtree resource 

I ** 

68830 1 ** 

| ** 

68831 1 ** 

| ** 

68832 1 ** 

| ** 

68833 1 ** 

| ** 

68834| ** 

| ** 

68835| ** 

| ** 

68836| ** 

| ** 

68837 

| **■! 

68838| 



******************************************************** 
********************** 

******************************************************** 



********************* 



68839| 
68840| /* 

68841 1 resources need to be AT APC_LEVEL to be acquired 

| contrary to what docs say 
68842 1 
68843 1 

68844| From: "Brandon Allsop (Volt Computer)" 

| <a-branal@microsoft.com> 
68845| To: 'Rob Green' <rgreen@cdp.com> 
68846| Subject: RE: Driver Verifier 
68847| Date: Thu, 5 Aug 1999 19:46:14-0700 
68848| 

68849| Since APCs can occur at anytime it is a good idea to 

| protect yourself when 
68850| acquiring or releasing these resources. You can do this 

| by either raising to 
68851 1 irql APC_LEVEL or by simply calling 

| KeEnterCriticalRegionQ before 
68852| attempting the acquire or release. 
68853 1 
68854| 

68855 1 Checkout: 

68856| KeEnterCriticalRegion() 

68857| KeLeaveCriticalRegionQ 

68858| 7 

68859 1 

68860| #define MyAcquireResourceSharedl_ite(Resource,Wait) { 

W 

68861 1 KeEnterCriticalRegion(); 

|\ 

68862 1 pm Acqu ireReaderl_ock( Resou rce, Wait) ; \ 
68863| KeLeaveCriticalRegion(); 

|\ 

68864| } 

68865| #define MyReleaseResourceForThreadLite(Resource) { \ 
68866| KeEnterCriticalRegion(); 

W 

68867| /*lint -save -e746 -e740 7 
|\ 

68868| pmReleaseReaderLock(Resource); \ 
68869| /*lint -restore 7 
|\ 

68870| KeLeaveCriticalRegion(); 

|\ 

68871 1 } 

68872| #define MyAcquireResourceExclusiveLite(Resource,Wait) { 

|\ 

68873| KeEnterCriticalRegion(); 



68874| pmAcquireWriterLock(Resource,Wait); \ 
68875| KeLeaveCriticalRegion(); 

|\ 

68876| } 
68877| 

68878| /*lint -emacro(740,ReleaseGlobalDeviceForRead) 7 
68879| Hint -emacro(740,ReleaseGlobalDeviceForWrite) 7 
68880| Hint -emacro(740,ReleaseDevExtForWrite) 7 
68881| Hint -emacro(740,ReleaseDevExtForRead) 7 
68882| #define GetGlobalDeviceForRead() 
| MyAcquireResourceSharedLite ( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject))-> 
| DeviceResource, TRUE ) 
68883| #define ReleaseGlobalDeviceForRead() 
| MyReleaseResourceForThreadLite ( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject))-> 
| DeviceResource ) 
68884| #define GetGlobalDeviceForWrite() 
| MyAcquireResourceExclusiveLite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject))-> 
| DeviceResource, TRUE ) 
68885| #define ReleaseGlobalDeviceForWrite() 
| MyReleaseResourceForThreadLite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject))-> 
| DeviceResource ) 
68886| 

68887| #define IsGlobalDeviceAcquiredForReadO 
| ExlsResourceAcquiredSharedLite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject))-> 

| DeviceResource) 
68888| #define IsGlobalDeviceAcquiredForWriteO 

| pmRwLockedForWrite(&((PSBPSMAN_EXTENSION)GetDeviceExtens 

| ion(PSManObject))->DeviceResource) 
68889| #define lsGlobalDeviceAcquired() 

| ((IsGlobalDeviceAcquiredForWriteO) || 

| (IsGlobalDeviceAcquiredForReadO)) 
68890| 

68891 1 #ifdef DEBUG_SNAPSHOTS 

68892 1 // test to check for deadlocks 

68893| #define IsSnapShotAcquiredForReadO 0 

68894| #define IsSnapShotAcquiredForWriteO 

| (pmExamineSemaphore(&PSMSnapShotSemaphore)<1 ) 
68895| #define lsSnapShotAcquired() 

| IsSnapShotAcquiredForWriteO 
68896| #define GetNumSnapShotReaders() 0 
68897| #define GetNumSnapShotWriters() 

| pmExamineSemaphore(&PSMSnapShotSemaphore) ? 0 : 1 
68898| #define ReleaseSnapShotForRead() 

| ReleaseSnapShotResource() 
68899 1 #define ReleaseSnapShotForWrite() 



I ReleaseSnapShotResource() 
68900| 

68901 1 #define GetSnapShotForRead() 

| AcquireSnapShotResource() 
68902| #define GetSnapShotForWrite() 

| AcquireSnapShotResource() 
68903 | 
68904| 
68905| #else 

68906| #define IsSnapShotAcquiredForReadO 
| ExlsResourceAcquiredSharedLite( 

[ &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource ) 
68907| #define IsSnapShotAcquiredForWriteQ 
| pmRwLockedForWrite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 

| SnapShotResource ) 
68908| #define lsSnapShotAcquired() 

| ((IsSnapShotAcquiredForWriteO) || 

| (IsSnapShotAcquiredForReadO)) 
68909| #define GetNumSnapShotReaders() 

| pmRwLockNumReaders( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource ) 
68910| #define GetNumSnapShotWriters() 
| ExGetExclusiveWaiterCount( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource ) 
68911| #define ReleaseSnapShotForRead() 
| MyReleaseResourceForThreadLite ( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource ) 
68912| #define ReleaseSnapShotForWrite() 
| MyReleaseResourceForThreadl_ite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource ) 
68913| 

68914| #ifdef DEBUG 
6891 5| #define GetSnapShotForRead() 
| if(lsSnapShotAcquired()) { 

|\ 
68916| 

| Debug(DEBUG_DCPSM,("GetSnapShotForRead: Snapshot is 
| already acquired!\n")); \ 
68917| } 

68918| 

| MyAcquireResourceSharedLite ( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource, TRUE ) 



68919| 

68920| #define GetSnapShotForWrite() 
| if(lsSnapShotAcquired()) { 

|\ 
68921| 

| Debug(DEBUG_DCPSM,("GetSnapShotForWrite: Snapshot is 
| already acquired!\n")); \ 
68922| 

| DbgBreakPoint(); 

|\ 

68923| } 

|\ 
68924| 

| MyAcquireResourceExclusiveLite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource, TRUE ) 
68925| #else 

68926| #define GetSnapShotForRead() 
| MyAcquireResourceSharedLite ( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 
| SnapShotResource, TRUE ) 
68927| #define GetSnapShotForWrite() 
| MyAcquireResourceExclusivel_ite( 

| &((PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject)) 

| SnapShotResource, TRUE ) 
68928| #endif // debug 
68929| #endif // DEBUG_SNAPSHOTS 
68930| 

68931 1 #define GetDevExtForRead(DevExt) 

| MyAcquireResourceSharedLite ( 

| &(DevExt)->DeviceExtResource, TRUE ) 
68932| #define ReleaseDevExtForRead(DevExt) 

| MyReleaseResourceForThreadLite ( 

| &(DevExt)->DeviceExtResource ) 
68933| #define GetDevExtForWrite(DevExt) 

| MyAcquireResourceExclusivel_ite( 

| &(DevExt)->DeviceExtResource, TRUE ) 
68934| #define ReleaseDevExtForWrite(DevExt) 

| MyReleaseResourceForThreadLite( 

| &(DevExt)->DeviceExtResource ) 
68935| 
68936| 

68937| #define PsmGetObjectType(DevObj) 

| (((PDEVICE_EXTENSION)(GetDeviceExtension(DevObj)))->Obje 
I ctType) 

68938| #define GetDriveNumFromObject(DevObj) 

| ((GetFilteredExtension(DevObj)->DiskNumber) 
68939 1 

68940| #ifdef DEBUG 

68941 1 #def ine FREE_POINTER(_ptr_) { ASSERT((_ptr_)!=NULL); 



I MemFreePool((_ptr_)); (_ptr_)=NULL; } 
68942| #else 

68943| #define FREE_POINTER(_ptr_) { MemFreePool((_ptrJ); 

I (_ptr_)=NULL; } 
68944| #endif 
68945| 
68946| // 

68947| // The following macros are used to establish the 

| semantics needed 
68948| // to do a return from within a try-finally clause. 

| As a rule every 
68949| // try clause must end with a label call try_exit. 

| For example, 
68950| // 
68951 1 // try { 
68952 1 // 
68953 1 // 
68954| // 

68955| // try_exit: NOTHING; 

68956| // } finally { 

68957| // 

68958| // 

68959 1 // 

68960 1 // } 

68961 1 // 

68962| // Every return statement executed inside of a try 

| clause should use the 
68963| // try_return macro. If the compiler fully supports 

| the try-finally construct 
68964| // then the macro should be 
68965| // 

68966| // #define try_return(S) { return(S); } 
68967| // 

68968| // If the compiler does not support the try-finally 

| construct then the macro 
68969| // should be 
68970 1 // 

68971 1 // #define try_return(S) { S; goto try_exit; } 
68972 1 // 
68973 1 

68974| Hint -emacro(665,try_return) 7 
68975| Tlint -emacro(527,try_return) 7 
68976| 

68977| #define try_return(S) { S; goto try_exit; } 
68978| 

68979| #define 

| MylnterlockedRemoveEntryList(SpinLock,ListEntry) { \ 
68980| KIRQL_oldlrql_; 

|\ 

68981 1 pmAcquireSpinLock ( SpinLock, &_oldlrql_ ); 



I\ 

68982| RemoveEntryList(ListEntry); 

|\ 

68983| pmReleaseSpinl_ock( SpinLock, _oldlrql_ ); 

|\ 

68984| } 

68985| 

68986| 

68987| #define NOT REFERENCED(x) Tlint -esym(715,x) 7 
68988| 

68989| #ifdef DEBUG 

68990| #define MAX_BACK_LOG_FOR_DEBUG 26 
68991 1 #endif 
68992 | 
68993 1 

68994| void Debugl_ogThread( PVOID Context ); 
68995| 

68996| #if _WIN32_WINNT>=0x0500 
68997| 

68998| NTSTATUS 

68999 1 PSManAddDevice( 

69000| IN PDRIVER_OBJECT DriverObject, 

69001 1 IN PDEVICE_OBJECT Physical DeviceObject 

69002| ); 

69003| 

69004| WMIGUIDREGINFO PSManGuidList[]; 
69005| 

69006| #define PSManGuidCount (sizeof(PSManGuidList) / 

| sizeof (WMIGUIDREGINFO)) 
69007| 
69008| #else 

69009| #define loCopyCurrentlrpStackLocationToNext( I rp ) { \ 

6901 0| PIO_STACK_LOCATION irpSp; \ 

6901 1 1 PIO_STACK_LOCATION nextlrpSp; \ 

69012| irpSp = loGetCurrentlrpStackLocation( (Irp) ); \ 

69013| nextlrpSp = loGetNextlrpStackl_ocation( (Irp) ); \ 

69014| RtlCopyMemory( nextlrpSp, irpSp, 

| FIELD_OFFSET(IO_STACK_LOCATION, Completion Routine)) ; \ 
69015| nextlrpSp->Control = 0; } 
69016| 
69017| 

69018| #endif 
69019| 

69020| #define DN_MakePointer(Start, Offset) 

| ((PVOID)(((char*)(Start))+(Offset))) 
69021 1 #define DN_MakeOffset(Start, Offset) 

| ((ULONG)(((char*)(Offset))-((char*)(Start)))) 
69022 | 
69023 | 

69024| #define PSM_BOOT_STAGE 0 



69025| #define PSM_INIT_STAGE 1 
69026| #define PSM_NORMAL_STAGE 10 
69027| 

69028| #define max(a,b) ((a)>(b) ? (a) : (b)) 
69029| #define min(a,b) ((a)<(b) ? (a) : (b)) 
69030 1 

69031 1 #define INVALID_HANDLE_VALUE ((HANDLE)(-1)) 
69032 1 

69033| typedef USHORT WORD; 
69034| 

69035| extern ULONG gVDiskDoVirtuallO; 
69036| 

69037| extern GLOBALTYPE ULONG GlobalVersionMajor; 
69038| extern GLOBALTYPE ULONG GlobalVersionMinor; 
69039| extern GLOBALTYPE ULONG GlobalBuildNumber; 
69040 1 

69041| extern GLOBALTYPE PEPROCESS GlobalSystemProcessId; 
69042| 

69043| #define PSM_PRIVATE_DIR U'Persistent Storage Manager 
| State" 

69044| #define PSM_PRIVATE_DIR_SLASH PSM_PRIVATE_DIR L'W" 
69045| 

69046| typedef struct sPSM_GetPSMEventEntry { 
69047| pPSM_GetPSMEvent Event; 
69048| LIST_ENTRY ListEntry; 
69049| PIRP Irp; 

69050| } tPSM_GetPSMEventEntry,*pPSM_GetPSMEventEntry; 
69051 | 
69052 1 
69053 1 

69054| File Listing: SECURITY.cpp 
69055| 

69056| #include "precomp.h" 

69057| 

69058| r 

69059| Portions Copyright 2000 Mark Russinovich 

| www.sysinternals.com 
69060 1 

69061 1 > Mark, 

69062| > I want to use portions of secsys (from the 

| Information page, Device 
69063| > Object Security, Secdsrc.zip or link 
69064| > http://www.sysinternals.com/devsec.htm) 
69065| > in a driver i have written. 
69066| > 

69067| > More specifically i want to use the secsys. h header 

| file (list the 
69068| > definitions for the NT security APIs). 
69069| > I also want to use some functions from secsys.c. In 

| particular 



69070| > NTIRemoveWorldAce and its support functions. 
69071 1 > 

69072| > I couldn't find information on licensing on your web 

| page other than what 
69073| > appears to be directed to your utilites. I would 

| like to know if 
69074| > i can use 

69075| > the above mentioned code for inclusion in a 

| commercial product. I would 
69076| > retain your copyrights in the source code of course.. 
69077| > 
69078| 

69079| Yes, you have permission to include code from secsys in 

| your project free of 
69080| any licensing fees. 
69081 | 

69082| -Mark 
69083 1 

69084| Coauthor, "Inside Windows 2000, 3rd Ed." 
69085| Contributing Editor, "Windows 2000 Magazine" 
69086| Chief Software Architect, Winternals Software 
69087| 
69088| 7 
69089 1 

69090 1 // 



69091| // 

69092| //NTIDeleteAce 
69093| // 

69094| // The NT Kernel does not implement a DeleteAce 

| function so we 
69095| // have to create our own. 
69096| // 

69097| // 



69098| BOOLEAN NTIDeleteAce( PACL Acl, USHORT Acelndex ) 
69099| { 

69100| PACEJHEADER aceHeader; 
69101| WORD aceSize; 
69102| USHORT i; 
69103| 
69104| // 

691 05| // Sanity check: does the ACL contain at least 

| Acelndex ACEs? 
69106| // 

691 07| if( Acelndex > Acl->AceCount ) return FALSE; 
69108| 

691 09 1 aceHeader = (PACEJHEADER) ((PUCHAR) Acl + 

| sizeof(ACL)); 
691 1 0| for( i = 0; i < Acelndex; i++ ) { 



691 1 1 1 

69112| aceHeader = ( P AC E_H EA D E R) ((PUCHAR) aceHeader + 

| aceHeader- >AceSize); 
69113| } 
69114| 
69115| // 

691 1 6| // Now subtract the ace size from the header, and 
| shift 

691 1 7| II all aces to the right of this one over to fill the 

| hole 
69118| // 

69 1 1 9 1 aceSize = aceHeader- >AceSize; 
69120| 

691 21 1 RtlMoveMemory( aceHeader, ((PUCHAR) aceHeader + 
| aceSize), 

69122| Acl->AclSize - (((PUCHAR) aceHeader - (PUCHAR) 

| Acl) + aceSize)); 
69 1 23 1 Acl->AclSize -= aceSize ; 
69124| Acl->AceCount~; 
69125| return TRUE; 
69126| } 
69127| 
69128| 

69129| // 



69130| // 

69131| //NTIGetAce 
69132| // 

69133| // The NT Kernel does not implement a GetAce function 
| so we 

69134| // have to create our own. 
69135| // 

69136| // 



69137| P AC E_H E A D E R NTIGetAce( PACL Acl, USHORT Acelndex ) 
69138| { 

69139| PACEHEADER aceHeader; 
69140| USHORT i; 
69141| 
69142| // 

69143| // Sanity check: does the ACL contain at least 

| Acelndex ACEs? 
69144| // 

69145| if( Acelndex > Acl->AceCount ) return NULL; 
69146| 

69147| aceHeader = (PACE_HEADER) ((PUCHAR) Acl + 

| sizeof(ACL)); 
69148| for( i = 0; i < Acelndex; i++ ) { 
69149| 

691 50| aceHeader = (PACEJHEADER) ((PUCHAR) aceHeader + 



I aceHeader->AceSize); 
69151| } 
69152| 

691 53| return aceHeader; 

69154| } 

69155| 

69156| 

69157| // 

| 

69158| // 

69159| // NTIMakeAbsoluteSD 
69160| // 

691 61 1 // Takes a self-relative security descriptor and 

| returns an allocated 
69162| // absolute version. Caller is responsible for freeing 

| the allocated 
69163| // buffer on success. 
69164| // 

69165| // 



69166| NTSTATUS NTIMakeAbsoluteSD( PSECURITY_DESCRIPTOR 

| RelSecurity Descriptor, 
691 67| PSECURITY_DESCRIPTOR 

| *pAbsSecurityDescriptor ) 
69168| { 

69169| NTSTATUS status; 

69170| BOOLEAN DaclPresent, DaclDefaulted, 

| OwnerDefaulted, Group Defaulted; 
69171| PACL Dad; 
69172| PSID Owner, Group; 

69173| PSECURITY_DESCRIPTOR absSecurity Descriptor; 

69174| 

69175| // 

691 76| // Initialize buffer pointers 
69177| // 

691 78| absSecurityDescriptor = (PSECURITY_DESCRIPTOR) 

| ExAllocatePool( NonPagedPool, 1024 ); 
691 79| *pAbsSecurityDescriptor = absSecurityDescriptor; 
69180| 
69181| // 

69182| // Create an absolute-form security descriptor for 

| manipulation. 
69183| // The one on the security descriptor is in 

| self-relative form. 
69184| // 

69185| status = RtlCreateSecurityDescriptor( 

| absSecurityDescriptor, 
69186| SECURITY_DESCRIPTOR_REVISION ); 

69187| if( !NT_SUCCESS( status ) ) { 
69188| 



69189| DbgPrint(("Secsys: Unable to initialize security 

| descriptor^")); 
69190| goto cleanup; 
69191| } 
69192| 
69193| // 

691 94| // Locate the descriptor's DACL and apply the DACL 

| to the new 
691 95| // descriptor we're going to modify 
69196| // 

69197| status = RtlGetDaclSecurity Descriptor 

| RelSecurity Descriptor, 
69198| &DaclPresent, 
69199| &Dacl, 
69200| &DaclDefaulted ); 

69201 1 if( !NT_SUCCESS( status ) || IDaclPresent ) { 
69202 | 

69203| if( !NT_SUCCESS( status )) { 
69204| 

69205| Debug(DEBUG_INIT,("Secsys: Error obtaining 

| security descriptor's DACL: %x\n", status )); 
69206| 

69207| } else { 
69208| 

69209| Debug(DEBUG_INIT,("Secsys: Security descriptor 

| does not have a DACL\n" )); 
69210| } 
69211| 

69212| goto cleanup; 

69213| } 

69214| 

69215| status = RtlSetDaclSecurityDescriptor( 

| absSecurityDescriptor, 
69216| DaclPresent, 
69217| Dad, 
69218| DaclDefaulted ); 

69219| if( !NT_SUCCESS( status )) { 
69220| 

69221 1 Debug(DEBUG_INIT,("Secsys: Coult not set new 

| security descriptor DACL: %x\n", status )); 
69222 1 goto cleanup; 
69223 1 } 
69224| 
69225| // 

69226| // We would get and apply the SACL at this point, 

| but NT does not export 
69227| // the appropriate function, 

| RtlGetSaclSecurity Descriptor :-( 
69228| // 
69229| 



69230| // 

69231 1 // Get and apply the owner 
69232 1 // 

69233| status = RtlGetOwnerSecurityDescriptor( 

| RelSecurity Descriptor, 
69234| &Owner, 
69235| &OwnerDefaulted ); 

69236| if( !NT_SUCCESS( status )) { 
69237| 

69238| Debug(DEBUG_INIT,("Secsys: Could not security 

| descriptor owner: %x\n", Owner )); 
69239| goto cleanup; 
69240 1 } 
69241 | 

69242| status = RtlSetOwnerSecurityDescriptor( 

| absSecurityDescriptor, 
69243| Owner, 
69244| OwnerDefaulted ); 

69245| 

69246| if( !NT_SUCCESS( status )) { 
69247| 

69248| Debug(DEBUG_INIT,("Secsys: Could not set owner: 

| %x\n M , status )); 
69249| goto cleanup; 
69250 1 } 
69251 | 
69252 1 // 

69253 1 // Get and apply group 
69254| // 

69255| status = RtlGetGroupSecurityDescriptor( 

| RelSecurity Descriptor, 
69256| &Group, 
69257| &GroupDefaulted ); 

69258| if( !NT_SUCCESS( status )) { 
69259 1 

69260| Debug(DEBUG_INIT,("Secsys: Could not security 

| descriptor group: %x\n", Owner )); 
69261 1 goto cleanup; 
69262 1 } 
69263 1 

69264| status = RtlSetGroupSecurityDescriptor( 

| absSecurityDescriptor, 
69265| Group, 
69266| GroupDefaulted ); 

69267| 

69268| if( !NT_SUCCESS( status )) { 
69269 1 

69270| Debug(DEBUG_INIT,("Secsys: Could not set group: 

| %x\n M , status )); 
69271 1 goto cleanup; 



69272| } 
69273| 
69274| // 

69275| // Finally, make sure that what we made is valid 
69276| // 

69277| if( !RtlValidSecurityDescriptor( 

| absSecurityDescriptor )) { 
69278| 

69279| Debug(DEBUG_INIT,("Secsys: absolute descriptor not 
| valid !\n")); 

69280| status = STATUSJJNSUCCESSFUL; 
69281 | } 
69282 1 
69283 1 // 

69284 1 // Done! Return. 

69285| // 

69286| 

69287| cleanup: 
69288| 

69289| if( !NT_SUCCESS( status ) ) { 
69290 1 

69291 1 ExFreePool( absSecurityDescriptor ); 
69292 1 } 

69293| return status; 

69294| } 

69295| 

69296| 

69297| // 

I 

69298| // 

69299| // NTIRemoveWorldAce 
69300 1 // 

69301 1 // Scans the passed security descriptor's DACL, looking 
| for 

69302 1 // the World SID's ACE (its first because the of the 

| way device object 
69303| // security descriptors are created) and removes it. 
69304| // 

69305| // If successful, the original security descriptor is 

| deallocated 
69306| // and a new one is returned. 
69307| // 

69308| // 



69309| NTSTATUS NTIRemoveWorldAce( PSECURITY_DESCRIPTOR 

| SecurityDescriptor, 
69310| PSECURITY_DESCRIPTOR 

| *NewSecurityDescriptor ) 
6931 1 | { 

69312| PSECURITY_DESCRIPTOR absSecurityDescriptor; 



69313| PSECURITY_DESCRIPTOR relSecurity Descriptor; 

69314| PACEJHEADER aceHeader; 

69315| NTSTATUS status; 

69316| PACL Dad; 

69317| BOOLEAN DaclPresent, Dad Defaulted; 

69318| USHORT acelndex; 

69319| ULONG worldSidLength; 

69320| SID_IDENTIFIER_AUTHORITY worldSidAuthority = 

| SECURITY_WORLD_SID_AUTHORITY; 

69321 1 PULONG worldSidSubAuthority; 

69322 1 ULONG relLength; 

69323| PSID worldSid; 

69324| PSID aceSid; 
69325| 

69326| // 

69327| // First, get an absolute version of the 

| self-relative descriptor 

69328| // 

69329| relLength = RtlLengthSecurityDescriptor( 

| SecurityDescriptor ); 

69330| status = NTIMakeAbsoluteSD( SecurityDescriptor, 
69331 1 &absSecurity Descriptor ); 

69332| if( !NT_SUCCESS( status )) { 
69333 | 

69334 1 return status; 

69335| } 
69336| 

69337| // 

69338| // Pull the DACL out so that we can scan it 

69339 1 // 

69340 1 status = RtlGetDaclSecurity Descriptor 

| absSecurityDescriptor, 
69341 1 &DaclPresent, 
69342| &Dacl, 
69343| &DaclDefaulted ); 

69344| if( !NT_SUCCESS( status ) || IDaclPresent ) { 
69345| 

69346| Debug(DEBUG_INIT,("Secsys: strange - couldn't get 

| DACL from our absolute SD: %x\n", 
69347| status )); 

69348| ExFreePool( absSecurityDescriptor ); 
69349 1 return status; 

69350 1 } 
69351 | 

69352 1 // 

69353| // Initialize a SID that identifies the 

| world-authority so 

69354| // that we can recognize it in the ACL 

69355| // 

69356| worldSidLength = RtlLengthRequiredSid( 1 ); 



69357| worldSid = (PSID) ExAllocatePool( PagedPool, 

| worldSidLength ); 
69358| RtllnitializeSid( worldSid, &worldSidAuthority, 1 ); 
69359| worldSidSubAuthority = RtlSubAuthoritySid( worldSid, 

|0); 

69360| *worldSidSubAuthority = SECURITY_WORLD_RID; 
69361 1 
69362 1 // 

69363| // Now march through the ACEs looking for the World 

| ace. We could 
69364| // do one of two things: 
69365| // 

69366| // - remove the ACE 

69367| // - convert it into a grant-nothing ACE 

69368| // 

69369| // For demonstration purposes I'll remove the ACE. 
| In addition, 

69370| // this requires that I implement kernel-mode GetAce 

| and DeleteAce functions, 
69371 1 // since they are not implemented by the NT kernel. 
69372 1 // 

69373| Debug(DEBUG_INIT,("Secsys: %d ACEs in DACL\n", 

| Dacl->AceCount )); 
69374| 

69375| for( acelndex = 0; acelndex < Dacl->AceCount; 

| acelndex++ ) { 
69376| 

69377| aceHeader = NTIGetAce( Dad, acelndex ); 
69378| 

69379| Debug(DEBUG_INIT,(" ACE: type: %s mask: %x\n", 

69380| (aceHeader->AceType & ACCESS_DENIED_ACE_TYPE 

| ? "Deny" : "Allow"), 
69381 1 *(PULONG) ((PUCHAR) aceHeader + 

| sizeof(ACE_H EADER)))); 
69382 1 
69383 1 // 

69384| // Get the SID in this ACE and see if its the 

| WORLD (Everyone) SID 
69385| // 

69386| aceSid = (PSID) ((PUCHAR) aceHeader + 

| sizeof(ACE_H EADER) + sizeof(ULONG)); 
69387| if( RtlEqualSid( worldSid, aceSid )) { 
69388| 
69389| // 

69390| // We found it: remove it. 
69391| // 

69392| Debug(DEBUG_INIT,("Secsys: Deleting ace %d\n", 

| acelndex )); 
69393| NTIDeleteAce( Dad, acelndex ); 
69394| break; 



69395| } 
69396| } 
69397| 
69398| // 

69399| // Write new DACL back to security descriptor 
69400| // 

69401 1 status = RtlSetDaclSecurityDescriptor( 

| absSecurityDescriptor, 
69402| TRUE, 
69403| Dad, 
69404| FALSE ); 

69405| if( !NT_SUCCESS( status )) { 
69406| 

69407| Debug(DEBUG_INIT,("Secsys: Could not update SD 

| Dad: %x\n", status )); 
69408| goto cleanup; 
69409 1 } 
69410| 
6941 1 1 // 

6941 2 1 // Make sure its valid 
69413| // 

69414| if( !RtlValidSecurityDescriptor( 

| absSecurityDescriptor )) { 
69415| 

6941 6| Debug(DEBUG_INIT,("Secsys: SD after remove is 

| invalid!\n")); 
6941 7| status = STATUS_UNSUCCESSFUL; 
69418| goto cleanup; 
69419| } 
69420| 
69421 1 // 

69422| // Now convert the security descriptor back to 
69423 1 // self-relative 
69424| // 

69425| relSecurityDescriptor = ExAllocatePool( PagedPool, 

| relLength ); 
69426| status = RtlAbsoluteToSelfRelativeSD( 

| absSecurityDescriptor, 
69427| relSecurityDescriptor, SrelLength 

I); 

69428| if( !NT_SUCCESS( status )) { 
69429 1 

69430| Debug(DEBUG_INIT,("Could not convert absolute SD 

| to relative: %x\n", status )); 
69431 | } 
69432 | 
69433 1 // 

69434| // Final step, free the original security descriptor 

| and return the new one 
69435| // 



69436| ExFreePool( Security Descriptor ); 

69437| *NewSecurityDescriptor = relSecurityDescriptor; 

69438| 

69439| cleanup: 

69440| ExFreePool( worldSid ); 

69441 1 ExFreePool( absSecurityDescriptor ); 

69442 1 return status; 

69443 1 } 

69444| 

69445| 

69446| 

69447| File Listing: SECURITY.h 
69448| 

69449| //======================================== 

| ================ 

69450 1 // 

69451| // Secsys.h 
69452| // 

69453| // Copyright (C) 1998 Mark Russinovich 
69454| // 

69455| // Security-related definitions and APIs not included 
| in NTDDK.H. 

69456| // Note that only the definitions required for Secsys 

| are included 
69457| // here. 
69458| // 

69459| //======================================== 

| _„„___„ 

69460 1 
69461 1 /* 

69462| Portions Copyright 2000 Mark Russinovich 

| www.sysinternals.com 
69463 1 

69464| > Mark, 

69465| > I want to use portions of secsys (from the 

| Information page, Device 
69466| > Object Security, Secdsrc.zip or link 
69467| > http://www.sysinternals.com/devsec.htm) 
69468| > in a driver i have written. 
69469 1 > 

69470 1 > More specifically i want to use the secsys.h header 

| file (list the 
69471 1 > definitions for the NT security APIs). 
69472| > I also want to use some functions from secsys.c. In 

| particular 

69473| > NTIRemoveWorldAce and its support functions. 
69474| > 

69475| > I couldn't find information on licensing on your web 

| page other than what 
69476| > appears to be directed to your utilites. I would 



I like to know if 
69477| > i can use 

69478| > the above mentioned code for inclusion in a 

| commercial product. I would 
69479| > retain your copyrights in the source code of course.. 
69480| > 
69481 | 

69482| Yes, you have permission to include code from secsys in 

| your project free of 
69483 1 any licensing fees. 
69484| 

69485| -Mark 
69486| 

69487| Coauthor, "Inside Windows 2000, 3rd Ed." 
69488| Contributing Editor, "Windows 2000 Magazine" 
69489| Chief Software Architect, Winternals Software 
69490 1 
69491 | 7 
69492 1 
69493 1 
69494| // 

69495| // Types for Win32 header definition conversion 
69496| // 

69497| //typedef UCHAR BYTE; 
69498| //typedef ULONG DWORD; 
69499| //typedef USHORT WORD; 
69500 1 
69501 1 // 

69502| // Security definitions needed for SecSys 

69503 1 // 

69504| 

69505| typedef struct _ACE_HEADER { 
69506| BYTE AceType; 
69507| BYTE AceFlags; 
69508| WORD AceSize; 
69509| } ACE_HEADER; 

69510| typedef ACEJHEADER *PACE_HEADER; 
6951 1 1 
69512| // 

69513| // The following are the predefined ace types that go 

| into the AceType 
69514| // field of an Ace header. 
69515| // 
69516| 

6951 7| #define ACCESS_ALLOWED_ACE_TYPE (0x0) 
69518| #define ACC ESS_D EN I E D_AC E_TYP E (0x1) 
6951 9| #define SYSTEM AUDIT ACE TYPE (0x2) 
69520| #define SYSTEM_ALARM_ACE_TYPE (0x3) 
69521 | 
69522 1 



69523 
69524 
69525 
69526 
69527 
69528 
69529 
69530 
69531 
69532 
69533 
69534 
69535 
69536 
69537 
69538 
69539 
69540 
69541 
69542 
69543 
69544 
69545 
69546 
69547 
69548 
69549 
69550 
69551 
69552 
69553 
69554 
69555 
69556 
69557 
69558 
69559 
69560 
69561 
69562 
69563 
69564 
69565 
69566 
69567 
69568 
69569 
69570 
69571 
69572 



typedef struct _SID_IDENTIFIER_AUTHORITY { 
BYTE Value[6]; 

} SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY; 

#define SECURITY_WORLD_SID_AUTHORITY {0,0,0,0,0,1} 
#define SECURITY_WORLD_RID (OxOOOOOOOOL) 

#if 0 // in NTDDK.H 

// Win32: InitializeSecurityDescriptor 

NTSTATUS 

NTAPI 

Rtl C reateSecu rity Descripto r( 
PS ECU RITY_D ESC Rl PTOR Secu rityDescriptor, 
ULONG Revision 

); 

// Win32: IsValidSecurityDescriptor 

BOOLEAN 

NTAPI 

RtlValidSecurityDescriptor( 

PSECURITY_DESCRIPTOR SecurityDescriptor 

); 

// Win32: GetSecurityDescriptorLength 

ULONG 

NTAPI 

Rtl Lengt hSecu rity Descri pto r( 
PS ECU RITY_D ESC Rl PTOR Secu rityDescriptor 

); 

// Win32: SetSecurityDescriptorDacI 

NTSTATUS 

NTAPI 

RtlSetDaclSecurityDescriptor( 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
BOOLEAN Dad Present, 
PACL Dad, 

BOOLEAN Dad Defaulted 

); 

#endif // in NTDDK.H 

// Win32: GetSecurityDescriptorDacI 

NTSTATUS 

NTAPI 

RtlGetDaclSecu rity Descriptor 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
PBOOLEAN DaclPresent, 
PACL *Dacl, 



69573 
69574 
69575 
69576 
69577 
69578 



| RtlGetSaclSecurityDescriptor! 



69579 
69580 
69581 
69582 
69583 
69584 
69585 
69586 
69587 
69588 
69589 
69590 
69591 
69592 
69593 
69594 
69595 
69596 
69597 
69598 
69599 
69600 
69601 
69602 
69603 
69604 
69605 
69606 
69607 
69608 
69609 
69610 
69611 
69612 
69613 
69614 
69615 
69616 
69617 
69618 
69619 
69620 
69621 



PBOOLEAN Dad Defaulted 

); 

// Win32: SetSecurityDescriptorSacI 

// 

// NOTE: NT does not export 



NTSTATUS 
NTAPI 

RtlSetSaclSecurityDescriptor( 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
BOOLEAN SaclPresent, 
PACL Sad, 

BOOLEAN SaclDefaulted 

); 

// Win32: SetSecurityDescriptorOwner 

NTSTATUS 

NTAPI 

RtlSetOwnerSecurityDescriptor( 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
PSID Owner, 

BOOLEAN OwnerDefaulted 

); 

// Win32: GetSecurityDescriptorOwner 

NTSTATUS 

NTAPI 

RtlGetOwnerSecurity Descriptor 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
PSID *Owner, 

PBOOLEAN OwnerDefaulted 

); 

// Win32: SetSecurityDescriptorGroup 

NTSTATUS 

NTAPI 

Rtl SetG roupSecu rity Descri pto r( 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
PSID Group, 

BOOLEAN GroupDefaulted 

); 

// Win32: GetSecurityDescriptorGroup 

NTSTATUS 

NTAPI 

RtlGetGroupSecu rity Descriptor 

PSECURITY_DESCRIPTOR SecurityDescriptor, 
PSID *Group, 

PBOOLEAN GroupDefaulted 
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); 



// Win32: GetSidLengthRequired 

ULONG 

NTAPI 

Rtll_engthRequiredSid( 

UCHAR SubAuthorityCount 

); 



// Win32: InitializeSid 

NTSTATUS 

NTAPI 

RtllnitializeSid( 
PSID Sid, 

PSID IDENTIFIER AUTHORITY pldentifierAuthority, 
UCHAR nSubAuthorityCount 

); 



// Win32: GetSidSubAuthority 

PULONG 

NTAPI 

RtlSubAuthoritySid( 
PSID pSid, 

ULONG nSubAuthority 

); 



// Win32: IsEqualSid 
BOOLEAN 
NTAPI 
RtlEqualSid( 

PSID Sid1, 

PSID Sid2 

); 



// Win32: MakeSelfRelativeSD 

NTSTATUS 

NTAPI 

RtlAbsoluteToSelfRelativeSD( 

PSECURITY_DESCRIPTOR AbsoluteSecurityDescriptor, 
PSECURITY DESCRIPTOR 



| SelfRelativeSecurityDescriptor, 



PULONG Buffer-Length 

); 



69671 1 
69672 1 
69673 1 

69674| NTSTATUS NTI Remove WorldAce( PSECURITY_DESCRIPTOR 

| SecurityDescriptor, 
69675| PSECURITY_DESCRIPTOR 

| *NewSecu rity Descriptor ); 
69676| 
69677| 
69678| 

69679| File Listing: sfilter.cpp 
69680 1 

69681 1 #define DO_FILE_SYSTEM_FILTER 1 
69682| #include "precomp.h" 
69683 1 

69684| #if DO_FILE_SYSTEM_FILTER 
69685| 

69686| #define FSCTL_REQUEST_OPLOCK_LEVEL_1 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 0, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69687| #define FSCTL_REQUEST_OPLOCK_LEVEL_2 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 1, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69688| #define FSCTL_REQUEST_BATCH_OPLOCK 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 2, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69689| #define FSCTL_OPLOCK_BREAK_ACKNOWLEDGE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 3, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69690| #define FSCTL_OPBATCH_ACK_CLOSE_PENDING 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 4, METHOD_BUFFERED, 

| FILE ANY ACCESS) 
69691 1 #define FSCTL_OPLOCK_BREAK_NOTIFY 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 5, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69692| #define FSCTL_LOCK_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 6, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69693| #define FSCTL_UNLOCK_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 7, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69694| #define FSCTL_DISMOUNT_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 8, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69695| // decommissioned fsctl value 

|9 

69696| #define FSCTL_IS_VOLUME_MOUNTED 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 10, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69697| #define FSCTL_IS_PATHNAME_VALID 



I CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 11, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) // PATHNAME_BUFFER, 
69698| #define FSCTL_M A RK_VOLU M E_D I RTY 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 12, METHODBUFFERED, 

| FILE_ANY_ACCESS) 
69699| // decommissioned fsctl value 

I 13 

69700| #define FSCTL_QUERY_RETRIEVAL_POINTERS 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 14, METHOD N EITHER, 

| FILE_ANY_ACCESS) 
69701 1 #define FSCTL_GET_COMPRESSION 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 15, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69702| #define FSCTL_SET_COMPRESSION 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 16, METHOD_BUFFERED, 

| FILE_READ_DATA | FILE_WRITE_DATA) 
69703| // decommissioned fsctl value 

I 17 

69704| // decommissioned fsctl value 
I 18 

69705| #define FSCTL_MARK_AS_SYSTEM_HIVE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 19, METHOD N EITHER, 

| FILE_ANY_ACCESS) 
69706| #define FSCTL_OPLOCK_BREAK_ACK_NO_2 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 20, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69707| #define FSCTL INVALIDATE VOLUMES 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 21, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69708| #define FSCTL_QUERY_FAT_BPB 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 22, METHOD_BUFFERED, 

| FILEANYACCESS) // FSCTL QU E RY FAT B PB BU F FE R 
69709| #define FSCTL_REQUEST_FILTER_OPLOCK 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 23, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
6971 0| #define FSCTL_FILESYSTEM_GET_STATISTICS 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 24, METHOD BUFFERED, 

| FILE_ANY_ACCESS) // F I L ES YSTE M_STATI STI CS 
6971 1 1 #if(_WIN32_WINNT >= 0x0400) 
69712| #define FSCTL_GET_NTFS_VOLUME_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 25, METHOD_BUFFERED, 

| FILE ANY ACCESS) // NTFS_VOLUME_DATA_BUFFER 
69713| #define FSCTL_GET_NTFS_FILE_RECORD 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 26, METHOD_BUFFERED, 

| FILE ANY ACCESS) // NTFS_FILE_RECORD_INPUT_BUFFER, 

| NTFS_FILE_RECORD_OUTPUT_BUFFER 
69714| #define FSCTL G ET VO LU M E_B ITM A P 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 27, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // STARTING_LCN_INPUT_BUFFER, 

| VOLUME_BITMAP_BUFFER 



69715| #define FSCTL_GET_RETRIEVAL_POINTERS 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 28, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // STARTING_VCN_INPUT_BUFFER, 

| RETRIEVAL_POINTERS_BUFFER 
69716| #define FSCTL_MOVE_FILE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 29, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) // MOVE_FILE_DATA, 
69717| #define FSCTL_IS_VOLUME_DIRTY 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 30, METHODBUFFERED, 

| FILE_ANY_ACCESS) 
69718| #define FSCTL_G ET_H FS_I N FORMATION 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69719| #define FSCTL_ALLOW_EXTENDED_DASD_IO 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 32, METHOD_N EITHER, 

| FILE_ANY_ACCESS) 
69720| #endif /* _WIN32_WINNT >= 0x0400 7 
69721| 

69722| #if(_WIN32_WINNT >= 0x0500) 

69723| #define FSCTL_READ_PROPERTY_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, 

| FILE ANY ACCESS) 
69724| #define FSCTL_WRITE_PROPERTY_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_N EITHER, 

| FILE_ANY_ACCESS) 
69725| #define FSCTL_FIND_FILES_BY_SID 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 35, METHOD NEITHER, 

| FILE_ANY_ACCESS) 
69726| // decommissioned fsctl value 

| 36 

69727| #define FSCTL_DUMP_PROPERTY_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD N EITHER, 

| FILE_ANY_ACCESS) 
69728| #define FSCTL_SET_OBJECT_ID 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 38, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) // FILE_OBJECTID_BUFFER 
69729| #define FSCTL G ET OB J ECT I D 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 39, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) // FILE_OBJECTID_BUFFER 
69730| #define FSCTL_DELETE_OBJECT_ID 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 40, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) 
69731 1 #define FSCTL_SET_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 41, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) // REPARSE DATA BUFFER, 
69732| #define FSCTL_GET_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 42, METHOD BUFFERED, 

| FILE_ANY_ACCESS) // REPARSE_DATA_BUFFER 
69733| #define FSCTL_DELETE_REPARSE_POINT 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 43, METHOD_BUFFERED, 



I FILE_SPECIAL_ACCESS) // REPARSE_DATA_BUFFER, 
69734| #define FS CT L_E N U M_U S N_D ATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 44, METHOD_N EITHER, 

| FILE ANY ACCESS) // MFTENUMDATA, 
69735| #define FSCTL_SECURITY_ID_CHECK 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 45, METHODJM EITHER, 

| F I L E_R E A D_D ATA) // BULK_SECURITY_TEST_DATA, 
69736| #define FSCTL_READ_USN_JOURNAL 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 46, METHODJM EITHER, 

| FILE_ANY_ACCESS) // READ_USN_JOURNAL_DATA, USN 
69737| #define FSCTL_S ET_OB J ECT_I D_EXTE N D E D 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 47, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) 
69738| #define FSCTL_CREATE_OR_GET_OBJECT_ID 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 48, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) // FILE_OBJECTID_BUFFER 
69739| #define FSCTL_SET_SPARSE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 49, METHOD_BUFFERED, 

| FILE_SPECIAL_ACCESS) 
69740| #define FSCTL_SET_ZERO_DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 50, METHOD_BUFFERED, 

| FILE_WRITE_DATA) // FILE_ZERO_DATA_IN FORMATION, 
69741 1 #define FSCTL_QUERY_ALLOCATED_RANGES 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 51, METHOD N EITHER, 

| F I L E_R E A D_D ATA) // FILE_ALLOCATED_RANGE_BUFFER, 

| FILE_ALLOCATED_RANGE_BUFFER 
69742| #define FSCTL ENABLE U PG RADE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 52, METHOD_BUFFERED, 

| FILE_WRITE_DATA) 
69743| #define FSCTL_SET_ENCRYPTION 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 53, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // ENCRYPTION BUFFER, 

| DECRYPTION_STATUS_BUFFER 
69744| #define FSCTL_ENCRYPTION_FSCTL_IO 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 54, METHOD_N EITHER, 

| FILE_ANY_ACCESS) 
69745| #define FSCTL WRITE RAW ENCRYPTED 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 55, METHOD_NEITHER, 

| FILE_SPECIAL_ACCESS) // ENCRYPTED_DATA_INFO, 
69746| #define FSCTL_READ_RAW_ENCRYPTED 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 56, METHOD_N EITHER, 

| FILE_SPECIAL_ACCESS) // REQUESTRAWENCRYPTEDJDATA, 

| ENCRYPTED_DATA_INFO 
69747| #define FSCTL_CREATE_USN_JOURNAL 

| CTL CODE(FILE_DEVICE_FILE_SYSTEM, 57, METHOD N EITHER, 

| FILE_ANY_ACCESS) // CREATE_USN_JOURNAL_DATA, 
69748| #define FSCTL READ FILE USN DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 58, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // Read the Usn Record for a file 
69749| #define FSCTL_WRITE_USN_CLOSE_RECORD 



I CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 59, METHOD_N EITHER, 

| FILE_ANY_ACCESS) // Generate Close Usn Record 
69750| #define FSCTL_EXTEND_VOLUME 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 60, METHODBUFFERED, 

| FILE_ANY_ACCESS) 
69751 1 #define FSCTL_QUERY_USN_JOURNAL 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 61, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69752| #define FSCTL DELETE USN JOU RNAL 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 62, METHOD_BUFFERED, 

| FILE_ANY_ACCESS) 
69753| #define FSCTL_MARK_HANDLE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 63, METHOD_BUFFERED, 

| FILEANYACCESS) 
69754| #define FSCTL_SIS_COPYFILE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 64, METHOD_BUFFERED, 

| FILE ANY ACCESS) 
69755| #define FSCTL_SIS_LINK_FILES 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 65, METHOD BUFFERED, 

| F I L E_R E A D_D ATA | F I L E_W R I T E_D ATA) 
69756| #define FSCTL_HSM_MSG 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, 

| F I L E_R E A D_D ATA | FILE_WRITE_DATA) 
69757| #define FSCTL_NSS_CONTROL 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, 

| FILE_WRITE_DATA) 
69758| #define FSCTL HSM DATA 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, 

| FILE_READ_DATA | FILE_WRITE_DATA) 
69759| #define FSCTL_RECALL_FILE 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 69, METHODJM EITHER, 

| FILE_ANY_ACCESS) 
69760| #define FSCTL_NSS_RCONTROL 

| CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, 

| FILE_READ_DATA) 
69761 1 #endif /* _WIN32_WINNT >= 0x0500 7 
69762| #endif 
69763 1 
69764| 
69765| // 

69766| // Global storage for this file system filter driver. 

69767| // 

69768| 

69769| LIST_ENTRY FsDeviceQueue; 
69770| ERESOURCE FsLock; 
69771 | 

69772| LISTENTRY 

| OpenSnapShotFiles={&OpenSnapShotFiles,&OpenSnapShotFiles 

IJ; 

69773| LIST ENTRY PSMFiles={&PSMFiles,&PSMFiles}; 



69774| KSPIN_LOCK ReadOnlySpinLock={0}; 
69775| ULONG NewFileWritesAllowed=0; 
69776| 

69777| char *File_GetFSCTLFunctionName( ULONG Minor, ULONG 

| FsCtl ); 
69778| 
69779| 
69780| 

69781| BOOLEAN lsFileNameOneOfOurs( PUNICODE_STRING FileName ) 
69782| { 

69783| // FileName = ^Persistent Storage Manager 

| State\69a769a7007e000000000000.diff.psm" 
69784| // we will return back true for any files in our 

| directory 

69785| WCHAR *p=PSM_PRIVATE_DIR_SLASH; 

69786| ULONG Size = wcslen(p); 

69787| if(Size<=FileName->Length) { 

69788| if(_wcsnicmp(FileName->Buffer+1,p,Size)==0) { 

69789 1 return TRUE; 

69790 1 } else { 

69791 1 return FALSE; 

69792 1 } 

69793 1 } else { 

69794| return FALSE; 

69795| } 

69796| } 

69797| 

69798| BOOLEAN lsFileNameClusterFile( PUNICODE_STRING FileName 
I) 

69799| { 

69800 1 // FileName = "\zCluster" 
69801 1 // we will return back true if the special cluster 
| file 

69802| WCHAR *p=L"zClusterOnlineChk.tmp"; 

69803| ULONG Size = wcslen(p); 

69804| if(Size<=FileName->Length) { 

69805| if(_wcsnicmp(FileName->Buffer+1,p,Size)==0) { 

69806| return TRUE; 

69807| } else { 

69808| return FALSE; 

69809 1 } 

69810| }else{ 

6981 1 1 return FALSE; 

69812| } 

69813| } 

69814| 

69815| BOOLEAN lsFileNameRootDir( PUNICODE_STRING FileName) 
69816| { 

69817| WCHAR *p=L"\\"; 
69818| ULONG Size = wcslen(p); 



69819| if(Size<=FileName->Length) { 

69820| if(_wcsicmp(FileName->Buffer,p)==0) { 



69824| } 

69825| } else { 

69826| return FALSE; 

69827| } 

69828| } 

69829| 

69830| 

69831| 

69832| NTSTATUS 
69833| FilterDriverEntry( 

69834| IN PDRIVER_OBJECT DriverObject, 

69835| IN PUNICODE_STRING RegistryPath 

69836| ) 

69837| 

69838| /*++ 

69839| 

69840| Routine Description: 
69841 | 

69842| This is the initialization routine for the general 

| purpose file system 
69843| filter driver. This routine creates the device 

| object that represents this 
69844| driver in the system and registers it for watching 

| all file systems that 
69845| register or unregister themselves as active file 

| systems. 
69846| 

69847 1 Arguments: 
69848| 

69849| DriverObject - Pointer to driver object created by 

| the system. 
69850 1 

69851 1 Return Value: 
69852 1 

69853| The function value is the final status from the 

| initialization operation. 
69854| 
69855| -7 
69856| 
69857| { 

69858| #if DO_FILE_SYSTEM_FILTER 
69859| UNICODE_STRING nameString; 
69860| PDEVICE_OBJECT deviceObject; 
69861 1 PFILE_OBJECT fileObject; 
69862| NTSTATUS status; 



69821| 
69822| 
69823| 



return TRUE; 
} else { 

return FALSE; 



69863| PFAST_IO_DISPATCH fastloDispatch; 
69864| ULONG i; 

69865| PFS_OBJECT_EXTENSION deviceExtension; 

69866| 

69867| 

| Reg_GetULONGKey(RegistryPath,L"FileSysFilter",1 ,&i); 
69868| 

69869| // told not to install the file system filter 
69870| if ( i==0 ) { 

69871 1 return STATUS_SUCCESS; 
69872 1 } 
69873 1 

69874| Debug(DEBUG_SFILTER,("SFILTER: Creating FileSystem 

| Objecf\n")); 
69875| 
69876| // 

69877| // Create the device object. 
69878| // 
69879 1 

69880| RtllnitUnicodeString( &nameString, 

| L"\\FileSystem\\PSMFSFil" ); 
69881 1 #ifdef DEBUG_EXTENSION 

69882| ULONG SizeOfDeviceExt = sizeof(DEVICE_EXTENSION); 
69883 1 #else 

69884| ULONG SizeOfDeviceExt = sizeof( FS_OBJECT_EXTENSION 

I); 

69885| #endif 
69886| 

69887| status = loCreateDevice( 
69888| DriverObject, 
69889| SizeOfDeviceExt, 
69890| SnameString, 
69891 | 

| FILE_DEVICE_DISK_FILE_SYSTEM, 
69892| 0, 
69893| FALSE, 
69894| SdeviceObject 
69895| ); 
69896| if ( !NT_SUCCESS( status ) ) { 

69897| Debug(DEBUG_SFILTER,("SFILTER: Error creating 

| FileSystem Object, error: %08x\n", status )); 
69898| return status; 
69899 1 } 
69900 1 
69901 1 // 

69902| // Initialize the driver object with this device 

| driver's entry points. 
69903 1 // 
69904| 

69905| // only do FS specific ones 



69906| 

| DriverObject->MajorFunction[IRP_MJ_FILE_SYSTEM_CONTROL] 
| = SfFsControl; 
69907| 

| DriverObject->MajorFunction[IRP_MJ_QUERY_INFORMATION] = 

| SfFsQuery Information; 
69908| DriverObject->MajorFunction[IRP_MJ_SET_INFORMATION] 

| = SfFsSetlnformation; 
69909| 

| DriverObject->MajorFunction[IRP_MJ_DIRECTORY_CONTROL] = 

| SfFsDirectoryControl; 
69910| 
6991 1 1 #if 0 

69912| [00] IRP_MJ_CREATE bfe43e90 

| psman5!PSManCreate 
69913| [01] IRP_MJ_CREATE_NAMED_PIPE bfe902c5 

| psman5!PSManFSPassThru 
69914| [02] IRP_MJ_CLOSE bfe43840 

| psman5!PSManClose 
69915| [03] IRP_MJ_READ bfe86ae0 

| psman5!PSManRead 
69916| [04] IRP_MJ_WRITE bfe9efb0 

| psman5!PSManWrite 
69917| [05] IRP_MJ_QUERY_INFORMATION bfe96280 

| psman5!SfFsQuerylnformation 
69918| [06] IRP_MJ_SET_INFORMATION bfe967c3 

| psman5!SfFsSetlnformation 
69919| [07] I R P_M J_Q U E R Y_E A bfe902c5 

| psman5!PSManFSPassThru 
69920| [08] IRP_MJ_SET_EA bfe902c5 

| psman5!PSManFSPassThru 
69921 1 [09] IRP_MJ_FLUSH_BUFFERS bfe6b0d0 

| psman5!PSManFlush 
69922| [0a] IRP_MJ_QUERY_VOLUME_INFORMATION bfe902c5 

| psman5!PSManFSPassThru 
69923| [0b] IRP_MJ_SET_VOLUME_INFORMATION bfe902c5 

| psman5!PSManFSPassThru 
69924| [0c] IRP_MJ_DIRECTORY_CONTROL bfe96ba0 

| psman5!SfFsDirectoryControl 
69925| [Od] IRP_MJ_FILE_SYSTEM_CONTROL bfe916fd 

| psman5! SfFsControl 
69926| [Oe] IRP_MJ_DEVICE_CONTROL bfe51 60a 

| psman5!PSManDeviceControl 
69927| [Of] IRP_MJ_INTERNAL_DEVICE_CONTROL bfe902c5 

| psman5!PSManFSPassThru 
69928| [1 0] IRP_MJ_SHUTDOWN bfe97dbc 

| psman5!PSManShutdown 
69929 1 [11] IRP_MJ_LOCK_CONTROL bfe902c5 

| psman5!PSManFSPassThru 
69930| [12] IRP_MJ_CLEANUP bfe432d0 



I psman5!PSManCleanup 
69931 1 [1 3] IRP_MJ_CREATE_MAILSLOT bfe902c5 

| psman5!PSManFSPassThru 
69932| [14] IRP_MJ_QUERY_SECURITY bfe902c5 

| psman5!PSManFSPassThru 
69933| [15] IRP_MJ_SET_SECURITY bfe902c5 

| psman5!PSManFSPassThru 
69934| [1 6] IRP_MJ_POWER bfe84a60 

| psman5! PS Man Power 
69935| [1 7] IRP_MJ_SYSTEM_CONTROL bfe902c5 

| psman5!PSManFSPassThru 
69936| [18] IRP_MJ_DEVICE_CHANGE bfe902c5 

| psman5!PSManFSPassThru 
69937| [1 9] IRP_MJ_QUERY_QUOTA bfe902c5 

| psman5!PSManFSPassThru 
69938| [1 a] IRP_MJ_SET_QUOTA bfe902c5 

| psman5!PSManFSPassThru 
69939| [1 b] IRP_MJ_PNP bfe83280 

| psman5!PSManPnp 
69940 1 #endif 
69941 | 
69942 1 
69943 1 // 

69944| // Allocate fast I/O data structure and fill it in. 

69945| // 

69946| 

69947| fastlo Dispatch = 

| (PFAST_IO_DISPATCH)MemAllocatePoolWithTag( 
| NonPagedPool, sizeof( FAST_IO_D IS PATCH 
| ) , P S M_D I S P ATC H_TA B L E_TAG ); 

69948| if ( Ifastlo Dispatch ) { 

69949| Debug(DEBUG_SFILTER,("SFILTER: Out of memory 

| for Dispatch table\n")); 
69950| loDeleteDevice( deviceObject ); 
69951 1 return STATUSJNSUFFICIENT_RESOURCES; 
69952 1 } 
69953 1 

69954| RtlZeroMemory( fastlo Dispatch, sizeof( 

| FAST_IO_DISPATCH ) ); 
69955| fastloDispatch->SizeOfFastloDispatch = sizeof( 

| FAST_IO_DISPATCH ); 
69956| fastloDispatch->FastloChecklfPossible = 

| SfFastloChecklfPossible; 
69957| fastloDispatch->FastloRead = SfFastloRead; 
69958| fastlo Dispatch->Fastlo Write = Sf Fastlo Write; 
69959| fastloDispatch->FastloQueryBasiclnfo = 

| SfFastloQueryBasiclnfo; 
69960| fastloDispatch->FastloQueryStandardlnfo = 

| SfFastloQueryStandardlnfo; 
69961 1 fastloDispatch->FastloLock = Sf Fastlo Lock; 



69962| fastloDispatch->FastloUnlockSingle = 

| SfFastloUnlockSingle; 
69963| fastloDispatch->FastloUnlockAII = 

| SfFastloUnlockAII; 
69964| fastloDispatch->FastloUnlockAIIByKey = 

| SfFastloUnlockAIIByKey; 
69965| fastloDispatch->FastloDeviceControl = 

| SfFastloDeviceControl; 
69966| fastloDispatch->FastloDetachDevice = 

| SfFastloDetachDevice; 
69967| fastloDispatch->FastloQueryNetworkOpenlnfo = 

| SfFastloQueryNetworkOpenlnfo; 
69968| fastloDispatch->MdlRead = SfFastloMdlRead; 
69969| fastloDispatch->MdlReadComplete = 

| SfFastloMdIReadComplete; 
69970| fastloDispatch->PrepareMdlWrite = 

| SfFastloPrepareMdIWrite; 
69971 1 fastloDispatch->MdlWriteComplete = 

| SfFastloMdlWriteComplete; 
69972 1 fastloDispatch->FastloReadCompressed = 

| SfFastloReadCompressed; 
69973| fastloDispatch->FastloWriteCompressed = 

| SfFastloWriteCompressed; 
69974| fastloDispatch->MdlReadCompleteCompressed = 

| SfFastloMdIReadCompleteCompressed; 
69975| fastloDispatch->MdlWriteCompleteCompressed = 

| SfFastloMdIWriteCompleteCompressed; 
69976| fastloDispatch->FastloQueryOpen = 

| SfFastloQueryOpen; 
69977| 

69978 1 // no way to get the device object so we can send 
| it down. 

69979| // The filter drivers i am looking at dont filter 

| this, or do it wrong. 
69980| // fastloDispatch->AcquireFileForNtCreateSection = 

| SfFastloAcquireFileForNtCreateSection; 
69981 1 // fastloDispatch->ReleaseFileForNtCreateSection = 

| SfFastloReleaseFileForNtCreateSection; 
69982 1 f ast lo Dispatch->Acqu i re ForMod Write 

| SfFastloAcquireForModWrite; 
69983| fastloDispatch->ReleaseForModWrite 

| SfFastloReleaseForModWrite; 
69984| fastloDispatch->AcquireForCcFlush 

| SfFastloAcquireForCcFlush; 
69985| fastloDispatch->ReleaseForCcFlush 

| SfFastloReleaseForCcFlush; 
69986| 

69987| KelnitializeSpinLock(&ReadOnlySpinLock); 
69988| lnitializeListHead(&OpenSnapShotFiles); 
69989| 



69990| // 

69991 1 // Note that there is no safe way to filter 

| AcquireFileForNtCreateSecton 
69992| // and ReleaseFileForNtCreateSection. 
69993 1 // 
69994| 

69995| DriverObject->Fastlo Dispatch = fastloDispatch; 

69996| 

69997| // 

69998| // Initialize global data structures. 

69999 1 // 

70000| 

70001 1 lnitializel_istHead( &FsDeviceQueue ); 
70002| ExlnitializeResource( &FsLock ); 
70003| 
70004| // 

70005| // Register this driver for watching file systems 

| coming and going. 
70006| // 
70007| 

70008| status = loRegisterFsRegistrationChange( 

| DriverObject, SfFsNotification ); 
70009| if ( !NT_SUCCESS( status ) ) { 
7001 0| Debug(DEBUG_SFILTER,( "SFILTER: Error 

| registering FS change notification, error: %08x\n M , 

| status )); 

7001 1 1 Ex Delete Resource( &FsLock ); 

70012| loDeleteDevice( deviceObject ); 

70013| return status; 

70014| } 

70015| 

70016| // 

7001 7| // Indicate that the type for this device object is 

| a primary, not a filter 
7001 8| // device object so that it doesn't accidentally 

| get used to call a file 
70019| //system. 
70020| // 
70021| 

70022| #ifdef DEBUG_EXTENSION 
70023| 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Ob 
| jectType = OBJECT_FS_OBJECT; 
70024| 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Re 
| alDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,FS_OBJECT_EXTENSION 
| SIZE,DEVEXTTAG); 
70025| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(deviceObject->DeviceE 



I xtension))->RealDeviceExtension,FS_OBJECT_EXTENSION_SIZE 

I); 

70026| #endif 
70027| 

70028| device Extension = 

| (PFS_OBJECT_EXTENSION)GetDeviceExtension(deviceObject); 
70029| deviceExtension->DeviceObject = deviceObject; 
70030| deviceExtension->DriverObject = DriverObject; 
70031 1 device Extension->ObjectType = OBJECT_FS_OBJECT; 
70032 | 
70033 1 // 

70034| // Attempt to open the RAW device object since this 

| driver has already 
70035| // been started by system initialization and will 

| not make it through 
70036| // the normal file system notification procedures 

| otherwise. 
70037| // 
70038| 

70039| RtllnitUnicodeString( &nameString, 

| U'WDeviceWRawDisk" ); 
70040| status = loGetDeviceObjectPointer( 
70041 1 &nameString, 



70046| 

70047| if ( NT_SUCCESS( status ) ) { 

70048| Debug(DEBUG_SFILTER,("SFILTER: Attaching to RAW 

| FileSystem\n")); 
70049 1 SfFsNotification( deviceObject, TRUE ); 
70050| ObDereferenceObject( fileObject ); 
70051 1 } 
70052| #endif 

70053| return STATUS_SUCCESS; 

70054| } 

70055| 

70056| /* 



70057| NTSTATUS 

70058| PSManFSPassThru( 

70059| IN PDEVICE_OBJECT DeviceObject, 

70060| IN PIRP Irp 

70061 1 ) 

70062| 

70063| /*++ 

70064| 

70065| Routine Description: 



70042 1 

| FILE_READ_ATTRIBUTES, 



70043 1 
70044| 



&fileObject, 
&deviceObject 



70045| ); 



70066| Passthru function that doesnt generate an 

| outstanding requests., use 
70067| this function instead of PSMPassThru to prevent 

| miscounts. 
70068| 

70069| Arguments: 
70070| 

70071 1 DeviceObject 
70072 1 Irp 
70073 1 

70074| Return Value: 
70075| 

70076| NTSTATUS 

70077| 

70078| ~7 

70079 1 

70080 1 { 

70081 1 if ( 

| (PsmGetObjectType(DeviceObject)!=OBJECT_FS_FILTER) && 
| (PsmGetObjectType(DeviceObject)!=OBJECT_FILTEREDDISK) ) 
|{ 

70082| Debug(DEBUG_PASSTHRU | DEBUG_ERROR, ("Error! 

| Device is not filter device, Failing requesfAn")); 
70083 1 

70084| lrp->loStatus. Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
70085| lrp->loStatus. Information = 0; 
70086| loCompleteRequest(lrp, IO_NO_INCREMENT); 
70087| return STATUS_INVALID_DEVICE_REQUEST; 
70088| } 
70089 1 

70090| loSkipCurrentlrpStackLocation( Irp ); 
70091 | 
70092 1 if ( 

| PsmGetObjectType(DeviceObject)==OBJECT_FILTEREDDISK ) { 
70093 1 return 

| loCallDriver(((PFILTERED_EXTENSION)GetDeviceExtension(De 

| viceObject))->TargetDeviceObject, Irp); 
70094| } else { 
70095| return 

| loCallDriver(((PFS_FILTER_EXTENSION)GetDeviceExtension(D 

| eviceObject))->TargetDeviceObject, Irp); 
70096| } 

70097| } // end PSManFSPassThru() 

70098| 

70099 1 

70100| BOOLEAN FilelsOpenOnSnapShot ( PFILE_OBJECT FileObject, 

| BOOLEAN Remove ) 
70101| { 

70102| KIRQL oldlrql; 



701 03 1 PLIST_ENTRY ListEntry; 

701 04| tOpenSnapShotFiles *p; 

70105| BOOLEAN Found=0; 
70106| 

70107| pmAcquireSpinLock(&ReadOnlySpinLock,&oldlrql); 

701 08| ListEntry = OpenSnapShotFiles.Flink; 

70109| 

701 1 0| while ( ListEntry !=&OpenSnapShotFiles ) { 

70111| p = 

| CONTAINING_RECORD(ListEntry,tOpenSnapShotFiles,ListEntry 

I); 

70112| 

70113| if ( p->FileObject==FileObject ) { 

70114| if ( Remove) { 

701 15| RemoveEntryList(&p->ListEntry); 

70116| MemFreePool(p); 

70117| } 

70118| Found=1; 

70119| break; 

70120| } 

701 21 1 ListEntry = ListEntry->Flink; 

70122| } 

70123| 

70124| pmReleaseSpinLock(&ReadOnlySpinLock,oldlrql); 

70125| return Found; 

70126| } 

70127| 

70128| 

70129| BOOLEAN FilelsReadOnly ( PFILE_OBJECT FileObject ) 
70130| { 

70131| KIRQL oldlrql; 

701 32 1 PLIST ENTRY ListEntry; 

701 33| tOpenSnapShotFiles *p; 

70134| BOOLEAN Readonly = FALSE; 

70135| 

70136| pmAcquireSpinLock(&ReadOnlySpinLock,&oldlrql); 

701 37| ListEntry = OpenSnapShotFiles.Flink; 

70138| 

70139| while ( ListEntry !=&OpenSnapShotFiles ) { 
70140| p = 

| CONTAINING_RECORD(ListEntry,tOpenSnapShotFiles,ListEntry 

I); 

70141| 

701 42 1 if ( p->FileObject==FileObject ) { 
701 43 1 Readonly = p->ReadOnly; 

70144| break; 
70145| } 

701 46| ListEntry = ListEntry->Flink; 

70147| } 

70148| 



70149| pmReleaseSpinLock(&ReadOnlySpinLock,oldlrql); 

70150| return Readonly; 

70151| } 

70152| 

70153| 

70154| BOOLEAN FilelsPSM( PFILE_OBJECT FileObject, BOOLEAN 

| Remove ) 
70155| { 

70156| KIRQL oldlrql; 

70157| PLIST_ENTRY ListEntry; 

70158| tOpenSnapShotFiles *p; 

70159| BOOLEAN Found=0; 

70160| 

701 61 1 pmAcquireSpinLock(&ReadOnlySpinLock,&oldlrql); 

70162| ListEntry = PSMFiles.Flink; 

70163| 

701 64| while ( ListEntry!=&PSMFiles ) { 
70165| p = 

| CONTAINING_RECORD(ListEntry,tOpenSnapShotFiles,ListEntry 

I); 

70166| 

701 67| if ( p->FileObject==FileObject ) { 

70168| if ( Remove ){ 

701 69| RemoveEntryList(&p->ListEntry); 

70170| MemFreePool(p); 

70171| } 

70172| Found=1; 

70173| break; 

70174| } 

70175| ListEntry = ListEntry->Flink; 

70176| } 

70177| 

701 78| pmReleaseSpinLock(&ReadOnlySpinLock,oldlrql); 

70179| return Found; 

70180| } 

70181| 

70182| 

70183| NTSTATUS 
70184| PSManFSCIose( 

70185| IN PDEVICE_OBJECT DeviceObject, 

70186| INPIRPIrp 
70187| ) 
70188| { 

70189| PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
70190| 

70191| //cleanup list 

70192| FilelsOpenOnSnapShot(lrpSp->FileObject,TRUE); 

70193| FilelsPSM(lrpSp->FileObject,TRUE); 

70194| 



70195 
70196 
70197 
70198 
70199 
70200 
70201 



| OxOOOOOOff; 



70202 
70203 
70204 
70205 
70206 
70207 
70208 
70209 
70210 
70211 
70212 
70213 
70214 
70215 
70216 
70217 
70218 
70219 
70220 
70221 
70222 
70223 
70224 
70225 
70226 
70227 
70228 
70229 
70230 
70231 
70232 
70233 
70234 
70235 
70236 
70237 
70238 
70239 
70240 
70241 
70242 
70243 



retu rn PS M an FS PassTh ru ( DeviceObject, I rp) ; 

} 

#ifdef DEBUG 

char *GetCreateDispositionString( ULONG Options ) 
{ 

ULONG CreateDisposition = (Options » 24) & 



switch(CreateDisposition) { 

case FILE_SUPERSEDE : return "Supercede"; 

case FILE_OPEN : return "Open"; 

case FILE_CREATE : return "Create"; 

case FILE_OPEN_IF : return "Openlf"; 

case FILE OVERWRITE : return "Overwrite"; 

case FILE_OVERWRITE_IF : return "Overwrite If"; 
default: 

return "Unknown"; 

} 

} 

char *GetOptionsString( ULONG Options, char *Buffer ) 
{ 

strcpy(Buffer,""); 

if(Options & 0x00000001) 

strcat(Buffer,"DIRECTORY,"); 
if(Options & 0x00000002) 

strcat(Buffer,"WRITE_THROUGH,"); 
if(Options & 0x00000004) 

strcat(Buffer,"SEQUENTIAL_ONLY,"); 
if(Options & 0x00000008) 

strcat(Buffer,"NO_BUFFERING,"); 
if(Options & 0x00000010) 

strcat(Buffer,"SYNC_ALERT,"); 
if(Options & 0x00000020) 

strcat(Buffer,"SYNC_NONALERT,"); 
if(Options & 0x00000040) 

strcat(Buffer,"NON_DIRECTORY,"); 
if(Options & 0x00000080) 

strcat(Buffer,"CREATE_TREE_CONNECTION,"); 
if (Options & 0x00000100) 

strcat(Buffer,"COMPLETE_IF_OPLOCKED,"); 
if(Options & 0x00000200) 

strcat(Buffer,"NO_EA_KNOWLEDGE,"); 
if(Options & 0x00000400) 

strcat(Buffer,"OPEN_FOR_RECOVERY,"); 
if(Options & 0x00000800) 

strcat(Buffer,"RANDOM_ACCESS,"); 
if(Options & 0x00001000) 

strcat(Buffer,"DELETE_ON_CLOSE,"); 



70244| if(Options & 0x00002000) 

70245| st rcat( B uf f e r, "O P E N_B Y_F I L El D , ") ; 

70246| if(Options & 0x00004000) 

70247| strcat(Buffer,"OPEN_FOR_BACKUP,"); 

70248| if(Options & 0x00008000) 

70249| strcat(Buffer,"NO_COMPRESSION,"); 

70250| if(Options & 0x0001 0000) 

70251 1 strcat(Buffer,"00010000,"); 

70252| if(Options & 0x00020000) 

70253| strcat(Buffer,"00020000,"); 

70254| if(Options & 0x00040000) 

70255| strcat(Buffer,"00040000,"); 

70256| if(Options & 0x00080000) 

70257| strcat(Buffer,"00080000,"); 

70258| if (Options & 0x001 00000) 

70259| strcat(Buffer,"RESERVE_OP FILTER,"); 

70260| if(Options & 0x00200000) 

70261 1 strcat(Buffer,"OPEN_REPARSE_POINT, M ); 

70262| if(Options & 0x00400000) 

70263| strcat(Buffer,"OPEN_NO_RECALL, M ); 

70264| if(Options & 0x00800000) 

70265| strcat(Buffe r, "OPENFO R_F R EES P AC EQU E RY, ") ; 
70266| 

70267| return Buffer; 
70268| } 
70269 | 

70270| char*GetFilelnfoClassString( FILE INFORMATION CLASS 

| Info ) 
70271 1 { 

70272| switch(lnfo) { 

70273| case FileDirectorylnformation : return 

| "FileDirectorylnformation"; // 1 
70274| case FileFullDirectorylnformation : return 

| "FileFullDirectorylnformation"; // 2 
70275| case FileBothDirectory Information : return 

| "FileBothDirectory Information"; 113 
70276| case FileBasiclnformation : return 

| "FileBasiclnformation"; II A wdm 
70277| case FileStandardlnformation : return 

| "FileStandardlnformation"; 115 wdm 
70278| case Filelnternallnformation : return 

| "Filelnternallnformation"; // 6 
70279| case FileEalnformation : return 

| "FileEalnformation"; // 7 

70280| case FileAccesslnformation : return 

| "FileAccesslnformation"; IIS 
70281| case FileNamelnformation : return 

| "FileNamelnformation"; // 9 
70282| case FileRenamelnformation : return 

| "FileRenamelnformation"; // 1 0 



70283| case FileLinklnformation : return 

| "FileLinklnformation"; // 11 
70284| case FileNameslnformation : return 

| "FileNameslnformation"; // 12 
70285| case FileDispositionlnformation : return 

| "FileDispositionlnformation"; // 13 
70286| case FilePositionlnformation : return 

| "FilePositionlnformation"; // 14 wdm 
70287| case FileFullEalnformation : return 

| "FileFullEalnformation"; // 15 
70288| case FileModelnformation : return 

| "FileModelnformation"; // 1 6 
70289| case FileAlignmentlnformation : return 

| "FileAlignmentlnformation"; // 17 
70290| case FileAlllnformation : return 

| "FileAlllnformation"; // 18 
70291 1 case FileAllocationlnformation : return 

| "FileAllocationlnformation"; // 19 
70292| case FileEndOfFilelnformation : return 

| "FileEndOfFilelnformation"; // 20 wdm 
70293| case FileAlternateNamelnformation : return 

| "FileAlternateNamelnformation"; //21 
70294| case FileStreamlnformation : return 

| "FileStreamlnformation"; // 22 
70295| case FilePipelnformation : return 

| "FilePipelnformation"; // 23 
70296| case FilePipeLocallnformation : return 

| "FilePipeLocallnformation"; // 24 
70297| case FilePipeRemotelnformation : return 

| "FilePipeRemotelnformation"; // 25 
70298| case FileMailslotQuerylnformation : return 

| "FileMailslotQuerylnformation"; // 26 
70299| case FileMailslotSetlnformation : return 

| "FileMailslotSetlnformation"; 1127 
70300| case FileCompressionlnformation : return 

| "FileCompressionlnformation"; // 28 
70301| case FileObjectldlnformation : return 

| "FileObjectldlnformation"; // 29 
70302| case FileCompletionlnformation : return 

| "FileCompletionlnformation"; //30 
70303| case FileMoveClusterlnformation : return 

| "FileMoveClusterlnformation"; //31 
70304| case FileQuotalnformation : return 

| "FileQuotalnformation"; // 32 
70305| case FileReparsePointlnformation : return 

| "FileReparsePointlnformation"; 1133 
70306| case FileNetworkOpenlnformation : return 

| "FileNetworkOpenlnformation"; //34 
70307| case FileAttributeTaglnformation : return 

| "FileAttributeTaglnformation"; // 35 



70308| case FileTrackinglnformation : return 

| "FileTrackinglnformation"; // 36 
70309| default: 
7031 0| return "unknown"; 
70311| } 
70312| } 
70313| 

70314| STATIC void DumpCreatelnfo( PIRP Irp ) 
70315| { 

70316| UNICODE_STRING Empty; 

70317| char Buffer[256]; 

70318| PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackl_ocation( Irp ); 
70319| 
70320| #if 0 

70321 1 // taken from fastfat to show how to get 

| different options 
70322| FileObject = lrpSp->FileObject; 

70323| FileName = FileObject->FileName; 

70324| RelatedFileObject = 

| FileObject->RelatedFileObject; 
70325| AllocationSize = 

| lrp->Overlay. AllocationSize. LowPart; 
70326| EaBuffer 

| I rp-> Associated I rp. System Buff er; 
70327| DesiredAccess = 

| &lrpSp->Parameters. Create. SecurityContext->DesiredAccess 

I ; 

70328| Options 

| I rpSp-> Parameters . Create .Options ; 
70329 1 FileAttributes = 

| (UCHAR)(lrpSp->Parameters.Create. FileAttributes & 

| ~FILE_ATTRIBUTE_NORMAL); 
70330 1 ShareAccess 

| I rpSp-> Parameters . Create .ShareAccess ; 
70331| EaLength 

| I rpSp-> Parameters . C reate . EaLe ngth ; 
70332| CreateDisposition = (Options » 24) & 

| OxOOOOOOff; 
70333| #endif 
70334| 

70335| RtllnitUnicodeString(&Empty,L"<No name 

| available>"); 
70336| 

70337| Debug(DEBUG_SFILTER,("SFILTER: %s '%wZ\ co=%s\n", 
70338| 

| GetCreateDispositionString(lrpSp->Parameters. Create. Opti 
I ons), 
70339| 

| lrpSp->FileObject->FileName. Length ? 



I &lrpSp->FileObject->FileName : SEmpty, 
70340| 

| GetOptionsString(lrpSp->Parameters.Create.Options, Buffer 

I))); 

70341 | 
70342 1 } 
70343| #endif 
70344| 
70345| 
70346| 

70347| STATIC 
70348| NTSTATUS 
70349 1 SfCreate( 

70350| IN PDEVICE_OBJECT DeviceObject, 

70351| IN PIRP Irp 

70352| ) 

70353| 

70354| /*++ 

70355| 

70356| Routine Description: 
70357| 

70358| This function filters create/open operations. It 

| simply establishes an 
70359| I/O completion routine to be invoked if the 

| operation was successful. 
70360| 

70361| Arguments: 
70362| 

70363| DeviceObject - Pointer to the target device object 

| of the create/open. 
70364| 

70365| Irp - Pointer to the I/O Request Packet that 

| represents the operation. 
70366| 

70367| Return Value: 
70368| 

70369| The function value is the status of the call to the 

| file system's entry 
70370| point. 
70371 | 
70372 1 ~7 
70373 1 
70374| { 

70375| #if DO_FILE_SYSTEM_FILTER 
70376| 

70377| PAGED_CODE(); 
70378| 

70379| //Debug(DEBUG_SFILTER,("SFILTER: Create called 

| %08x, %08x\n", DeviceObject, Irp)); 
70380| 



70381 1 if ( 

| PsmGetObjectType(DeviceObject)==OBJECT_FS_OBJECT ) { 



70382| Debug(DEBUG_SFILTER,("SFILTER: FileSystem 

| object and not the FS filter\n")); 

70383| lrp->loStatus. Status = STATUS_SUCCESS; 

70384| lrp->loStatus. Information = FILE_OPENED; 
70385| 

70386| loCompleteRequest( Irp, IO_NO_INCREMENT ); 

70387| return STATUS_SUCCESS; 



70388| } 

70389| 

70390| 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

70391| 

70392| PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackl_ocation( Irp ); 
70393| 
70394| if ( 

I (((PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject) 
| )->Virtual) && 
70395| 

I (((PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject) 

| )->PSMStorageObject) ) { 
70396| PFS_FILTER_EXTENSION 

| deviceExtension=(PFS_FILTER_EXTENSION)GetDeviceExtension 

| (DeviceObject); 
70397| pOpenSnapShotFiles Context=NULL; 
70398| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(deviceExte 

| nsion->PSMStorageObject); 
70399| 

70400| // see if extended handling is off 
70401 1 if(!(gVDisklOHandling & 

| PSM_VDISK_FLAG_ALLOW_PSM_FILE_OPEN)) { 
70402| if(lrpSp->FileObject->FileName.Length) { 

70403| // FIXFIXFIX need to also check 

| relative opens. 
70404| 

| if(lsFileNameOneOfOurs(&lrpSp->FileObject->FileName)) { 
70405| // never allow an open on the 

| virtual volume 
70406| lrp->loStatus. Status = 

| STATUS_ACCESS_DENIED; 
70407| lrp->loStatus. Information = 0; 

70408| 

70409| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
70410| return STATUS_ACCESS_DENIED; 

7041 1 1 } 



70412| } 
70413| } 
70414| 

70415| ULONG SnapShotlsReadOnly = FALSE; 
7041 6| if ( (VDiskExt->SnapShot) && 

| pPersistentDictionary(VDiskExt->SnapShot->Dictionary)->l 

| sReadOnly() ) { 
7041 7 1 // virtual volume is marked readonly 

70418| SnapShotlsReadOnly = TRUE; 

70419| #ifdef DEBUG 
70420| #if DO_ALL_SFILTER 
70421 1 UNICODE_STRING Empty; 

70422 1 

70423| RtllnitUnicodeString(&Empty,L"No name 

| available"); 

70424| Debug(DEBUG_SFILTER,("SFILTER: Create %08x 

| '%wZ\ co=%08x, da=%08x, sa=%08x, fa=%08x\n", 
70425| lrpSp->FileObject, 
70426| 

| lrpSp->FileObject->FileName. Length ? 
| &lrpSp->FileObject->FileName : &Empty, 
70427| 

| I rpSp-> Parameters . Create .Options, 
70428| 

| I rpSp-> Parameters. Create. SecurityContext->DesiredAccess, 
70429 1 

| I rpSp-> Parameters . Create .ShareAccess , 
70430 1 

| I rpSp-> Parameters. Create. FileAttributes)); 
70431 1 #endif /*DO_ALL_SFILTER7 
70432| #endif /*DEBUG7 

70433| // check to see if trying to create a new 

| file 
70434| 

70435| ASSERT( 

| I rpSp-> Parameters. Create. Security Context != NULL ); 
70436| 
70437| #if 0 

70438| // taken from fastfat to show how to get 

| different options 
70439| FileObject = lrpSp->FileObject; 

70440| FileName = FileObject->FileName; 

70441 1 RelatedFileObject = 

| FileObject->RelatedFileObject; 
70442| AllocationSize = 

| lrp->Overlay. AllocationSize. LowPart; 
70443 1 EaBuffer 

| I rp-> Associated I rp . System Buff er; 
70444 1 Desired Access 

| &lrpSp->Parameters. Create. SecurityContext->DesiredAccess 



I ; 

70445| Options 

| I rpSp-> Parameters. Create. Options; 
70446| FileAttributes = 

| (UCHAR)(lrpSp->Parameters.Create. FileAttributes & 

| ~FILE_ATTRIBUTE_NORMAL); 
70447| ShareAccess 

| I rpSp-> Parameters . C reate . S hareAccess ; 
70448| EaLength 

| I rpSp-> Parameters . C reate . EaLe ngth ; 
70449| CreateDisposition = (Options » 24) & 

| OxOOOOOOff; 
70450| #endif 
70451 | 

70452| // we allow writes when this is set. 

70453| // this is so we can delete the snapshot 

| links 

70454| if ( INewFileWritesAllowed ) { 

70455| ULONG CreateDisposition = 

| (lrpSp->Parameters.Create.Options » 24) & OxOOOOOOff; 
70456| 

70457| if ( 

70458| (CreateDisposition == FILE_CREATE) 

I II 

70459| (CreateDisposition == 

| FILE_SUPERSEDE) || 
70460| (CreateDisposition == 

| FILE_OVERWRITE) || 
70461 1 (CreateDisposition == 

| FILE_OVERWRITE_IF) 
70462 1 ) { 

70463| Debug(DEBUG_SFILTER,("SFILTER: 
| Create specified new file or overwrite!\n")); 

70464| WriteProtected: 

70465| lrp->loStatus. Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 

70466| lrp->loStatus. Information = 0; 

70467| 

70468| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
70469 1 return 

| STATUS_MEDIA_WRITE_PROTECTED; 
70470 1 } // attempt to create new file 

70471 | 

70472| if ( (CreateDisposition == 

| FILE_OPEN_IF) ) { 
70473 1 // if told to create if not there, 

| change it to only open. Our completion 
70474| // routine will handle the case 

| where it doesnt exist 



70475| lrpSp->Parameters. Create. Options &= 

| ~(FILE_OPEN_IF « 24); 
70476| lrpSp->Parameters. Create. Options |= 

| (FILE_OPEN « 24); 
70477| } 

70478| // dont allow deletes 

70479| if ( I rpSp-> Parameters. Create. Options & 

| FILE_DELETE_ON_CLOSE ) { 
70480| Debug(DEBUG_SFILTER,("SFILTER: 

| Create: deletion attempted\n M )); 
70481 1 goto Write Protected; 

70482 1 } 
70483 1 

70484| // see if extended checks are disabled 

70485| if ( !(gVDisklOHandling & 

| PSM_VDISK_FLAG_ALLOW_OPEN_FOR_WRITE) ) { 
70486 1 // attempted open with write access 

70487| if ( 

70488| 

| ( I rpSp-> Parameters . C re ate . Secu rity Co ntext-> Desi red Access 
| & GENERIC_WRITE) || 
70489 1 

| ( I rpSp-> Parameters . C re ate . Secu rity Co ntext-> Desi red Access 
| & FILE WRITE DATA) || 
70490 1 

| ( I rpSp-> Parameters . C re ate . Secu rity Co ntext-> Desi red Access 
| & FILE WRITE ATTRIBUTES) || 
70491| 

| ( I rpSp-> Parameters . C re ate . Secu rity Co ntext-> Desi red Access 
| & FILE_APPEND_DATA) || 
70492| 

| ( I rpSp-> Parameters . C re ate . Secu rity Co ntext-> Desi red Access 



| & FILE_WRITE_EA) 
70493| ) { 

70494| Debug(DEBUG_SFILTER,("SFILTER: 

| Create: create attempted with write access\n")); 
70495| goto WriteProtected; 

70496| } 
70497| } // extended checks 

70498| } // not adding drives 

70499| } // virtual is readonly 
70500| 
70501| 



| Context=(pOpenSnapShotFiles)MemAllocatePoolWithTag(NonPa 
| gedPool,sizeof(tOpenSnapShotFiles),PSM_READONLY_FILE_TAG 

I); 

70502| 

70503| // add object onto list of valid creates 

70504| if ( Context ) { 

70505| RtlZeroMemory (Context, 



I sizeof(tOpenSnapShotFiles)); 
70506| Context->FileObject = lrpSp->FileObject; 

70507| Context->ReadOnly = TRUE; 

70508| if ( NewFileWritesAllowed || 

| ISnapShotlsReadOnly ) { 
70509| Context->ReadOnly = FALSE; 

70510| } 
7051 1 | 

| ExlnterlockedlnsertTailList(&OpenSnapShotFiles,&Context- 

| >ListEntry,&ReadOnlySpinLock); 
70512| } 
70513| 

70514| // 

7051 5| // Get a pointer to the current stack location 

| in the IRP. This is where 
7051 6| // the function codes and parameters are 

| stored. 
70517| // 
70518| 

70519| IrpSp = loGetCurrentlrpStackLocation( Irp ); 
70520| 

70521| // 

70522| // If debugging is enabled, do the processing 

| required to see the packet 
70523| // upon its completion. Otherwise, let the 

| request go w/no further 
70524| // processing. 
70525| // 
70526| 

70527| loCopyCurrentlrpStackl_ocationToNext( Irp ); 
70528| 

70529| loSetCompletionRoutine( 

70530| Irp, 

70531 1 SfCreateCompletion, 

70532 1 Context, 

70533| TRUE, 

70534| TRUE, 

70535| TRUE 

70536| ); 

70537| 

70538| // 

70539| // Now call the appropriate file system driver 

| with the request. 
70540 1 // 
70541 | 

70542| return loCallDriver( 

| deviceExtension->TargetDeviceObject, Irp ); 
70543| }// virtual 
70544| 

70545| // see if extended handling is off 



70546| if(!(gVDisklOHandling & 

| PSM_VDISK_FLAG_ALLOW_PSM_FILE_OPEN)) { 
70547| if(lrpSp->FileObject->FileName. Length) { 
70548| // FIXFIXFIX need to also check relative 

| opens. 
70549| 

| if(lsFileNameOneOfOurs(&lrpSp->FileObject->FileName)) { 
70550| tOpenSnapShotFiles 

| *Context=(pOpenSnapShotFiles)MemAllocatePoolWithTag(NonP 

| agedPool,sizeof(tOpenSnapShotFiles),PSM_READONLY_FILE_TA 

|G); 
70551 | 

70552| // add object onto list of valid 

| creates 
70553| if ( Context ) { 

70554| Context->FileObject = 

| lrpSp->FileObject; 
70555| Debug(DEBUG_SFILTER,("SFILTER: PSM 

| file %08x 

| '%wZ\n",Context->FileObject,&lrpSp->FileObject->FileNam 
|e)); 
70556| 

| ExlnterlockedlnsertTailList(&PSMFiles,&Context->ListEntr 

| y,&ReadOnlySpinl_ock); 
70557| } 
70558| } 
70559 1 } 
70560 1 } 
70561 | 
70562 1 #if 0 

70563| // rob 1 1-1 1-2001 - This is a failed attempt at 
| keeping 

70564| // cluster server from failing over the volumes 

| during a revert 
70565| // operation. Cluster server still detected the 

| volume offline 
70566| // and failed the volume anyway. 
70567| 
70568| 

70569 1 // check to see if this is one of the special 
70570| // cluster files that we need to check for 
70571| //when doing the revert operation. We do this so 
70572| // cluster server doesnt fail the volume while we 
| are 

70573| // reverting 

70574| PFS_FILTER_EXTENSION 

| deviceExtension=(PFS_FILTER_EXTENSION)GetDeviceExtension 

| (DeviceObject); 
70575| 

70576| if(!(deviceExtension->Virtual) && 



I (deviceExtension->PSMStorageObject)) { 
70577| PFILTERED_EXTENSION 

| DevExt=GetFilteredExtension(deviceExtension->PSMStorageO 

I bject); 
70578| 

70579| if(DevExt->lsReverting) { 
70580 1 D u m pC reate I nf o ( I rp) ; 

70581 | 

70582| if(lrpSp->FileObject->FileName.Length) { 

70583 1 

| if(lsFileNameClusterFile(&lrpSp->FileObject->FileName) 

I II 
70584| 

| (lsFileNameRootDir(&lrpSp->FileObject->FileName))) { 
70585| #ifdef DEBUG 
70586| DumpCreatelnfo(lrp); 
70587| #endif 
70588| 

70589| WCHAR *Buffer=(WCHAR 

| *)ExAllocatePoolWithTag(PagedPool,256*sizeof(WCHAR),FILE 

| NAMETAG); 
70590| if(Buffer) { 

70591| 

| RtlZeroMemory(Buffer,256*sizeof(WCHAR)); 
70592| 

| wcscpy(Buffer,L"\\??\\C:\\temp M ); 
70593| 

| wcscat(Buffer,lrpSp->FileObject->FileName. Buffer); 
70594| 

| ExFreePool(lrpSp->FileObject->FileName. Buffer); 
70595| 

| RtllnitUnicodeString(&lrpSp->FileObject->FileName, Buffer 

I); 

70596| lrp->loStatus.Status = 

| STATU S_REPARSE; 
70597| lrp->loStatus. Information = 

| IO_REPARSE; 
70598| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
70599| return STATUS_REPARSE; 

70600| } else { 

70601 1 lrp->loStatus.Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
70602| lrp->loStatus. Information = 0; 

70603| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
70604| return 

| STATUS_INSUFFICIENT_RESOURCES; 
70605| } 
70606| 



70607| }// is a cluster file 

70608| } // filename is valid 

70609| } // is reverting 
70610| }// if not virtual 
7061 1 | 

70612| #endif // if 0 for cluster fix 
70613| 

70614| #endif 

70615| return PSManFSPassThru( DeviceObject, Irp ); 

70616| } 

70617| 

70618| #if DO_FILE_SYSTEM_FILTER 
70619| 

70620| STATIC 

70621 1 NTSTATUS 

70622 1 SfCreateCompletion( 



70623| IN PDEVICE_OBJECT DeviceObject, 

70624| IN PIRP Irp, 

70625| IN PVOID Context 

70626| ) 

70627| 



70628| /*++ 
70629 1 

70630| Routine Description: 
70631| 

70632| This function is the create/open completion routine 
| for this filter 

70633| file system driver. If debugging is enabled, then 

| this function prints 
70634| the name of the file that was successfully 

| opened/created by the file 
70635| system as a result of the specified I/O request. 
70636| 

70637| Arguments: 
70638| 

70639| DeviceObject - Pointer to the device on which the 

| file was created. 
70640| 

70641 1 Irp - Pointer to the I/O Request Packet the 

| represents the operation. 
70642 1 

70643| Context - This driver's context parameter - unused; 
70644| 

70645| Return Value: 
70646| 

70647| The function value is STATUS_SUCCESS. 

70648| 

70649 1 -7 

70650 1 

70651 | { 



70652| #define BUFFER_SIZE 1024 
70653 1 

70654| PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackl_ocation( Irp ); 
70655| PFS_FILTER_EXTENSION deviceExtension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
70656| NTSTATUS status; 

70657| POB J ECT_N AM E_l N FO RM ATION namelnfo; 

70658| ULONG size; 

70659| PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackl_ocation( Irp ); 
70660 1 
70661 | 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

70662| //Debug(DEBUG_SFILTER,("SFILTER: Create completion 

| routine\n")); 
70663 1 

70664| // if readonly volume, and the error is not found, 
| then 

70665| // it really is readonly as it create disposition 

| was OPENJF 
70666| if ( (deviceExtension->Virtual) && 

| (deviceExtension->PSMStorageObject) ) { 
70667| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(deviceExte 

| nsion->PSMStorageObject); 
70668| 

70669| if ( (VDiskExt->SnapShot) && 

| pPersistentDictionary(VDiskExt->SnapShot->Dictionary)->l 

| sReadOnly() ) { 
70670| if ( FilelsReadOnly(lrpSp->FileObject) ) { 

70671 1 if ( 

| lrp->loStatus.Status==STATUS_OBJECT_NAME_NOT_FOUND ) { 
70672 1 if ( 

| irpSp->Parameters. Create. SecurityContext->DesiredAccess 

| == FILE OPEN ) { 
70673| Debug(DEBUG_SFILTER,("SFILTER: 

| File didnt exist, write protected\n")); 
70674| 

| loCancelFileOpen(deviceExtension->TargetDeviceObject,lrp 

| Sp->FileObject); 
70675| lrp->loStatus.Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 
70676| } 
70677| } 
70678| } 
70679 1 } 
70680 1 } 
70681 | 



70682| 

70683| if ( NT_SUCCESS(lrp->loStatus.Status) ) { 
70684| #jf 0 
70685| // 

70686| // If any debugging level is enabled, attempt 

| to capture the name of the 
70687| // file that was just created/opened. 
70688| // 
70689| 

70690| if ( DebugLevel & DEBUG_SFILTER ) { 

70691 1 if ( namelnfo = 

| (POBJECT_NAME_INFORMATION)MemAllocatePoolWithTag( 
| NonPagedPool, BUFFER_SIZE , TEMPTAG) ) { 

70692 1 

70693 1 // 

70694| // A buffer was successfully allocated. 

| Attempt to determine 
70695| // whether this was a volume or a file 

| open, based on the length 
70696| // of the file's name. If it was a 

| volume open, then simply 
70697| // query the name of the device. Note 

| that it is not legal to 
70698| // perform a relative file open using a 

| NULL name to obtain another 
70699| // handle to the same file, so checking 

| the RelatedFileObject field 
70700| // is unnecessary. 

70701| // 
70702| 

70703| if ( irpSp->FileObject->FileName.Length 

l){ 

70704| status = ObQueryNameString( 

70705| 

| irpSp->FileObject, 
70706| namelnfo, 
70707| 

| BUFFER_SIZE, 
70708| &size 
70709| ); 
70710| }else{ 

7071 1 1 status = ObQueryNameString( 

70712| 

| irpSp->FileObject->DeviceObject, 
70713| namelnfo, 
70714| 

| BUFFER_SIZE, 
70715| &size 
70716| ); 
70717| } 



70718| 

70719| // 

70720| // If querying the name was successful, 

| actually print the name 
70721| // on the debug terminal. 

70722| // 
70723| 

70724| if ( NT_SUCCESS( status ) ) { 

70725| if ( 

| irpSp->Parameters.Create.Options & FILE_OPEN_BY_FILE_ID 

l){ 

70726| Debug(DEBUG_SFILTER,( "SFILTER: 

| Opened %ws\\(FID)\n", namelnfo->Name. Buffer )); 
70727| } else { 

70728| Debug(DEBUG_SFILTEFt,( "SFILTER: 

| Opened %ws\n", namelnfo->Name.Buffer )); 
70729| } 
70730| } else { 

70731 1 Debug(DEBUG_SFILTER,( "SFILTER: 

| Could not get the name for %x\n", irpSp->FileObject )); 
70732 1 } 

70733| MemFreePool( namelnfo ); 

70734| } 
70735| } 
70736| #endif 
70737| } else { 

70738| // remove the entry as close will not be called 

| since the create failed 
70739| FilelsOpenOnSnapShot(lrpSp->FileObject,TRUE); 
70740| FilelsPSM(lrpSp->FileObject,TRUE); 
70741 | } 
70742 1 
70743 1 // 

70744| // Propogate the IRP pending flag. 

70745| // 

70746| 

70747| if ( lrp->PendingReturned ) { 
70748| loMarklrpPending( Irp ); 
70749 1 } 
70750 1 

70751 1 return STATUS_SUCCESS; 
70752 | } 
70753 1 

70754| typedef struct sHelperThread { 

70755| KEVENT Event; 

70756| PDEVICE_OBJECT DeviceObject; 

70757| PIRP Irp; 

70758| ULONG State; 

70759 1 } tHelperThread, *pHelperThread; 

70760| 



70761 | 

70762| NTSTATUS 

70763| FsCtlExtendVolumeCompletionRoutine( 
70764| IN PDEVICE_OBJECT DeviceObject, 
70765| IN PIRP Irp, 
70766| IN PVOID Context 
70767| ) 
70768| { 

70769| NOTREFERENCED(DeviceObject); 
70770 1 

70771 1 pmSetEvent((PKEVENT)Context); 
70772 1 

70773| // keep nt from touching our irp, which will be 

| handled by person 
70774| // who wanted the event set 

70775| return STATUS_MORE_PROCESSING_REQUIRED; 

70776| } 

70777| 

70778| 

70779| 

70780 1 

70781| STATIC 
70782| NTSTATUS 
70783| SfFsControl( 

70784| IN PDEVICE_OBJECT DeviceObject, 

70785| IN PIRP Irp 

70786| ) 

70787| 

70788| /*++ 

70789| 

70790| Routine Description: 
70791| 

70792| This routine is invoked whenever an I/O Request 

| Packet (IRP) w/a major 
70793| function code of IRP_MJ_FILE_SYSTEM_CONTROL is 

| encountered. For most 
70794| IRPs of this type, the packet is simply passed 

| through. However, for 
70795| some requests, special processing is required. 
70796| 

70797| Arguments: 
70798| 

70799| DeviceObject - Pointer to the device object for 

| this driver. 
70800| 

70801 1 Irp - Pointer to the request packet representing 

| the I/O request. 
70802 1 

70803| Return Value: 
70804| 



70805| The function value is the status of the operation. 

70806| 

70807| --*/ 

70808| 

70809| { 

70810| NTSTATUS status; 

7081 1 1 PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackl_ocation( Irp ); 
70812| PDEVICE_OBJECT deviceObject; 
7081 3| PFS_FILTER_EXTENSION deviceExtension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
70814| 

70815| PAGED_CODE(); 
70816| 

70817| #ifdef DEBUG 

70818| #if DO_ALL_SFILTER 

70819| 

| if(irpSp->Parameters.DeviceloControl.loControlCode!=FSCT 

I L_IS_VOLUME_MOUNTED) { 
70820| Debug(DEBUG_SFILTER,("SFILTER: FS Control, 

| mj=%08x, mn=%08x, fs=%08x, fl=%08x, '%s'\n", 
70821 1 irpSp->MajorFunction, 
70822| irpSp->MinorFunction, 
70823 1 

| irpSp->Parameters.DeviceloControl.loControlCode, 
70824| irpSp->Flags, 
70825| File_GetFSCTLFunctionName( 
70826| irpSp->MinorFunction, 
70827| 

| irpSp->Parameters.DeviceloControl.loControlCode 
70828| ))); 
70829 1 } 

70830| #endif /*DO_ALL_SFILTER7 
70831 1 #endif /*DEBUG7 
70832 1 
70833 1 // 

70834| // Begin by determining the minor function code for 

| this file system control 
70835 1 //function. 
70836| // 
70837| 

70838| // && (!(irpSp->Flags & SL_ALLOW_RAW_MOUNT)) 
70839| if ( (irpSp->MinorFunction == IRP_MN_MOUNT_VOLUME 

l)){ 
70840 1 

70841 1 #if DO_ALL_S FILTER 

70842| Debug(DEBUG_SFILTER,("SFILTER: Mount Volume 

| Request\n")); 

70843| #endif /* DO_ALL_S F I LT E R7 

70844| // 



70845| // This is a mount request. Create a device 

| object that can be 
70846| // attached to the file system's volume device 

| object if this request 
70847| // is successful. Note that it is possible 

| that there is a device 
70848| // object already on the FsDeviceQueue as the 

| result of a mini-file 
70849| // system recognizer having recognized a 

| volume. If so, then attempt 
70850| // to use it instead. 
70851 1 // 
70852 1 

70853| deviceObject = (PDEVICE_OBJECT) NULL; 
70854| #if 0 
70855| /* 

70856| 10-18-2001 Rob - For some reason i havent 

| figured out, this code is 
70857| providing the wrong object to Mount, which 

| is causing us to attach to 
70858| the wrong stack. Basically you can see 

| this problem if you install 
70859| another file system filter driver over us. 

| You will get a BSOD of 
70860| NO_MORE_IRP_STACK_LOCATIONS. I tracked 

| this down by using srecog.sys 
70861 1 which is a very simple file system 

| recoginizer. Since i took this code 
70862| from the windows 2000 sfilter, i am not 

| sure why it is wrong. Also 
70863| according to the news groups, the windows 

| 2000 sfilter i took this code 
70864| from is confusing (if not wrong), so the 

| windows XP sfilter does it a 
70865| different way. Maybe one day, we need to 

| see how. 
70866| 
70867| 

70868| This problem occurs when a file system 

| recoginizer issues a load command. 
70869| By not reusing this object, it will be 

| leaked. Since this occurs only when 
70870| the file system is being loaded by a 

| recoginizer, it should be ok. Also if 
70871 1 recoginizer goes away, so will the object. 

70872 1 7 

70873| if ( !lsListEmpty( &FsDeviceQueue ) ) { 
70874| 

70875| PLIST_ENTRY entry; 

70876| 



70877 1 Fs Rtl Enter FileSystem () ; 

70878| ExAcquireResourceExclusive( &FsLock, TRUE 

I); 

70879| if ( !lsListEmpty( &FsDeviceQueue ) ) { 

70880| 

70881 1 // 

70882 1 // There is a device object on the 

| device queue that may be 
70883 1 // reusable. Remove it from the queue 

| and check its reference 
70884| // count; if it is zero, then it can 

| be used, otherwise, put 
70885| // it back. Note that device objects 

| are inserted onto the tail 
70886| // of the queue, so those at the head 

| should be usable since the 
70887 1 // reference count is decremented as 

| soon as the top level 
70888| // driver's completion routine returns. 

70889 1 // 
70890 1 

70891 1 entry = FsDeviceQueue.Flink; 

70892| deviceObject = CONTAINING_RECORD( 

70893 1 entry, 

70894| 

| DEVICE_OBJECT, 
70895| 

| Queue. ListEntry 
70896| ); 
70897| if ( !deviceObject->ReferenceCount ) { 

70898| RemoveHeadl_ist( &FsDeviceQueue ); 

70899 1 

| ASSERT(PsmGetObjectType(deviceObject)==OBJECT_FS_FILTER) 

I ; 

70900| status = STATUS_SUCCESS; 

70901| }else{ 

70902| deviceObject = (PDEVICE_OBJECT) 

| NULL; 
70903| } 
70904| } 

70905| ExReleaseResource(&FsLock ); 

70906| FsRtlExitFileSystem(); 
70907| } 
70908| #endif 
70909| 

70910| if ( IdeviceObject ) { 
70911| 

70912| #ifdef DEBUG_EXTENSION 
70913| ULONG SizeOfDeviceExt = 

| sizeof(DEVICE_EXTENSION); 



70914| #else 

7091 5| ULONG SizeOf DeviceExt = sizeof( 

| FS_FILTER_EXTENSION); 
70916| #endif 

7091 7| status = loCreateDevice( 

70918| PSManDriverObject, 
70919| SizeOf DeviceExt, 

70920| (PUNICODE_STRING) 

| NULL, 
70921 | 

| FILE_DEVICE_DISK_FILE_SYSTEM, 
70922| 0, 
70923| FALSE, 
70924| &deviceObject 
70925| ); 
70926| if ( NT_SUCCESS(status) ) { 

70927| PFS_FILTER_EXTENSION Ext; 

70928| #if DEBUG_ALL_SFILTER 

70929| Debug(DEBUG_SFILTER,("SFILTER: 

| Created new FS filter %08x\n",deviceObject)); 
70930| #endif /*DEBUG_ALL_SFILTER7 

70931 | 

70932| #ifdef DEBUG_EXTENSION 
70933 1 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Ob 
| jectType = OBJECT_FS_FILTER; 
70934| 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Re 
| alDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,FS_FILTER_EXTENSION 
| SIZE,DEVEXTTAG); 
70935| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(deviceObject->DeviceE 
| xtension))->RealDeviceExtension,FS_FILTER_EXTENSION_SIZE 

I); 

70936| #endif 
70937| 

70938| Ext = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(deviceObject); 



70939 1 


Ext- 


>DeviceObject = deviceObject; 


70940 1 


Ext- 


>DriverObject = PSManDriverObject; 


70941 | 


Ext- 


>ObjectType = OBJECT_FS_FILTER; 


70942 1 


Ext- 


>Attached = FALSE; 


70943 1 


Ext- 


>TargetDeviceObject = NULL; 


70944| 


Ext- 


>PSMStorageObject = NULL; 


70945| 


Ext- 


>Virtual = FALSE; 


70946| 


Ext- 


>FileSystem = FALSE; 


70947| 


} 




70948| 






70949 1 


} else { 





70950| Debug(DEBUG_SFILTER,("SFILTER: Reusing FS 

| filter %08x\n M ,deviceObject)); 
70951 1 } 
70952 1 

70953| if ( NT_SUCCESS( status ) && deviceObject ) { 
70954| 

70955| loCopyCurrentlrpStackLocationToNext( Irp ); 

70956| 

70957| // 

70958| // Set the address of the completion 

| routine for this mount request 
70959| // to be the mount completion routine and 

| pass along the address 
70960| // of the specified device object as its 

| context. 
70961 1 // 

70962| // Also, pass a pointer to the real device 

| object from the VPB so 
70963| // that a remount VPB can be located if 

| necessary (see comments in 
70964| // the mount completion routine). 

70965| // 
70966| 

70967| loSetCompletionRoutine( 

70968| Irp, 

70969| SfMountCompletion, 

70970 1 deviceObject, 

70971| TRUE, 

70972| TRUE, 

70973| TRUE 

70974| ); 

70975| 

70976| #if DO_ALL_SFILTER 

70977| Debug(DEBUG_SFILTER,("SFILTER: 1 Sending 

| mount to lower driver\n")); 
70978| Debug(DEBUG_SFILTER,("SFILTER: 1 MyDo=%08x, 

| Mydo=%08x, mvpb=%08x, mdo=%08x, vrd=%08x, 

| vdo=%08x,vfl=%08x\n", 
70979 1 DeviceObject, 
70980| deviceObject, 
70981 | 

| irpSp->Parameters.MountVolume.Vpb, 
70982 1 

| irpSp->Parameters.MountVolume. DeviceObject, 
70983 1 

| irpSp->Parameters.MountVolume.Vpb->RealDevice, 
70984| 

| irpSp->Parameters.MountVolume.Vpb->DeviceObject, 
70985| 

| irpSp->Parameters.MountVolume.Vpb->Flags 



70986| )); 
70987| #endif /*DO_ALL_SFILTER7 
70988| 

70989| irpSp->Parameters.MountVolume.DeviceObject 

| = irpSp->Parameters.MountVolume.Vpb->RealDevice; 
70990| 

70991 1 PDEVICE_OBJECT PSMStorageObject = 

| GetPSMStorageFilterObject(irpSp->Parameters.MountVolume. 
I Vpb); 

70992 | 

70993| if ( PSMStorageObject ) { 

70994| if ( PsmGetObjectType(PSMStorageObject) 

| == OBJECT_FILTEREDDISK ) { 
70995| PFILTEREDEXTENSION 

| DevExt=(PFILTERED_EXTENSION)GetDeviceExtension(PSMStorag 

| eObject); 
70996| 

70997| #if DO_ALL_SFILTER 

70998| Debug(DEBUG_SFILTER,("SFILTER: 

| 1 Lower object is filtered disk %08x, 

| mounted=%d\n M ,PSMStorageObject,DevExt->lsMounted)); 
70999| #endif /*DO_ALL_SFILTER7 

71 000| // we will reload the snapshots 

| incase it changed from the last time 
71 001 1 if((!DevExt->lsPhysical) && 

| (!DevExt->lsReverting)) { 
71 002| if(!GlobalData->ShutDownCalled) 

|{ 
71003| 

71 004| // load value from registry 

| as it may not have been loaded yet 
71 005| if (DevExt->FileSystem == 

| F I L E_S YST E M_U N K N OWN ) { 
71 006| // see about loading 

71 007| WCHAR *VolumeReg = 

| GetPerVolumeRegistry(PSMStorageObject); 
71008| if(VolumeReg) { 

71 009| UNICODE_STRING Str; 

71010| 

| RtllnitUnicodeString( &Str, VolumeReg); 
71011| 

| Reg_GetULONGKey(&Str,L"FileSystem",FILE_SYSTEM_UNKNOWN,& 
| DevExt->FileSystem); 
71012| 

| F ree Pe rVo I u me Reg ist ry ( Vo I u me Reg ) ; 



71013| } 
71014| } 
71015| 

71 01 6| // try and prevent loading 



| of snapshots multiple times 



71 01 7| II ie we get a mount 

| request for a NTFS volume multiple times: 
71018| // FastFat 

71019| // DFS 

71020| // NTFS 

71 021 1 // so this code should keep 

| us from loading the index 2 or more times. 
71022| if( ((DevExt->FileSystem == 

| FILE_SYSTEM_NTFS) && (deviceExtension->lsNtfs)) || 
71023| ((DevExt->FileSystem == 

| FILE_SYSTEM_FAT) && (deviceExtension->lsFat)) || 
71024| ((DevExt->FileSystem == 

| FILE_SYSTEM_UNKNOWN)) 
71025| ){ 
71026| 

71027| #if DO_ALL_S FILTER 

71028| 

| Debug(DEBUG_SFILTER,("SFILTER: 1 Lower object not 

| physical, attempting to load snapshots\n")); 
71029| #endif 

| /*DO_ALL_SFILTER7 
71030| 

| if(PersistentDictionary::ChecklfLoadNeeded(PSMStorageObj 
I ect)) { 
71031| 

71032| #ifdef 

| DO_TIMING_TEST 
71033| Hint -save 

| -e740 7 
71034| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_LOAD 
| ING_SNAPSHOTS,0,NULL,0,NULL,0); 
71035| Hint -restore 

|7 

71036| #endif 
71037| 

71 038| NTSTATUS Status = 

| PersistentDictionary::LoadSnapShotsForVolume 

| (PSMStorageObject,TRUE,NULL ); 
71039| 

71040| #ifdef 

| DO_TIMING_TEST 
71041| /*lint-save 

| -e740 7 
71042| 

| LogError((PDEVICE_OBJECT)PSManDriverObject,NULL,PSM_DONE 
|_LOADING_SNAPSHOTS,0,NULL,0,NULL,0); 
71043| Hint -restore 

|7 

71044| #endif 



71045| 

71046| #if DO_ALL_SFILTER 

71047| 

| Debug(DEBUG_SFILTER,("SFILTER: 1 load snapshots 

| returned %08x\n",Status)); 
71048| #endif 

| /*DO_ALL_SFILTER7 
71049| 

71050| //if out of 

| memory, dont allow the volume to come online 
71051| 

| if((Status==STATUS_INSUFFICIENT_RESOURCES) || 
71052| 

| (Status==PSM_ERROR_OUT_OF_MEMORY)) { 
71053| 

| Debug(DEBUG_SFILTER,("SFILTER: Error! out of memory, 
| failing mount!\n")); 
71054| 

| lrp->loStatus.Status = STATUSJNSUFFICIENT_RESOURCES; 
71055| 

| lrp->loStatus. Information = 0; 
71056| 
71057| 

| loCompleteRequest( Irp, IO_NO_INCREMENT ); 
71058| 

71059| return 

| STATUSJNSUFFICIENT_RESOURCES; 
71060| } 
71061| }else{ 
71062| // see if a revert 

| needs to occur as we didnt call LoadSnapShotsForVolume 
71063| 

| if(DevExt->Cache.Header) { 
71064| if( 

| DevExt->Cache.Header->Revertlnfo.SnapShotSequenceNumber 
| != 0 ) { 

71065| ULONG 

| Opened=0; 
71066| 
71067| 

| if(!DevExt->OpenCloseAcquired) { 
71068| if( 

| AcquireOpenCloseResourceOnly(NULL)!=STATUS_WAIT_0 ) { 
71069| 

| goto Leave; 
71070| } 
71071| Opened 

| = TRUE; 
71072| 

| DevExt->OpenCloseAcquired = TRUE; 



71073| } 

71074| 

71075| 

| RevertCheckAtVolumeMount(PSMStorageObject); 
71076| 

71077| if(Opened) 

|{ 
71078| 

| DevExt->OpenCloseAcquired = FALSE; 
71079| 

| ReleaseOpenCloseResource(); 
71080| } 
71081| Leave: 

71082| NOTHING; 
71083| } 
71084| } 
71085| 

71086| } 

71087| }else{ 

71 088| // wrong file system 

| for us 
71089| 

| Debug(DEBUG_SFILTER,("SFILTER: mount request to wrong 
| volume type, fs=%d, ntfs=%d, fat=%d, 
| raw=%d\n", DevExt->FileSystem,deviceExtension->lsNtfs,dev 
| iceExtension->lsFat,deviceExtension->lsRaw)); 
71090| 

71 091 1 // Since we know this 

| is wrong, tell the system 
71092| 

71093| lrp->loStatus. Status = 

| STATUS_UNRECOGNIZED_VOLUME; 
71094| 

| lrp->loStatus. Information = 0; 
71095| 

71096| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
71097| 

71098| return 

| STATUS_UNRECOGNIZED_VOLUME; 
71099| } 
71100| }else{ 

71 1 01 1 Debug(DEBUG_DICT,("SFILTER: 

| shutdown called, not loading snapshots\n")); 
71102| } 
71103| }else{ 
71 1 04| if(DevExt->lsReverting) { 

71105| 

| Debug(DEBUG_SFILTER,("SFILTER: mount request while 
| reverting\n")); 



71106| 

71107| // If reverting this 

| volume, do NOT allow mount requests to complete 
71108| 

71 1 09 1 lrp->loStatus.Status = 

| STATUS_ACCESS_DENIED; 
71 1 10| I rp->loStatus. Information = 

|0; 
71111| 

71 1 12| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
71113| 

71114| return 

| STATUS_ACCESS_DENIED; 
71115| }else{ 
71 1 1 6| #if DO_ALL_SFILTER 

71117| 

| Debug(DEBUG_SFILTER,("SFILTER: 1 Lower object 

| physical\n")); 
71118| #endif /* DO_AL L_S F I LTE R*/ 

71119| } 
71120| } 
71121| } else if ( 

| PsmGetObjectType(PSMStorageObject) == 

| OBJECT_VIRTUALDISK ) { 
71122| #if DO_ALL_SFILTER 

71 123| Debug(DEBUG_SFILTER,("SFILTER: 

| 1 Lower object is virtual disk 

| %08x\n",PSMStorageObject)); 
71 1 24| #endif /*DO_ALL_SFILTER7 

71 1 25| PVDISK_EXTENSION VDiskExt = 

| GetVDiskExtension(PSMStorageObject); 
71 126| if ( VDiskExt->MountDisabled ) { 

71 1 27| // We can get here if, for 

| example, we are currently undoing virtual writes 
71 128| Debug(DEBUG_SFILTER,("SFILTER: 

| mount request to virtual volume while mount 

| disabled\n")); 
71 129| lrp->loStatus.Status = 

| STATUS_ACCESS_DENIED; 
71130| lrp->loStatus. Information = 0; 

71 131 1 loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
71132| return STATUS_ACCESS_DENIED; 

71133| } 
71134| 

71 135| if (VDiskExt->PSM Device) { 

71 136| PFILTERED_EXTENSION 

| DevExt=(PFILTERED_EXTENSION)GetDeviceExtension(VDiskExt- 

| >PSM Device); 



71 1 37\ ASSERT(DevExt->ObjectType == 

| OBJECT_FILTEREDDISK); 
71138| 

71 1 39| if (DevExt->lsReverting) { 

71140| // If reverting this 

| volume, do NOT allow mount requests to complete 
71141| 

| Debug(DEBUG_SFILTER,("SFILTER: mount request to virtual 

| volume while reverting\n")); 
71142| lrp->loStatus.Status = 

| STATUS_ACCESS_DENIED; 
71 143| I rp->loStatus. Information = 

|0; 

71144| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
71145| return 

| STATUS_ACCESS_DENIED; 
71146| } 
71147| } 
71148| }else{ 
71149| #ifdef DEBUG 

71150| Debug(DEBUG_SFILTER,("SFILTER: 1 

| Error! Unknown lower object!!!!!!!!!!!!!!!!!!!!\n M )); 
71151| DbgBreakPoint(); 
71152| #endif 
71153| } 
71154| }else{ 

71 1 55| // this can happen when the volume 

| being mounted is not a volume we filter 
71 156| //for example, A: or B: 

71157| } 
71158| }else{ 

71159| Debug(DEBUG_SFILTER,("SFILTER: 1 Unable to 

| create device, not attaching to volume!!!!!!!!!\n")); 
71160| 

71161| // 

71 1 62| // Something went wrong so this volume 

| cannot be filtered. Simply 
71 1 63| // allow the system to continue working 

| normally, if possible. 
71164| // 

71 1 65| loSkipCurrentlrpStackLocation( Irp ); 

71166| } 
71167| }else 

71 1 68| if ( irpSp->MinorFunction == 
| I R P_M N_L OA D_F I L E_S YST E M ) { 
71 169| #if DO_ALL_SFILTER 

71 1 70| Debug(DEBUG_SFILTER,("SFILTER: Load File 

| System\n")); 
71 1 71 1 #endif /*DO_ALL_SFILTER7 



71172| 

71173| // 

71 1 74| // This is a load file system request being 

| sent to a mini-file system 
71 1 75| // recognizer driver. Detach from the file 

| system now, and set 
71 1 76| // the address of a completion routine in case 

| the function fails, in 
71 1 77| // which case a reattachment needs to occur. 

| Likewise, if the function 
71 1 78| // is successful, then the device object needs 

| to be deleted. 
71179| // 
71180| 

71 181 1 loCopyCurrentlrpStackLocationToNext( Irp ); 
71182| 

71 1 83 1 loDetachDevice( 

| deviceExtension->TargetDeviceObject ); 
71 184| deviceExtension->Attached = FALSE; 
71185| 

71 186| loSetCompletionRoutine( 

71187| Irp, 

71 1 88| Sf LoadFsCompletion, 

71189| DeviceObject, 

71190| TRUE, 

71191| TRUE, 

71192| TRUE 

71193| ); 

71194| }else 

71195| if( 

| PsmGetObjectType(DeviceObject)!=OBJECT_FS_FILTER ) { 
71196| 

71197| #if DO_ALL_SFILTER 

71 198| Debug(DEBUG_SFILTER,("SFILTER: Request 

| directed to object and not filter\n")); 
71 199| #endif /* DO_ALL_S F I LTE R7 
71200| // 

71 201 1 // If this device object is a primary rather 

| than a pass-through, 
71202| // then this is an invalid request. 
71203| // 
71204| 

71205| lrp->loStatus. Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
71206| lrp->loStatus. Information = 0; 
71207| 

71208| loCompleteRequest( Irp, IO_NO_INCREMENT ); 
71209| 

71210| return STATUS_INVALID_DEVICE_REQUEST; 
71211| }else 



71212| if ( irpSp->MinorFunction == 

| IRP_MN_USER_FS_REQUEST ) { 
71213| NTSTATUS Status; 
71214| switch ( 

| irpSp->Parameters.DeviceloControl.loControlCode ) { 
71215| case FSCTL_DISMOUNT_VOLUME: { 

71216| if ( !deviceExtension->Virtual ) { 

71217| PFILTERED_EXTENSION d = 

| (PFILTERED_EXTENSION)GetDeviceExtension(deviceExtension- 

| >PSMStorageObject); 
71218| BOOLEAN 

| DirectState=d->DoDirectlO; 
71219| 

71220| Debug(DEBUG_SFILTER,("SFILTER: 
| Dismount Volume Request for real volume, do=%08x, 
| irp=%08x, 

| psm=%08x\n",DeviceObject,lrp,deviceExtension->PSMStorage 

I Object)); 
71221| 
71222| 

| PersistentDictionary::MiniUnloadSnapShotsForVolume(devic 
| eExtension->PSMStorageObject); 



71223| ULONG PrevState=d->lsMounted; 
71224| 

71225| d->lsMounted = FALSE; 

71226| Debug(DEBUG_SFILTER,("SFILTER: 



| Just set IsMounted to FALSE for DevExt=%08x, 
| DevObj=%08x 

| (PrevState=%08x)\n",d,deviceExtension->PSMStorageObject, 
| PrevState)); 
71227| 

71228| // handle it synchronous 

71229| 

71230| // we need to load snapshots 

| back up if the dismount fails for whatever reason 

71231| Status = 

| PSMan Forwardl rpSynchronous( DeviceObject, I rp) ; 

71232| 

71233| Debug(DEBUG_SFILTER,("SFILTER: 
| PSManForwardlrpSynchronous returned %08x irp=%08x 
| during dismount, 

| fo=%08x\n",Status,lrp->loStatus.Status,lrp->Tail.Overlay 
| .OriginalFileObject)); 
71234| 

71 235| // for some reason, we can't 

| fathom, when a dismount fails, 
71236| //the status is still 

| STATUS_SUCCESS. In this case, we will 
71237| // high jack the current irp's 

| file object, and ask the file system 



71238| // if it thinks it is 

| dismounted or not. 
71239| // it returns STATUS_SUCCESS if 

| mounted 

71240| // or STATUS_VOLUME_DISMOUNTED 

| if dismounted 
71 241 1 // another thing we could do is 

| intercept FSCTL_IS_VOLUME_MOUNTED 
71 242| // and update our status. 

71243| ULONG status2; 

71244| BOOLEAN PutBack = TRUE; 

71245| 

71 246| if (Status==STATUS_SUCCESS) { 

71247| PFILE_OBJECT FO = 

| irpSp->FileObject; 
71248| if(!FO) { 

71249| FO = 

| lrp->Tail. Overlay. OriginalFileObject; 
71250| } 
71251| ASSERT(FO); 
71252| 

| Debug(DEBUG_SFILTER,("SFILTER: Objects = %08x, %08x, 
| using 

| %08x\n",lrp->Tail. Overlay. OriginalFileObject,irpSp->File 

| Object, FO)); 
71253| status2 = 

| FSJsVolumeMounted(FO); 
71254| 

| Debug(DEBUG_SFILTER,("SFILTER: IsVolumeMounted = 

| %08x\n",status2)); 
71 255| PutBack = (status2 == 

| STATUS_SUCCESS); //PutBack is TRUE only if volume is 

| mounted 
71256| }else{ 
71257| status2 = Status; 

71258| } 
71259| 

71260| if (PutBack) { 

71261 1 // The dismount failed if 

| we get here. 
71262| d->lsMounted = PrevState; 

71263| Debug(DEBUG_SFILTER,("Just 

| set IsMounted back to %08x for DevExt=%08x, 

| DevObj=%08x\n",PrevState,d,deviceExtension->PSMStorageOb 

I ject)); 
71264| 

71 265| // if previous state was 

| mounted then remap in virtual drives 
71266| if((PrevState==TRUE) && 

| (PersistentDictionary::GetSystemReady()) && 



I (!d->lsReverting)) { 
71 267| HANDLE Temp Handle; 

71268| 
71269| 

| pmStartThread(PersistentDictionary::Part20fRebuildForVol 
| ume,deviceExtension->PSMStorageObject,&TempHandle); 
71270| 

| ZwWaitForSingleObject(TempHandle,FALSE,NULL); 
71271 1 ZwClose(TempHandle); 
71272| }else{ 
71273| // got set to true in 

| MiniUnload 
71274| d->DoDirectlO = 

| DirectState; 
71275| } 
71276| } 
71277| 

71278| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
71279| return Status; 

71280| }else{ 

71281 1 Debug(DEBUG_SFILTER,("SFILTER: 

| Dismount Volume Request for virtual volume\n")); 
71 282| loSkipCurrentlrpStackLocation( 

I "rp ); 
71283| } 
71284| break; 
71285| } 
71286| 

71287| case FSCTL_EXTEND_VOLUME : { 

71288| 

71 289| // extends a dynamic volume. We need to 

| intercept a successful return in order to extend the 
| volume bit map. 

71290| Debug(DEBUG_SFILTER,("SFILTER: Extend 

| Volume Request\n")); 

71291| 

71292| if ( (!deviceExtension->Virtual) && 

| (deviceExtension->PSMStorageObject) ) { 
71 293| PFILTERED_EXTENSION Ext = 

| (PFILTERED_EXTENSION)GetDeviceExtension(deviceExtension- 

| >PSMStorageObject); 
71294| 

71295| // 

71296| int Switch=1 ; // 0 = Fail 

71297| //1 = Catch 

| Return 

71298| 112 = passthru 

71299| 

71 300| if((Ext->PSMed) && 



I (PersistentDictionary::DoFreeSpaceChecks())) { 
71301| switch (Switch) { 

71302| caseO: 
71303| 

| Debug(DEBUG_SFILTER,("SFILTER: returning error to 
| caller\n" )); 

71304| lrp->loStatus. Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
71305| 

| lrp->loStatus. Information = 0; 
71306| 

71307| loCompleteRequest( Irp, 

| IO_NO_INCREMENT); 
71308| return 

| STATUS_INVALID_DEVICE_REQUEST; 
71309| case 1 : { 

71310| KEVENT Event; 

7131 1 1 PLARGEJNTEGER 

| NewSize=(PLARGE_INTEGER)lrp->Associatedlrp.SystemBuffer; 
71312| 

71313| // Extend the bitmap 

71314| Status = 

| Extend FreeSpaceBitmaps( 

| deviceExtension->PSMStorageObject, *NewSize ); 
71315| if(NT_SUCCESS(Status)) 

|{ 
71316| 

| Debug(DEBUG_SFILTER, ("Success extending bitmaps\n")); 
71317| // modify what we 

| know about the size of this partition 
71318| 

| Ext->Pi.PartitionLength.QuadPart = NewSize->QuadPart * 
1512; 

71319| }else{ 
71320| 

| Debug(DEBUG_SFILTER, ("Error %08x extending 

| bitmaps\n",Status)); 
71321| } 
71322| 

71 323| // Send the command to 

| the file system 
71324| 
71325| 

| KelnitializeEvent(&Event,NotificationEvent, FALSE); 
71326| 
71327| 

| Debug(DEBUG_DEVSUP, ("Extend: Sending extend to lower 

| driversAn")); 
71328| 
71329| 



I loCopyCurrentlrpStackLocationToNext( Irp ); 
71330| 

71 331 1 loSetCompletionRoutine( 

71332| Irp, 

71333| 

| FsCtlExtendVolumeCompletionRoutine, 
71334| &Event, 
71335| TRUE, 
71336| TRUE, 
71337| TRUE 
71338| ); 
71339| 

71340| Status = loCallDriver( 

| deviceExtension->TargetDeviceObject, Irp ); 
71341| 

71342| if (Status == 

| STATUS_PENDING) { 
71343| 

| ASSERT(KeGetCurrentlrql() < D I S P ATC H_L E V E L) ; 
71344| 

| pmWaitForSingleObject(&Event,NULL); 
71345| 

71346| Status = 

| lrp->loStatus. Status; 
71347| 

| Debug(DEBUG_DEVSUP, ("Extend: Extend finished with wait. 

| loStatus=%08x,%08x\n",lrp->loStatus.Status,lrp->loStatus 

| .Information)); 
71348| }else{ 
71349| 

| Debug(DEBUG_DEVSUP, ("Extend: Extend finished without 
| wait. Status=%08x, 

| loStatus=%08x,%08x\n",Status,lrp->loStatus.Status,lrp->l 

| oStatus. Information)); 
71350| } 
71 351 1 // finish the request 

71352| if( 

| lrp->PendingReturned ) { 
71353| loMarklrpPending( 

I "rp ); 

71354| } 

71355| 

71356| 

| loCompleteRequest(lrp,IO_NO_INCREMENT); 
71357| return Status; 

71358| } 
71359| case 2: 

71360| 

| loSkipCurrentlrpStackl_ocation( Irp ); 
71361| break; 



71362| default: 
71363| 

| Debug(DEBUG_SFILTER,("SFILTER: unknown switch\n M )); 
71364| 

| loSkipCurrentlrpStackLocation( Irp ); 
71365| break; 
71366| }// switch 

71367| }//psmed 
71368| }// not virtual 

71369| }//case 
71370| 

71371 1 case FSCTL_GET_NTFS_VOLUME_DATA : 

71372| loSkipCurrentlrpStackl_ocation( Irp ); 

71373| break; 

71374| case FSCTL_G ET_NT FS_F I L E_R ECO R D : 

71375| loSkipCurrentlrpStackLocation( Irp ); 

71376| break; 

71377| case FSCTL_GET_VOLUME_BITMAP: { 

71378| #if 0 

71379| if ( deviceExtension->Virtual ) { 

7 1 380 1 I n val id Device Request : 

71 381 1 // dont allow this on virtual 

| volumes 

71382| lrp->loStatus.Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
71383| lrp->loStatus. Information = 0; 

71 384| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
71385| return 

| STATUS_I N VALI D_D EVI C E_REQU EST; 
71386| } 
71387| 

71 388| pHelperThread 

| Context=(pHelperThread)MemAllocatePoolWithTag(NonPagedPo 

| ol,sizeof(tHelperThread),TEMPTAG); 
71389| if ( IContext) { 

71390| lrp->loStatus.Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
71391 1 lrp->loStatus. Information = 0; 

71 392| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
71393| return 

| STATUS_INSUFFICIENT_RESOURCES; 
71394| } 
71395| 
71396| 

| KelnitializeEvent(&Context->Event,NotificationEvent,FALS 
I E); 

71397| Context->lrp = Irp; 

71 398| Context->DeviceObject = 



I DeviceObject; 
71399| 

71400| HANDLE TempHandle; 

71401| Status = 

| pmStartThread((PKSTART_ROUTINE)GetVolumeBitMapThread,Con 

| text,&TempHandle); 
71402| if ( !NT_SUCCESS(Status) ) { 

71403| MemFreePool(Context); 
71404| lrp->loStatus.Status = Status; 

71405| lrp->loStatus. Information = 0; 

71 406| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
71407| return Status; 

71408| } 

71409| ZwClose(TempHandle); 

71410| 

71411| 

71412| // lets intercept this request 

71413| 

| loCopyCurrentlrpStackLocationToNext( Irp ); 
71414| 

71 41 5| loSetCompletionRoutine( 
71416| Irp, 
71417| 

| SfHelperThreadCompletion, 

Context, 
TRUE, // 



71418| 
71419| 

| invoke on success 
71420| 

| invoke on error 
71421| 

| invoke on cancel 
71422| 
71423| 
71424| #else 
71425| 
71426| 

71427| #endif 
71428| 



TRUE,// 



TRUE// 



); 



break; 



loSkipCurrentlrpStackl_ocation( Irp ); 
break; 



} 

case FSCTL_G ET_RETRI E VAL_POI NTE RS : 
loSkipCurrentlrpStackl_ocation( Irp ); 
break; 

case FSCTL_MOVE_FILE: 
if ( deviceExtension->Virtual ) { 
// dont allow this on virtual 



71429| 
71430| 
71431| 
71432| 
71433| 
71434| 
| volumes 

71435| lrp->loStatus. Status = 

| STATUS_INVALID_DEVICE_REQUEST; 
71436| lrp->loStatus. Information = 0; 

71437| loCompleteRequest(lrp, 



I IO_NO_INCREMENT); 
71438| return 

| STATUS_I N VALI D_D E VI C E_REQU EST; 
71439| }else{ 
71440| //dont allow our file to be 

| defragged for now. 
71441 1 // later on, we may allow it, and 

| modify our maps directly 
71442| 

| if (FilelsPSM(irpSp->FileObject, FALSE)) { 
71443| lrp->loStatus.Status = 

| STATUS_ACCESS_DENIED; 
71444| lrp->loStatus. Information = 0; 

71445| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
71446| return STATUS_ACCESS_DENIED; 

71447| }else{ 
71448| // until we allow defrag and 

| PSM to work together, lets 
71 449| // deny all def rags while there 

| are snapshots on this volume 
71450| PFILTERED EXTENSION d = 

| (PFILTERED_EXTENSION)GetDeviceExtension(deviceExtension- 

| >PSMStorageObject); 
71451| if(d->PSMed) { 

71452| lrp->loStatus.Status = 

| STATUS_ACCESS_DENIED; 
71453| lrp->loStatus. Information = 

10; 

7 1 454 1 I o Co m p lete Req u est ( I rp , 

| IO_NO_INCREMENT); 
71455| return 

| STATUS_ACCESS_DENIED; 
71456| } 
71457| } 
71458| } 

71459| loSkipCurrentlrpStackl_ocation( Irp ); 

71460| break; 

71461| default: 

71462| //send it down 

71463| loSkipCurrentlrpStackl_ocation( Irp ); 

71464| } 

71465|/* 

71466| } else if ( irpSp->MinorFunction == 

| I R P_M N_Q U E R Y D I R ECTO R Y ) { 
71 467| // We intercept directory requests solely for 

| removing nested snapshot 
71 468| // directories on a virtual volume. All other 

| requests we allow to pass through 
71469| //untouched. 



71470| 7 
71471| }else{ 
71472| 

71473| //Debug(DEBUG_SFILTER,("SFILTER: Sending 

| request down\n")); 
71474| // 

71475| // Simply pass this file system control request 

| through. 
71476| // 
71477| 

71478| loSkipCurrentlrpStackl_ocation( Irp ); 
71479| } 
71480| 
71481| // 

71482| // Any special processing has been completed, so 

| simply pass the request 
71483| // along to the next driver. 
71484| // 
71485| 

71486| return loCallDriver( 

| deviceExtension->TargetDeviceObject, Irp ); 
71487| } 
71488| 

71489| STATIC 

71490| VOID 

71491| SfFsNotification( 

71492| IN PDEVICE_OBJECT DeviceObject, 

71493| IN BOOLEAN FsActive 

71494| ) 

71495| 

71496| /*++ 

71497| 

71498| Routine Description: 
71499| 

71500| This routine is invoked whenever a file system has 

| either registered or 
71 501 1 unregistered itself as an active file system. 
71502| 

71 503| For the former case, this routine creates a device 

| object and attaches it 
71504| to the specified file system's device object. This 

| allows this driver 
71 505| to filter all requests to that file system. 
71506| 

71 507| For the latter case, this file system's device 

| object is located, 
71508| detached, and deleted. This removes this file 

| system as a filter for 
71 509| the specified file system. 
71510| 



71511| Arguments: 
71512| 

71513| DeviceObject - Pointer to the file system's device 

| object. 
71514| 

71 51 5| FsActive - Ffolean indicating whether the file 

| system has registered 
71516| (TRUE) or unregistered (FALSE) itself as an 

| active file system. 
71517| 

71518| Return Value: 
71519| 

71520| None. 
71521| 
71522| -7 
71523| 
71524| { 

71 525| NTSTATUS status; 

71526| PDEVICE_OBJECT deviceObject; 

71527| PDEVICE_OBJECT nextAttached Device; 

71528| PDEVICE_OBJECT fsDevice; 

71529| 

71530| PAGED_CODE(); 
71531| 

71532| Debug(DEBUG_SFILTER,("SFILTER: Notification 
| routine, Device=%08x, active=%d, 

| fs='%wZ'\n", DeviceObject, FsActive,&DeviceObject->DriverO 
| bject->DriverName)); 
71533| // 

71 534| // Begin by determine whether or not the file 

| system is a disk-based file 
71535| // system. If not, then this driver is not 

| concerned with it. 
71536| // 
71537| 

71538| if ( DeviceObject->DeviceType != 

| FILE DEVICE DISK FILE SYSTEM ) { 
71539| Debug(DEBUG_SFILTER,("SFILTER: Not a disk file 

| system !\n")); 
71540| return; 
71541| } 
71542| 
71543| // 

71544| // Begin by determining whether this file system is 

| registering or 
71545| // unregistering as an active file system. 
71546| // 
71547| 

71548| if ( FsActive ) { 
71549| 



71550| PFS_FILTER_EXTENSION device Extension; 
71551| 

71552| // 

71553| // The file system has registered as an active 

| file system. If it is 
71 554| // a disk-based file system attach to it. 
71555| // 
71556| 

71557| FsRtlEnterFileSystemO; 

71558| ExAcquireResourceExclusive( &FsLock, TRUE ); 
71559| #ifdef DEBUG_EXTENSION 
71560| ULONG SizeOf Device Ext = 

| sizeof(DEVICE_EXTENSION); 
71561| #else 

71 562| ULONG SizeOf Device Ext = sizeof( 

| FS_FILTER_EXTENSION); 
71563| #endif 

71564| status = loCreateDevice( 

71565| PSManDriverObject, 

71 566| SizeOf DeviceExt, 

71567| (PUNICODE_STRING) NULL, 

71568| 

| FILE_DEVICE_DISK_FILE_SYSTEM, 
71569| 0, 
71570| FALSE, 
71571| &deviceObject 
71572| ); 
71573| 

71574| if ( NT_SUCCESS( status ) ) { 
71575| #ifdef DEBUG_EXTENSION 
71576| 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Ob 
| jectType = OBJECT_FS_FILTER; 
71577| 

| ((PDEVICE_EXTENSION)(deviceObject->DeviceExtension))->Re 
| alDeviceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,FS_FILTER_EXTENSION 
| SIZE,DEVEXTTAG); 
71578| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(deviceObject->DeviceE 
| xtension))->RealDeviceExtension,FS_FILTER_EXTENSION_SIZE 

I); 

71579| #endif 
71580| 

71581 1 #ifdef DO_ALL_S FILTER 

71582| Debug(DEBUG_SFILTER,("SFILTER: created 

| filter %08x for f ilesystem 

| %08x\n",deviceObject, DeviceObject)); 
71583| #endif /*DO_ALL_SFILTERV 

71584| 



71585| deviceExtension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(deviceObject); 
71 586| deviceExtension->DeviceObject = 

| deviceObject; 
71 587| deviceExtension->DriverObject = 

| PSMan DriverObject; 
71588| deviceExtension->ObjectType = 

| OBJECT_FS_FILTER; 



71589| 


deviceExtension- 


•>Attached = FALSE; 




71590| 


deviceExtension- 


•>TargetDeviceObject = 


: NULL; 


71591| 


deviceExtension- 


>PSMStorageObject = 


NULL; 


71592| 


deviceExtension- 


>Virtual = FALSE; 




71593| 


deviceExtension- 


•>FileSystem = TRUE; 




71594| 


UNICODE_STRING Check; 




71595| 









| Rt 1 1 n itU n icodeSt ri ng (&C heck, L"\\Fi leSystemWR A W") ; 
71596| 



| if(RtlCompareL)nicodeString(&Check,&DeviceObject->DriverO 

| bject->DriverName,TRUE)==0) { 
71597| deviceExtension->lsRaw=TRUE; 
71598| } 
71599| 

| Rt 1 1 n itU n icodeSt ri ng (&C heck, L M \\Fi leSystemWFastf at") ; 
71600| 

| if(RtlCompareUnicodeString(&Check,&DeviceObject->DriverO 

| bject->DriverName,TRUE)==0) { 
71 601 1 deviceExtension->lsFat=TRUE; 
71602| } 
71603| 

| RtllnitUnicodeString(&Check,L M \\FileSystem\\Ntfs M ); 
71604| 

| if(RtlCompareUnicodeString(&Check,&DeviceObject->DriverO 

| bject->DriverName,TRUE)==0) { 
71 605| deviceExtension->lsNtfs=TRUE; 
71606| } 
71607| 

71608| DeviceObject = I o Attach DeviceToDeviceStack( 

| deviceObject, DeviceObject ); 
71 609| if ( DeviceObject == NULL ) { 

71610| Debug(DEBUG_SFILTER,("SFILTER: Unable 

| to create fs filter\n M )); 
71 61 1 1 loDeleteDevice( deviceObject ); 

71612| }else{ 

71 61 3| deviceExtension->TargetDeviceObject = 

| DeviceObject; 
71614| device Extension->Attached = TRUE; 

71 61 5| deviceObject->Flags &= 

| ~DO_DEVICE_INITIALIZING; 
71616| } 
71617| } 



71618| ExReleaseResource( &FsLock ); 
71619| FsRtlExitFileSystem(); 
71620| }else{ 
71621| 

71622| // 

71 623| // Search the linked list of drivers attached 

| to this device and check 
71 624| // to see whether this driver is attached to 

| it. If so, remove it. 
71625| // 
71626| 

71 627| if ( nextAttached Device = 
| DeviceObject->Attached Device ) { 
71628| 

71 629| PFS_FILTER_EXTENSION device Extension; 

71630| 

71631| // 

71 632| // This registered file system has someone 

| attached to it. Scan 
71 633| // until this driver's device object is 

| found and detach it. 
71634| // 
71635| 

71 636| FsRtlEnterFileSystemO; 

71 637| ExAcquireResourceShared( &FsLock, TRUE ); 

71638| 

71 639| while ( nextAttached Device ) { 

71640| device Extension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(nextAttachedDev 

I ice); 
71641| if( 

| PsmGetObjectType(nextAttachedDevice)==OBJECT_FS_FILTER 

l){ 

71642| // 

71 643| // A device object that may belong 

| to this driver has been 
71644| //located. Scan the list of 

| device objects owned by this 
71 645| // driver to see whether or not is 

| actually belongs to this 
71646| //driver. 
71647| // 
71648| 

71649| fsDevice = 

| PSManDriverObject->DeviceObject; 
71 650| while ( fsDevice ) { 

71651| if ( fsDevice == 

| nextAttached Device ) { 
71652| 

| ASSERT(PsmGetObjectType(fsDevice)==OBJECT_FS_FILTER); 



71653| 

| Debug(DEBUG_SFILTER,("SFILTER: Detaching from 

| %08x\n",DeviceObject)); 
71 654| loDetachDevice( 

| DeviceObject ); 
71655| device Extension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(fs Device); 
71656| device Extension->Attached = 

| FALSE; 
71657| if( 

| !fsDevice-> Attached Device ) { 
71 658| loDeleteDevice( 

| fs Device ); 
71659| } 
71 660| // **** What to do if still 

| attached? 

71 661 1 Ex Release Resource( &FsLock 

I); 

71 662| FsRtlExitFileSystemO; 

71663| return; 

71664| } 

71665| fsDevice = 

| fsDevice->NextDevice; 
71666| } 
71667| } 

71 668| DeviceObject = nextAttached Device; 

71 669| nextAttached Device = 

| nextAttached Device-> Attached Device; 
71670| } 

71 671 1 ExReleaseResource( &FsLock ); 

71 672| FsRtlExitFileSystemO; 
71673| } 
71674| } 
71675| 

71676| return; 
71677| } 
71678| 
71679| 

71680| // returns true if it can handle the request, otherwise 

| false 
71681| STATIC 
71682| BOOLEAN 

71683| FastloCommonStuff( PDEVICE_OBJECT DeviceObject, 

| PFILE_OBJECT FileObject, char *Where ) 
71684| { 

71685| PAG E D_CO D E () ; 

71686| 

71687| if( 

| PsmGetObjectType(DeviceObject)!=OBJECT_FS_FILTER ) { 
71 688| Debug(DEBUG_SFILTER,("SFILTER: %s: Not fs 



I object\n",Where)); 
71689| return TRUE; 
71690| } 
71691| 
71692| 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

71693| 

71694| return FALSE; 

71695| } 

71696| 

71697| 

71698| STATIC 

71699| BOOLEAN 

71700| SfFastloChecklfPossible( 

71 701 1 IN PFILE_OBJECT FileObject, 

71 702| IN PLARGEJNTEGER FileOffset, 

71703| IN ULONG Length, 

71 704| IN BOOLEAN Wait, 

71 705| IN ULONG LockKey, 

71706| IN BOOLEAN 

| CheckForReadOperation, 
71 707| OUT PIO_STATUS_BLOCK loStatus, 

71 708| IN PDEVICE_OBJECT DeviceObject 

71709| ) 
71710| 
71711| r++ 
71712| 

71713| Routine Description: 
71714| 

71715| This routine is the fast I/O "pass through" routine 

| for checking to see 
71 71 6| whether fast I/O is possible for this file. 
71717| 

71 71 8| This function simply invokes the file system's 

| cooresponding routine, or 
71719| returns FALSE if the file system does not implement 

| the function. 
71720| 

71721 1 Arguments: 
71722| 

71 723| FileObject - Pointer to the file object to be 

| operated on. 
71724| 

71 725| FileOffset - Byte offset in the file for the 

| operation. 
71726| 

71 727| Length - Length of the operation to be performed. 
71728| 

71 729| Wait - Indicates whether or not the caller is 



I willing to wait if the 
71730| appropriate locks, etc. cannot be acquired 
71731| 

71 732| LockKey - Provides the caller's key for file locks. 
71733| 

71 734| CheckForReadOperation - Indicates whether the 

| caller is checking for a 
71735| read (TRUE) or a write operation. 
71736| 

71 737| loStatus - Pointer to a variable to receive the I/O 

| status of the 
71738| operation. 
71739| 

71 740| DeviceObject - Pointer to this driver's device 

| object, the device on 
71 741 1 which the operation is to occur. 
71742| 

71743| Return Value: 
71744| 

71 745| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
71 746| is possible for this file. 
71747| 
71748| -7 
71749| 
71750| { 

71 751 1 PDEVICE_OBJECT deviceObject; 

71 752| PFAST_IO_DISPATCH fastlo Dispatch; 

71753| 

71754| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloChec 

| klfloPossible")) { 
71755| return FALSE; 
71756| } 
71757| 

71 758| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
71759| if ( IdeviceObject ) { 
71760| return FALSE; 
71761| } 
71762| 

71 763 1 fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
71764| 

71 765| if ( fastloDispatch && 

| fastloDispatch->FastloChecklfPossible ) { 
71766| return(fastloDispatch->FastloChecklfPossible)( 
71767| 

| FileObject, 
71768| 



I FileOffset, 
71769| 

I Length, 
71770| 

| Wait, 
71771| 

| LockKey, 
71772| 

| CheckForReadOperation, 
71773| 

| loStatus, 
71774| 

| deviceObject 
71775| ); 
71776| }else{ 
71777| return FALSE; 
71778| } 
71779| 
71780| } 
71781| 

71782| STATIC 
71783| BOOLEAN 
71784| SfFastloRead( 

71785| IN PFILE_OBJECT FileObject, 

71786| IN PLARGEJNTEGER FileOffset, 

71787| IN ULONG Length, 

71 788| IN BOOLEAN Wait, 

71789| IN ULONG LockKey, 

71790| OUT PVOID Buffer, 

71 791 1 OUT PIO_STATUS_BLOCK loStatus, 

71792| IN PDEVICE_OBJECT DeviceObject 

71793| ) 

71794| 

71795| /*++ 

71796| 

71797| Routine Description: 
71798| 

71 799| This routine is the fast I/O "pass through" routine 

| for reading from a 
71800| file. 
71801| 

71 802| This function simply invokes the file system's 

| cooresponding routine, or 
71803| returns FALSE if the file system does not implement 

| the function. 
71804| 

71805| Arguments: 
71806| 

71807| FileObject - Pointer to the file object to be read. 
71808| 



71809| FileOffset - Byte offset in the file of the read. 
71810| 

7181 1 1 Length - Length of the read operation to be 

| performed. 
71812| 

71813| Wait - Indicates whether or not the caller is 

| willing to wait if the 
71814| appropriate locks, etc. cannot be acquired 
71815| 

71 81 6| LockKey - Provides the caller's key for file locks. 
71817| 

71818| Buffer - Pointer to the caller's buffer to receive 

| the data read. 
71819| 

71820| loStatus - Pointer to a variable to receive the I/O 

| status of the 
71821| operation. 
71822| 

71823| DeviceObject - Pointer to this driver's device 

| object, the device on 
71824| which the operation is to occur. 
71825| 

71826| Return Value: 
71827| 

71828| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
71 829| is possible for this file. 
71830| 
71831| -7 
71832| 
71833| { 

71834| PDEVICE_OBJECT deviceObject; 
71835| PFAST_IO_DISPATCH fastlo Dispatch; 
71836| 
71837| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloRead 
I ")) { 

71838| return FALSE; 

71839| } 

71840| 

71841 1 deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
71842| if ( IdeviceObject ) { 
71843| return FALSE; 
71844| } 

71845| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
71846| 

71847| if ( fastloDispatch && fastloDispatch->FastloRead ) 
|{ 



71 848| return(fastloDispatch->FastloRead)( 

71849| FileObject, 

71850| FileOffset, 

71851| Length, 

71852| Wait, 

71853| LockKey, 

71854| Buffer, 

71855| loStatus, 

71856| deviceObject 

71857| ); 

71858| }else{ 

71859| return FALSE; 

71860| } 



71861| } 
71862| 

71863| STATIC 
71864| BOOLEAN 
71865| SfFastloWrite( 



71866| IN PFILE_OBJECT FileObject, 

71867| IN PLARGEJNTEGER FileOffset, 

71868| IN ULONG Length, 

71869| IN BOOLEAN Wait, 

71870| IN ULONG LockKey, 

71871| IN PVOID Buffer, 

71872| OUT PIO_STATUS_BLOCK loStatus, 

71873| IN PDEVICE_OBJECT DeviceObject 

71874| ) 

71875| 



71876| /*++ 
71877| 

71878| Routine Description: 
71879| 

71880| This routine is the fast I/O "pass through" routine 

| for writing to a 
71881| file. 
71882| 

71883| This function simply invokes the file system's 

| cooresponding routine, or 
71884| returns FALSE if the file system does not implement 

| the function. 
71885| 

71886| Arguments: 
71887| 

71 888| FileObject - Pointer to the file object to be 

| written. 
71889| 

71 890| FileOffset - Byte offset in the file of the write 

| operation. 
71891| 

71892| Length - Length of the write operation to be 



I performed. 
71893| 

71894| Wait - Indicates whether or not the caller is 

| willing to wait if the 
71895| appropriate locks, etc. cannot be acquired 
71896| 

71897| LockKey - Provides the caller's key for file locks. 
71898| 

71 899 1 Buffer - Pointer to the caller's buffer that 

| contains the data to be 
71900| written. 
71901| 

71902| loStatus - Pointer to a variable to receive the I/O 

| status of the 
71903| operation. 
71904| 

71905| DeviceObject - Pointer to this driver's device 

| object, the device on 
71906| which the operation is to occur. 
71907| 

71908| Return Value: 
71909| 

71910| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
71911| is possible for this file. 
71912| 
71913| -7 
71914| 
71915| { 

71916| PDEVICE_OBJECT deviceObject; 
71917| PFAST_IO_DISPATCH fastlo Dispatch; 
71 918| PFS_FILTER_EXTENSION 

| DevExt=(PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceOb 

I ject); 
71919| 
71920| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloWrit 
I e")) { 

71921| return FALSE; 

71922| } 

71923| 

71924| if ( (DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
71 925| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(DevExt->PS 

| MStorageObject); 
71926| 

71 927| if ( VDiskExt->SnapShot ) { 

71 928| pPersistentDictionary dictionary = 

| (pPersistentDictionary) VDiskExt->SnapShot->Dictionary; 



71929| ASSERT ( dictionary != NULL ); 

71930| if ( dictionary != NULL ) { 

71931 1 if ( dictionary->lsReadOnly() ) { 

71932| if ( FilelsReadOnly(FileObject) ) { 

71933| // virtual volume is marked 

| readonly, deny this write 
71934| Debug(DEBUG_SFILTER,("SFILTER: 

| FastloWrite: Write to readonly volume\n")); 
71935| loStatus->lnformation = 0; 

71 936| loStatus->Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 
71937| return TRUE; 

71938| } 
71939| }else{ 

71940| // not a read-only snapshot. Need 

| to check cache usage... 
71 941 1 if ( !(gVDisklOHandling & 

| PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS) ) { 
71942| if( 

| dictionary->lsCacheWarningThresholdReached() ) { 
71943| if( 

| FilelsOpenOnSnapShot(FileObject, FALSE) ) { 
71944| // Fail the write to 

| the snapshot because too much cache is in use... 
71 945| NTSTATUS Status = 

| loStatus->Status = STATUS_DISK_FULL; 
71946| loStatus->lnformation = 

10; 
71947| 

| Debug(DEBUG_SFILTER,("Sf FastloWrite: Reporting 
| STATUS_DISK_FULL; DevExt=%08x\n",DevExt)); 

71948| return TRUE; 

71949| } 

71950| } 

71951| } 

71952| } 

71953| } 

71954| } 

71955| } 

71956| 

71957| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
71958| if ( IdeviceObject ) { 
71959| return FALSE; 
71960| } 

71 961 1 fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
71962| 

71963| if ( fastloDispatch && fastloDispatch->FastloWrite 
l){ 



71 964| return(fastloDispatch->FastloWrite)( 

71965| FileObject, 

71966| FileOffset, 

71967| Length, 

71968| Wait, 

71969| LockKey, 

71970| Buffer, 

71971| loStatus, 

71972| deviceObject 

71973| ); 

71974| }else{ 

71975| return FALSE; 

71976| } 



71977| } 
71978| 

71979| STATIC 

71980| BOOLEAN 

71981| SfFastloQueryBasiclnfo( 



71982| IN PFILE_OBJECT FileObject, 

71983| IN BOOLEAN Wait, 

71984| OUT PFILE_BASIC_INFORMATION 
| Buffer, 

71985| OUT PIO_STATUS_BLOCK loStatus, 

71986| IN PDEVICE_OBJECT DeviceObject 

71987| ) 
71988| 



71989| /*++ 
71990| 

71991| Routine Description: 
71992| 

71993| This routine is the fast I/O "pass through" routine 

| for querying basic 
71 994| information about the file. 
71995| 

71996| This function simply invokes the file system's 

| cooresponding routine, or 
71997| returns FALSE if the file system does not implement 

| the function. 
71998| 

71999| Arguments: 
72000| 

72001 1 FileObject - Pointer to the file object to be 

| queried. 
72002| 

72003| Wait - Indicates whether or not the caller is 

| willing to wait if the 
72004| appropriate locks, etc. cannot be acquired 
72005| 

72006| Buffer - Pointer to the caller's buffer to receive 
| the information about 



72007| the file. 
72008| 

72009| loStatus - Pointer to a variable to receive the I/O 

| status of the 
72010| operation. 
72011| 

72012| DeviceObject - Pointer to this driver's device 

| object, the device on 
72013| which the operation is to occur. 
72014| 

72015| Return Value: 
72016| 

7201 7| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
7201 8| is possible for this file. 
72019| 
72020| -7 
72021 | 
72022 1 { 

72023| PDEVICE_OBJECT deviceObject; 
72024| PFAST_IO_DISPATCH fastlo Dispatch; 
72025| 
72026| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloQuer 

| yBasiclnfo")) { 
72027| return FALSE; 
72028| } 
72029 | 

72030| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72031| if ( IdeviceObject ) { 
72032| return FALSE; 
72033| } 

72034| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72035| 

72036| if ( fastloDispatch && 

| fastloDispatch->FastloQueryBasiclnfo ) { 
72037| return(fastloDispatch->FastloQueryBasiclnfo)( 
72038| 

| FileObject, 
72039| 

| Wait, 
72040| 

| Buffer, 
72041 | 

| loStatus, 
72042 1 

| deviceObject 
72043 1 ); 



72044| } else { 

72045| return FALSE; 

72046| } 

72047| } 

72048| 

72049| STATIC 

72050| BOOLEAN 

72051 1 SfFastloQueryStandardlnfo( 



72052| IN PFILE_OBJECT FileObject, 

72053| IN BOOLEAN Wait, 

72054| OUT PFILE_STANDARD_INFORMATION 
| Buffer, 

72055| OUT PIO_STATUS_BLOCK loStatus, 

72056| IN PDEVICE_OBJECT DeviceObject 

72057| ) 
72058| 



72059 1 /*++ 
72060 1 

72061| Routine Description: 
72062| 

72063| This routine is the fast I/O "pass through" routine 

| for querying standard 
72064| information about the file. 
72065| 

72066| This function simply invokes the file system's 

| cooresponding routine, or 
72067| returns FALSE if the file system does not implement 

| the function. 
72068| 

72069| Arguments: 
72070| 

72071 1 FileObject - Pointer to the file object to be 

| queried. 
72072 1 

72073| Wait - Indicates whether or not the caller is 

| willing to wait if the 
72074| appropriate locks, etc. cannot be acquired 
72075| 

72076| Buffer - Pointer to the caller's buffer to receive 

| the information about 
72077| the file. 
72078| 

72079| loStatus - Pointer to a variable to receive the I/O 

| status of the 
72080| operation. 
72081 | 

72082| DeviceObject - Pointer to this driver's device 

| object, the device on 
72083| which the operation is to occur. 
72084| 



72085| Return Value: 
72086| 

72087| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72088| is possible for this file. 
72089| 
72090| -7 
72091| 
72092| { 

72093| PDEVICE_OBJECT deviceObject; 
72094| PFAST_IO_DISPATCH fastlo Dispatch; 
72095| 
72096| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloQuer 

| yStandardlnfo")) { 
72097| return FALSE; 
72098| } 
72099| 

721 00| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72101| if ( IdeviceObject ) { 
72102| return FALSE; 
72103| } 

72104| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72105| 

721 06| if ( fastloDispatch && 

| fastloDispatch->FastloQueryStandardlnfo ) { 
72107| 

| return(fastloDispatch->FastloQueryStandardlnfo)( 
72108| 

| FileObject, 
72109| 

| Wait, 
72110| 

| Buffer, 
72111| 

| loStatus, 
72112| 

| deviceObject 
72113| 

I); 

72114| }else{ 

72115| return FALSE; 

72116| } 

72117| } 

72118| 

72119| STATIC 
72120| BOOLEAN 
72121| SfFastloLock( 



72122| 


IN PFILE_OBJECT FileObject, 


72123| 


IN PLARGEJNTEGER FileOffset, 


72124| 


IN PLARGEJNTEGER Length, 


72125| 


PEPROCESS Processld, 


72126| 


ULONG Key, 


72127| 


BOOLEAN Faillmmediately, 


72128| 


BOOLEAN ExclusiveLock, 


72129| 


OUT PIO_STATUS_BLOCK loStatus, 


72130| 


IN PDEVICE_OBJECT DeviceObject 


72131| 


) 


72132| 




72133| /*++ 




72134| 





72135| Routine Description: 
72136| 

72137| This routine is the fast I/O "pass through" routine 

| for locking a byte 
721 38| range within a file. 
72139| 

72140| This function simply invokes the file system's 

| cooresponding routine, or 
72141 1 returns FALSE if the file system does not implement 

| the function. 
72142| 

72143| Arguments: 
72144| 

721 45 1 FileObject - Pointer to the file object to be 

| locked. 
72146| 

72147| FileOffset - Starting byte offset from the base of 

| the file to be locked. 
72148| 

72149| Length - Length of the byte range to be locked. 
72150| 

72151 1 Processld - ID of the process requesting the file 

| lock. 
72152| 

721 53 1 Key - Lock key to associate with the file lock. 
72154| 

72155| Faillmmediately - Indicates whether or not the lock 

| request is to fail 
72156| if it cannot be immediately be granted. 
72157| 

72158| ExclusiveLock - Indicates whether the lock to be 

| taken is exclusive (TRUE) 
72159| or shared. 
72160| 

721 61 1 loStatus - Pointer to a variable to receive the I/O 

| status of the 
72162| operation. 



72163| 

721 64| DeviceObject - Pointer to this driver's device 

| object, the device on 
721 65| which the operation is to occur. 
72166| 

72167| Return Value: 
72168| 

721 69 1 The function value is TRUE or FALSE based on 

| whether or not fast I/O 
721 70| is possible for this file. 
72171| 
72172| -7 
72173| 
72174| { 

721 75\ PDEVICE_OBJECT deviceObject; 
721 76| PFAST_IO_DISPATCH fastlo Dispatch; 
72177| 
72178| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloLock 
I ")) { 

72179| return FALSE; 

72180| } 

72181| 

72182| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72183| if ( IdeviceObject ) { 
72184| return FALSE; 
72185| } 

721 86| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72187| 

721 88 1 if ( fastloDispatch && fastloDispatch->FastloLock ) 



|{ 

721 89 1 return(fastloDispatch->FastloLock)( 

72190| FileObject, 

72191| FileOffset, 

72192| Length, 

72193| Process Id, 

72194| Key, 
72195| 



| Faillmmediately, 
72196| 

| ExclusiveLock, 



72197| loStatus, 

72198| deviceObject 

72199| ); 

72200| } else { 

72201 1 return FALSE; 

72202 1 } 

72203| 



72204| } 
72205| 

72206| STATIC 

72207| BOOLEAN 

72208| SfFastloUnlockSingle( 



72209| IN PFILE_OBJECT FileObject, 

72210| IN PLARGEJNTEGER FileOffset, 

7221 1 1 IN PLARGEJNTEGER Length, 

72212| PEPROCESS Processld, 

72213| ULONG Key, 

7221 4| OUT PIO_STATUS_BLOCK loStatus, 

72215| IN PDEVICE_OBJECT DeviceObject 

72216| ) 
72217| 



72218| /*++ 
72219| 

72220| Routine Description: 
72221 | 

72222| This routine is the fast I/O "pass through" routine 

| for unlocking a byte 
72223| range within a file. 
72224| 

72225| This function simply invokes the file system's 

| cooresponding routine, or 
72226| returns FALSE if the file system does not implement 

| the function. 
72227| 

72228| Arguments: 
72229 | 

72230| FileObject - Pointer to the file object to be 

| unlocked. 
72231 | 

72232| FileOffset - Starting byte offset from the base of 

| the file to be 
72233| unlocked. 
72234| 

72235| Length - Length of the byte range to be unlocked. 
72236| 

72237| Processld - ID of the process requesting the unlock 

| operation. 
72238| 

72239 1 Key - Lock key associated with the file lock. 
72240 1 

72241 1 loStatus - Pointer to a variable to receive the I/O 

| status of the 
72242| operation. 
72243 1 

72244| DeviceObject - Pointer to this driver's device 

| object, the device on 
72245| which the operation is to occur. 



72246| 

72247| Return Value: 
72248| 

72249| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72250| is possible for this file. 
72251 | 
72252 1 -7 
72253 1 
72254| { 

72255| PDEVICE_OBJECT device Object; 
72256| PFAST_IO_DISPATCH fastlo Dispatch; 
72257| 
72258| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloUnlo 

| ckSingle")) { 
72259 1 return FALSE; 
72260 1 } 
72261 1 

72262| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72263 1 if ( IdeviceObject ) { 
72264| return FALSE; 
72265| } 

72266| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72267| 

72268| if ( fastloDispatch && 

| fastloDispatch->FastloUnlockSingle ) { 
72269| return(fastloDispatch->FastloUnlockSingle)( 
72270 1 

| FileObject, 
72271 1 

| FileOffset, 
72272 1 

I Length, 
72273 1 

| Processld, 
72274| Key, 
72275| 

| loStatus, 
72276| 

| deviceObject 
72277| ); 
72278| } else { 
72279| return FALSE; 
72280 1 } 
72281 1 } 
72282 1 

72283| STATIC 



72284| BOOLEAN 
72285| SfFastloUnlockAII( 



72286| IN PFILE_OBJECT FileObject, 

72287| PEPROCESS Processld, 

72288| OUT PIO_STATUS_BLOCK loStatus, 

72289| IN PDEVICE_OBJECT DeviceObject 

72290| ) 

72291 | 



72292| /*++ 
72293 | 

72294| Routine Description: 
72295| 

72296| This routine is the fast I/O "pass through" routine 

| for unlocking all 
72297| locks within a file. 
72298| 

72299| This function simply invokes the file system's 

| cooresponding routine, or 
72300| returns FALSE if the file system does not implement 

| the function. 
72301 | 

72302| Arguments: 
72303 | 

72304| FileObject - Pointer to the file object to be 

| unlocked. 
72305| 

72306| Processld - ID of the process requesting the unlock 

| operation. 
72307| 

72308| loStatus - Pointer to a variable to receive the I/O 

| status of the 
72309| operation. 
72310| 

7231 1 1 DeviceObject - Pointer to this driver's device 

| object, the device on 
72312| which the operation is to occur. 
72313| 

72314| Return Value: 
72315| 

7231 6| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
7231 7| is possible for this file. 
72318| 
72319| -7 
72320| 
72321| { 

72322| PDEVICE_OBJECT deviceObject; 
72323| PFAST_IO_DISPATCH fastlo Dispatch; 
72324| 
72325| 



I if(FastloCommonStuff(DeviceObject,FileObject,"FastloUnlo 

| ckAN")) { 
72326| return FALSE; 
72327| } 
72328| 

72329| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72330| if ( IdeviceObject ) { 
72331 1 return FALSE; 
72332 1 } 

72333| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72334| 

72335| if ( fastloDispatch && 

| fastloDispatch->FastloUnlockAII ) { 
72336| return(fastloDispatch->FastloUnlockAII)( 
72337| 

| FileObject, 
72338| 

| Processld, 
72339 | 

| loStatus, 
72340 1 

| deviceObject 



72341| ); 

72342| } else { 

72343| return FALSE; 

72344| } 



72345| } 
72346| 

72347| STATIC 

72348| BOOLEAN 

72349| SfFastloUnlockAIIByKey( 



72350| IN PFILE_OBJECT FileObject, 

72351| PVOID Processld, 

72352| ULONG Key, 

72353| OUT PIO_STATUS_BLOCK loStatus, 

72354| IN PDEVICE_OBJECT DeviceObject 

72355| ) 
72356| 



72357| /*++ 
72358| 

72359| Routine Description: 
72360| 

72361 1 This routine is the fast I/O "pass through" routine 

| for unlocking all 
72362| locks within a file based on a specified key. 
72363 1 

72364| This function simply invokes the file system's 
| cooresponding routine, or 



72365| returns FALSE if the file system does not implement 

| the function. 
72366| 

72367| Arguments: 
72368| 

72369| FileObject - Pointer to the file object to be 

| unlocked. 
72370| 

72371 1 Processld - ID of the process requesting the unlock 

| operation. 
72372 1 

72373 1 Key - Lock key associated with the locks on the 

| file to be released. 
72374| 

72375| loStatus - Pointer to a variable to receive the I/O 

| status of the 
72376| operation. 
72377| 

72378| DeviceObject - Pointer to this driver's device 

| object, the device on 
72379| which the operation is to occur. 
72380 1 

72381 1 Return Value: 
72382 1 

72383| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72384| is possible for this file. 
72385| 
72386| -7 
72387| 
72388| { 

72389| PDEVICE_OBJECT deviceObject; 
72390| PFAST_IO_DISPATCH fastlo Dispatch; 
72391 | 
72392 | 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloUnlo 

| ckAIIByKey")) { 
72393 1 return FALSE; 
72394| } 
72395| 

72396| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72397| if ( IdeviceObject ) { 
72398| return FALSE; 
72399 1 } 

72400| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72401 | 

72402| if ( fastloDispatch && 

| fastloDispatch->FastloUnlockAIIByKey ) { 



72403| return(fastloDispatch->FastloUnlockAIIByKey)( 
72404| 

| FileObject, 
72405| 

| Process Id, 
72406| 

| Key, 
72407| 

| loStatus, 
72408| 

| deviceObject 
72409| ); 
72410| }else{ 
72411| return FALSE; 
72412| } 
72413| 
72414| } 
72415| 

72416| STATIC 

72417| BOOLEAN 

72418| SfFastloDeviceControl( 



72419| IN PFILE_OBJECT FileObject, 

72420| IN BOOLEAN Wait, 

72421 1 IN PVOID InputBuffer OPTIONAL, 

72422| IN ULONG InputBufferLength, 

72423| OUT PVOID OutputBuffer OPTIONAL, 

72424| IN ULONG OutputBufferLength, 

72425| IN ULONG loControlCode, 

72426| OUT PIO_STATUS_BLOCK loStatus, 

72427| IN PDEVICE_OBJECT DeviceObject 

72428| ) 

72429| 



72430| /*++ 
72431 1 

72432| Routine Description: 
72433 1 

72434| This routine is the fast I/O "pass through" routine 

| for device I/O control 
72435| operations on a file. 
72436| 

72437| This function simply invokes the file system's 

| cooresponding routine, or 
72438| returns FALSE if the file system does not implement 

| the function. 
72439 1 

72440 1 Arguments: 
72441 | 

72442| FileObject - Pointer to the file object 

| representing the device to be 
72443 1 serviced. 



72444| 

72445| Wait - Indicates whether or not the caller is 

| willing to wait if the 
72446| appropriate locks, etc. cannot be acquired 
72447| 

72448| InputBuffer - Optional pointer to a buffer to be 

| passed into the driver. 
72449| 

72450| InputBufferLength - Length of the optional 

| InputBuffer, if one was 
72451 1 specified. 
72452 1 

72453 1 OutputBuffer - Optional pointer to a buffer to 

| receive data from the 
72454 1 driver. 
72455| 

72456| OutputBufferLength - Length of the optional 

| OutputBuffer, if one was 
72457| specified. 
72458| 

72459| loControlCode - I/O control code indicating the 

| operation to be performed 
72460| on the device. 
72461 | 

72462 1 loStatus - Pointer to a variable to receive the I/O 

| status of the 
72463| operation. 
72464| 

72465| DeviceObject - Pointer to this driver's device 

| object, the device on 
72466| which the operation is to occur. 
72467| 

72468| Return Value: 
72469 1 

72470| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72471 1 is possible for this file. 
72472 | 
72473 1 -7 
72474 1 
72475| { 

72476| PDEVICE_OBJECT deviceObject; 
72477| PFAST_IO_DISPATCH fastlo Dispatch; 
72478| 
72479 1 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloDevi 

| ceControl")) { 
72480 1 return FALSE; 
72481 1 } 
72482| 



72483| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72484| if ( SdeviceObject ) { 
72485| return FALSE; 
72486| } 

72487| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72488| 

72489| if ( fastloDispatch && 

| fastloDispatch->FastloDeviceControl ) { 
72490| return(fastloDispatch->FastloDeviceControl)( 
72491 | 

| FileObject, 
72492 1 

| Wait, 
72493 1 

| InputBuffer, 
72494| 

| InputBufferLength, 
72495| 

| OutputBuffer, 
72496| 

| OutputBufferLength, 
72497| 

| loControlCode, 
72498| 

| loStatus, 
72499 1 

| deviceObject 
72500 1 ); 
72501| }else{ 
72502| return FALSE; 
72503| } 
72504| } 
72505| 

72506| STATIC 
72507| VOID 

72508| SfFastloDetachDevice( 

72509| IN PDEVICE_OBJECT SourceDevice, 

72510| IN PDEVICE_OBJECT TargetDevice 

7251 1 1 ) 

72512| 

72513| /*++ 

72514| 

72515| Routine Description: 
72516| 

7251 7| This routine is invoked on the fast path to detach 

| from a device that 
72518| is being deleted. This occurs when this driver has 

| attached to a file 



72519| system volume device object, and then, for some 

| reason, the file system 
72520| decides to delete that device (it is being 

| dismounted, it was dismounted 
72521 1 at some point in the past and its last reference 

| has just gone away, etc.) 
72522 1 

72523 1 Arguments: 
72524| 

72525| SourceDevice - Pointer to this driver's device 

| object, which is attached 
72526| to the file system's volume device object. 
72527| 

72528| TargetDevice - Pointer to the file system's volume 

| device object. 
72529 1 

72530| Return Value: 
72531| 

72532| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72533| is possible for this file. 
72534| 
72535| -7 
72536| 
72537| { 

72538| PAG E D_CO D E () ; 

72539| 

72540| if ( 

| (PsmGetObjectType(SourceDevice)!=OBJECT_FS_FILTER) ) { 
72541 1 Debug(DEBUG_SFILTER,("SFILTER: FastloDetach, 

| source=%08x is not a FS object, target was 

| %08x\n",SourceDevice,TargetDevice)); 
72542 1 return; 
72543 1 } 
72544| 

72545| Debug(DEBUG_SFILTER,("SFILTER: FastloDetach, 
| source=%08x, 

| target=%08x\n",SourceDevice,TargetDevice)); 
72546| 

| ASSERT(PsmGetObjectType(SourceDevice)==OBJECT_FS_FILTER) 



72548| // 

72549| // Simply acquire the database lock for exclusive 

| access, and detach from 

72550| // the file system's volume device object. 

72551 1 // 
72552 1 

72553 1 FsRtl EnterFi leSystem () ; 

72554| ExAcquireResourceExclusive( &FsLock, TRUE ); 



72555| loDetachDevice( TargetDevice ); 
72556| loDeleteDevice( SourceDevice ); 
72557| Ex Release Resource( &FsLock ); 
72558| FsRtlExitFileSystem(); 
72559| } 
72560| 

72561| STATIC 
72562| BOOLEAN 

72563| SfFastloQueryNetworkOpenlnfo( 

72564| IN PFILE_OBJECT FileObject, 

72565| IN BOOLEAN Wait, 

72566| OUT 

| PFILE_NETWORK_OPEN_INFORMATION Buffer, 
72567| OUT PIO_STATUS_BLOCK 

| loStatus, 

72568| IN PDEVICE_OBJECT 

| DeviceObject 
72569| ) 
72570| 
72571 1 /*++ 
72572 | 

72573| Routine Description: 
72574| 

72575| This routine is the fast I/O "pass through" routine 

| for querying network 
72576| information about a file. 
72577| 

72578| This function simply invokes the file system's 

| cooresponding routine, or 
72579| returns FALSE if the file system does not implement 

| the function. 
72580 1 

72581 1 Arguments: 
72582 1 

72583| FileObject - Pointer to the file object to be 

| queried. 
72584| 

72585| Wait - Indicates whether or not the caller can 

| handle the file system 
72586| having to wait and tie up the current thread. 
72587| 

72588| Buffer - Pointer to a buffer to receive the network 

| information about the 
72589| file. 
72590 1 

72591 1 loStatus - Pointer to a variable to receive the 

| final status of the query 
72592| operation. 
72593 1 

72594| DeviceObject - Pointer to this driver's device 



I object, the device on 
72595| which the operation is to occur. 
72596| 

72597| Return Value: 
72598| 

72599| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72600| is possible for this file. 
72601| 
72602| -7 
72603| 
72604| { 

72605| PDEVICE_OBJECT deviceObject; 
72606| PFAST_IO_DISPATCH fastlo Dispatch; 
72607| 
72608| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloQuer 

| yNetworkOpenlnfo")) { 
72609| return FALSE; 
72610| } 
7261 1 | 

72612| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72613| if ( IdeviceObject ) { 
72614| return FALSE; 
72615| } 

72616| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72617| 

7261 8| if ( f astloDispatch && 

72619| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, 

| FastloQueryNetworkOpenlnfo ) && 
72620| fastloDispatch->FastloQueryNetworkOpenlnfo ) { 
72621 | 

| return(fastloDispatch->FastloQueryNetworkOpenlnfo)( 
72622 1 

| FileObject, 
72623 1 

| Wait, 
72624| 

| Buffer, 
72625| 

| loStatus, 
72626| 

| deviceObject 
72627| 

I); 

72628| } else { 

72629| return FALSE; 



72630| } 
72631| 
72632| } 
72633| 

72634| STATIC 
72635| BOOLEAN 
72636| SfFastloMdlRead( 



72637| IN PFILE_OBJECT FileObject, 

72638| IN PLARGEJNTEGER FileOffset, 

72639| IN ULONG Length, 

72640 1 I N U LON G LockKey, 

72641 1 OUT PMDL *MdlChain, 

72642| OUT PIO_STATUS_BLOCK loStatus, 

72643| IN PDEVICE_OBJECT DeviceObject 

72644| ) 

72645| 



72646| /*++ 
72647| 

72648| Routine Description: 
72649 1 

72650| This routine is the fast I/O "pass through" routine 

| for reading a file 
72651 1 using MDLs as buffers. 
72652 1 

72653| This function simply invokes the file system's 

| cooresponding routine, or 
72654| returns FALSE if the file system does not implement 

| the function. 
72655| 

72656| Arguments: 
72657| 

72658| FileObject - Pointer to the file object that is to 

| be read. 
72659 1 

72660| FileOffset - Supplies the offset into the file to 

| begin the read operation. 
72661 1 

72662| Length - Specifies the number of bytes to be read 

| from the file. 
72663 1 

72664| LockKey - The key to be used in byte range lock 

| checks. 
72665| 

72666| MdlChain - A pointer to a variable to be filled in 

| w/a pointer to the MDL 
72667| chain built to describe the data read. 
72668| 

72669 1 loStatus - Variable to receive the final status of 

| the read operation. 
72670 1 



7 



PDEVICE_OBJECT deviceObject; 
PFAST_IO_DISPATCH fastlo Dispatch; 



72671 1 DeviceObject - Pointer to this driver's device 

| object, the device on 
72672| which the operation is to occur. 
72673 1 

72674| Return Value: 
72675| 

72676| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72677| is possible for this file. 
72678| 
72679 1 -- 
72680| 
72681 1 { 
72682 1 
72683 1 
72684| 
72685| 

| if(FastloCommonStuff(DeviceObject,FileObject, M FastloMdlR 

I ead")) { 
72686| return FALSE; 
72687| } 
72688| 

72689| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72690 1 if ( IdeviceObject ) { 
72691 1 return FALSE; 
72692 1 } 

72693| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72694| 

72695| if ( fastloDispatch && 

72696| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, MdlRead ) && 



72697| 
72698| 
72699 1 
72700| 
72701 | 
72702 | 
72703 | 
72704| 
72705| 
72706| 
72707| 
72708| 
72709 1 
72710| 
7271 1 1 } 
72712| 

72713| STATIC 



fastloDispatch->MdlRead ) { 
return(fastloDispatch->MdlRead)( 
FileObject, 
FileOffset, 
Length, 
LockKey, 
MdlChain, 
loStatus, 
deviceObject 

); 

} else { 

return FALSE; 

} 



72714| 
72715| 
72716| 
72717| 
72718| 
72719| 



BOOLEAN 

SfFastloMdlReadComplete( 



IN PFILE_OBJECT FileObject, 

IN PMDL MdlChain, 

IN PDEVICE_OBJECT DeviceObject 



72720| 
72721 1 /*++ 
72722 1 

72723 1 Routine Description: 
72724| 

72725| This routine is the fast I/O "pass through" routine 

| for completing an 
72726| MDL read operation. 
72727| 

72728| This function simply invokes the file system's 

| cooresponding routine, if 
72729 1 it has one. It should be the case that this 

| routine is invoked only if 
72730| the MdlRead function is supported by the underlying 

| file system, and 
72731 1 therefore this function will also be supported, but 

| this is not assumed 
72732 1 by this driver. 
72733 1 

72734| Arguments: 
72735| 

72736| FileObject - Pointer to the file object to complete 

| the MDL read upon. 
72737| 

72738| MdlChain - Pointer to the MDL chain used to perform 

| the read operation. 
72739 1 

72740| DeviceObject - Pointer to this driver's device 

| object, the device on 
72741 1 which the operation is to occur. 
72742 1 

72743| Return Value: 
72744| 

72745| The function value is TRUE or FALSE, depending on 

| whether or not it is 
72746| possible to invoke this function on the fast I/O 

| path. 
72747| 
72748| -7 
72749 1 
72750 1 { 

72751 1 PDEVICE_OBJECT deviceObject; 
72752| PFAST_IO_DISPATCH fastlo Dispatch; 
72753| 



72754| 

| if(FastloCommonStuff(DeviceObject,FileObject, M FastloMdlR 

| eadComplete")) { 
72755| return FALSE; 
72756| } 
72757| 

72758| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72759| if ( IdeviceObject ) { 
72760| return FALSE; 
72761 1 } 

72762 1 fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72763 1 

72764| if ( fastloDispatch && 

72765| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, Md I Read Complete ) && 
72766| fastloDispatch->MdlReadComplete ) { 
72767| return(fastloDispatch->MdlReadComplete)( 
72768| 

| FileObject, 
72769 1 

| MdlChain, 
72770 1 

| deviceObject 
72771| ); 
72772| } 
72773| 

72774| return FALSE; 

72775| } 

72776| 

72777| STATIC 

72778| BOOLEAN 

72779| SfFastloPrepareMdlWrite( 



72780| IN PFILE_OBJECT FileObject, 

72781 1 IN PLARGEJNTEGER FileOffset, 

72782| IN ULONG Length, 

72783 1 IN ULONG LockKey, 

72784| OUT PMDL *MdlChain, 

72785| OUT PIO_STATUS_BLOCK loStatus, 

72786| IN PDEVICE_OBJECT DeviceObject 

72787| ) 

72788| 



72789| /*++ 
72790 1 

72791| Routine Description: 
72792| 

72793| This routine is the fast I/O "pass through" routine 

| for preparing for an 
72794| MDL write operation. 



72795| 

72796| This function simply invokes the file system's 

| cooresponding routine, or 
72797| returns FALSE if the file system does not implement 

| the function. 
72798| 

72799| Arguments: 
72800| 

72801 1 FileObject - Pointer to the file object that will 

| be written. 
72802 1 

72803| FileOffset - Supplies the offset into the file to 

| begin the write operation. 
72804| 

72805| Length - Specifies the number of bytes to be write 

| to the file. 
72806| 

72807| LockKey - The key to be used in byte range lock 

| checks. 
72808| 

72809| MdlChain - A pointer to a variable to be filled in 

| w/a pointer to the MDL 
7281 0| chain built to describe the data written. 
7281 1 | 

72812| loStatus - Variable to receive the final status of 

| the write operation. 
72813| 

72814| DeviceObject - Pointer to this driver's device 

| object, the device on 
72815| which the operation is to occur. 
72816| 

72817| Return Value: 
72818| 

72819| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
72820| is possible for this file. 
72821| 
72822| -7 
72823| 
72824| { 

72825| PDEVICE_OBJECT deviceObject; 
72826| PFAST_IO_DISPATCH fastlo Dispatch; 
72827| 
72828| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloPrep 

| areMdIWrite")) { 
72829| return FALSE; 
72830| } 
72831| 

72832| PFS_FILTER_EXTENSION DevExt = 



I (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
72833| 

72834| if ( (DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
72835| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(DevExt->PS 

| MStorageObject); 
72836| 

72837| if ( VDiskExt->SnapShot ) { 

72838| pPersistentDictionary dictionary = 

| (pPersistentDictionary)VDiskExt->SnapShot->Dictionary; 
72839| ASSERT ( dictionary != NULL ); 

72840| if ( dictionary != NULL ) { 

72841 1 if ( dictionary->lsReadOnly() ) { 

72842| if ( FilelsReadOnly(FileObject) ) { 

72843 1 // virtual volume is marked 

| readonly, deny this write 
72844| Debug(DEBUG_SFILTER,("SFILTER: 

| Write: MdlWrite to readonly volume\n")); 
72845| loStatus->lnformation = 0; 

72846| loStatus->Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 
72847| return TRUE; 

72848| } 
72849 1 } else { 

72850 1 // not a read-only snapshot. Need 

| to check cache usage... 
72851 1 if ( !(gVDisklOHandling & 

| PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS) ) { 
72852 1 if ( 

| dictionary->lsCacheWarningThresholdReached() ) { 
72853 1 if ( 

| FilelsOpenOnSnapShot(FileObject, FALSE) ) { 
72854| // Fail the write to 

| the snapshot because too much cache is in use... 
72855| NTSTATUS Status = 

| loStatus->Status = STATUS_DISK_FULL; 
72856| loStatus->lnformation = 

|0; 
72857| 

| Debug(DEBUG_SFILTER,( M SfFastloPrepareMdlWrite: 
| Reporting STATUS_DISK_FULL; DevExt=%08x, 
| VDiskExt=%08x\n",DevExt,VDiskExt)); 



72858| return TRUE; 

72859 1 } 

72860 1 } 

72861 1 } 

72862 1 } 

72863| } 



72864| } 



72865| } 
72866| 

72867| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72868| if ( IdeviceObject ) { 
72869| return FALSE; 
72870| } 

72871 1 fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72872 1 

72873| if ( fastloDispatch && 

72874| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, PrepareMdIWrite ) && 
72875| fastloDispatch->PrepareMdlWrite ) { 
72876| return(fastloDispatch->PrepareMdlWrite)( 
72877| 

| FileObject, 
72878| 

| FileOffset, 
72879| Length, 
72880 1 LockKey, 
72881 | 

| MdlChain, 
72882 1 

| loStatus, 
72883 1 

| deviceObject 
72884| ); 
72885| } else { 
72886| return FALSE; 
72887| } 
72888| 
72889 1 } 
72890 1 

72891| STATIC 

72892| BOOLEAN 

72893| SfFastloMdlWriteComplete( 



72894| IN PFILE_OBJECT FileObject, 

72895| IN PLARGEJNTEGER FileOffset, 

72896| IN PMDL MdlChain, 

72897| IN PDEVICE_OBJECT DeviceObject 

72898| ) 

72899| 



72900| /*++ 
72901| 

72902| Routine Description: 
72903| 

72904| This routine is the fast I/O "pass through" routine 

| for completing an 
72905| MDL write operation. 



72906| 

72907| This function simply invokes the file system's 

| cooresponding routine, if 
72908| it has one. It should be the case that this 

| routine is invoked only if 
72909| the PrepareMdIWrite function is supported by the 

| underlying file system, 
7291 0| and therefore this function will also be supported, 

| but this is not 
7291 1 1 assumed by this driver. 
72912| 

72913| Arguments: 
72914| 

7291 5| FileObject - Pointer to the file object to complete 

| the MDL write upon. 
72916| 

7291 7| FileOffset - Supplies the file offset at which the 

| write took place. 
72918| 

72919| MdlChain - Pointer to the MDL chain used to perform 

| the write operation. 
72920| 

72921 1 DeviceObject - Pointer to this driver's device 

| object, the device on 
72922| which the operation is to occur. 
72923 | 

72924| Return Value: 
72925| 

72926| The function value is TRUE or FALSE, depending on 

| whether or not it is 
72927| possible to invoke this function on the fast I/O 

| path. 
72928| 
72929 1 -7 
72930 | 
72931| { 

72932| PDEVICE_OBJECT deviceObject; 
72933| PFAST_IO_DISPATCH fastlo Dispatch; 
72934| 
72935| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloMdlW 

| rieComplete")) { 
72936| return FALSE; 
72937| } 
72938| 

72939| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
72940| if ( IdeviceObject ) { 
72941 1 return FALSE; 
72942 1 } 



72943| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
72944| 

72945| if ( fastloDispatch && 

72946| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, MdlWriteComplete ) && 
72947| fastloDispatch->MdlWriteComplete ) { 
72948| return(fastloDispatch->MdlWriteComplete)( 
72949| 

| FileObject, 
72950| 

| FileOffset, 
72951 | 

| MdlChain, 
72952 1 

| deviceObject 
72953 1 ); 
72954| } 
72955| 

72956| return FALSE; 

72957| } 

72958| 

72959 1 STATIC 

72960 1 BOOLEAN 

72961 1 SfFastloReadCompressed( 

72962| IN PFILE_OBJECT FileObject, 

72963| IN PLARGEJNTEGER FileOffset, 

72964| IN ULONG Length, 

72965| IN ULONG LockKey, 

72966| OUT PVOID Buffer, 

72967| OUT PMDL *MdlChain, 

72968| OUT PIO_STATUS_BLOCK loStatus, 

72969| OUT struct _COMPRESSED_DATA_INFO 

| *CompressedDatalnfo, 
72970| IN ULONG 

| CompressedDatalnfoLength, 
72971 1 IN PDEVICE_OBJECT DeviceObject 

72972 1 ) 
72973 1 
72974| /*++ 
72975| 

72976| Routine Description: 
72977| 

72978| This routine is the fast I/O "pass through" routine 

| for reading compressed 
72979| data from a file. 
72980 1 

72981 1 This function simply invokes the file system's 

| cooresponding routine, or 
72982| returns FALSE if the file system does not implement 



I the function. 
72983| 

72984| Arguments: 
72985| 

72986| FileObject - Pointer to the file object that will 

| be read. 
72987| 

72988| FileOffset - Supplies the offset into the file to 

| begin the read operation. 
72989| 

72990| Length - Specifies the number of bytes to be read 

| from the file. 
72991| 

72992| LockKey - The key to be used in byte range lock 

| checks. 
72993| 

72994| Buffer - Pointer to a buffer to receive the 

| compressed data read. 
72995| 

72996| MdlChain - A pointer to a variable to be filled in 

| w/a pointer to the MDL 
72997| chain built to describe the data read. 
72998| 

72999| loStatus - Variable to receive the final status of 

| the read operation. 
73000| 

73001 1 Com pressed Datalnfo - A buffer to receive the 

| description of the compressed 
73002| data. 
73003| 

73004| CompressedDatalnfoLength - Specifies the size of 

| the buffer described by 
73005| the CompressedDatalnfo parameter. 
73006| 

73007| DeviceObject - Pointer to this driver's device 

| object, the device on 
73008| which the operation is to occur. 
73009 | 

73010| Return Value: 
73011| 

73012| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
73013| is possible for this file. 
73014| 
73015| -7 
73016| 
73017| { 

73018| PDEVICE_OBJECT deviceObject; 
73019| PFAST_IO_DISPATCH fastlo Dispatch; 
73020| 



73021| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloRead 

| Compressed")) { 
73022| return FALSE; 
73023| } 
73024| 

73025| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73026| if ( IdeviceObject ) { 
73027| return FALSE; 
73028| } 

73029| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73030| 

73031 1 if ( fastloDispatch && 

73032| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, FastloReadCompressed ) 

| && 

73033| fastloDispatch->FastloReadCompressed ) { 
73034| return(fastloDispatch->FastloReadCompressed)( 
73035| 

| FileObject, 
73036| 

| FileOffset, 
73037| 

I Length, 
73038| 

| LockKey, 
73039 | 

| Buffer, 
73040 1 

| MdlChain, 
73041 | 

| loStatus, 
73042 1 

| Com pressed Datalnfo, 
73043 1 

| Com pressed Datalnfo Length, 
73044| 

| deviceObject 
73045| ); 
73046| } else { 
73047| return FALSE; 
73048| } 
73049 1 
73050 1 } 
73051 1 

73052 1 STATIC 

73053 1 BOOLEAN 

73054| SfFastloWriteCompressed( 



73055| 


IN PFILE_OBJECT FileObject, 


73056| 


IN PLARGEJNTEGER FileOffset, 


73057| 


IN ULONG Length, 


73058| 


IN ULONG LockKey, 


73059| 


IN PVOID Buffer, 


73060| 


OUT PMDL *MdlChain, 


73061 1 


OUT PIO_STATUS_BLOCK loStatus, 


73062 1 


IN struct _COMPRESSED_DATA_INFO 


| *CompressedDatalnfo, 


73063 1 


IN ULONG 



| CompressedDatalnfoLength, 
73064| IN PDEVICE_OBJECT DeviceObject 

73065| ) 
73066| 
73067| /*++ 
73068| 

73069| Routine Description: 
73070 1 

73071 1 This routine is the fast I/O "pass through" routine 

| for writing compressed 
73072| data to a file. 
73073 1 

73074| This function simply invokes the file system's 

| cooresponding routine, or 
73075| returns FALSE if the file system does not implement 

| the function. 
73076| 

73077| Arguments: 
73078| 

73079| FileObject - Pointer to the file object that will 

| be written. 
73080 1 

73081 1 FileOffset - Supplies the offset into the file to 

| begin the write operation. 
73082 1 

73083| Length - Specifies the number of bytes to be write 

| to the file. 
73084| 

73085| LockKey - The key to be used in byte range lock 

| checks. 
73086| 

73087| Buffer - Pointer to the buffer containing the data 

| to be written. 
73088| 

73089| MdlChain - A pointer to a variable to be filled in 

| w/a pointer to the MDL 
73090| chain built to describe the data written. 
73091| 

73092| loStatus - Variable to receive the final status of 
| the write operation. 



73093| 

73094| Com pressed Datalnfo - A buffer to containing the 

| description of the 
73095| compressed data. 
73096| 

73097| CompressedDatalnfoLength - Specifies the size of 

| the buffer described by 
73098| the CompressedDatalnfo parameter. 
73099| 

731 00| DeviceObject - Pointer to this driver's device 

| object, the device on 
731 01 1 which the operation is to occur. 
73102| 

73103| Return Value: 
73104| 

731 05| The function value is TRUE or FALSE based on 

| whether or not fast I/O 
731 06| is possible for this file. 
73107| 
73108| -7 
73109| 
73110| { 

731 1 1 1 PDEVICE_OBJECT deviceObject; 
73112| PFAST_IO_DISPATCH fastlo Dispatch; 
73113| 
73114| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloWrit 

| eCompressed")) { 
73115| return FALSE; 
73116| } 
73117| 

731 18| PFS_FILTER_EXTENSION DevExt = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
73119| 

73120| if ( (DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
73121| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(DevExt->PS 

| MStorageObject); 
73122| 

73123| if ( VDiskExt->SnapShot ) { 

731 24| pPersistentDictionary dictionary = 

| (pPersistentDictionary)VDiskExt->SnapShot->Dictionary; 
73125| ASSERT ( dictionary != NULL ); 

73126| if ( dictionary != NULL ) { 

73127| if ( dictionary->lsReadOnly() ) { 

73128| if ( FilelsReadOnly(FileObject) ) { 

73129| // virtual volume is marked 

| readonly, deny this write 
73130| Debug(DEBUG_SFILTER,("SFILTER: 



I Write: WriteCompressed to readonly volume\n")); 
731 31 1 loStatus->lnformation = 0; 

731 32 1 loStatus->Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 
73133| return TRUE; 

73134| } 
73135| }else{ 

73136| // not a read-only snapshot. Need 

| to check cache usage... 
73137| if ( !(gVDisklOHandling & 

| PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS) ) { 
73138| if( 

| dictionary->lsCacheWarningThresholdReached() ) { 
73139| if( 

| FilelsOpenOnSnapShot(FileObject, FALSE) ) { 
73140| // Fail the write to 

| the snapshot because too much cache is in use... 
731 41 1 NTSTATUS Status = 

| loStatus->Status = STATUS_DISK_FULL; 
73142| loStatus->lnformation = 

10; 
73143| 

| Debug(DEBUG_SFILTER,( M SfFastloWriteCompressed: 
| Reporting STATUS_DISK_FULL; DevExt=%08x, 
| VDiskExt=%08x\n M ,DevExt, VDiskExt)); 



73144| return TRUE; 

73145| } 

73146| } 

73147| } 

73148| } 

73149| } 

73150| } 



73151| } 
73152| 

731 53 1 deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73154| if ( IdeviceObject ) { 
73155| return FALSE; 
73156| } 

731 57| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73158| 

73159| if ( fastloDispatch && 

731 60| fastloDispatch->SizeOf FastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, Fast loWriteCom pressed ) 

| && 

731 61 1 fastloDispatch->FastloWriteCompressed ) { 
73162| return(fastloDispatch->FastloWriteCompressed)( 
73163| 

| FileObject, 



73164| 

| FileOffset, 
73165| 

I Length, 
73166| 

| LockKey, 
73167| 

| Buffer, 
73168| 

| MdlChain, 
73169| 

| loStatus, 
73170| 

| Com pressed Datalnfo, 
73171| 

| Com pressed Datalnfo Length, 
73172| 

| deviceObject 
73173| ); 
73174| }else{ 
73175| return FALSE; 
73176| } 
73177| 
73178| } 
73179| 

73180| STATIC 
73181| BOOLEAN 

73182| Sf FastloMdlReadCompleteCompressed( 
73183| IN PFILE_OBJECT 

| FileObject, 

73184| IN PMDL MdlChain, 

73185| IN PDEVICE_OBJECT 

| DeviceObject 
73186| ) 
73187| 
73188| /*++ 
73189| 

73190| Routine Description: 
73191| 

73192| This routine is the fast I/O "pass through" routine 

| for completing an 
73193| MDL read compressed operation. 
73194| 

731 95| This function simply invokes the file system's 

| cooresponding routine, if 
73196| it has one. It should be the case that this 

| routine is invoked only if 
73197| the read compressed function is supported by the 

| underlying file system, 
731 98| and therefore this function will also be supported, 



I but this is not assumed 
73199| by this driver. 
73200| 

73201| Arguments: 
73202| 

73203| FileObject - Pointer to the file object to complete 

| the compressed read 
73204| upon. 
73205| 

73206| MdlChain - Pointer to the MDL chain used to perform 

| the read operation. 
73207| 

73208| DeviceObject - Pointer to this driver's device 

| object, the device on 
73209| which the operation is to occur. 
73210| 

73211| Return Value: 
73212| 

73213| The function value is TRUE or FALSE, depending on 

| whether or not it is 
73214| possible to invoke this function on the fast I/O 

| path. 
73215| 
73216| -7 
73217| 
73218| { 

73219| PDEVICE_OBJECT deviceObject; 
73220| PFAST_IO_DISPATCH fastlo Dispatch; 
73221 | 
73222 | 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloMdlR 

| eadCompleteCompressed")) { 
73223| return FALSE; 
73224 1 } 
73225| 

73226| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73227| if ( IdeviceObject ) { 
73228| return FALSE; 
73229 1 } 

73230| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73231| 

73232| if ( fastloDispatch && 

73233| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, 

| MdlReadCompleteCompressed ) && 
73234| fastloDispatch->MdlReadCompleteCompressed ) { 
73235| 

| return(fastloDispatch->MdlReadCompleteCompressed)( 



73236| 

| FileObject, 
73237| 

| MdlChain, 
73238| 

| deviceObject 
73239| 

I); 

73240| } 
73241 | 

73242| return FALSE; 

73243 1 } 

73244| 

73245| STATIC 
73246| BOOLEAN 

73247| SfFastloMdlWriteCompleteCompressed( 
73248| IN PFILE_OBJECT 

| FileObject, 

73249| IN PLARGEJNTEGER 

| FileOffset, 

73250| IN PMDL MdlChain, 

73251 1 IN PDEVICE_OBJECT 

| DeviceObject 
73252 1 ) 
73253 1 
73254| /*++ 
73255| 

73256| Routine Description: 
73257| 

73258| This routine is the fast I/O "pass through" routine 

| for completing a 
73259| write compressed operation. 
73260 1 

73261 1 This function simply invokes the file system's 

| cooresponding routine, if 
73262 1 it has one. It should be the case that this 

| routine is invoked only if 
73263| the write compressed function is supported by the 

| underlying file system, 
73264| and therefore this function will also be supported, 

| but this is not assumed 
73265| by this driver. 
73266| 

73267| Arguments: 
73268| 

73269| FileObject - Pointer to the file object to complete 

| the compressed write 
73270| upon. 
73271 1 

73272| FileOffset - Supplies the file offset at which the 



I file write operation 
73273| began. 
73274| 

73275| MdlChain - Pointer to the MDL chain used to perform 

| the write operation. 
73276| 

73277| DeviceObject - Pointer to this driver's device 

| object, the device on 
73278| which the operation is to occur. 
73279| 

73280| Return Value: 
73281 | 

73282| The function value is TRUE or FALSE, depending on 

| whether or not it is 
73283| possible to invoke this function on the fast I/O 

| path. 
73284 1 
73285| -7 
73286| 
73287| { 

73288| PDEVICE_OBJECT deviceObject; 
73289| PFAST_IO_DISPATCH fastlo Dispatch; 
73290 | 
73291| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloMdlW 

| riteCompleteCompressed")) { 
73292| return FALSE; 
73293| } 
73294| 

73295| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73296| if ( IdeviceObject ) { 
73297| return FALSE; 
73298| } 

73299| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73300| 

73301 1 if ( fastloDispatch && 

73302| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, 

| MdlWriteCompleteCompressed ) && 
73303| fastloDispatch->MdlWriteCompleteCompressed ) { 
73304| 

| return(fastloDispatch->MdlWriteCompleteCompressed)( 
73305| 

| FileObject, 
73306| 

| FileOffset, 
73307| 

| MdlChain, 



73308| 

| deviceObject 
73309| 

I); 

73310| } 
73311| 

73312| return FALSE; 

73313| } 

73314| 

73315| STATIC 

73316| BOOLEAN 

73317| SfFastloQueryOpen( 

73318| IN PIRP Irp, 

73319| OUT PFILE_NETWORK_OPEN_INFORMATION 

| Networklnformation, 
73320| IN PDEVICE_OBJECT DeviceObject 

73321 1 ) 
73322 | 
73323| /*++ 
73324| 

73325| Routine Description: 
73326| 

73327| This routine is the fast I/O "pass through" routine 

| for opening a file 
73328| and returning network information it. 
73329 | 

73330| This function simply invokes the file system's 

| cooresponding routine, or 
73331 1 returns FALSE if the file system does not implement 

| the function. 
73332 | 

73333| Arguments: 
73334| 

73335| Irp - Pointer to a create IRP that represents this 

| open operation. It is 
73336| to be used by the file system for common 

| open/create code, but not 
73337| actually completed. 
73338| 

73339 1 Networklnformation - A buffer to receive the 

| information required by the 
73340| network about the file being opened. 
73341 | 

73342| DeviceObject - Pinter to this driver's device 

| object, the device on 
73343| which the operation is to occur. 
73344| 

73345| Return Value: 
73346| 

73347| The function value is TRUE or FALSE based on 



I whether or not fast I/O 
73348| is possible for this file. 
73349| 
73350| ~7 
73351 | 
73352 1 { 

73353| PDEVICE_OBJECT deviceObject; 
73354| PFAST_IO_DISPATCH fastloDispatch; 
73355| BOOLEAN result; 
73356| 

73357| PAG E D_CO D E () ; 
73358| 

73359| //Debug(DEBUG_SFILTER,("SFILTER: 

| FastloQueryOpen\n")); 
73360 1 
73361 1 if ( 

| PsmGetObjectType(DeviceObject)!=OBJECT_FS_FILTER ) { 
73362| Debug(DEBUG_SFILTER,("SFILTER: FastloQueryOpen: 

| Not fs objecfAn")); 
73363| return FALSE; 
73364| } 
73365| 
73366| 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

73367| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73368| if ( IdeviceObject ) { 
73369| return FALSE; 
73370 1 } 

73371 1 fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73372 1 

73373| if ( fastloDispatch && 

73374| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_DISPATCH, FastloQueryOpen ) && 
73375| fastloDispatch->FastloQueryOpen ) { 
73376| PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
73377| 

73378| irpSp->DeviceObject = deviceObject; 
73379 1 

73380| result = (fastloDispatch->FastloQueryOpen)( 
73381 1 Irp, 
73382 1 

| Networklnformation, 
73383 1 

| deviceObject 
73384| ); 
73385| if ( Iresult ) { 



73386| irpSp->DeviceObject = DeviceObject; 

73387| } 

73388| return result; 

73389| } else { 

73390| return FALSE; 

73391| } 



73392| } 
73393| 
73394| 
73395| 

73396| STATIC 
73397| NTSTATUS 
73398| SfMountCompletion( 



73399| IN PDEVICE_OBJECT DeviceObject, 

73400| IN PIRP Irp, 

73401| IN PVOID Context 

73402| ) 

73403| 



73404| /*++ 
73405| 

73406| Routine Description: 
73407| 

73408| This routine is invoked for the completion of a 

| mount request. If the 
73409| mount was successful, then this file system 

| attaches its device object to 
7341 0| the file system's volume device object. Otherwise, 

| the interim device 
7341 1 1 object is deleted. 
73412| 

73413| Arguments: 
73414| 

73415| DeviceObject - Pointer to this driver's device 

| object. 
73416| 

73417| Irp - Pointer to the IRP that was just completed. 
73418| 

7341 9| Context - Pointer to the saved device object to 

| attach. 
73420 1 

73421 1 Return Value: 
73422 1 

73423| The return value is always STATUS_SUCCESS. 

73424 1 

73425| -7 

73426| 

73427| { 

73428| NTSTATUS Status = STATUS_SUCCESS; 
73429| PDEVICE_OBJECT fsfDeviceObject = (PDEVICE_OBJECT) 
| Context; 



73430| PFS_FILTER_EXTENSION deviceExtension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(fsfDeviceObject 

I); 

73431 1 PIO_STACK_LOCATION irpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
73432| PDEVICE_OBJECT deviceObject = 0; 
73433| PVPB vpb = 0; 
73434| 
73435| 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

73436| #if DO_ALL_SFILTER 

73437| Debug(DEBUG_SFILTER,("SFILTER: MountCompletion 

| %08x, %08x, 

| %08x-%08x\n",DeviceObject,lrp,lrp->loStatus.Status,lrp-> 

| loStatus. Information)); 
73438| #endif /* DO_AL L_S F I LTE R*/ 
73439 1 

73440 1 FsRtl EnterFi leSystem () ; 

73441 1 ExAcquireResourceExclusive( &FsLock, TRUE ); 
73442 1 
73443 1 // 

73444| // Determine whether or not the request was 

| successful and act accordingly. 
73445| // 
73446| 

73447| if ( NT_SUCCESS( I rp-> loStatus. Status ) ) { 
73448| 

73449 1 // 

73450| // Note that the VPB must be picked up from the 

| target device object 
73451 1 // in case the file system did a remount of a 

| previous volume, in 
73452| // which case it has replaced the VPB passed in 

| as the target with 
73453| // a previously mounted VPB. Note also that in 

| the mount dispatch 
73454| // routine, this driver Replaced* the 

| DeviceObject pointer with a 
73455| // pointer to the real device, not the device 

| that the file system 
73456| // was supposed to talk to, since this driver 

| does not care. 
73457| // 

73458| #if DO_ALL_SFILTER 

73459| Debug(DEBUG_SFILTER,("SFILTER: 2 MyDo=%08x, 

| fsfdo=%08x, mvpb=%08x, mdo=%08x, vrd=%08x, 

| vdo=%08x,vfl=%08x\n", 
73460 1 DeviceObject, 
73461 1 fsf DeviceObject, 



73462| 

| irpSp->Parameters.MountVolume.Vpb, 
73463| 

| irpSp->Parameters.MountVolume.DeviceObject, 
73464| 

| irpSp->Parameters.MountVolume.Vpb->RealDevice, 
73465| 

| irpSp->Parameters.MountVolume.Vpb->DeviceObject, 
73466| 

| irpSp->Parameters.MountVolume.Vpb->Flags 
73467| )); 
73468| #endif /* DO_ALL_S F I LTE R7 
73469| 

73470| vpb = 

| irpSp->Parameters.MountVolume.DeviceObject->Vpb; 
73471 | 

73472| PDEVICE_OBJECT PSMStorageObject = 

| GetPSMStorageFilterObject(vpb); 
73473| if(!PSMStorageObject) { 
73474| // this can happen when the volume being 

| mounted is not a volume we filter 
73475| // for example, A: or B: 

73476| Debug(DEBUG_SFILTER,("SFILTER: 2 Error! 

| Unable to find lower object, not attaching to 

| volume!\n M )); 
73477| goto ExitMount; 

73478| } 
73479 1 

73480 1 deviceObject = loAttachDeviceToDeviceStack( 

| (PDEVICE_OBJECT) Context, vpb-> DeviceObject ); 
73481 | 

73482| if ( deviceObject == NULL ) { 

73483| Debug(DEBUG_SFILTER,("SFILTER: 2 Attached 

| failed\n")); 
73484| ExitMount: 

73485| loDeleteDevice( (PDEVICE_OBJECT) Context ); 

73486| ExReleaseResource( &FsLock ); 

73487| FsRtlExitFileSystem(); 
73488| 

73489 1 // 

73490| // If pending was returned, then propogate 

| it to the caller. 
73491| // 
73492| 

73493| if ( lrp->PendingReturned ) { 

73494| loMarklrpPending( Irp ); 

73495| } 
73496| 

73497| return STATUS_SUCCESS; 

73498| } 



73499| 

73500| deviceExtension->TargetDeviceObject = 

| deviceObject; 
73501 1 deviceExtension->Attached = TRUE; 
73502| deviceExtension->PSMStorageObject = 

| PSMStorageObject; 
73503| deviceExtension->Virtual = FALSE; 
73504| deviceExtension->FileSystem = FALSE; 
73505| 
73506| 

73507| if ( deviceExtension->PSMStorageObject ) { 
73508| if ( 

| PsmGetObjectType(deviceExtension->PSMStorageObject) == 

| OBJECT FILTEREDDISK ) { 
73509| PFILTERED_EXTENSION d = 

| (PFILTERED_EXTENSION)GetDeviceExtension(deviceExtension- 

| >PSMStorageObject); 
7351 0| Debug(DEBUG_SFILTER,("SFILTER: 2 Lower 

| object is filtered disk %08x, volume is completly 

| mounted %08x\n M ,PSMStorageObject,d->lsMounted)); 
7351 1 1 d->lsMounted = TRUE; 

73512| Debug(DEBUG_SFILTER,("SFILTER: Just set 

| IsMounted to TRUE for DevExt=%08x, 

| DevObj=%08x\n",d,deviceExtension->PSMStorageObject)); 
73513| }else 
73514| if( 

| PsmGetObjectType(deviceExtension->PSMStorageObject) == 

| OBJECT_VIRTUALDISK ) { 
73515| Debug(DEBUG_SFILTER,("SFILTER: 2 Lower 

| object is virtual disk %08x\n", PSMStorageObject)); 
7351 6| deviceExtension->Virtual = TRUE; 

73517| }else{ 
73518| #ifdef DEBUG 

73519| Debug(DEBUG_SFILTER,("SFILTER: 2 Error! 

| Unknown lower object!!!!!!!!!!!!!!!!!!!!\n")); 
73520 1 Dbg BreakPoi nt() ; 

73521|#endif 

73522| deviceExtension->PSMStorageObject = 

| NULL; 
73523 1 } 
73524| } else { 

73525| // this can happen when the volume being 

| mounted is not a volume we filter 
73526| // for example, A: or B: 

73527| Debug(DEBUG_SFILTER,("SFILTER: 2 Error! 

| Unable to find lower object, detaching from 

| volume!\n")); 
73528| lo Detach Device(deviceObject); 

73529| goto ExitMount; 

73530| } 



73531 | 

73532| if ( deviceObject->Flags & DO_BUFFERED_IO ) { 
73533| fsfDeviceObject-> Flags |= DO_BUFFERED_IO; 

73534| } 
73535| 

73536| if ( deviceObject->Flags & DO_DIRECT_IO ) { 
73537| fsfDeviceObject-> Flags |= DO_DIRECT_IO; 

73538| } 
73539 1 

73540| ((PDEVICE_OBJECT) Co ntext)-> Flags &= 

| ~DO_DEVICE_INITIALIZING; 
73541 1 Debug(DEBUG_SFILTER,("SFILTER: 2 Successfully 

| attached to %08x, 

| Mysco=%08x\n",deviceObject,deviceExtension->PSMStorageOb 
I ject)); 
73542 1 

73543| // if we are past system boot, go ahead 

| and map in drives now 
73544| // otherwise, it will occur when the system is 

| ready (basically after chkdsk runs) 
73545| ASSERT(PSMStorageObject); 
73546| 

73547| if( (!deviceExtension->Virtual) && 

73548| (PersistentDictionary::GetSystemReady()) 

73549 1 ) { 

73550| PFILTERED_EXTENSION 

| DevExt=(PFILTERED_EXTENSION)GetDeviceExtension(PSMStorag 

| eObject); 
73551| if(!DevExt->lsPhysical) { 

73552| HANDLE TempHandle; 

73553| 

73554| Debug(DEBUG_SFILTER,("SFILTER: 2 

| Starting part2 of rebuild\n")); 
73555| pmStartThread( 
73556| 

| (PKSTART_ROUTINE)PersistentDictionary::Part20fRebuildFor 

| Volume, // IN PKSTART ROUTINE StartRoutine, 
73557| (PVOID)PSMStorageObject, 

| // IN PVOID StartContext 
73558| STempHandle // 

| OUT PHANDLE ThreadHandle, 
73559| ); 
73560| 

73561 1 ZwClose(TempHandle); 
73562 1 } else { 

73563| Debug(DEBUG_SFILTER,("SFILTER: 2 Device 

| is physical\n")); 
73564| } 
73565| } else { 

73566| if(PersistentDictionary::GetSystemReady()) 



I{ 

73567| Debug(DEBUG_SFILTER,("SFILTER: 2 

| virtu al\n")); 
73568| } else { 

73569| Debug(DEBUG_SFILTER,("SFILTER: 2 not 

| ready\n")); 
73570| } 
73571 | } 
73572 1 

73573 1 } else { 

73574| #if DO_ALL_S FILTER 

73575| Debug(DEBUG_SFILTER,("SFILTER: Mount failed 

| %08x\n",lrp->loStatus.Status)); 
73576| #endif /* DO_ALL_S F I LT E R*/ 
73577| 

73578| // 

73579| // The mount request failed. Simply delete the 

| device object that was 
73580 1 // created in case this request succeeded. 
73581 1 // 
73582 1 

73583| loDeleteDevice( (PDEVICE_OBJECT) Context ); 

73584| } 

73585| 

73586| ExReleaseResource( SFsLock ); 
73587| FsRtlExitFileSystem(); 
73588| 
73589 1 
73590 1 // 

73591 1 // If pending was returned, then propogate it to 
| the caller. 

73592 1 // 
73593 1 

73594| if ( lrp->PendingReturned ) { 
73595| loMarklrpPending( Irp ); 
73596| } 
73597| 

73598| return Status; 
73599 1 } 
73600 1 

73601 1 STATIC 

73602| NTSTATUS 

73603| SfLoadFsCompletion( 



73604| IN PDEVICE_OBJECT DeviceObject, 

73605| IN PIRP Irp, 

73606| IN PVOID Context 

73607| ) 

73608| 



73609| /*++ 
73610| 



73611| Routine Description: 
73612| 

73613| This routine is invoked upon completion of an FSCTL 

| function to load a 
73614| file system driver (as the result of a mini-file 

| system recognizer seeing 
73615| that an on-disk structure belonged to it). A 

| device object has been 
7361 6| created by this driver (DeviceObject) so that it 

| can be attached to the 
7361 7| newly loaded file system. If the load failed, then 

| the device must be 
73618| deleted, but cannot be done here, so it is put on a 

| work queue to be dealt 
73619| with later. 
73620| 

73621| Arguments: 
73622| 

73623| DeviceObject - Pointer to this driver's device 

| object. 
73624| 

73625| Irp - Pointer to the I/O Request Packet 

| representing the file system 
73626| driver load request. 
73627| 

73628| Context - Context parameter for this driver, 

| unused. 
73629| 

73630| Return Value: 
73631| 

73632| The function value for this routine is always 

| success. 
73633| 
73634| -7 
73635| 
73636| { 

73637| PFS_FILTER_EXTENSION deviceExtension = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
73638| 
73639| // 

73640| // Begin by determining whether or not the load 

| file system request was 
73641 1 // completed successfully. 
73642 1 // 
73643 1 
73644| 

| ASSERT(PsmGetObjectType(DeviceObject)==OBJECT_FS_FILTER) 

I ; 

73645| if ( !NT_SUCCESS( lrp->loStatus.Status ) ) { 
73646| Debug(DEBUG_SFILTER,("SFILTER: Load failed 



I %08x\n",lrp->loStatus. Status)); 
73647| 

73648| // 

73649| // The load was not successful. Simply 

| reattach to the recognizer 
73650| // driver in case it ever figures out how to 

| get the driver loaded 
73651 1 // on a subsequent call. 
73652 1 // 
73653 1 

73654| loAttachDeviceToDeviceStack( DeviceObject, 

| deviceExtension->TargetDeviceObject ); 
73655| deviceExtension->Attached = TRUE; 
73656| } else { 
73657| 

73658| Debug(DEBUG_SFILTER,("SFILTER: Load 

| successful^")); 
73659 1 // 

73660| // The load was successful. However, in order 

| to ensure that these 
73661 1 // drivers do not go away, the I/O system has 

| artifically bumped the 
73662| // reference count on all parties involved in 

| this manuever. Therefore, 
73663| // simply remember to delete this device object 

| at some point in the 
73664| // future when its reference count is zero. 
73665| // 
73666| 

73667| FsRtlEnterFileSystemO; 

73668| ExAcquireResourceExclusive( &FsLock, TRUE ); 

73669 1 lnsertTailList( 

73670| &FsDeviceQueue, 

73671 1 &DeviceObject->Queue. ListEntry 

73672 1 ); 

73673| ExReleaseResource( &FsLock ); 
73674| FsRtlExitFileSystem(); 
73675| } 
73676| 
73677| // 

73678| // If pending was returned, then propogate it to 

| the caller. 
73679 1 // 
73680 1 

73681 1 if ( lrp->PendingReturned ) { 
73682| loMarklrpPending( Irp ); 
73683 1 } 
73684| 

73685| return STATUS_SUCCESS; 
73686| } 



73687| 
73688| 

73689| STATIC 
73690| NTSTATUS 
73691 1 SfFastloAcquireForModWrite( 
73692 1 IN PFILE_OBJECT 

| FileObject, 

73693| IN PLARGEJNTEGER 

| EndingOffset, 
73694| OUT PERESOURCE 

| *ResourceTo Release, 
73695| IN PDEVICE_OBJECT 

| DeviceObject 
73696| ) 
73697| /*++ 
73698| 

73699| Routine Description: 
73700| 

73701 1 This routine is the fast I/O "pass through" routine 

| for acquiring the 
73702| file resource prior to attempting a modified write 

| operation. 
73703 1 

73704| This function simply invokes the next driver's 

| cooresponding routine, or 
73705| returns FALSE if the next driver does not implement 

| the function. 
73706| 

73707| Arguments: 
73708| 

73709| FileObject - Pointer to the file object whose 

| resource is to be acquired. 
73710| 

7371 1 1 EndingOffset - The offset to the last byte being 

| written plus one. 
73712| 

73713| ResourceTo Release - Pointer to a variable to return 

| the resource to 
73714| release. Not defined if an error is returned. 
73715| 

7371 6| DeviceObject - Pointer to this driver's device 

| object, the device on 
7371 7| which the operation is to occur. 
73718| 

73719| Return Value: 
73720| 

73721 1 The function value is either success or failure 

| based on whether or not 
73722| fast I/O is possible for this file. 
73723 1 



73724| -7 
73725| { 

73726| PDEVICE_OBJECT deviceObject; 
73727| PFAST_IO_DISPATCH fastlo Dispatch; 
73728| 
73729| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloAcqu 

| ireForModWrite")) { 
73730| return FALSE; 
73731| } 
73732| 

73733| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73734| if ( SdeviceObject ) { 
73735| return FALSE; 
73736| } 

73737| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73738| 

73739| if ( fastloDispatch && 

73740| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, Acq u ireForModWrite) && 
73741 1 fastloDispatch->AcquireForModWrite ) { 
73742| return(fastloDispatch->AcquireForModWrite)( 
73743 1 

| FileObject, 
73744| 

| EndingOffset, 
73745| 

| ResourceTo Release, 
73746| 

| deviceObject 
73747| ); 
73748| } 
73749 1 

73750 1 return FALSE; 
73751 1 } 
73752 1 

73753 1 STATIC 

73754| NTSTATUS 

73755| SfFastloReleaseForModWrite( 

73756| IN PFILE_OBJECT FileObject, 

73757| IN PERESOURCE 

| ResourceTo Release, 
73758| IN PDEVICE_OBJECT 

| DeviceObject 
73759 1 ) 
73760| /*++ 
73761 | 

73762| Routine Description: 



73763| 

73764| This routine is the fast I/O "pass through" routine 

| for releasing the 
73765| resource previously acquired for performing a 

| modified write operation 
73766| to a file. 
73767| 

73768| This function simply invokes the next driver's 

| cooresponding routine, or 
73769| returns FALSE if the next driver does not implement 

| the function. 
73770| 

73771 1 Arguments: 
73772 1 

73773| FileObject - Pointer to the file object whose 

| resource is to be released. 
73774 1 

73775| ResourceTo Release - Specifies the modified writer 

| resource for the file 
73776| that is to be released. 
73777| 

73778| DeviceObject - Pointer to this driver's device 

| object, the device on 
73779| which the operation is to occur. 
73780 1 

73781 1 Return Value: 
73782 1 

73783| The function value is either success or failure 

| based on whether or not 
73784| fast I/O is possible for this file. 
73785| 
73786| -7 
73787| { 

73788| PDEVICE_OBJECT deviceObject; 
73789| PFAST_IO_DISPATCH fastlo Dispatch; 
73790 1 
73791| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloRele 

| aseForModWrite")) { 
73792| return FALSE; 
73793| } 
73794| 

73795| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73796| if ( IdeviceObject ) { 
73797| return FALSE; 
73798| } 

73799| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73800| 



73801 1 if ( fastloDispatch && 

73802| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, ReleaseForModWrite) && 
73803| fastloDispatch->ReleaseForModWrite ) { 
73804| return(fastloDispatch->ReleaseForModWrite)( 
73805| 

| FileObject, 
73806| 

| ResourceTo Release, 
73807| 

| deviceObject 
73808| ); 
73809 1 } 
73810| 

73811| return FALSE; 

73812| } 

73813| 

73814| STATIC 

73815| NTSTATUS 

7381 6| Sf FastloAcquireForCcFlush( 

73817| IN PFILE_OBJECT FileObject, 

73818| IN PDEVICE_OBJECT DeviceObject 

73819| ) 

73820| /*++ 

73821| 

73822| Routine Description: 
73823| 

73824| This routine is the fast I/O "pass through" routine 

| for acquiring the 
73825| appropriate file system resource prior to a call to 

| CcFlush. 
73826| 

73827| This function simply invokes the next driver's 

| cooresponding routine, or 
73828| returns FALSE if the next driver does not implement 

| the function. 
73829| 

73830| Arguments: 
73831| 

73832| FileObject - Pointer to the file object whose 

| resource is to be acquired. 
73833| 

73834| DeviceObject - Pointer to this driver's device 

| object, the device on 
73835| which the operation is to occur. 
73836| 

73837| Return Value: 
73838| 

73839| The function value is either success or failure 
| based on whether or not 



73840| fast I/O is possible for this file. 
73841 | 
73842 1 -7 
73843 1 { 

73844| PDEVICE_OBJECT device Object; 
73845| PFAST_IO_DISPATCH fastlo Dispatch; 
73846| 
73847| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloAcqu 

| ireForCcFlush")) { 
73848| return FALSE; 
73849 1 } 
73850 1 

73851 1 deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73852 1 if ( IdeviceObject ) { 
73853 1 return FALSE; 
73854| } 

73855| fastlo Dispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73856| 

73857| if ( fastloDispatch && 

73858| fastloDispatch->SizeOfFastloDispatch > 

| FIELD_OFFSET( FAST_IO_DISPATCH, AcquireForCcFlush) && 
73859| fastloDispatch->AcquireForCcFlush ) { 
73860| return(fastloDispatch->AcquireForCcFlush)( 
73861 | 

| FileObject, 
73862 1 

| deviceObject 
73863 1 ); 
73864| } 
73865| 

73866| return FALSE; 

73867| } 

73868| 

73869 1 STATIC 

73870| NTSTATUS 

73871 1 SfFastloReleaseForCcFlush( 

73872| IN PFILE_OBJECT FileObject, 

73873| IN PDEVICE_OBJECT DeviceObject 

73874| ) 

73875| /*++ 

73876| 

73877| Routine Description: 
73878| 

73879| This routine is the fast I/O "pass through" routine 

| for releasing the 
73880| appropriate file system resource previously 

| acquired for a CcFlush. 



73881 | 

73882| This function simply invokes the next driver's 

| cooresponding routine, or 
73883| returns FALSE if the next driver does not implement 

| the function. 
73884| 

73885| Arguments: 
73886| 

73887| FileObject - Pointer to the file object whose 

| resource is to be released. 
73888| 

73889| DeviceObject - Pointer to this driver's device 

| object, the device on 
73890| which the operation is to occur. 
73891| 

73892| Return Value: 
73893| 

73894| The function value is either success or failure 

| based on whether or not 
73895| fast I/O is possible for this file. 
73896| 
73897| -7 
73898| { 

73899| PDEVICE_OBJECT deviceObject; 
73900| PFAST_IO_DISPATCH fastlo Dispatch; 
73901| 
73902| 

| if(FastloCommonStuff(DeviceObject,FileObject,"FastloRele 

| aseForCcFlush")) { 
73903| return FALSE; 
73904| } 
73905| 

73906| deviceObject = ((PFS_FILTER_EXTENSION) 

| (GetDeviceExtension(DeviceObject)))->TargetDeviceObject; 
73907| if ( IdeviceObject ) { 
73908| return FALSE; 
73909| } 

7391 0| fastloDispatch = 

| deviceObject->DriverObject->FastloDispatch; 
73911| 

73912| if ( fastloDispatch && 

73913| fastloDispatch->SizeOf FastloDispatch > 

| FIELD_OFFSET( FAST_IO_D IS PATCH, ReleaseForCcFlush) && 
73914| fastloDispatch->ReleaseForCcFlush ) { 
73915| return(fastloDispatch->ReleaseForCcFlush)( 
73916| 

| FileObject, 
73917| 

| deviceObject 
73918| ); 



73919| } 
73920| 

73921 1 return FALSE; 
73922 1 } 
73923 | 

73924| STATIC 
73925| NTSTATUS 

73926| QuerylnformationCompletionRoutine( 
73927| IN PDEVICE_OBJECT 

| DeviceObject, 
73928| IN PIRP Irp, 

73929| IN PVOID Context 

73930 1 ) 
73931| { 

73932| PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
73933| 

73934| if(!NT_SUCCESS(lrp->loStatus. Status)) { 
73935| Debug(DEBUG_SFILTER,("SFILTER: 

| QuerylnformationCompletion: Error 

| %08x\n",lrp->loStatus. Status)); 
73936| return STATUS_SUCCESS; 
73937| } 
73938| 
73939| 

| switch(lrpSp->Parameters.SetFile.FilelnformationClass) 

|{ 
73940| 

73941 1 case FileDirectorylnformation : { 
73942| PFILE_DIRECTORY_INFORMATION 

| lnfo=(PFILE_DIRECTORY_INFORMATION)lrp->Associatedlrp.Sys 

| temBuffer; 

73943| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileDirectorylnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
73944| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x\n" 
73945| "SFILTER: NEO=%08x, Fl=%08x, 

| eof=%l64x, alloc=%l64x, attr=%08x\n" 



73946| 


"SFILTER: fnl=%08x, '%-*.*SW\ 


73947| 


lnfo->CreationTime, 


73948| 


I nf o ->Last AccessTi me, 


73949 1 


I nf o ->Last WriteTi me, 


73950 1 


lnfo->ChangeTime, 


73951 | 


I nfo->NextEntry Offset, 


73952 | 


lnfo->Filelndex, 


73953 1 


lnfo->EndOfFile, 


73954| 


lnfo->AllocationSize, 


73955| 


lnfo->FileAttributes, 


73956| 


lnfo->FileNameLength / 



I sizeof(WCHAR),lnfo->FileNameLength / 

| sizeof(WCHAR),lnfo->FileNameLength / sizeof(WCHAR), 

73957| lnfo->FileName 

73958| )); 

73959| 

73960| 

73961 1 break; 
73962 1 } 

73963| case FileFullDirectorylnformation : { 
73964| PFILE_FULL_DIR_INFORMATION 

| lnfo=(PFILE_FULL_DIR_INFORMATION)lrp->Associatedlrp.Syst 

| emBuffer; 

73965| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileFullDirectorylnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
73966| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x\n" 
73967| "SFILTER: NEO=%08x, Fl=%08x, 

| eof=%l64x, alloc=%l64x, attr=%08x\n M 



73968| 


"SFILTER: fnl=%08x, '%-**S'\n". 


73969 1 


lnfo->CreationTime, 


73970 1 


lnfo->LastAccessTime, 


73971 | 


lnfo->LastWriteTime, 


73972 1 


lnfo->ChangeTime, 


73973 1 


I nfo->NextEntry Offset, 


73974| 


lnfo->Filelndex, 


73975| 


lnfo->EndOfFile, 


73976| 


lnfo->AllocationSize, 


73977| 


lnfo->FileAttributes, 


73978| 


lnfo->FileNamel_ength / 



| sizeof(WCHAR),lnfo->FileNameLength / 



| sizeof(WCHAR),lnfo->FileNamel_ength / sizeof(WCHAR), 
73979| lnfo->FileName 
73980| )); 
73981 1 break; 
73982 1 } 

73983| case FileBothDirectorylnformation : { 
73984| PFILE_BOTH_DIR_INFORMATION 

| I nf o= ( P F I L E_BOTH_D I R_l N FO RM ATI ON ) I rp-> Associated I rp . Syst 

| emBuffer; 

73985| Debug(DEBUG_SFILTER, ("SFILTER: Get 

| FileBothDirectorylnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
73986| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x\n" 
73987| "SFILTER: NEO=%08x, Fl=%08x, 

| eof=%l64x, alloc=%l64x, attr=%08x\n" 
73988| "SFILTER: fnl=%08x, '%-*.*S'\n" 

73989| "SFILTER: snl=%08x, '%-*.*S'\n", 

73990| lnfo->CreationTime, 



73991 | 


I nf o ->Last AccessTi me, 


73992 | 


I nf o ->LastWriteTi me, 


73993 | 


lnfo->ChangeTime, 


73994| 


I nfo->NextEntry Offset, 


73995| 


lnfo->Filelndex, 


73996| 


lnfo->EndOfFile, 


73997| 


lnfo->AllocationSize, 


73998| 


lnfo->FileAttributes, 


73999 | 


lnfo->FileNameLength / 



| sizeof(WCHAR),lnfo->FileNameLength / 

| sizeof(WCHAR),lnfo->FileNameLength / sizeof(WCHAR), 

74000| lnfo->FileName, 

74001 1 lnfo->ShortNamel_ength / 

| sizeof(WCHAR),lnfo->ShortNameLength / 
| sizeof(WCHAR),lnfo->ShortNameLength / sizeof(WCHAR), 

74002| lnfo->ShortName 

74003| )); 

74004| break; 

74005| } 

74006| case FileBasiclnformation : { 
74007| PFILE_BASIC_INFORMATION 

| Basic=(PFILE_BASIC_INFORMATION)lrp->Associatedlrp.System 

| Buffer; 

74008| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileBasiclnformation for PSM file 

| %08x\n'\lrpSp->FileObject)); 
74009| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x, Attr=%08x\n M , 
7401 0| Basic->CreationTime, 
7401 1 1 Basic->LastAccessTime, 
7401 2| Basic->LastWriteTime, 
7401 3| Basic->ChangeTime, 
7401 4| Basic->FileAttributes 
74015| )); 
74016| break; 
74017| } 

74018| case FileStandardlnformation : { 
74019| PFILE_STANDARD_INFORMATION 

| lnfo=(PFILE_STANDARD_IN FORMATION)! rp->Associatedlrp.Syst 

| emBuffer; 

74020| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileStandardlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74021 1 Debug(DEBUG_SFILTER,("SFILTER: 

| Alloc=%l64x, eof=%l64x, nl=%d, dp=%d, dir=%d\n", 
74022| lnfo->AllocationSize, 
74023| lnfo->EndOfFile, 
74024| lnfo->NumberOfLinks, 
74025| lnfo->DeletePending, 
74026| lnfo->Directory 



74027| )); 
74028| break; 
74029| } 

74030| case Filelnternallnformation : { 

74031 1 PFILE_INTERNAL_IN FORMATION 

| lnfo=(PFILE_INTERNAL_INFORMATION)lrp->Associatedlrp.Syst 

| emBuffer; 

74032| Debug(DEBUG_SFILTER,("SFILTER: Get 

| Filelnternallnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74033| Debug(DEBUG_SFILTER,("SFILTER: 

| index=%l64x\n", 
74034| lnfo->lndexNumber 
74035| )); 
74036| break; 
74037| } 

74038| case FileEalnformation : { 

74039| Debug(DEBUG_SFILTER,("SFILTER: 

| FileEalnformation FilePositionlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74040 1 break; 
74041 1 } 

74042| case FileAccesslnformation : { 
74043| PFILE_ACCESS_INFORMATION 

| lnfo=(PFILE_ACCESS_INFORMATION)lrp->Associatedlrp.System 

| Buffer; 

74044| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileAccesslnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74045| Debug(DEBUG_SFILTER,("SFILTER: 

| access=%08x\n", 
74046 1 I nf o -> Access F I ags 

74047| )); 
74048| break; 
74049 1 } 

74050| case FileNamelnformation : { 
74051 1 PFILENAMEIN FORMATION 

| lnfo=(PFILE_NAME_IN FORMATION) lrp->Associatedlrp.SystemBu 

Iffer; 

74052| Debug(DEBUG_SFILTER,("SFILTER: 
| FileNamelnformation FilePositionlnformation for PSM 
| file %08x\n",lrpSp->FileObject)); 

74053| Debug(DEBUG_SFILTER,("SFILTER: fnl=%d, 

| fn='%-*.*S'\n M , 

74054| lnfo->FileNameLength / 

| sizeof(WCHAR),lnfo->FileNamel_ength / 
| sizeof(WCHAR),lnfo->FileNamel_ength / sizeof(WCHAR), 

74055| lnfo->FileName 

74056| )); 

74057| break; 



74058| } 

74059| case FileRenamelnformation : { 
74060| PFILE_RENAME_INFORMATION 

| Ren=(PFILE_RENAME_INFORMATION)lrp->Associatedlrp.SystemB 

| uffer; 

74061 1 Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileRenamelnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74062| Debug(DEBUG_SFILTER,("SFILTER: rie=%d, 

| rd=%08x, fnl=%d, fn='%-*.*S'\n", 
74063| Ren->Replacelf Exists, 

740 64 1 Re n -> Root D i recto ry , 

74065| Ren->FileNameLength / 

| sizeof(WCHAR),Ren->FileNamel_ength / 

| sizeof(WCHAR),Ren->FileNameLength / sizeof(WCHAR), 
74066| Ren->FileName 
74067| )); 
74068| break; 
74069 1 } 

74070| case FileLinklnformation : { 
74071 1 PFILE_LINK_INFORMATION 

| Ren=(PFILE_LINK_INFORMATION)lrp->Associatedlrp.SystemBuf 

|fer; 

74072| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileLinklnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74073| Debug(DEBUG_SFILTER,("SFILTER: rie=%d, 

| rd=%08x, fnl=%d, fn='%-*.*S'\n", 
74074| Ren->Replacelf Exists, 

740 75 1 Re n -> Root D i recto ry , 

74076| Ren->FileNamel_ength / 

| sizeof(WCHAR),Ren->FileNameLength / 

| sizeof(WCHAR),Ren->FileNamel_ength / sizeof(WCHAR), 
74077| Ren->FileName 
74078| )); 
74079 1 break; 
74080 1 } 

74081 1 case FileNameslnformation : { 
74082| PFILE_NAMES_INFORMATION 

| lnfo=(PFILE_NAMES_INFORMATION)lrp->Associatedlrp.SystemB 

| uffer; 

74083| Debug(DEBUG_SFILTER,("SFILTER: 
| FileNameslnformation FilePositionlnformation for PSM 
| file %08x\n",lrpSp->FileObject)); 

74084| break; 

74085| } 

74086| case FileDispositionlnformation : { 
74087| PFILE_DISPOSITION_INFORMATION 

| lnfo=(PFILE_DISPOSITION_INFORMATION)lrp->Associatedlrp.S 

| ystem Buffer; 



74088| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileDispositionlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74089| Debug(DEBUG_SFILTER,("SFILTER: 

| Disp=%d\n", 
74090| lnfo->DeleteFile 
74091| )); 
74092| break; 
74093| } 

74094| case FilePositionlnformation : { 
74095| PFILE_POSITION_INFORMATION 

| Pos=(PFILE_POSITION_INFORMATION)lrp->Associatedlrp.Syste 

| mBuffer; 

74096| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FilePositionlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74097| Debug(DEBUG_SFILTER,("SFILTER: 

| Pos=%l64x\n M ,Pos->CurrentByteOffset)); 
74098| break; 
74099| } 

74100| case FileFullEalnformation : { 
74101| PFILEFULLEAINFORMATION 

| lnfo=(PFILE_FULL_EA_INFORMATION)lrp->Associatedlrp.Syste 

| mBuffer; 

74102| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileFullEalnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74103| break; 
74104| } 

74105| case FileModelnformation : { 
741 06| PFILE_MODE_INFORMATION 

| lnfo=(PFILE_MODE_INFORMATION)lrp->Associatedlrp.SystemBu 

Iffer; 

741 07| Debug(DEBUG_SFILTER,("SFILTER: 
| FileModelnformation FilePositionlnformation for PSM 
| file %08x\n",lrpSp->FileObject)); 

74108| Debug(DEBUG_SFILTER,("SFILTER: 
| Mode=%08x\n M , 

74109| lnfo->Mode 

74110| )); 

741 1 1 1 break; 

74112| } 

74113| case FileAlignmentlnformation : { 
74114| PFILE_ALIGNMENT_INFORMATION 

| lnfo=(PFILE_ALIGNMENT_INFORMATION)lrp->Associatedlrp.Sys 

| temBuffer; 

741 15| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileAlignmentlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74116| Debug(DEBUG_SFILTER,("SFILTER: 



I Align=%d\n", 
741 1 7| lnfo->AlignmentRequirement 
74118| )); 
74119| break; 
74120| } 

74121| case FileAlllnformation : { 
74122| PFILEALLINFORMATION 

| AII=(PFILE_ALL_INFORMATION)lrp->Associatedlrp.SystemBuff 

I er; 

74123| Debug(DEBUG_SFILTER,("SFILTER: 
| FileAlllnformation FilePositionlnformation for PSM file 
| %08x\n",lrpSp->FileObject)); 
74124| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x, Attr=%08x\n", 
741 25| AII->Basiclnformation.CreationTime, 
74126| AII->Basiclnformation.LastAccessTime, 
74127| AII->Basiclnformation.LastWriteTime, 
741 28| AII->Basiclnformation.ChangeTime, 
74129| AII->Basiclnformation.FileAttributes 
74130| )); 

74131 1 Debug(DEBUG_SFILTER,("SFILTER: 

| Alloc=%l64x, eof=%l64x, nl=%d, dp=%d, dir=%d\n", 
74132| 

| AII->Standardlnformation.AllocationSize, 
74133| AII->Standardlnformation.EndOfFile, 
74134| AII->Standardlnformation.NumberOfLinks, 
74135| AII->Standardlnformation.DeletePending, 
74136| AII->Standardlnformation. Directory 

74137| )); 

74138| Debug(DEBUG_SFILTER,("SFILTER: 

| index=%l64x\n",AII->lnternallnformation.lndexNumber)); 
74139| //ea 

74140| Debug(DEBUG_SFILTER,("SFILTER: 

| access=%08x\n",AII->Accesslnformation.AccessFlags)); 

74141 1 Debug(DEBUG_SFILTER,("SFILTER: 

| Pos=%l64x\n",AII->Positionlnformation.CurrentByteOffset) 

I); 

74142| Debug(DEBUG_SFILTER,("SFILTER: 

| Mode=%08x\n",AII->Modelnformation.Mode)); 
74143| Debug(DEBUG_SFILTER,("SFILTER: 

| Align=%d\n",AII->Alignmentlnformation.AlignmentRequireme 

I nt)); 

74144| Debug(DEBUG_SFILTER,("SFILTER: fnl=%d, 

| fn='%-*.*S'\n M , 
74145| AII->Namelnformation.FileNameLength / 

| sizeof(WCHAR),AII->Namelnformation.FileNameLength / 

| sizeof(WCHAR),AII->Namelnformation.FileNameLength / 

| sizeof(WCHAR), 
741 46| AII->Namelnformation. FileName 

74147| )); 



74148| 

74149| break; 
74150| } 

74151| case FileAllocationlnformation : { 
74152| PFILE_ALLOCATION_IN FORMATION 

| Alloc=(PFILE_ALLOCATION_INFORMATION)lrp->Associatedlrp.S 

| ystem Buffer; 

74153| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileAllocationlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74154| Debug(DEBUG_SFILTER,("SFILTER: 

| alloc=%l64x\n M ,Alloc->AllocationSize)); 
74155| break; 
74156| } 

74157| case FileEndOfFilelnformation : { 

74158| PFILE_END_OF_FILE_INFORMATION 

| End=(PFILE_END_OF_FILE_INFORMATION)lrp->Associatedlrp.Sy 

| stem Buffer; 

74159| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileEndOfFilelnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
741 60 1 Debug(DEBUG_SFILTER,("SFILTER: 

| %l64x\n",End->EndOfFile)); 
74161| break; 
74162| } 

74163| case FileAlternateNamelnformation : { 
74164| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileAlternateNamelnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74165| break; 
74166| } 

74167| case FileStreamlnformation : { 
74168| PFILE_STREAM_IN FORMATION 

| lnfo=(PFILE_STREAM_INFORMATION)lrp->Associatedlrp. System 

| Buffer; 

741 69 1 Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileStreamlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74170| break; 
74171| } 

74172| case FilePipelnformation : { 
74173| PFILE_PIPE_INFORMATION 

| lnfo=(PFILE_PIPE_INFORMATION)lrp->Associatedlrp.SystemBu 

Iffer; 

74174| Debug(DEBUG_SFILTER,("SFILTER: 
| FilePipelnformation FilePositionlnformation for PSM 
| file %08x\n",lrpSp->FileObject)); 

74175| break; 

74176| } 

74177| case FilePipeLocallnformation : { 



74178| PFILE_PIPE_LOCAL_INFORMATION 

| lnfo=(PFILE_PIPE_LOCAL_INFORMATION)lrp->Associatedlrp.Sy 
| stem Buffer; 

741 79 1 Debug(DEBUG_SFILTER,("SFILTER: Get 

| FilePipeLocallnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74180| break; 
74181| } 

74182| case FilePipeRemotelnformation : { 
74183| PFILE_PIPE_REMOTE_INFORMATION 

| lnfo=(PFILE_PIPE_REMOTE_INFORMATION)lrp->Associatedlrp.S 

| ystem Buffer; 

74184| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FilePipeRemotelnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74185| break; 
74186| } 

74187| case FileMailslotQuerylnformation : { 
74188| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileMailslotQuerylnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74189| break; 
74190| } 

74191| case FileMailslotSetlnformation : { 

74192| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileMailslotSetlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74193| break; 
74194| } 

74195| case FileCompressionlnformation : { 
74196| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileCompressionlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74197| break; 
74198| } 

74199| case FileObjectldlnformation : { 

74200| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileObjectldlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74201| break; 
74202| } 

74203| case FileCompletionlnformation : { 

74204| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileCompletionlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74205| break; 
74206| } 

74207| case FileMoveClusterlnformation : { 
74208| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileMoveClusterlnformation for PSM file 



I %08x\n",lrpSp->FileObject)); 
74209| break; 
74210| } 

7421 1 1 case FileQuotalnformation : { 

74212| Debug(DEBUG_SFILTER,("SFILTER: 

| FileQuotalnformation FilePositionlnformation for PSM 

| file %08x\n",lrpSp->FileObject)); 
74213| break; 
74214| } 

74215| case FileReparsePointlnformation : { 
74216| Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileReparsePointlnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74217| break; 
74218| } 

74219| case FileNetworkOpenlnformation : { 

74220| PFILENETWORKOPENINFORMATION 

| lnfo=(PFILE_NETWORK_OPEN_INFORMATION)lrp->Associatedlrp. 

| System Buffer; 
74221 1 Debug(DEBUG_SFILTER,("SFILTER: Get 

| FileNetworkOpenlnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74222| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, 

| A=%l64x, W=%l64x, Ch=%l64x\n" 
74223| "SFILTER: Alloc=%l64x, eof=%l64x, 

| attr=%08x\n", 
74224| lnfo->CreationTime, 
74225| lnfo->LastAccessTime, 
74226| lnfo->LastWriteTime, 
74227| lnfo->ChangeTime, 
74228| lnfo->AllocationSize, 
74229| lnfo->EndOfFile, 
74230| lnfo->FileAttributes 
74231| )); 
74232| 

74233| break; 
74234| } 

74235| case FileAttributeTaglnformation : { 

74236| PFILE_ATTRIBUTE_TAG_INFORMATION 

| lnfo=(PFILE_ATTRIBUTE_TAG_INFORMATION)lrp->Associatedlrp 

| .SystemBuffer; 
74237| Debug(DEBUG_SFILTER, ("SFILTER: Get 

| FileAttributeTaglnformation for PSM file 

| %08x\n",lrpSp->FileObject)); 
74238| Debug(DEBUG_SFILTER, ("SFILTER: Attr=%08x, 

| Tag=%08x\n",lnfo->FileAttributes,lnfo->ReparseTag)); 
74239| break; 
74240| } 

74241| case FileTrackinglnformation : { 

74242| Debug(DEBUG_SFILTER, ("SFILTER: Get 



[ FileTrackinglnformation for PSM file 

| %08x\n M ,lrpSp->FileObject)); 
74243| break; 
74244| } 
74245| 
74246| } 

74247| return STATUS_SUCCESS; 

74248| } 

74249| 

74250| NTSTATUS 

74251| SfFsQuery Information 

74252| IN PDEVICE_OBJECT DeviceObject, 

74253| IN PIRP Irp 

74254| ) 
74255| { 

74256| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
74257| 

74258| switch ( PsmGetObjectType(DeviceObject) ) { 

74259| case OBJECT FILTEREDDISK : 

74260| //Debug(DEBUG_SFILTER,("SFILTER: Query: fd 

| %08x\n", DeviceObject)); 
74261| return PSManFSPassThru( DeviceObject, Irp 

I); 

74262| case OBJECT_FS_FILTER : 

74263| //Debug(DEBUG_SFILTER,("SFILTER: Query: fs 

| %08x\n", DeviceObject)); 
74264| 
74265| 

| if(FilelsPSM(loGetCurrentlrpStackLocation(lrp)->FileObje 
|ct, FALSE)) { 

74266| loCopyCurrentlrpStackl_ocationToNext( 

I "rp ); 
74267| 

74268| loSetCompletionRoutine( 
74269| Irp, 
74270| 

| QuerylnformationCompletionRoutine, 
74271| NULL, // arg 

74272| TRUE, 
74273| FALSE, 
74274| FALSE 
74275| ); 
74276| 

74277| return 

| loCallDriver(((PFILTERED_EXTENSION)GetDeviceExtension(De 

| viceObject))->TargetDeviceObject, Irp); 
74278| } else { 

74279| // pass it down 

74280| return PSManFSPassThru( DeviceObject, 

I "rp ); 



74281 1 } 

74282| case OBJECTJNTERNAL 

74283| case OBJECT_VIRTUALDISK : 

74284| caseOBJECT_FS_OBJECT : 

74285| //Debug(DEBUG_SFILTER,("SFILTER: Dir: Obj 

| %08x\n",DeviceObject)); 
74286| break; 
74287| default: 

74288| Status = STATUS_NO_SUCH_DEVICE; 

74289 1 break; 
74290 1 } 
74291 | 

74292| lrp->loStatus. Information = 0; 

74293| lrp->loStatus.Status = Status; 

74294| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

74295 1 return Status; 

74296| } 

74297| 

74298| NTSTATUS DeleteAIIMaps( PFILTERED EXTENSION DevExt ) 
74299 1 { 

74300| WCHAR *LocalReg; 
74301| 

74302| Debug(DEBUG_DICT,("DeleteAIIMaps %08x %08x 

| %08x\n",DevExt->Cache.HeaderFile. Direct, DevExt->Cache. In 

| dexFile.Direct,DevExt->Cache.CacheFile. Direct)); 
74303| KeEnterCriticalRegion(); 
74304| pmAcquireWriterLock ( 

| &DevExt->Cache.DirectAccessResource, TRUE ); 
74305| Direct Access File *oldHeaderDirect = 

| DevExt->Cache.HeaderFile. Direct; 
74306| Direct Access File *oldlndexDirect = 

| DevExt->Cache.lndexFile. Direct; 
74307| DirectAccessFile "oldCacheDirect = 

| DevExt->Cache.CacheFile. Direct; 
74308| DevExt->Cache.HeaderFile. Direct = NULL; 
74309| DevExt->Cache.lndexFile. Direct = NULL; 
74310| DevExt->Cache.CacheFile. Direct = NULL; 
7431 1 1 pmReleaseWriterLock ( 

| &DevExt->Cache.DirectAccessResource ); 
74312| KeLeaveCriticalRegion(); 
74313| 

74314| delete oldHeaderDirect; 
74315| delete oldlndexDirect; 
7431 6| delete oldCacheDirect; 

74317| oldHeaderDirect = oldlndexDirect = oldCacheDirect = 

| NULL; 
74318| 

74319| LocalReg=(WCHAR*)MemAllocateString(256); 

74320| if(LocalReg) { 

74321| 



I RtlCopyMemory(LocalReg,gRegistryPath.Buffer,gRegistryPat 
| h. Length); 

74322| LocalReg[gRegistryPath.Length / 2] = 0; 

74323| wcscat(LocalReg,L"\\"); 

74324| wcscat(LocalReg,DevExt->VolumeGuid); 

74325| 

74326| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 
| CacheMap"); 
74327| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 
| IndexMap"); 
74328| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 

| HeaderMap"); 
74329| 
74330| #if 0 

74331 1 // FIXFIXFIX need to delete from all nodes in 

| cluster, not just this node 
74332 1 

| wcscpy(LocalReg,L"\\Registry\\Machine\\Cluster\\Persiste 

| ntStorageManagerW"); 
74333| wcscat(LocalReg,DevExt->Uniqueld); 
74334| 

| if(RtlCheckRegistryKey(RTL_REGISTRY_ABSOLUTE,LocalReg)== 

| STATUS_SUCCESS) { 
74335| // delete it 

74336| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 
| CacheMap"); 
74337| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 
| IndexMap"); 
74338| 

| RtlDeleteRegistryValue(RTL_REGISTRY_ABSOLUTE,LocalReg,L" 

| HeaderMap"); 
74339 1 } 
74340| #endif 
74341 | 

74342| MemFreeString(LocalReg); 
74343 1 } 

74344| return STATUS_SUCCESS; 

74345| } 

74346| 

74347| NTSTATUS 
74348| SfFsSetlnformation( 

74349| IN PDEVICE_OBJECT DeviceObject, 

74350| IN PIRP Irp 

74351 | ) 
74352| { 



74353| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
74354| 

74355| switch ( PsmGetObjectType(DeviceObject) ) { 

74356| case OBJECT FILTEREDDISK : 

74357| //Debug(DEBUG_SFILTER,("SFILTER: Setlnfo: 

| fd %08x\n",DeviceObject)); 

74358| return PSManFSPassThru( DeviceObject, Irp 

I); 

74359| case OBJ ECT_FS_FILTER :{ 

74360| PFS_FILTER_EXTENSION DevExt = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
74361 1 PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
74362| ASSERT(DevExt->ObjectType == 

| OBJECT_FS_FILTER); 
74363 1 

74364| //Debug(DEBUG_SFILTER,("SFILTER: Dir: 

| fs %08x\n M , DeviceObject)); 
74365| if ( (DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
74366| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(DevExt->PS 

| MStorageObject); 
74367| if ( VDiskExt->SnapShot ) { 

74368| pPersistentDictionary 

| dictionary = 

| (pPersistentDictionary)VDiskExt->SnapShot->Dictionary; 
74369| ASSERT ( dictionary != NULL ); 

74370| if ( dictionary != NULL ) { 

74371 1 if ( 

| dictionary->lsReadOnly() ) { 
74372 1 if ( 

| FilelsReadOnly(lrpSp->FileObject) ) { 
74373| // virtual volume 

| is marked readonly, deny this write 
74374| 

| Debug(DEBUG_SFILTER,("SFILTER: %08x attempted on read 
| only 

| volume\n",lrpSp->Parameters.SetFile.FilelnformationClass 

I)); 

74375| 

| lrp->loStatus.Status = STATUS_MEDIA_WRITE_PROTECTED; 
74376| 

| lrp->loStatus. Information = 0; 
74377| loCompleteRequest( 

| Irp, IO_NO_INCREMENT); 
74378| return 

| STATUS_MEDIA_WRITE_PROTECTED; 
74379 1 } 
74380| } else { 



74381 1 // not a read-only 

| snapshot. Need to check cache usage... 
74382| if ( !(gVDisklOHandling 

| & PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS) ) { 
74383 1 if ( 

| dictionary->lsCacheWarningThresholdReached() ) { 
74384| if ( 

| FilelsOpenOnSnapShot(lrpSp->FileObject, FALSE) ) { 
74385| // Fail the 

| write to the snapshot because too much cache is in 

| use... 

74386| NTSTATUS 

| Status = lrp->loStatus. Status = STATUS_DISK_FULL; 
74387| 

| lrp->loStatus. Information = 0; 
74388| 

| loCompleteRequest( Irp, IO_NO_INCREMENT ); 
74389 1 

| Debug(DEBUG_SFILTER,("SfFsSetlnformation: Reporting 

| STATUS_DISK_FULL; DevExt=%08x, VDiskExt=%08x\n M ,DevExt, 

| VDiskExt)); 



74390 1 return 
| Status; 

74391| } 

74392| } 

74393| } 

74394| } 

74395| } 

74396| } 

74397| } else 

74398| if ( (!(DevExt->Virtual)) && 

| (DevExt->PSMStorageObject) ) { 
74399| PFILTERED_EXTENSION 



| FiltExt=(PFILTERED_EXTENSION)GetDeviceExtension(DevExt-> 

| PSMStorageObject); 
74400| 
74401| 

| if(FilelsPSM(lrpSp->FileObject,FALSE)) { 
74402| //filtered disk 

74403| 

| switch(lrpSp->Parameters.SetFile.FilelnformationClass) 

|{ 
74404| 

74405| case 

| FileAllocationlnformation: { 
74406| 

| PFILE ALLOCATION IN FORMATION 

| Alloc=(PFILE_ALLOCATION_INFORMATION)lrp->Associatedlrp.S 
| ystem Buffer; 
74407| 



I Debug(DEBUG_SFILTER,("SFILTER: Set 
| FileAllocationlnformation for PSM file 
| %08x\n",lrpSp->FileObject)); 
74408| 

| Debug(DEBUG_SFILTER,("SFILTER: 
| alloc=%l64x\n",Alloc->AllocationSize)); 



74409| break; 

74410| } 

7441 1 1 case FileLinklnformation: { 
74412| PFILE_LINK_INFORMATION 



| Ren=(PFILE_LINK_INFORMATION)lrp->Associatedlrp.SystemBuf 
|fer; 
74413| 

| Debug(DEBUG_SFILTER,("SFILTER: Set FileLinklnformation 
| for PSM file %08x\n M ,lrpSp->FileObject)); 
74414| 

| Debug(DEBUG_SFILTER,("SFILTER: rie=%d, rd=%08x, 

| fnl=%d, fn='%-*.*S'\n M , 
74415| 

| Ren->ReplacelfExists, 
7441 6| Ren->RootDirectory, 
7441 7| Ren->FileNameLength 

| / sizeof(WCHAR),Ren->FileNamel_ength / 

| sizeof(WCHAR),Ren->FileNamel_ength / sizeof(WCHAR), 
7441 8| Ren->FileName 
74419| 

74420| )); 
74421| break; 
74422| } 
74423| case 
| FilePositionlnformation: { 
74424| 

| PFILE_POSITION_INFORMATION 

| Pos=(PFILE_POSITION_INFORMATION)lrp->Associatedlrp.Syste 

| mBuffer; 
74425| 
74426| 

| Debug(DEBUG_SFILTER,("SFILTER: Set 
| FilePositionlnformation for PSM file 
| %08x\n M ,lrpSp->FileObject)); 
74427| 

| Debug(DEBUG_SFILTER,("SFILTER: 
| Pos=%l64x\n M ,Pos->CurrentByteOffset)); 



74428| // changes file 

| position, we dont care. 
74429| break; 

74430| } 

74431 1 case FileBasiclnformation: 
|{ 

74432| PFILE_BASIC_INFORMATION 



I Basic=(PFILE_BASIC_INFORMATION)lrp->Associatedlrp.System 
| Buffer; 
74433| 

| Debug(DEBUG_SFILTER,("SFILTER: Set FileBasiclnformation 
| for PSM file %08x\n'\lrpSp->FileObject)); 
74434| 

| Debug(DEBUG_SFILTER,("SFILTER: Cr=%l64x, A=%l64x, 

| W=%l64x, Ch=%l64x, Attr=%08x\n M , 
74435| 

| Basic->CreationTime, 
74436| 

| Basic->LastAccessTime, 
74437| 

| Basic->LastWriteTime, 
74438| Basic->ChangeTime, 
74439| 

| Basic->FileAttributes 
74440| )); 
74441 1 // changes times and 

| attributes of files., we dont care.. 
74442 1 break; 
74443 1 } 

74444| case FileRenamelnformation: 

|{ 
74445| 

| PFILE_RENAME_IN FORMATION 

| Ren=(PFILE_RENAME_INFORMATION)lrp->Associatedlrp.SystemB 
| uffer; 
74446| 

| Debug(DEBUG_SFILTER,("SFILTER: Set 
| FileRenamelnformation for PSM file 
| %08x\n M ,lrpSp->FileObject)); 
74447| 

| Debug(DEBUG_SFILTER,("SFILTER: rie=%d, rd=%08x, 

| fnl=%d, fn='%-*.*S'\n", 
74448| 

| Ren->ReplacelfExists, 
74449| Ren->RootDirectory, 
74450| Ren->FileNameLength 

| / sizeof(WCHAR),Ren->FileNamel_ength / 

| sizeof(WCHAR),Ren->FileNameLength / sizeof(WCHAR), 
74451 1 Ren->FileName 
74452 1 

74453| )); 

74454| // delete our maps, 

| this is probally coming in from the files being moved 

| to the 

74455| // recycle bin 

74456| 

| ASSERT(FiltExt->lsMounted); 



74457| if(FiltExt->lsMounted) 

|{ 
74458| 

| DeleteAIIMaps(FiltExt); 
74459| 

| NotifyUserModeOfRegChangeEvent(FiltExt); 



74460| } // is mounted 

74461 1 break; 

74462 1 } 

74463 1 case 



| FileDispositionlnformation: { 
74464| 

| PFILE_DISPOSITION_INFORMATION 

| Disp=(PFILE_DISPOSITION_INFORMATION)lrp->Associatedlrp.S 
| ystem Buffer; 
74465| 

| Debug(DEBUG_SFILTER,("SFILTER: Set 
| FileDispositionlnformation for PSM file 
| %08x\n",lrpSp->FileObject)); 
74466| 

| Debug(DEBUG_SFILTER,("SFILTER: 

| %d\n",Disp->DeleteFile)); 
74467| // deletes the file 

74468 1 // we need to get rid 

| of our direct io maps in the devext, local registry, 

| and cluster registry 
74469| // cant do things to 

| files if in direct mode 
74470 1 

| ASSERT(FiltExt->lsMounted); 
74471 1 if(FiltExt->lsMounted) 

|{ 
74472 | 

| DeleteAIIMaps(FiltExt); 
74473 1 

| NotifyUserModeOfRegChangeEvent(FiltExt); 



74474| } // is mounted 

74475| break; 

74476| } 

74477 1 case 



| FileEndOfFilelnformation: { 
74478| 

| PFILE_END_OF_FILE_INFORMATION 

| End=(PFILE_END_OF_FILE_INFORMATION)lrp->Associatedlrp.Sy 
| stem Buffer; 
74479 1 

| Debug(DEBUG_SFILTER,("SFILTER: Set 
| FileEndOfFilelnformation for PSM file 
| %08x\n",lrpSp->FileObject)); 
74480| 



I Debug(DEBUG_SFILTER,("SFILTER: 

| %l64x\n M ,End->EndOfFile)); 
74481 1 // truncates or extends 

| the file, we need to update our directio maps, local 

| registry, and cluster registry 
74482 1 

| ASSERT(FiltExt->DoDirectlO==FALSE); 
74483 1 

| ASSERT(FiltExt->lsMounted); 
74484| if(FiltExt->lsMounted) 
|{ 

74485| NTSTATUS Status; 

74486| 

| DeleteAIIMaps(FiltExt); 
74487| 

74488| Status = 

| PSMan Forward I rpSy nchronous( DeviceObject, I rp) ; 
74489 1 

| if(NT_SUCCESS(Status)) { 
74490 1 

| PersistentDictionary::StoreClustersOfFiles(FiltExt->Devi 
| ceObject); 
74491| 

| PersistentDictionary::RetrieveDirectlOMaps(FiltExt->Devi 
| ceObject, FALSE); 
74492| 

| NotifyUserModeOfRegChangeEvent(FiltExt); 
74493| } 
74494| // finish the 

| request 
74495| 

| lrp->loStatus. Status = Status; 
74496| 

| loCompleteRequest(lrp,IO_DISK_INCREMENT); 



74497| return Status; 

74498| } 

74499| break; 

74500| } 

74501| default: 

74502| 



| Debug(DEBUG_SFILTER,("SFILTER: Unknown file class %08x 
| for PSM file 

| %08x\n",lrpSp->Parameters.SetFile.FilelnformationClass,l 
| rpSp->FileObject)); 



74503| break; 

74504| } // switch 

74505| } // if psm file 

74506| } // if 

74507| return PSManFSPassThru( DeviceObject, 



I "rp ); 



74508| }//fsfilter 

74509| case OBJECTJNTERNAL 

74510| case OBJECT_VIRTUALDISK : 

74511| caseOBJECT_FS_OBJECT : 

74512| //Debug(DEBUG_SFILTER,("SFILTER: Dir: obj 

| %08x\n",DeviceObject)); 

74513| break; 

74514| default: 

74515| Status = STATUS_NO_SUCH_DEVICE; 

74516| break; 

74517| } 
74518| 

74519| lrp->loStatus. Information = 0; 

74520| lrp->loStatus.Status = Status; 

74521 1 loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

74522 1 return Status; 

74523 1 } 

74524| 

74525| NTSTATUS 

74526| SfFsDirectoryControl( 

74527| IN PDEVICE_OBJECT DeviceObject, 

74528| IN PIRP Irp 

74529 1 ) 
74530 1 { 

74531 1 NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
74532 1 

74533| switch ( PsmGetObjectType(DeviceObject) ) { 

74534| case OBJECT_FILTEREDDISK : 

74535| //Debug(DEBUG_SFILTER,("SFILTER: Dir: fd 

| %08x\n M , DeviceObject)); 

74536| return PSManFSPassThru( DeviceObject, Irp 

I); 

74537| case OBJECT_FS_FILTER : 

74538| // not currently doing anything 

74539| //Debug(DEBUG_SFILTER,("SFILTER: Dir: fs 

| %08x\n", DeviceObject)); 

74540| return PSManFSPassThru( DeviceObject, Irp 

I); 

74541 1 case OBJECTJNTERNAL 

74542| case OBJ ECT_VIRTUALDISK : 

74543| caseOBJECT_FS_OBJECT : 

74544| //Debug(DEBUG_SFILTER,("SFILTER: Dir: obj 

| %08x\n", DeviceObject)); 

74545| break; 

74546| default: 

74547| Status = STATUS_NO_SUCH_DEVICE; 

74548| break; 

74549 1 } 
74550 1 

74551 1 lrp->loStatus. Information = 0; 



74552| lrp->loStatus.Status = Status; 

74553| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

74554| return Status; 

74555| } 

74556| 

74557| 

74558| NTSTATUS 
74559| SfFsWrite( 

74560| PDEVICE_OBJECT DeviceObject, 
74561| PIRP Irp 
74562| ) 
74563| { 

74564| PFS_FILTER_EXTENSION DevExt = 

| (PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceObject); 
74565| 

74566| ASSERT(DevExt->ObjectType == OBJECT_FS_FILTER); 

74567| 

74568| if ( 

| PsmGetObjectType(DeviceObject)!=OBJECT_FS_FILTER ) { 
74569| Debug(DEBUG_SFILTER,("SFILTER: Write: Not fs 

| object\n M )); 
74570| return FALSE; 
74571 1 } 
74572 1 

74573| // ebug(DEBUG_SFILTER,("SFILTER: Write\n M )); 
74574| if ( (DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
74575| PVDISK_EXTENSION 

| VDiskExt=(PVDISK_EXTENSION)GetDeviceExtension(DevExt->PS 

| MStorageObject); 
74576| 

74577| if ( VDiskExt->SnapShot != NULL ) { 
74578| pPersistentDictionary dictionary = 

| (pPersistentDictionary) VDiskExt->SnapShot->Dictionary; 
74579| ASSERT ( dictionary != NULL ); 

74580| if ( dictionary != NULL ) { 

74581 1 PIO_STACK_LOCATION IrpSp = 

| loGetCurrentlrpStackLocation( Irp ); 
74582| if ( dictionary->lsReadOnly() ) { 

74583 1 // we check for this, because NTFS 

| will send writes down to us 
74584| // for file objects we have never 

| seen (its metadata), and if we fail 
74585| // them, lost delay writes popups 

| will occur, so only deny writes for 
74586| // file objects we have actually 

| seen 
74587| if ( 

| FilelsReadOnly(lrpSp->FileObject) ) { 
74588 1 // virtual volume is marked 



I readonly, deny this write 
74589| Debug(DEBUG_SFILTER,("SFILTER: 

| Write: Write to readonly volume\n")); 
74590| lrp->loStatus. Information = 0; 

74591 1 lrp->loStatus.Status = 

| STATUS_MEDIA_WRITE_PROTECTED; 
74592 1 

| loCompleteRequest(lrp,IO_NO_INCREMENT); 
74593 1 return 

| STATUS_MEDIA_WRITE_PROTECTED; 
74594| } else { 

74595| 

| //Debug(DEBUG_SFILTER,("SFILTER: Write: Write to 

| readonly volume for object we dont know about 

| %08x\n M ,lrpSp->FileObject)); 
74596| } 
74597| } else { 

74598| // Not a read-only snapshot. Need 

| to check cache usage... 
74599| if ( !(gVDisklOHandling & 

| PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS) ) { 
74600 1 if ( 

| dictionary->lsCacheWarningThresholdReached() ) { 
74601| if( 

| FilelsOpenOnSnapShot(lrpSp->FileObject, FALSE) ) { 
74602| // Fail the write to 

| the snapshot because too much cache is in use... 
74603| NTSTATUS Status = 

| lrp->loStatus.Status = STATUS_DISK_FULL; 
74604| 

| lrp->loStatus. Information = 0; 
74605| 

| loCompleteRequest(lrp,IO_NO_INCREMENT); 
74606| 

| Debug(DEBUG_SFILTER,("SfFs Write: Reporting 

| STATUS_DISK_FULL on virtual volume; DevExt=%08x, 

| VDiskExt=%08x\n",DevExt,VDiskExt)); 

74607| return Status; 

74608| } 

74609| } 

74610| } 

7461 1 1 } 

74612| } 

74613| } 

74614| }else 

74615| if ( (!DevExt->Virtual) && 

| (DevExt->PSMStorageObject) ) { 
7461 6| PFILTERED_EXTENSION Ext = 

| (PFILTERED_EXTENSION)GetDeviceExtension(DevExt->PSMStora 

| geObject); 



74617| 

74618| // make sure to keep in sync with 

| write: Write Device 
74619| if((Ext->PSMed) && 

| (Ext->Cache.CacheFullAction)) { 
74620| if ( (!lsCacheFile(DeviceObject,lrp)) && ( 

| !FileJsPagingFile(DeviceObject,lrp) )) { 
74621 1 ULONG CacheThreshold = 

| (ULONG)(((unsigned int64)Ext->Cache.PSManBitMapSize * 

| Ext->Cache.CacheFullActionPercent) / 100); 
74622 1 if ( 

| Ext->Cache.CurrentCacheFileSize>CacheThreshold ) { 
74623| Debug(DEBUG_SFILTER,("SFILTER: 

| Write: Above cache full action threshold; 

| CurrentCache=%08x, 

| Threshold=%08x\n",Ext->Cache.CurrentCacheFileSize, 
| CacheThreshold)); 
74624| switch(Ext->Cache.CacheFullAction) 
|{ 

74625| case CACHE_ACTION_DENY_WRITES : 

74626| // try and keep always keep 

74627| 

| if(AreThereAlwaysKeepSnapShots()) { 
74628| NTSTATUS Status = 

| lrp->loStatus.Status = STATUS_DISK_FULL; 
74629 1 

| lrp->loStatus. Information = 0; 
74630 1 

| loCompleteRequest(lrp,IO_NO_INCREMENT); 
74631| 

| Debug(DEBUG_SFILTER,("SfFsWrite: Reporting 
| STATUS_DISK_FULL on filtered volume; 
| DevExt=%08x\n",DevExt)); 



74632| return Status; 

74633| } 
74634| break; 

74635| case CACHE_ACTION_BSOD : 

74636| 



| PSManBugCheck(SB_BUG_WRITE_FILE,SB_CACHE_FULL,Ext->Cache 

| .CurrentCacheFileSize,CacheThreshold,Ext->Cache.CacheFul 

| lActionPercent); 
74637| break; 
74638| case 

| CACHE_ACTION_DELETE_ALWAYS_KEEPS: 
74639| break; 
74640| default: 
74641 1 break; 
74642 1 } 
74643| } // if above threshold 

74644| } // not cache or pagefile 



74645| } // if psmed 
74646| } // if not virtual 

74647| return PSManFSPassThru(DeviceObjectJrp); 

74648| } 

74649| 

74650| ULONG EnableWritesToNewFiles() 
74651 1 { 

74652| return NewFileWritesAllowed++; 

74653 1 } 

74654| 

74655| ULONG DisableWritesToNewFiles() 
74656| { 

74657| if(NewFileWritesAllowed) { 
74658| return NewFileWritesAllowed--; 
74659 1 } else { 
74660| #ifdef DEBUG 

74661 1 PVOID CallerAddress=0, CallersCallerAddress=0; 

74662| RtlGetCallersAddress (&CallerAddress, 
| &CallersCallerAddress); 

74663| Debug(DEBUG_DICT,("SFILTER: 
| DisableWritesToNewFiles: Caller=%08x, 
| grandpa=%08x\n M ,CallerAddress,CallersCallerAddress)); 

74664| DbgBreakPoint(); 

74665| #endif 

74666| return 0; 

74667| } 

74668| } 

74669 1 

74670| char*File_GetFSCTLFunctionName( ULONG Minor, ULONG 

| FsCtl ) 
74671 1 { 

74672| switch ( Minor ) { 

74673| case IRP_MN_USER_FS_REQUEST :{ 
74674| switch ( FsCtl ) { 

74675| case FSCTL_REQUEST_OPLOCK_LEVEL_1 : 

| return "FSCTL_REQUEST_OPLOCK_LEVEL_1 "; 
74676| case FSCTL_REQUEST_OPLOCK_LEVEL_2 : 

| return "FSCTL_REQUEST_OPLOCK_LEVEL_2"; 
74677| case FSCTL_REQUEST_BATCH_OPLOCK : 

| return "FSCTL_REQUEST_BATCH_OPLOCK"; 
74678| case FSCTL_OPLOCK_BREAK_ACKNOWLEDGE 

| : return "FSCTL OPLOCK BREAK ACKNOWLEDGE"; 
74679| case FSCTL_OPBATCH_ACK_CLOSE_PENDING : 

| return "FSCTL_OPBATCH_ACK_CLOSE_PENDING"; 
74680| case FSCTL_OPLOCK_BREAK_NOTIFY : return 

| "FSCTL OPLOCK BREAK NOTIFY"; 
74681 1 case FSCTL_LOCK_VOLUME : return 

| "FSCTL_LOCK_VOLUME"; 
74682| case FSCTL_UNLOCK_VOLUME : return 

| "FSCTL_UNLOCK_VOLUME M ; 



74683| case FSCTL_DISMOUNT_VOLUME : return 

| "FSCTLDISMOUNTVOLUME"; 
74684| case FSCTL_IS_VOLUME_MOUNTED : return 

| "FSCTLJS_VOLUME_MOUNTED M ; 
74685| case FSCTL_IS_PATH NAM E_VALI D : return 

| "FSCTL_IS_PATHNAME_VALID"; 
74686| case FSCTL MARK VOLUME DIRTY : return 

| " FSCTL_M ARK_VO LU M E_D I RTY" ; 
74687| case FSCTL_QU E RY RETRI EVAL POI NTE RS 

| : return "FSCTL_QUERY_RETRIEVAL_POINTERS"; 
74688| case FSCTL_GET_COMPRESSION : return 

| "FSCTLGETCOMPRESSION"; 
74689| case FSCTL_SET_COMPRESSION : return 

| "FSCTL_SET_COMPRESSION"; 
74690| case FSCTL_MARK_AS_SYSTEM_HIVE : return 

| "FSCTL_MARK_AS_SYSTEM_HIVE"; 
74691 1 case FSCTL_OPLOCK_BREAK_ACK_NO_2 : 

| return "FSCTL_OPLOCK_BREAK_ACK_NO_2"; 
74692| case FSCTL INVALIDATE VOLUMES : return 

| "FSCTL_INVALIDATE_VOLUMES"; 
74693| case FSCTL_QUERY_FAT_BPB : return 

| "FSCTL_QUERYFAT_BPB"; 
74694| case FSCTL_REQUEST_FILTER_OPLOCK : 

| return "FSCTLREQUESTFILTEROPLOCK"; 
74695| case FSCTL_FILESYSTEM_GET_STATISTICS : 

| return "FSCTL_FILESYSTEM_GET_STATISTICS"; 
74696| #if(_WIN32_WINNT >= 0x0400) 
74697| case FSCTL_GET_NTFS_VOLUME_DATA : 

| return " FSCTL_G ET_NTFS_VOLU M E_D ATA" ; 
74698| case FSCTL_GET_NTFS_FILE_RECORD : 

| return "FSCTL_GET_NTFS_FILE_RECORD"; 
74699| case FSCTL GET VOLUME BITMAP : return 

| "FSCTL_GET_VOLUME_BITMAP"; 
74700| case FSCTL_GET_RETRIEVAL_POINTERS : 

| return "FSCTL_G ET_RETRIEVAL_POINTERS"; 
74701 1 case FSCTL_MOVE_FILE : return 

| "FSCTLMOVEFILE"; 
74702| case FSCTL_IS_VOLUME_DIRTY : return 

| "FSCTL_IS_VOLUME_DIRTY"; 
74703| case FSCTL_GET_HFS_INFORMATION : return 

| " FSCTL_G ET_H FS_I N FO RMATION"; 
74704| case FSCTL ALLOW EXTENDED DASD IO : 

| return "FSCTL_ALLOW_EXTENDED_DASD_IO"; 
74705| #endif /* _WIN32_WINNT >= 0x0400 7 
74706| 

74707| #if(_WIN32_WINNT >= 0x0500) 

74708| case FSCTL_R E A DP ROPE RTYD ATA : return 

| " FSCTL_R E AD_P RO P E RTY_D ATA" ; 
74709| case FSCTL_WRITE_PROPERTY_DATA : return 

| " FSCTL_WR I TE_P RO P E RTYD ATA" ; 



74710| case FSCTL_FIND_FILES_BY_SID : return 

| " FSCTL FI N D_F I LES_B Y_S I D" ; 
7471 1 1 case FSCTL_DUMP_PROPERTY_DATA : return 

| "FSCTLDUMPPROPERTYDATA"; 
74712| case FSCTL_SET_OBJECT_ID : return 

| "FSCTL_SET_OBJECT_ID M ; 
74713| case FSCTL_GET_OBJECT_ID : return 

| " FSCTL_G ET_OB J ECT_I D" ; 
74714| case FSCTL DELETE OBJECT ID 

| return "FSCTL_DELETE_OBJECT_ID"; 
74715| case FSCTL_SET_REPARSE_POINT : return 

| "FSCTLSETREPARSEPOINT"; 
74716| case FSCTL_GET_REPARSE_POINT : return 

| " FSCTL G ET RE PA RS EPOI NT" ; 
7471 7| case FSCTL_DELETE_REPARSE_POINT : 

| return "FSCTL_DELETE_REPARSE_POINT"; 
74718| case FSCTL ENUM USN DATA : return 

| " FSCTL_E N U M_U S N_D ATA" ; 
74719| case FSCTL_SECURITY_ID_CHECK : return 

| "FSCTL_SECURITY_ID_CHECK"; 
74720| case FSCTL_READ_USN_JOURNAL 

| return "FSCTL_READ_USN_JOURNAL"; 
74721 1 case FSCTL_SET_OBJECT_ID_EXTENDED : 

| return " FSCTL S ET O B J E CT I D EXT ENDED"; 
74722| case FSCTL_CREATE_OR_GET_OBJECT_ID : 

| return "FSCTL_CREATE_OR_GET_OBJECT_ID"; 
74723| case FSCTL_SET_SPARSE : return 

| "FSCTL_SET_S PARSE"; 
74724| case FSCTL_SET_ZERO_DATA : return 

| " FSCTL_S ET_ZE RO_D ATA" ; 
74725| case FSCTL_QUERY_ALLOCATED_RANGES : 

| return "FSCTL_QUERY_ALLOCATED_RANGES"; 
74726| case FSCTL_ENABLE_UPGRADE : return 

| "FSCTL ENABLE UPGRADE"; 
74727| case FSCTL_SET_ENCRYPTION : return 

| "FSCTL_SET_ENCRYPTION"; 
74728| case FSCTL_ENCRYPTION_FSCTLJO : return 

| "FSCTL_ENCRYPTION_FSCTL_IO"; 
74729| case FSCTL_WRITE_RAW_ENCRYPTED : return 

| "FSCTL_WRITE_RAW_ENCRYPTED"; 
74730| case FSCTL_READ_RAW_ENCRYPTED : return 

| "FSCTL READ RAW ENCRYPTED"; 
74731 1 case FSCTL_CREATE_USN_JOURNAL : return 

| "FSCTL_CREATE_USN_JOURNAL"; 
74732| case FSCTL READ FIL E_U S N_D ATA : return 

| "FSCTL_READ_FILE_USN_DATA"; 
74733| case FSCTL_WRITE_USN_CLOSE_RECORD : 

| return "FSCTL_WRITE_USN_CLOSE_RECORD"; 
74734| case FSCTL_EXTEND_VOLUME : return 

| "FSCTL_EXTEND_VOLUME"; 



74735| case FSCTL_QUERY_USN_JOURNAL : return 

| "FSCTLQUERYUSNJOURNAL"; 
74736| case FSCTL_DELETE_USN_JOURNAL : return 

| "FSCTLDELETEUSNJOURNAL"; 
74737| case FSCTL_MARK_HANDLE : return 

| "FSCTL_MARK_HANDLE"; 
74738| case FSCTL_SIS_COPYFILE : return 

| "FSCTL_SIS_COPYFILE"; 
74739| case FSCTL_SIS_LINK_FILES : return 

| "FSCTL_SIS_LINK_FILES"; 
74740| case FSCTL_HSM_MSG : return 

| "FSCTLHSMMSG"; 
74741 1 case FSCTL_NSS_CONTROL : return 

| "FSCTL_NSS_CONTROL"; 
74742 1 case FSCTL_HSM_DATA : return 

| "FSCTL_HSM_DATA"; 
74743| case FSCTL RECALL FILE : return 

| "FSCTL_RECALL_FILE"; 
74744| case FSCTL_NSS_RCONTROL : return 

| "FSCTL_NSS_RCONTROL"; 
74745| #endif /* _WIN32_WINNT >= 0x0500 7 
74746| default: 

74747| return "FSCTL_(Unknown User Request)"; 

74748| } 
74749 1 } 

74750| case IRP_MN_MOUNT_VOLUME : return 

| M FSCTL_(MOUNT_VOLUME)"; 
74751 1 case IRP_MN_VERIFY_VOLUME : return 

| "FSCTL_(VERIFY_VOLUME) M ; 
74752| case IRP_MN_LOAD_FILE_SYSTEM : return 

| "FSCTL_(LOAD_FILE_SYSTEM) M ; 
74753| case I R P_M N_K E R N E L_C AL L : return 

| "FSCTL_(KERNEL_CALL) M ; 
74754| default: 

74755| return "FSCTL_(Unknown Minor function)"; 
74756| } 

74757| return "FSCTL_(Unknown, shouldnt ever get this)"; 
74758| } 
74759 1 
74760 1 
74761 | 

74762| #endif 
74763 1 
74764| 
74765| 

74766| File Listing: sfilter.h 

74767| 

74768| // 

74769| // Define the local routines used by this driver 
| module. This includes a 



74770 



and then invoke an I/O 



74771 



| been created/opened. 
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// a sample of how to filter a create file operation, 



// completion routine when the file has successfully 



// 



NTSTATUS 

FilterDriverEntry( 

IN PDRIVER_OBJECT DriverObject, 
IN PUNICODE_STRING RegistryPath 

); 



NTSTATUS 
SfCreate( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 
PSManFSPassThru( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 



STATIC 

NTSTATUS 

SfCreateCompletion( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp, 

IN PVOID Context 

); 

STATIC 

NTSTATUS 

SfFsControl( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC 
VOID 

SfFsNotification( 

IN PDEVICE_OBJECT DeviceObject, 
IN BOOLEAN FsActive 

); 

STATIC 
BOOLEAN 



74818| SfFastloChecklfPossible( 

74819| IN PFILE_OBJECT FileObject, 

74820| IN PLARGE_INTEGER FileOffset, 

74821| IN ULONG Length, 

74822| IN BOOLEAN Wait, 

74823| IN ULONG LockKey, 

74824| IN BOOLEAN Check For Read Ope rat ion, 

74825| OUT PIO_STATUS_BLOCK loStatus, 

74826| IN PDEVICE_OBJECT DeviceObject 

74827| ); 

74828| 

74829| STATIC 

74830| BOOLEAN 

74831| SfFastloRead( 

74832| IN PFILE_OBJECT FileObject, 

74833| IN PLARGEJNTEGER FileOffset, 

74834| IN ULONG Length, 

74835| IN BOOLEAN Wait, 

74836| IN ULONG LockKey, 

74837| OUT PVOID Buffer, 

74838| OUT PIO_STATUS_BLOCK loStatus, 

74839| IN PDEVICE_OBJECT DeviceObject 

74840| ); 

74841 | 

74842 1 STATIC 

74843 1 BOOLEAN 

74844| SfFastloWrite( 

74845| IN PFILE_OBJECT FileObject, 

74846| IN PLARGEJNTEGER FileOffset, 

74847| IN ULONG Length, 

74848| IN BOOLEAN Wait, 

74849| IN ULONG LockKey, 

74850| IN PVOID Buffer, 

74851 1 OUT PIO_STATUS_BLOCK loStatus, 

74852| IN PDEVICE_OBJECT DeviceObject 

74853 1 ); 

74854| 

74855| ULONG EnableWritesToNewFiles(); 
74856| ULONG DisableWritesToNewFiles(); 
74857| 
74858| 

74859 1 NTSTATUS 
74860 1 SfFsWrite( 

74861 1 PDEVICE_OBJECT DeviceObject, 

74862| PIRP Irp 

74863 1 ); 

74864| NTSTATUS 
74865| PSManFSCIose( 

74866| IN PDEVICE_OBJECT DeviceObject, 
74867| IN PIRP Irp 



74868| ); 

74869| 

74870| 

74871| STATIC 

74872| BOOLEAN 

74873| SfFastloQueryBasiclnfo( 

74874| IN PFILE_OBJECT FileObject, 

74875| IN BOOLEAN Wait, 

74876| OUT PFILEBASICJN FORMATION Buffer, 
74877| OUT PIO_STATUS_BLOCK loStatus, 
74878| IN PDEVICE_OBJECT DeviceObject 
74879| ); 
74880| 

74881| STATIC 

74882| BOOLEAN 

74883| SfFastloQueryStandardlnfo( 

74884| IN PFILE_OBJECT FileObject, 

74885| IN BOOLEAN Wait, 

74886| OUT PFILE_STANDARD_INFORMATION Buffer, 

74887| OUT PIO_STATUS_BLOCK loStatus, 

74888| IN PDEVICE_OBJECT DeviceObject 

74889| ); 

74890| 

74891| STATIC 

74892| BOOLEAN 

74893| SfFastloLock( 

74894| IN PFILE_OBJECT FileObject, 

74895| IN PLARGEJNTEGER FileOffset, 

74896| IN PLARGE_INTEGER Length, 

74897| PEPROCESS Processld, 

74898| ULONG Key, 

74899| BOOLEAN Fail Immediately, 

74900| BOOLEAN ExclusiveLock, 

74901 1 OUT PIO_STATUS_BLOCK loStatus, 

74902| IN PDEVICE_OBJECT DeviceObject 

74903 1 ); 

74904| 

74905| STATIC 

74906| BOOLEAN 

74907| SfFastloUnlockSingle( 

74908| IN PFILE_OBJECT FileObject, 

74909| IN PLARGEJNTEGER FileOffset, 

74910| IN PLARGEJNTEGER Length, 

7491 1 1 PEPROCESS Processld, 

74912| ULONG Key, 

74913| OUT PIO_STATUS_BLOCK loStatus, 
74914| IN PDEVICE_OBJECT DeviceObject 
74915| ); 
74916| 

749171 STATIC 



74918| BOOLEAN 

74919| SfFastloUnlockAII( 

74920| IN PFILE_OBJECT FileObject, 

74921 1 PEPROCESS Processld, 

74922| OUT PIO_STATUS_BLOCK loStatus, 

74923| IN PDEVICE_OBJECT DeviceObject 

74924 1 ); 

74925| 

74926| STATIC 

74927| BOOLEAN 

74928| SfFastloUnlockAIIByKey( 

74929| IN PFILE_OBJECT FileObject, 

74930| PVOID Processld, 

74931| ULONG Key, 

74932| OUT PIO_STATUS_BLOCK loStatus, 
74933| IN PDEVICE_OBJECT DeviceObject 
74934| ); 
74935| 

74936| STATIC 

74937| BOOLEAN 

74938| SfFastloDeviceControl( 

74939| IN PFILE_OBJECT FileObject, 

74940| IN BOOLEAN Wait, 

74941 1 IN PVOID InputBuffer OPTIONAL, 

74942| IN ULONG InputBufferLength, 

74943| OUT PVOID OutputBuffer OPTIONAL, 

74944| IN ULONG OutputBufferLength, 

74945| IN ULONG loControlCode, 

74946| OUT PIO_STATUS_BLOCK loStatus, 

74947| IN PDEVICE_OBJECT DeviceObject 

74948| ); 

74949 1 

74950 1 STATIC 
74951| VOID 

74952| SfFastloDetachDevice( 

74953| IN PDEVICE_OBJECT SourceDevice, 

74954| IN PDEVICE_OBJECT TargetDevice 

74955| ); 

74956| 

74957| STATIC 
74958| BOOLEAN 

74959| SfFastloQueryNetworkOpenlnfo( 
74960| IN PFILE_OBJECT FileObject, 
74961 1 IN BOOLEAN Wait, 

74962| OUT PFILE_NETWORK_OPEN_IN FORMATION Buffer, 

74963| OUT PIO_STATUS_BLOCK loStatus, 

74964| IN PDEVICE_OBJECT DeviceObject 

74965| ); 

74966| 

74967I STATIC 



74968| BOOLEAN 

74969| SfFastloMdlRead( 

74970| IN PFILE_OBJECT FileObject, 

74971 1 IN PLARGEJNTEGER FileOffset, 

74972| IN ULONG Length, 

74973| IN ULONG LockKey, 

74974| OUT PMDL *MdlChain, 

74975| OUT PIO_STATUS_BLOCK loStatus, 

74976| IN PDEVICE_OBJECT DeviceObject 

74977| ); 

74978| 

74979 1 

74980| STATIC 

74981| BOOLEAN 

74982| SfFastloMdlReadComplete( 

74983| IN PFILE_OBJECT FileObject, 

74984| IN PMDL MdlChain, 

74985| IN PDEVICE_OBJECT DeviceObject 

74986| ); 

74987| 

74988| STATIC 

74989| BOOLEAN 

74990| SfFastloPrepareMdlWrite( 

74991 1 IN PFILE_OBJECT FileObject, 

74992| IN PLARGEJNTEGER FileOffset, 

74993| IN ULONG Length, 

74994| IN ULONG LockKey, 

74995| OUT PMDL *MdlChain, 

74996| OUT PIO_STATUS_BLOCK loStatus, 

74997| IN PDEVICE_OBJECT DeviceObject 

74998| ); 

74999 | 

75000 1 STATIC 

75001| BOOLEAN 

75002| SfFastloMdlWriteComplete( 

75003| IN PFILE_OBJECT FileObject, 

75004| IN PLARGEJNTEGER FileOffset, 

75005| IN PMDL MdlChain, 

75006| IN PDEVICE_OBJECT DeviceObject 

75007| ); 

75008| 

75009| STATIC 

75010| BOOLEAN 

75011| SfFastloReadCompressed( 

75012| IN PFILE_OBJECT FileObject, 

75013| IN PLARGEJNTEGER FileOffset, 

75014| IN ULONG Length, 

75015| IN ULONG LockKey, 

7501 6| OUT PVOID Buffer, 

7501 7| OUT PMDL *MdlChain, 



75018| OUT PIO_STATUS_BLOCK loStatus, 
75019| OUT struct _COMPRESSED_DATA_INFO 

| *CompressedDatalnfo, 
75020| IN ULONG Compressed DatalnfoLength, 
75021 1 IN PDEVICE_OBJECT DeviceObject 
75022 1 ); 
75023 | 

75024| STATIC 

75025| BOOLEAN 

75026| SfFastloWriteCompressed( 

75027| IN PFILE_OBJECT FileObject, 

75028| IN PLARGE_INTEGER FileOffset, 

75029| IN ULONG Length, 

75030| IN ULONG LockKey, 

75031| IN PVOID Buffer, 

75032| OUT PMDL *MdlChain, 

75033| OUT PIO_STATUS_BLOCK loStatus, 

75034| IN struct _COMPRESSED_DATA_INFO 

| *CompressedDatalnfo, 
75035| IN ULONG Compressed DatalnfoLength, 
75036| IN PDEVICE_OBJECT DeviceObject 
75037| ); 
75038| 

75039| STATIC 
75040| BOOLEAN 

75041 1 SfFastloMdlReadCompleteCompressed( 

75042| IN PFILE_OBJECT FileObject, 

75043| IN PMDL MdlChain, 

75044| IN PDEVICE_OBJECT DeviceObject 

75045| ); 

75046| 

75047| STATIC 
75048| BOOLEAN 

75049| SfFastloMdlWriteCompleteCompressed( 

75050| IN PFILE_OBJECT FileObject, 

75051 1 IN PLARGEJNTEGER FileOffset, 

75052| IN PMDL MdlChain, 

75053| IN PDEVICE_OBJECT DeviceObject 

75054| ); 

75055| 

75056| STATIC 
75057| BOOLEAN 
75058| SfFastloQueryOpen( 
75059| IN PIRP Irp, 

75060| OUT PFILE_NETWORK_OPEN_IN FORMATION 

| Networklnformation, 
75061 1 IN PDEVICE_OBJECT DeviceObject 
75062 1 ); 
75063 1 

75064| STATIC 



75065| NTSTATUS 

75066| SfMountCompletion( 

75067| IN PDEVICE_OBJECT DeviceObject, 

75068| IN PIRP Irp, 

75069| IN PVOID Context 

75070| ); 

75071 | 

75072| STATIC 

75073 1 NTSTATUS 

75074| Sfl_oadFsCompletion( 

75075| IN PDEVICE_OBJECT DeviceObject, 

75076| IN PIRP Irp, 

75077| IN PVOID Context 

75078| ); 

75079 1 

75080 1 STATIC 
75081 1 void 

75082| SfFastloReleaseFileForNtCreateSection( 
75083| IN PFILE_OBJECT FileObject 
75084| ); 
75085| STATIC 
75086| void 

75087| SfFastloAcquireFileForNtCreateSection( 

75088| IN PFILE_OBJECT FileObject 

75089 1 ); 

75090 1 STATIC 

75091 1 NTSTATUS 

75092| SfFastloReleaseForCcFlush( 

75093| IN PFILE_OBJECT FileObject, 

75094| IN PDEVICE_OBJECT DeviceObject 

75095| ); 

75096| STATIC 

75097| NTSTATUS 

75098| SfFastloAcquireForCcFlush( 

75099| IN PFILE_OBJECT FileObject, 

751 00| IN PDEVICE_OBJECT DeviceObject 

75101| ); 

75102| STATIC 

75103| NTSTATUS 

751 04| SfFastloReleaseForModWrite( 

75105| IN PFILE_OBJECT FileObject, 

75106| IN PERESOURCE ResourceTo Release, 

75107| IN PDEVICE_OBJECT DeviceObject 

75108| ); 

75109| STATIC 

75110| NTSTATUS 

751 1 1 1 SfFastloAcquireForModWrite( 

75112| IN PFILE_OBJECT FileObject, 

75113| IN PLARGEJNTEGER EndingOffset, 

75114| OUT PERESOURCE * ResourceTo Release, 



75115| IN PDEVICE_OBJECT DeviceObject 

75116| ); 

75117| 

75118| NTSTATUS 

75119| SfFsDirectoryControl( 

75120| IN PDEVICE_OBJECT DeviceObject, 

75121| INPIRPIrp 

75122| ); 

75123| NTSTATUS 

75124| SfFsQuerylnformation( 

75125| IN PDEVICE_OBJECT DeviceObject, 

75126| INPIRPIrp 

75127| ); 

75128| NTSTATUS 

75129| SfFsSetlnformation( 

75130| IN PDEVICE_OBJECT DeviceObject, 

75131| INPIRPIrp 

75132| ); 

75133| 

75134| 

75135| 

75136| 

75137| //from ntifs.h 

75138| 

75139| 

75140| //++ 

75141| // 

75142| // VOID 

75143| // FsRtlEnterFileSystem ( 
75144| // ); 
75145| // 

75146| // Routine Description: 
75147| // 

75148| // This routine is used when entering a file 

| system (e.g., through its 
75149| // Fsd entry point). It ensures that the file 

| system cannot be suspended 
751 50| // while running and thus block other file I/O 

| requests. Upon exit 
751 51 1 // the file system must call FsRtlExitFileSystem. 
75152| // 

75153| // Arguments: 
75154| // 

75155| // Return Value: 
75156| // 

75157| // None. 
75158| // 
75159| //-- 
75160| 

75161 1 #define FsRtlEnterFileSystem() { \ 
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KeEnterCriticalRegion(); \ 

} 

//++ 

// 

// VOID 

// FsRtlExitFileSystem ( 

// ); 

// 

// Routine Description: 

// 

// This routine is used when exiting a file system 

g., through its 

// Fsd entry point). 

// 

// Arguments: 

// 

// Return Value: 

// 

// None. 

// 

//-- 

#define FsRtlExitFileSystem() { \ 
KeLeaveCriticalRegion(); \ 

} 

// 

// Define driver FS notification change routine type. 

// 

typedef 
VOID 

(*PDRIVER_FS_NOTIFICATION) ( 

IN struct _DEVICE_OBJECT *DeviceObject, 
IN BOOLEAN FsActive 

); 



NTKERNELAPI 
VOID 

lo RegisterFileSystem ( 

IN OUT PDEVICE_OBJECT DeviceObject 

); 

NTKERNELAPI 
NTSTATUS 

loRegisterFsRegistrationChange( 
IN PDRIVER_OBJECT DriverObject, 
IN PDRIVER_FS_NOTIFICATION 



I DriverNotificationRoutine 
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); 



typedef struct _OPEN_SNAPSHOT_FILES { 

LIST_ENTRY ListEntry; 

PFILE_OBJECT FileObject; 

ULONG ReadOnly:1; 
} tOpenSnapShotFiles, *pOpenSnapShotFiles; 

#define FILE_SYSTEM_UNKNOWN 0 
#define FILE_SYSTEM_NTFS 1 
#define FILE SYSTEM FAT 2 



File Listing: SHUTDOWN.cpp 
#include "precomp.h" 



/* 

7 

NTSTATUS 
PSManShutdown( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

) 



/*++ 

Routine Description: 

Pass irp to handler 
Arguments: 



DriverObject - Pointer to device object to being 
| shutdown by system. 
75246| 
75247 1 
75248| 
75249I 

NT Status 



Irp - IRP involved. 
Return Value: 



-7 
{ 



NTSTATUS Status; 

Debug(DEBUG_PROCCALL,("PSManShutdown Called\n M )); 



75258| switch(PsmGetObjectType(DeviceObject)) { 
75259| case OBJ ECTJNTERNAL 

75260| Status = PSManShutdownObject(DeviceObject, 

I "rp); 

75261 1 break; 

75262| case OBJECT_FILTEREDDISK : 
75263| Status = PSManShutdownDevice(DeviceObject, 

I "rp); 

75264| break; 

75265| caseOBJECT_VIRTUALDISK : 
75266| Status = PSManShutdownVDisk(DeviceObject, 

I "rp); 

75267| break; 

75268| case OBJECT_FS_FILTER : 

75269 1 Status = 

| PSManShutdownFSFilter(DeviceObject, Irp); 
75270 1 break; 

75271| case OBJECT_FS_OBJECT : 
75272| Status = 

| PSManShutdownFSObject(DeviceObject, Irp); 
75273| break; 
75274| default: 

75275| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 
75276| lrp->loStatus. Information = 0 ; 
75277| loComplete Request (Irp, IO_NO_INCREMENT) ; 
75278| break; 
75279| } 

75280| Debug(DEBUG_PROCCALL,("PSManShutdown Done\n")); 

75281| return Status; 

75282| 

75283| } //end PSManShutdown() 

75284| 

75285| 

75286| STATIC NTSTATUS 

75287| PSManShutdownObject( 

75288| IN PDEVICE_OBJECT DeviceObject, 

75289| IN PIRP Irp 

75290| ) 

75291 | 

75292| /*++ 

75293 | 

75294| Routine Description: 
75295| 

75296| This routine is called for a shutdown. These are 

| sent by the 
75297 1 system before it actually shuts down. 
75298| 

75299 1 Arguments: 
75300| 



75301 1 DriverObject - Pointer to device object to being 

| shutdown by system. 
75302| Irp - IRP involved. 
75303 | 

75304| Return Value: 
75305| 

75306| NT Status 
75307| 
75308| -7 
75309 1 
75310| { 

7531 1 1 NOT_REFERENCED(DeviceObject); 
75312| Debug(DEBUG_PROCCALL,( M PSManShutdownObject 
| Called\n")); 

75313| lrp->loStatus.Status = STATUS_SUCCESS; 

75314| lrp->loStatus. Information = 0; 

75315| 

7531 6| // disable all virtual volumes so no io occurs to 

| them as this device is being shutdown 
7531 7| GetSnapShotForRead(); 
75318| __try{ 

75319| //dismount all volumes 
75320| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
75321| 

75322| while( DevObj) { 
75323| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
75324| 

| Rebuild_DismountAIIVolumes(DevObj,TRUE); 
75325| } 

75326| DevObj=DevObj->NextDevice; 
75327| } // while 
75328| } _except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
75329| Debug(DEBUG_SFILTER,("Exception %08x in 

| ShutdownObject\n",GetExceptionCode())); 
75330| } 
75331| 

75332| ReleaseSnapShotForReadQ; 

75333| 

75334| 

75335| // shutdown all io processing from this point on. 
75336| // we should probabally find a better way to do it 
| incase 

75337| // the io after we shutdown is important. 

75338| // This is done to solve a deadlock when io 

75339| // comes down after we got a shutdown command from 

| the os 
75340| //for our object. 



75341 1 GlobalData->ShutDownCalled=TRUE; 
75342 1 

75343| loCompleteRequest(lrp, IO_NO_INCREMENT); 
75344| Debug(DEBUG_PROCCALL,( M PSManShutdownObject 

| Done\n")); 
75345| return STATUS_SUCCESS; 
75346| 

75347| } // end PSManShutdownObject() 

75348| 

75349 1 

75350| /* 



75351| STATIC NTSTATUS 

75352| PSManShutdownDevice( 

75353| IN PDEVICE_OBJECT DeviceObject, 

75354| IN PIRP Irp 

75355| ) 

75356| 

75357| /*++ 

75358| 

75359| Routine Description: 
75360| 

75361| This routine is called for a shutdown. These are 

| sent by the 
75362| system before it actually shuts down. 
75363| 

75364| Arguments: 
75365| 

75366| DriverObject - Pointer to device object to being 

| shutdown by system. 
75367| Irp - IRP involved. 
75368| 

75369| Return Value: 
75370| 

75371 1 NT Status 
75372 1 
75373 1 -7 
75374| 
75375| { 

75376| NTSTATUS Status; 

75377| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
75378| 

75379| TRACE( TRACE_SHUTDOWN, 
75380 1 

| currentlrpStack->Parameters.Read.ByteOffset.HighPart, 
75381 1 

| currentlrpStack->Parameters.Read.ByteOffset.LowPart, 
75382| currentlrpStack->Parameters. Read. Length, 

75383 1 cu rrent I rpStack->Parameters . Read . Key, 



75384| ""); 

75385| Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdown Device Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
75386| 

75387| Status = PSManPassThru( DeviceObject, Irp ); 

75388| Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdown Device Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 

75389| return Status; 

75390| } //end PSManShutdownDevice() 

75391| 

75392| /* 



75393| STATIC NTSTATUS PSManShutdownVDisk( 
75394| IN PDEVICE_OBJECT DeviceObject, 
75395| IN PIRP Irp 
75396| ) 
75397| { 

75398| NTSTATUS Status= STATU S_SUCC ESS; 
75399| 

75400| Debug(DEBUG_PROCCALL | 

| DEBUG_SHUTDOWN,("PSManShutdownVDisk Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
75401 1 lrp->loStatus. Information = 0; 
75402| lrp->loStatus. Status = Status; 
75403| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
75404| Debug(DEBUG_PROCCALL | 

| DEBUG_SHUTDOWN,("PSManShutdownVDisk Done\n")); 
75405| 

75406 1 return Status; 
75407| } 
75408| 
75409 1 

75410| /* 



7541 1 1 STATIC NTSTATUS 

75412| PSManShutdownFSFilter( 

75413| IN PDEVICE_OBJECT DeviceObject, 

75414| IN PIRP Irp 

75415| ) 

75416| 

75417| /*++ 

75418| 

75419| Routine Description: 
75420| 

75421 1 This routine is called for a shutdown. These are 

| sent by the 
75422| system before it actually shuts down. 
75423 1 



75424| Arguments: 
75425| 

75426| DriverObject - Pointer to device object to being 

| shutdown by system. 
75427| Irp - IRP involved. 
75428| 

75429| Return Value: 
75430| 

75431| NT Status 

75432| 

75433| -7 

75434| 

75435| { 

75436| NTSTATUS Status; 

75437| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
75438| PFS_FILTER_EXTENSION 

| DevExt=(PFS_FILTER_EXTENSION)GetDeviceExtension(DeviceOb 

I ject); 
75439| 
75440| 

75441 1 Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdownFSFilter Called 

| Device=%p, lrp=%p\n",DeviceObject,lrp)); 
75442| Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdownFSFilter: Virtual=%08x, 

| PSMStorageObject=%08x\n M ,DevExt->Virtual,DevExt->PSMStor 

| ageObject)); 
75443 1 

75444| if((!DevExt->Virtual) && 

| (DevExt->PSMStorageObject)) { 
75445| Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdownFSFilter switching to 

| directio\n")); 

75446| PFILTERED_EXTENSION de = Get Filtered Extension 

| (DevExt->PSMStorageObject); 
75447| de->DoDirectlO = TRUE; 
75448| } 
75449 1 

75450| Status = PSManFSPassThru( DeviceObject, Irp ); 
75451 1 Debug(DEBUG_SHUTDOWN | 

| DEBUG_PROCCALL,("PSManShutdownFSFilter Done 

| Device=%p, lrp=%p, 

| Status=%08x\n M , DeviceObject, I rp,Status)); 
75452 1 return Status; 
75453| } //end PSManShutdownFSFilter() 
75454| 

75455| /* 



75456| STATIC NTSTATUS PSManShutdownFSObject( 



75457 
75458 
75459 
75460 
75461 
75462 
75463 



IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

) 

{ 

NTSTATUS Status=STATUS SUCCESS; 



Debug(DEBUG_PROCCALL | 
| DEBUG_SHUTDOWN,("PSManShutdownFSObject Called Dev=%p, 
| lrp=%p\n",DeviceObject,lrp)); 
75464| lrp->loStatus. Information = 0; 
75465| lrp->loStatus. Status = Status; 
75466| loComplete Request (Irp, IO_NO_INCREMENT) ; 
75467| Debug(DEBUG_PROCCALL | 

| DEBUG_SHUTDOWN,("PSManShutdownFSObject Done\n")); 
75468| 

75469 1 return Status; 
75470 1 } 
75471 
75472 
75473 
75474 
75475 
75476 
75477 
75478 
75479 
75480 
75481 
75482 
75483 
75484 
75485 
75486 
75487 
75488 
75489 
75490 
75491 
75492 
75493 
75494 
75495 
75496 
75497 
75498 
75499 
75500 
75501 
75502 
75503 



File Listing: SHUTDOWN. h 

NTSTATUS 
PSManShutdown( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManShutdownObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManShutdownDevice( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS PSManShutdownVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManShutdownFSObject( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

STATIC NTSTATUS PSManShutdownFSFilter( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 



75504| ); 
75505| 
75506| 
75507| 

75508| File Listing: snapshot.h 
75509| 

75510| #define _SNAPSHOT_DEFINED_ 
7551 1 | 

75512| // this struct is unique to each snapshot 

75513| typedef struct skSnapShotMaster { 

75514| LARGEJNTEGER SnapShotTime; //time 

| snapshot occured. 
75515| ULONG Instance; //instance 

| number for this snapshot for volume mapping 
75516| ULONG Count; //number 

| of snap shots this master has 
75517| HANDLE Exclusive Process; //who has 

| us opened exclusively 
7551 8| NTSTATUS Status; // status 

| that caused this snapshot to be canceled. 
75519| ULONG OutOfSeconds; 
75520| ULONG Persistent; 
75521 1 PVOID DllPrivateUse; 
75522| ULONG GroupNumber; 
75523| ULONG NumToKeep; 
75524| unsigned char Priority; 
75525| unsigned char SnapShotFlags; 
75526| unsigned char Reservedl ; 
75527| unsigned char Reserved2; 
75528| 

75529| WCHAR UserSnapShotName[256]; 
75530| 

75531 1 LIST_ENTRY Snapshots; 

75532| } tkSnapShotMaster,*pkSnapShotMaster; 

75533 1 

75534| // this struct is unique to each device 
75535| typedef struct skSnapShotEntry { 
75536| pkSnapShotMaster MasterSnapShot; 
75537| 

75538| // specific to kernel only 

75539| PDEVICE_OBJECT DeviceObject; //device this 

| snapshot belongs to 
75540| ULONG Count; // how many 

| people have this snapshot in use 
75541| BOOLEAN Deleted; //whether a 

| delete is pending 
75542| PRTL BITMAP PSMSectors; // what sectors to 

| PSM and not to PSM. 
75543| pDictionary Dictionary; 
75544| LIST ENTRY DevExt; // Linked list for 



I Device Objects 
75545| LIST_ENTRY Master; // Linked list for 
| Master 

75546| LIST ENTRY User; // Linked list for 

| User Snapshots 
75547| } tkSnapShotEntry,*pkSnapShotEntry; 
75548| 
75549| 
75550| 

75551| File Listing: SP4.h 
75552| 

75553| #undef IsRecognizedPartition 
75554| #undef IsContainerPartition 
75555| 

75556| // begin_winioctl 
75557| // 

75558| // Define the partition types returnable by known disk 

| drivers. 
75559| // 
75560| 

75561 1 #define PARTITION_ENTRY_UNUSED 0x00 

| Entry unused 
75562| #def ine PARTITION_FAT_1 2 0x01 // 

| 12-bit FAT entries 
75563 1 #define PARTITION_XENIX_1 0x02 // 

| Xenix 

75564| #define PARTITION_XENIX_2 0x03 // 

| Xenix 

75565| #def ine PARTITION_FAT_1 6 0x04 // 

| 1 6-bit FAT entries 
75566| #define PARTITION_EXTENDED 0x05 // 

| Extended partition entry 
75567| #define PARTITION_HUGE 0x06 // 

| Huge partition MS-DOS V4 
75568| #define PARTITIONJFS 0x07 // 

| IFS Partition 

75569| #define PARTITION FAT32 OxOB // 

| FAT32 

75570| #define PARTITION_FAT32_XINT13 OxOC // 

| FAT32 using extended int13 services 
75571 1 #define PARTITION_XINT1 3 OxOE // 

| Win95 partition using extended int13 services 
75572| #define PARTITION_XINT1 3_EXTENDED OxOF 

| Same as type 5 but uses extended int13 services 
75573| #define PARTITION_PREP 0x41 // 

| PowerPC Reference Platform (PReP) Boot Partition 
75574| #define PARTITION_LDM 0x42 // 

| Logical Disk Manager partition 
75575| #define PARTITION_UNIX 0x63 // 

| Unix 



75576| 

75577| #define VALID_NTFT OxCO // 

| NTFT uses high order bits 
75578| 
75579| // 

75580| // The high bit of the partition type code indicates 

| that a partition 
75581 1 // is part of an NTFT mirror or striped array. 
75582 1 // 
75583 1 

75584| #define PARTITION_NTFT 0x80 // 

| NTFT partition 
75585| 
75586| // 

75587| // The following macro is used to determine which 

| partitions should be 
75588| // assigned drive letters. 
75589 1 // 
75590 1 
75591 1 //++ 
75592 1 // 

75593| // BOOLEAN 

75594| // lsRecognizedPartition( 

75595| // IN ULONG PartitionType 

75596| // ) 

75597| // 

75598| // Routine Description: 
75599 1 // 

75600| // This macro is used to determine to which 

| partitions drive letters 
75601 1 // should be assigned. 
75602 1 // 

75603 1 //Arguments: 
75604| // 

75605| // PartitionType - Supplies the type of the 

| partition being examined. 
75606| // 

75607| // Return Value: 
75608| // 

75609 1 // The return value is TRUE if the partition type 

| is recognized, 
75610| // otherwise FALSE is returned. 
7561 1 1 // 
75612| //- 
75613| 

75614| #define lsRecognizedPartition( PartitionType ) ( 

|\ 

75615| ((PartitionType & PARTITION_NTFT) && 

| ((PartitionType & ~0xC0) == PARTITION_FAT_12)) || \ 
7561 6| ((PartitionType & PARTITION_NTFT) && 



I ((PartitionType & ~0xC0) == PARTITION_FAT_16)) || \ 
7561 7| ((PartitionType & PARTITION_NTFT) && 

| ((PartitionType & ~0xC0) == PARTITIONJFS)) || \ 
75618| ((PartitionType & PARTITION NTFT) && 

| ((PartitionType & ~0xC0) == PARTITION_HUGE)) || \ 
75619| ((PartitionType & PARTITION_NTFT) && 

| ((PartitionType & ~0xC0) == PARTITION_FAT32)) || \ 
75620| ((PartitionType & PARTITION_NTFT) && 

| ((PartitionType & ~0xC0) == PARTITION_FAT32_XINT13)) || 

|\ 

75621 1 ((PartitionType & PARTITION_NTFT) && 

| ((PartitionType & ~0xC0) == PARTITION_XINT13)) || \ 
75622| ((PartitionType & ~PARTITION_NTFT) == 

| PARTITION_FAT_12) || \ 
75623| ((PartitionType & ~ PARTITI ON_NTFT) == 

| PARTITION_FAT_16) || \ 
75624| ((PartitionType & ~ PARTITI ON NTFT) == 

| PARTITIONJFS) || \ 
75625| ((PartitionType & -PARTITION NTFT) == 

| PARTITION_HUGE) || \ 
75626| ((PartitionType & ~PARTITION_NTFT) == 

| PARTITION_FAT32) || \ 
75627| ((PartitionType & ~PARTITION_NTFT) == 

| PARTITION_FAT32_XINT13) || \ 
75628| ((PartitionType & ~PARTITION_NTFT) == 

| PARTITION_XINT13) ) 
75629 1 
75630 1 //++ 
75631| // 

75632| // BOOLEAN 

75633| // lsContainerPartition( 

75634| // IN ULONG PartitionType 

75635| // ) 

75636| // 

75637| // Routine Description: 
75638| // 

75639| // This macro is used to determine to which 

| partition types are actually 
75640| // containers for other partitions (ie, extended 

| partitions). 
75641 1 // 

75642 1 //Arguments: 
75643 1 // 

75644| // PartitionType - Supplies the type of the 

| partition being examined. 
75645| // 

75646| // Return Value: 
75647| // 

75648| // The return value is TRUE if the partition type 
| is a container, 



75649| // otherwise FALSE is returned. 
75650| // 
75651 1 //-- 
75652 1 

75653| #define lsContainerPartition( PartitionType ) \ 
75654| ((PartitionType == PARTITION_EXTENDED) || 

| (PartitionType == PARTITION_XINT1 3_EXTENDED)) 
75655| 
75656| 
75657| 

75658| File Listing: tempdict.cpp 
75659 1 

75660| #include "precomp.h" 
75661 | 

75662| #define INVALID_HANDLE_VALUE ((HANDLE)(-1)) 

75663 1 

75664| 

75665| Temporary Dictionary: Temporary Dictionary() : 
75666| PersistentDictionary() 
75667| { 

75668| Debug(DEBUG_DCPSM,("td::Constructor: 

| this=%08x\n",this)); 
75669| Flags &= ~DICT_FLAG_PERSISTENT; 
75670| Flags |= DICT_FLAG_NONPERSISTENT; 
75671 | } 
75672 1 
75673 1 

75674| TemporaryDictionary::~TemporaryDictionary() 
75675| { 

75676| Debug(DEBUG_DCPSM,("td::Destructor: 

| this=%08x\n",this)); 
75677| 

75678| // Don't call pd::cleanup() here, because 

| TemporaryDictionary inherits 
75679| // from PersistentDictionary, whose destructor will 

| call pd::cleanup. 
75680 1 } 
75681 | 
75682 1 

75683| /*— end of file tempdict.cpp —7 

75684| 

75685| 

75686| 

75687| File Listing: THREAD. cpp 
75688| 

75689| #include "precomp.h" 
75690 1 

75691 1 #ifdef ALLOC_PRAGMA_DO_NOT_DO 

75692| #pragma alloc_text(PAGE, SblncrementRunningThreads) 

75693| #pragma alloc_text(PAGE, SbDecrementRunningThreads) 



75694 
75695 
75696 
75697 
75698 
75699 
75700 
75701 
75702 
75703 
75704 
75705 



| SbCompleteNextWriteOnQueue) 



75706 
75707 
75708 
75709 



| SbAllocatelrpResourcesOrWait) 



75710 
75711 
75712 
75713 
75714 
75715 
75716 
75717 
75718 
75719 
75720 
75721 
75722 
75723 
75724 

I- 
75725 
75726 
75727 
75728 
75729 
75730 
75731 
75732 



75733 
75734 
75735 
75736 
75737 
75738 
75739 



#pragma alloc_text(PAGE, SbThreadQueueUpdate) 
#pragma alloc_text(PAGE, SbThreadQueuelnc) 
#pragma alloc_text(PAGE, SbThreadQueueDec) 
#pragma alloc_text(PAGE, SbThreadQueueWait) 
#pragma alloc_text(PAGE, SbWaitForThreadWork) 
#pragma alloc_text(PAGE, SbWaitOnEvent) 
#pragma alloc_text(PAGE, SbThreadlnit) 
#pragma alloc_text(PAGE, SbGetWorkltem) 
#pragma alloc_text(PAGE, SbGetWork) 
#pragma alloc_text(PAGE, SbMakeAnotherThread) 
#pragma alloc_text(PAGE, SbWaitForWriteFromNT) 
#pragma alloc_text(PAGE, 



#pragma alloc_text(PAGE, SbCompleteWritesOnQueue) 
#pragma alloc_text(PAGE, SbWaitForFreeThread) 
#pragma alloc_text(PAGE, SbAllocatelrpResources) 
#pragma alloc_text(PAGE, 



#pragma alloc_text(PAGE, SblnitReadlrp) 
#pragma alloc_text(PAGE, SblnitOtherlrpStack) 
#pragma alloc_text(PAGE, SblnitReadlrpStack) 
#pragma alloc_text(PAGE, SaveOriginalDataThread) 
#pragma alloc_text(PAGE, WriteDispatchThread) 
#endif 



NTSTATUS 
PSManSendOrigWrite( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 



r- 



*/ 

STATIC void SblncrementRunningThreads( void ) 
{ 

pmAcquireMutex ( &WorkerThreadMutex, NULL ); 

GlobalThreadCount++; 

pmReleaseMutex ( &WorkerThreadMutex ); 

} 

I* 

• 7 

STATIC void SbDecrementRunningThreads( void ) 
{ 

pmAcquireMutex ( SWorkerThreadMutex, NULL ); 
GlobalThreadCount-; 

pmReleaseMutex ( SWorkerThreadMutex ); 

} 



75740| #define GetState() KeReadStateEvent(&WorkerThreadEvent) 
75741 | 

75742| /* 



75743| STATIC int SbThreadQueueUpdate ( int Up ) 
75744| { 

75745| int Result = TRUE; 
75746| int Signal = 0; 
75747| 

75748| TRACE( TRACE_THREADUPDATE, Up, ThreadsAwake, 

| NumberOfThreads, 0, ""); 
75749 1 

75750| pmAcquireMutex ( &WorkerThreadMutex, NULL ); 
75751 | 

75752| //Debug(DEBUG_THREAD, ("SbThreadQueueUpdate: Up=%d, 
| ThreadsAwake=%d, 

| Semacount=%d\n",Up,ThreadsAwake,GetState())); 
75753| if ( Up && (ThreadsAwake < NumberOfThreads) ) { 
75754 1 Th reads Awake+ + ; 

75755| //Debug(DEBUG_THREAD,( M SbThreadQueueUpdate: 

| Going up ThreadsAwake=%d, 

| Semacount=%d\n",ThreadsAwake,GetState())); 
75756| } else 

75757| if ( !Up && (Th reads Awake>0) ) { 
75758| ThreadsAwake--; 
75759| Signal = 1; 

75760| //Debug(DEBUG_THREAD,( M SbThreadQueueUpdate: 

| Going down Th reads Awake=%d, 

| Semacount=%d\n",ThreadsAwake,GetState())); 
75761 1 } else { 
75762 1 Result = FALSE; 
75763| Signal = -1; 

75764| //Debug(DEBUG_THREAD,( M SbThreadQueueUpdate: 

| Staying sane ThreadsAwake=%d, 

| Semacount=%d\n M ,ThreadsAwake,GetState())); 
75765| } 
75766| 

75767| pmReleaseMutex ( &WorkerThreadMutex ); 
75768| 

75769| // Wake up the thread if he was waiting on us.. 
75770| if ( Signal==1 ) { 

75771 1 pmSetEvent( &WorkerThreadEvent ); 

75772 1 } else 

75773| if ( Signal==-1 ) { 

75774| pmClearEvent(&WorkerThreadEvent); 

75775| } 

75776| 

75777| return Result; 

75778| } 

75779| 



75780| I* 



75781 1 STATIC int SbThreadQueuelnc ( ) { 
75782| return SbThreadQueueUpdate( 1 ); 
75783 1 } 
75784| 

75785| /* 



75786| STATIC int SbThreadQueueDec ( ) { 
75787| return SbThreadQueueUpdate( 0 ); 
75788| } 
75789 1 

75790| // if returns 0 then OK! else error code 

75791 1 // such as not enough resources, or time to exit 

75792 1 

75793| r 



75794| STATIC NTSTATUS SbThreadQueueWait ( ) { 
75795| NTSTATUS Status = STATUS_WAIT_0; 
75796| LARGE_INTEGER TimeOut; 
75797| PVOID ObjectTable[2] = { &WorkerThreadEvent, 

| SPSManExitingEvent}; 
75798| 

75799| TimeOut.QuadPart = RELATIVE(MICROSECONDS(((signed 

| long)NewThreadStartDelay))); 
75800 1 

75801| while ( (!SbThreadQueuelnc() ) &a 
75802| (Status == STATUS_WAIT_0 ) 

75803| ) { 

75804| //Debug(DEBUG_THREAD,("Writer: Out of threads, 

| waiting... %d, %d\n",ThreadsAwake,GetState())); 
75805| 

75806| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
75807| Status = 

| pmWaitForMultipleObjects(ObjectTable,2,&TimeOut); 
75808| } 

75809| return(Status == STATUS_WAIT_0 ? 0 : Status ); 
75810| } 
7581 1 | 

75812| /* 



75813| Tlint -save -e614 7 

75814| STATIC NTSTATUS SbWaitOnEvent ( PKEVENT Event ) { 
7581 5| NTSTATUS Status = STATUS_WAIT_0; 
7581 6| PVOID ObjectTable[2] = { Event, 

| &PSManExitingEvent}; 
75817| 

75818| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
75819| Status = 

| pm WaitForMu ltipleObjects(ObjectTable,2 , NULL); 



75820| //object 1 is exiting event... 

75821 1 // status_wait_1 is a successful status code, so 

| return an error.. 
75822| if ( Status == STATUS_WAIT_1 ) { 

Status = PSM_CANCELED_BY_USER; 

} 



return Status; 



75823 1 
75824| 
75825| 
75826| 
75827| } 

75828| Hint -restore 7 
75829 1 

75830| #ifdef DEBUG 

75831 1 r 

| ./ 

75832| STATIC void SbUpdateThreadStatus( 



75833 1 

| ThreadNum, 
75834| 

| DeviceObject, 
75835| 
75836| 
75837| 
75838| 
75839 1 

I ) 

75840 1 { 
75841 | 
75842 1 
75843 1 
75844| 
75845| 



ULONG 

PDEVICE_OBJECT 

PIRP Irp, 
ULONG State, 
ULARGEJNTEGER Sector, 
ULONG Count, 
ULARGE INTEGER Current 



pmAcquireMutex ( &WorkerThreadMutex, NULL ); 



if ( ThreadObjects ) { 
ThreadObjects[ThreadNum]. State = State; 
ThreadObjects[ThreadNum] . DeviceObject = 
| DeviceObject; 
75846| ThreadObjects[ThreadNum].lrp = Irp; 
75847| ThreadObjects[ThreadNum]. Sector = Sector; 
75848| ThreadObjects[ThreadNum].Count = Count; 
75849| ThreadObjects[ThreadNum].Current 

| Current; 
75850 1 } 

75851 1 pmReleaseMutex ( &WorkerThreadMutex ); 
75852 1 } 
75853| /* 

| -/ 

75854| STATIC void SbUpdateWriterStatus( 



75855| 
75856| 
75857| 
75858| { 
75859| 
75860 1 
75861 I 



ULONG State, 
ULARGEJNTEGER Sector, 
ULONG Count ) 

WriteThreadObject.State = State; 

WriteThreadObject. Sector = Sector; 

WriteThreadObject. Count = Count; 



75862| 
75863| 
75864| 



WriteThreadObject.Current.QuadPart = 0; 
WriteThreadObject.DeviceObject = NULL; 
WriteThreadObject.Irp = NULL; 



75865| } 
75866| #else 
75867| #define 

| SbUpdateThreadStatus(ThreadNum,DeviceObject,lrp,State,Se 

| ctor,Count,Current) 
75868| #define SbUpdateWriterStatus(State,Sector,Count) 
75869| #endif 
75870| 

75871 1 r 



75872| STATIC NTSTATUS SbWaitForThreadWork() 
75873 1 { 

75874| PVOID ObjectTable[2] = { SPSManExitingEvent, 

| &ThreadSemaphore}; 
75875| 

75876| if ( !SbThreadQueueDec() ) { 

75877| Debug(DEBUG_THREAD, ("Error! Thread Count Below 
| 0, ThreadsAwake=%d, 

| Num=%d\n",ThreadsAwake,NumberOfThreads)); 
75878| //KeBugCheck ( (ULONG)STATUS_BAD_STACK ); 
75879 1 } 
75880 1 

75881 1 ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
75882 1 return 

| pm WaitForMu ltipleObjects(ObjectTable,2, N U LL) ; 
75883 1 } 
75884| 

75885| STATIC NTSTATUS SbWaitForWriteAfterRead() 
75886| { 

75887| PVOID ObjectTable[2] = { &PSManExitingEvent, 

| &WriteAfterReadSemaphore}; 
75888| 

75889| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
75890 1 return 

| pm WaitForMu ltipleObjects(ObjectTable,2, N U LL) ; 
75891 | } 
75892 1 

75893| /* 



75894| STATIC NTSTATUS SbThreadlnit ( 

75895| ULONG ThreadNum 

75896| ) 

75897| { 

75898| NTSTATUS Status=STATUS_SUCCESS; 
75899 1 

75900| if ( !SbThreadQueuelnc() ) { 

75901 1 Debug(DEBUG_THREAD, ("Thread %08x: invalid 



I Thread Count,ThreadsAwake=%d, 

| Num=%d\n",ThreadNum,ThreadsAwake,NuiTiberOfThreads)); 
75902| //KeBugCheck ( (ULONG)STATUS_STACK_OVERFLOW ); 
75903| } 
75904| 

75905| SblncrementRunningThreads(); 
75906| 

75907| // threads normally start with variable priority. 

| This sets it to the 
75908| // lowest of the time critical prioritys 
75909| // Realtime threads have no quantum timeout. They 

| only give up the 
7591 0| // cpu when they voluntarily go into a wait state, 

| or when preempted by 
7591 1 1 //a thread of higher priority 
75912| //KeSetPriorityThread( KeGetCurrentThread(), 

| LOW_REALTIME_PRIORITY ); 
75913| 

75914| // wait for thread 0 to finish initing 
75915| if ( ThreadNum==0 ) { 

75916| KeSetEvent(&Thread0lnited,(KPRIORITY)9,FALSE); 
75917| }else{ 

75918| Status = SbWaitOnEvent( &Thread0lnited ); 

75919| } 

75920| 

75921 1 return Status; 
75922 1 } 
75923 1 

75924| /* 



75925| PIRP SbGetWorkltem ( ) 
75926| { 

75927| PLIST_ENTRY ListEntry; 
75928| 

75929| ListEntry = ExInterlockedRemoveHeadList ( 
75930 | 

| &ThreadsWorkToDoQueue, // List Head 
75931| 

| &Th reads Wo rkTo Do Spin Lock // Lock 
75932| ); 
75933| 

75934| if ( (IListEntry) || 

| (ListEntry==&ThreadsWorkToDoQueue) ) { 
75935| Debug(DEBUG_THREAD,("GetWorkltem: ListEntry is 

| empty\n")); 
75936| return NULL; 
75937| } 
75938| 

75939| Hint -save -e41 3 7 

75940| return(CONTAINING_RECORD( ListEntry, IRP, 



I Tail. Overlay. ListEntry )); 
75941 1 Hint -restore 7 
75942 1 } 
75943 1 

75944| r 



75945| STATIC PIRP SbGetWork( 


75946 1 


PDEVICE_OBJECT *DeviceObject, 


75947 1 


PIO_STACK_LOCATION *Stack, 


75948 1 


PFILTERED_EXTENSION *DevExt, 


75949 1 


tWriteRequest **WriteRequest, 


75950 1 


PCHAR *Buffer 


75951 | 


) 


75952| { 




75953 1 


PIRP Irp; 


75954| 




75955| 


Irp = SbGetWorkltemO; 


75956| 




75957| 


if ( Irp ) { 


75958| 


(*Stack) 



| loGetCurrentlrpStackLocation( Irp ); 
75959 1 

75960| (*WriteRequest) 

| (tWriteRequest*)((*Stack)->Parameters. Others. Argumentl ); 
75961| (*DeviceObject) 

| (*WriteRequest)->DeviceObject; 
75962| (*DevExt) 

| GetFilteredExtension((*DeviceObject)); 
75963| (*Buffer) = (PCHAR) 

| (*WriteRequest)->Buffer; 
75964| } 
75965| 

75966| return Irp; 

75967| } 

75968| 

75969| 

75970| 

75971| BOOLEAN DeleteOldestSnapShot( PDEVICE_OBJECT Volume, 

| BOOLEAN DeleteAlwaysKeep ) 
75972| { 

75973| BOOLEAN SnapShotWasDeleted = FALSE; 

75974| pkSnapShotMaster Oldest=NULL; 

75975| ULONG NumlnGroup=0; 

75976| PDEVICE_OBJECT DevObj; 

75977| PFILTERED EXTENSION DevExt=NULL; 

75978| pkSnapShotEntry p; 

75979| 

75980| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: volume 
| %08x, Delete Always 
| Keep=%d\n M ,Volume,DeleteAlwaysKeep)); 



75981 | 

75982| if(Volume) { 

75983| // work only with this volume 

75984| DevObj = Volume; 

75985| } else { 

75986| // start at the top 

75987| DevObj = PSManDriverObject->DeviceObject; 

75988| } 

75989| 

75990 1 __try { 

75991 1 // now go through all snapshots for this volume 
| and count 

75992| // the snapshots along with finding the oldest 
75993| while ( DevObj != NULL ) { 
75994| if ( 

| PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK ) { 
75995| DevExt = GetFilteredExtension(DevObj); 

75996| 

75997| __try { 

75998| GetSnapShotForRead(); 

75999 1 __try { 

76000| 

| p=GetTopSnapShot(&DevExt->SnapShots); 
76001| while(p){ 
76002| if ( (DeleteAlwaysKeep) || 

| ( p->MasterSnapShot->Priority!=255 )) { 
76003| if ( Oldest ) { 

76004| if ( 

| p->MasterSnapShot->Priority<Oldest->Priority ) { 
76005| // at a lower 

| priority so grab it, regardless of time 
76006| Oldest = 

| p->MasterSnapShot; 
76007| } else 

76008| if ( 

| p->MasterSnapShot->Priority==Oldest->Priority ) { 
76009| // same 

| priority, compare times 
76010| if( 

| p->MasterSnapShot->SnapShotTime.QuadPart<Oldest->SnapSho 

| tTime.QuadPart ) { 
76011| //mark 

| this one as the oldest and lowest priority found so far 
76012| Oldest = 

| p->MasterSnapShot; 
76013| } 
76014| } 
76015| }else{ 
76016| // first suitable 

| snapshot found 



76017| Oldest = 

| p->MasterSnapShot; 
76018| } 
76019| }// always keep 

76020| 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
76021 | } 

76022| } ^finally { 

76023| ReleaseSnapShotForRead(); 
76024| } 
76025| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

76026| 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: Exception 
| %08x for device %08x\n",GetExceptionCode(),DevObj)); 



76027| } 

76028| } 

76029| if(Volume) { 

76030| // stop scan, as we only wanted oldest 

| for this volume 

76031 1 DevObj = NULL; 

76032 1 } else { 

76033| // continue scan on next volume 

76034| DevObj=DevObj->NextDevice; 

76035| } 

76036| } 
76037| 

76038| if ( Oldest ) { 

76039| if ( GlobalData->NumActive>1 ) { 

76040| pOT_USER User = 



| FindPSMUser(PsGetCurrentProcess(),(_ETHREAD*)-2); 
76041 | 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: Deleting 

| Snapshot %08x\n",Oldest)); 
76042| UpdateGlobalStatus 

| (PSM_DESTROYING_SNAPSHOT); 
76043 1 NTSTATUS CloseStatus = 

| lnternalClosePSM(User,Oldest); 
76044| UpdateGlobalStatus (PSMJDLE); 

76045| if ( NT_SUCCESS(CloseStatus) ) { 

76046| SnapShotWasDeleted = TRUE; 

76047| } 
76048| } else { 

76049 1 

| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: Only 1 

| snapshot is active!\n")); 
76050 1 } 
76051 1 } else { 

76052| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: 
| Oldest is null, how odd\n")); 



76053| #ifdef DEBUG 

76054| DbgBreakPoint(); 

76055| #endif 

76056| } 

76057| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

76058| Debug(DEBUG_DCPSM,("DeleteOldestSnapShot: 

| Exception %08x deleting snapshot 

| %08x\n",GetExceptionCode(),Oldest)); 
76059| } 
76060| 

76061 1 return SnapShotWasDeleted; 
76062 1 } 
76063 1 

76064| static ULONG DeleteCalledCount=0; 
76065| LARGEJNTEGER TimeOfLastLog Entry ={0}; 
76066| static ULONG TypeOfLastLogEntry=0; 
76067| 
76068| 

76069| void FindAndDeleteSnapShotsForVolume( PDEVICE_OBJECT 

| Volume, BOOLEAN DeleteAlwaysKeep ) 
76070| { 

76071 1 // dont delete last snapshot for volume 

76072| if ( NumberOfSnapShotsForVolume(Volume)>1 ) { 

76073 1 DeleteOldestSnapShot(Volu me, DeleteAlwaysKeep); 

76074| } 

76075| } 

76076| 

76077| void CacheThresholdReached(PDEVICE_OBJECT Volume) 
76078| { 

76079| Debug(DEBUG_DCPSM,("CacheThresholdReached: 

| Volume=%08x\n", Volume)); 
76080 1 

76081 1 if ( lnterlockedlncrement((long 

| *)&DeleteCalledCount)>1 ) { 
76082 1 

| lnterlockedDecrement((long*)&DeleteCalledCount); 



76083 1 return; 

76084| } 
76085| 

76086| __try { 

76087| if ( AcquireOpenCloseResource()==STATUS_WAIT_0 
l){ 

76088| __try { 

76089| LARGE_INTEGER Now={0}; 

76090| ULONG At=0,High=0,Used=0; 

76091 1 NTSTATUS WarningCode = 0; 

76092| ULONG 

| Warn, Full, Interval, FullPercent,FullAction; 

76093| BOOLEAN DeleteAlwaysKeep = FALSE; 



76094| 
76095| 

| PersistentDictionary::GetCacheThresholds(Volume,Warn,Ful 
| I, Interval, FullPercent,FullAction); 
76096| 

| PersistentDictionary::UpdateCacheFileSizes(Volume); 
76097| 
76098| 

| PersistentDictionary::GetVolumeSpaceUsed( Volume, At, 
| High, Used ); 

76099| ULONG Percent = (ULONG)(((unsigned 

| _int64)Used * 100) / High); 
76100| 

76101| if ( Percent >= Full ) { 

76102| WarningCode = 

| PSM_SECOND_CACHE_THRESHOLD_REACHED; 
761 03 1 if((Percent >= FullPercent) && 

| (FullAction==CACHE_ACTION_DELETE_ALWAYS_KEEPS)) { 
761 04| DeleteAlwaysKeep = TRUE; 

76105| } 
76106| }else{ 
761 07| if ( Percent >= Warn ) { 

76108| WarningCode = 

| PSM_CACHE_THRESHOLD_REACHED; 
76109| }else{ 

761 1 0| // cache file sizes have been 

| updated since the last time we looked.. 
761 1 1 1 try_return(NOTHING); 
76112| } 
76113| } 
76114| 

761 15| KeQuerySystemTime(&Now); 
76116| 

| Debug(DEBUG_DCPSM,("CacheThresholdReached: 
| WarningCode=%08x, 

| LastWarning=%08x\n",WarningCode,TypeOfLastLog Entry)); 
76117| 

| Debug(DEBUG_DCPSM,("CacheThresholdReached: 

| Now=%016l64x, LastTime=%016l64x, Elapsed=%016l64x, 

| Target=%016l64x\n M , 
76118| Now.QuadPart, 
761 19| TimeOfLastLogEntry.QuadPart, 
76120| Now.QuadPart - 

| TimeOfLastLogEntry.QuadPart, 
76121| (unsigned 

| _int64)(SECONDS(lnterval*60)) )); 
76122| 

76123| if ( ((TypeOfLastLog Entry == 

| PSM_CACHE_THRESHOLD_REACHED) && (WarningCode == 
| PSM_SECOND_CACHE_THRESHOLD_REACHED)) || 



76124| 

| Now.QuadPart-TimeOfLastLogEntry.QuadPart > 
| SECONDS(lnterval*60) ) { 



76125| 


WCHAR *Strings[3]; 


76126| 


WCHAR Str1 [1 0]; 


76127| 


WCHAR Str2[1 0]; 


76128| 


WCHAR Str3[1 0]; 


76129| 


swpri ntf (Str1 , L"%d", Percent) ; 


76130| 


swprintf (Str2, L"%d",Warn) ; 


76131| 


swpri ntf(Str3 ! L"%d",Full); 


76132| 


Strings[0] = Str1 ; 


76133| 


Strings[1] = Str2; 


76134| 


Strings[2] = Str3; 


76135| 




76136| 





| Debug(DEBUG_DCPSM,("CacheThresholdReached: Logging 
| %08x\n",WarningCode)); 
76137| 

76138| Tlint -save -e740 7 

76139| 

| Log Error(( P D EVI C E_OB J ECT) PSMan DriverObject, N U LL, Warni ngC 

| ode,0,NULL,0,Strings,3); 
76140| Hint -restore 7 

76141| 

76142| TimeOfLastLogEntry = Now; 

76143| TypeOfLastLogEntry = WarningCode; 

76144| } 
76145| if( 

| WarningCode==PSM_SECOND_CACHE_THRESHOLD_REACHED ) { 
76146| 

| FindAndDeleteSnapShotsForVolume(Volume,DeleteAlwaysKeep) 



i > 

76147| } 

76148| try_exit: NOTHING; 

76149| } ^finally { 

761 50| ReleaseOpenCloseResource(); 

76151| } 

761 52| } // if OpenClose Resource called 



76153| } ^finally { 

76154| 

| lnterlockedDecrement((long*)&DeleteCalledCount); 
76155| } 
76156| 

76157| return; 
76158| } 
76159| 

76160| #ifdef DEBUG 

761 61 1 void DumpWriteRequest ( tWriteRequest *wr ) 
76162| { 

76163| Debug(DEBUG_DCPSM, ("DumpWriteRequest: wr=%08x 



I \n",wr)); 

761 64| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| DeviceObject = %08x\n", wr->DeviceObject)); 
76165| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| = %08x\n M , wr->lrp)); 
76166| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| RoundedSector = %016l64x\n M , 

| wr->RoundedSector.QuadPart)); 
76167| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| RoundedCount = %08x\n", wr->RoundedCount)); 
761 68| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| RealSector = %01 6l64x\n M , 

| wr->RealSector.QuadPart)); 
76169| Debug(DEBUG_DCPSM,("DumpWriteRequest: 

| RealCount = %08x\n", wr->RealCount)); 
76170| } 

76171| #endif TDEBUG7 

76172| 

76173| 

76174| // running at IRQL = PASSIVE_LEVEL 
761 75 1 // This routine is called when a read for a write has 
| completed. 

76176|// 

76177| /* 



76178| void SaveOriginalDataThread( PVOID Context ) 
76179| { 

76180| NTSTATUS Status={0}; 

761 81 1 ULONG ThreadNum = (ULONG)Context; 

76182| PFILTERED_EXTENSION DevExt=NULL; 

76183| PIO_STACK_LOCATION NewlrpStackl_oc=NULL; 

76184| PIRP lrp=NULL; 

76185| PDEVICE_OBJECT DeviceObject=NULL; 

76186| ULONG ExitThread=0; 

76187| char *Buffer=NULL; 

761 88 1 tWriteRequest *WriteRequest; 

76189| ULONG ThresholdReached=FALSE; 

76190| ULARGEJNTEGER dummy = {0}; 

76191| #ifdef DEBUG 

76192| // char TempBuffer[50]; 
76193| #endif 

761 94| pkSnapShotEntry p; 
76195| 

76196| PAG E D_CO D E () ; 
76197| 

76198| __try{ 

76199| // Debug(DEBUG_THREAD, ("Thread %d: 

| initing.. An", ThreadNum)); 
76200| 

76201 1 ULARGEJNTEGER dummy = {0}; 



76202| SbUpdateThreadStatus( ThreadNum, NULL, NULL, 

| _STATE_INIT, dummy, 0, dummy ); 
76203| 

76204| Status = SbThreadlnit( ThreadNum); 
76205| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

76206| Status = GetExceptionCode(); 

76207| Debug(DEBUG_THREAD, ("Thread %d: Exception %08x 

| during init\n", ThreadNum, Status)); 
76208| } 
76209| 

76210| // Debug(DEBUG_TH READ, ("Thread %d: Initdone 

| %08x\n",ThreadNum, Status)); 
7621 1 1 if ( !NT_SUCCESS(Status) ) { 
76212| goto ExitThreadTerminate; 
76213| } 
76214| 

76215| // Debug(DEBUG_TH READ, ("Thread %d: Started T=%08x, 
| P=%08x\n",ThreadNum,KeGetCurrentThread(),loGetCurrentPro 
I cess())); 

76216| 

76217| __try{ 

76218| while ( SExitThread ) { 
76219| ThreadLoop: 

76220| //Debug(DEBUG_THREAD, ("Thread %d: 

| ThreadLoop\n", ThreadNum)); 
76221 1 TRACE( TRACE THREADLOOP, 0, 0, 0, 0, ""); 

76222 1 

76223| //Debug(DEBUG_THREAD, ("Thread %d: Going to 

| sleep Count=%d\n",ThreadNum,ThreadsAwake)); 
76224| 

76225| ULARGEJNTEGER dummy = {0}; 

76226| SbUpdateThreadStatus( ThreadNum, 

| DeviceObject, Irp, _STATE_WAITING_FOR_WORK, dummy, 0, 

| dummy ); 
76227| 

76228| Status = SbWaitForThreadWorkQ; 

76229 1 

76230| //Debug(DEBUG_THREAD, ("Thread %d: 

| Awake!\n", ThreadNum)); 
76231 1 if ( Status == STATUS_WAIT_1 ) { 

76232| TRACE( TRACE G ETWORK, 0, 0, 0, 0, ""); 

76233 1 

76234| SbUpdateThreadStatus( ThreadNum, 

| DeviceObject, Irp, STATE WORKING, dummy, 0, dummy ); 

76235| //Debug(DEBUG_THREAD, ("Thread %d: 

| Signaled, Count=%d, 

| Awake=%d,Event=%d\n",ThreadNum,pmExamineSemaphore(&Threa 
| dSemaphore),ThreadsAwake,KeReadStateEvent(&WorkerThreadE 
I vent))); 



76236| 

76237| Irp = SbGetWork( &DeviceObject, 

76238| &NewlrpStackl_oc, 
76239| &DevExt, 
76240| &Write Request, 

76241 1 &Buffer); 
76242 1 

76243| if ( !lrp){ 

76244| Debug(DEBUG_THREAD, ("Thread %d: 

| List is empty\n",ThreadNum)); 
76245| goto ThreadLoop; 

76246| } 
76247| 

76248| // if the read request failed for some 

| reason... 

76249| if ( !NT_SUCCESS(lrp->loStatus. Status) 

l){ 

76250| // lets cleanup since we have 

| nothing to do. 

76251 1 Debug(DEBUG_THREAD, ("Thread %d: 

| Read failed (%08x) 

| lrp=%p\n",ThreadNum,lrp->loStatus. Status, Irp)); 
76252 1 goto ThreadCleanup; 

76253 1 } 
76254| 

76255| ASSERT(NewlrpStackLoc); 
76256| 

76257| SbUpdateThreadStatus( 
76258| ThreadNum, 
76259 1 DeviceObject, 
76260 1 Irp, 
76261 1 STATEWORKING, 
76262 1 



| WriteRequest->RealSector, 
76263 1 

| WriteRequest->RealCount, 
76264| 

| WriteRequest->RealSector ); 
76265| 

76266| TRACE( 

76267| TRACE_PROCESSSECTOR, 
76268| 0, 

76269| WriteRequest->RealSector.HighPart, 
76270| WriteRequest->RealSector.LowPart, 
76271 1 WriteRequest->RealCount, 
76272 1 ""); 
76273 | 
76274| 

76275| /* 

76276| We acquire the snapshot resource 



I shared denying 
76277| writers (basically just 

| add/removing of snapshots) 
76278| The reason we do a starve, is that 

| io may occur 

76279| while some thread has the resource 

| acquired shared, 
76280| and then a writer is waiting for 

| access. Normally, the 
76281 1 shared reader is put to sleep until 

| all shared 

76282 1 access is blocked, and the writer 

| can run and 

76283| release it. In cases when we need 

| to do io (ie 

76284| mounting the volume) while the 

| resource is acquired 
76285| shared, unless we want to block, we 

| need to go ahead 
76286| and do the io 

76287| 

76288| 7 

76289| KeEnterCriticalRegion(); 
76290 | 

| ExAcquireSharedStarveExclusive(&GlobalData->SnapShotReso 

| urce, TRUE); 
76291 1 KeLeaveCriticalRegion(); 
76292 1 

76293 1 // GetSnapShotForReadQ; 

76294| __try { 

76295| tDictSiblinglnfo Info; 

76296| memset(&lnfo,0,sizeof(lnfo)); 

76297| 

76298| p = 

| GetTopSnapShot(&DevExt->SnapShots); 
76299| while ( p ) { 

76300| ULARGEJNTEGER UL; 

76301 1 ULARGEJNTEGER DS; 

76302| ULONG Did; 

76303 | 

76304| UL.QuadPart = 

| WriteRequest->RoundedSector.QuadPart; 
76305| DS.QuadPart = 

| WriteRequest->RoundedCountlnBytes.QuadPart; 
76306| 

76307| //Debug(DEBUG_THREAD, ("Thread 

| %d: Writing\n",ThreadNum)); 

76308| SbUpdateThreadStatus( 

| ThreadNum, DeviceObject, Irp, _STATE_WAITING_FOR_WRITE, 
| WriteRequest->RealSector, WriteRequest->RealCount, 



I WriteRequest->RealSector ); 
76309| 

76310| Status = 

| p->Dictionary->searchAndlnsertMultiple(DevExt,UL,WriteRe 
| quest->RoundedCount,Did,NULL,DS,Buffer,&lnfo,0); 

7631 1 | 

76312| if( 

| ((pPersistentDictionary)(p->Dictionary))->lsCacheWarning 

| ThresholdReached() ) { 
76313| ThresholdReached=TRUE; 
76314| } 
76315| if ( Status == 

| STATUS_END_OF_FILE ) { 
7631 6| // told to stop scanning 

| the snapshots... 
7631 7| Status = STATUS_SUCCESS; 

76318| DoneWithSnapShot(p); 
76319| break; 
76320| } 
76321 | 

76322 1 if ( !NT_SUCCESS(Status) ) { 

76323| FailRequest(p,Status); 
76324| } 
76325| 

76326| p = 

| GetNextSnapShot(&DevExt->SnapShots,p); 
76327| } // while(p) 

76328| } ^finally { 

76329| ReleaseSnapShotForRead(); 
76330 1 } 
76331 | 

76332| ThreadCleanup: 
76333 1 TRACE( 

76334| TRACETHREADCLEANUP, 
76335| 0, 

76336| WriteRequest->RealSector.HighPart, 
76337| WriteRequest->RealSector.LowPart, 
76338| WriteRequest->RealCount, 
76339 1 ""); 
76340 1 

76341 1 SbUpdateThreadStatus( ThreadNum, 

| DeviceObject, Irp, _STATE_CLEANUP, 
| WriteRequest->RealSector, WriteRequest->RealCount, 
| dummy ); 

76342 1 // cleanu p th is i rp . 

76343 1 

76344| #if 0 

76345| #ifdef DEBUG 

76346| // This was added 2001 Nov 07 to help 

| find revert ntfs corruption. 



76347| if ( 

| WriteRequest->RoundedSector.QuadPart < 0x800 ) { 
76348| 

| Debug(DEBUG_THREAD,("SaveOriginalDataThread: Old data 
| granule follows (granule=%016l64x)\n", 
76349| 

| WriteRequest->RoundedSector.QuadPart / 
| (GRANULE_SIZE/512) )); 
76350 1 

76351 1 DumpSector ( (char 

| *)(WriteRequest->Buffer), GRANULE_SIZE ); 
76352 1 

76353| char *Kernel Pointer = (char 

| *)MmGetSystemAddressForMdlSafe( 

| WriteRequest->lrp->MdlAddress, NormalPagePriority ); 
76354| 

| Debug(DEBUG_THREAD,("SaveOriginalDataThread: granule we 
| are about WRITE (granule=%016l64x)\n", 
76355| 

| WriteRequest->RoundedSector.QuadPart / 
| (GRANULE_SIZE/512) )); 
76356| 

76357| DumpWriteRequest (Write Request); 

76358| 

76359| DumpSector ( KernelPointer, 

| WriteRequest->Bytel_ength ); 
76360 1 } 
76361| #endif TDEBUG7 
76362| #endif 
76363| 

76364| //Debug(DEBUG_THREAD, ("Thread %d: 

| Freeing pool %p\n",TnreadNum,WriteRequest->Buffer)); 
76365| /lint -save -e61 3 7 

76366| 

| MemFreePool((PVOID)(WriteRequest->Buffer)); 
76367| Hint -restore V 

76368| WriteRequest->Buffer = NULL; 

76369 1 

76370| //Debug(DEBUG_THREAD, ("Thread %d: 

| Freeing Irp %p\n",ThreadNum,lrp)); 
76371 1 // save the status since we freeing the 

| request 

76372| Status = lrp->loStatus.Status; 

76373 1 

76374| IrpFreelrp(lrp); 
76375| 

76376| KIRQL oldlrql; 

76377| 

| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 
76378| 



I RemoveEntryList(&(WriteRequest->ProcessingEntry)); 
76379| 

| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 
76380| 

76381 1 if(NT_SUCCESS(Status)) { 

76382| Interlocked Decrement ( 

| (PLONG)&OutstandingRequests ); 
76383| #ifdef DEBUG 

76384| // so we know when the io completed 

76385| (void)PSManSendOrigWrite( 

| WriteRequest->DeviceObject, WriteRequest->lrp); 
76386| #else 

76387| (void)PSManPassThru( 

| WriteRequest->DeviceObject, WriteRequest->lrp); 
76388| #endif 
76389 1 } else { 

76390 1 // nothing to do as the io has 

| already been completed in the completion routine for 
| the 

76391| //read 

| (OtManWriteCompletionDevice). 
76392| } 
76393| 

76394| FREEPOINTER(WriteRequest); 
76395| 

76396| //Debug(DEBUG_THREAD, ("Thread %d: Done 

| processing Sector %d, %d 

| (lrp=%p)\n",ThreadNum,Sector,Count,lrp)); 
76397| // change the threshold after we have 

| released the write we 
76398| // were processing so we dont deadlock. 

76399| if ( ThresholdReached ) { 

76400| 

| CacheThresholdReached(DeviceObject); 
76401| } 
76402| 

76403| } else { 

76404| // most likely STATUS_WAIT_0 but could 

| be an error condition 
76405| //Debug(DEBUG_THREAD, ("Thread %d: 

| Error! %08x on wait\n",ThreadNum,Status)); 
76406| FailRequest(NULL,PSM_CANCELED_BY_USER); 
76407| ExitThread = 1 ; 

76408| } 

76409| } // while(IExitThread) 
76410| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
7641 1 1 Status=GetExceptionCode(); 
76412| Debug(DEBUG_THREAD, ("Thread %d: Error! 

| Exception %08x\n",ThreadNum, Status)); 



7641 3 1 Fail Request(NULL, Status) ; 
76414| } 

76415| //ExitThreadJmp: 
76416| 

76417| TRACE( TRACE_THREADEXIT, 0, 0, 0, 0, ""); 
76418| 

76419| //Debug(DEBUG_THREAD, ("Thread %d: 10: Currentlrql = 

| %d\n",ThreadNum, KeGetCurrentlrql())); 
76420| SbUpdateThreadStatus( ThreadNum, NULL, NULL, 

| _STATE_DEINIT, dummy, 0, dummy ); 
76421 | 
76422 1 

76423| ExitThreadTerminate: 
76424| 

76425| SbDecrementRunningThreads(); 
76426| 

76427| Debug(DEBUG_TH READ, ("Thread %d: 

| Exiting\n",ThreadNum)); 
76428| PsTerminateSystemThread( 0 ); 
76429 1 } 
76430| 

76431| /* 



76432| STATIC int SbMakeAnotherThread ( void ) 

76433| { 

76434| HANDLE TempHandle=NULL; 

76435| NTSTATUS ntStatus=0; 

76436| ULONG ThreadNum=0; 

76437| ULONG Save=0; 
76438| 

76439| TRACE( TRACE_MAKETHREAD, 0, 0, 0, 0, ""); 
76440| 

76441 1 pmAcquireMutex ( &WorkerThreadMutex, NULL ); 
76442 1 

76443 1 // cant do much at APC_LEVEL which fast mutexes 

| move us to... 
76444| 

76445| Save = GlobalThreadCount; 
76446| 

76447| ThreadNum=NumberOfThreads; 
76448| 

76449| if ( NumberOfThreads<MaxThreads ) { 

76450| // inc first or thread will stop with invalid 

| thread count 

76451 1 NumberOfThreads++; 

76452| ntStatus=STATUS_SUCCESS; 

76453 1 } else { 

76454| // if at max, then dont create any more 

76455| ntStatus = STATUSJJNSUCCESSFUL; 

76456| } 



76457| 

76458| pmReleaseMutex ( &WorkerThreadMutex ); 
76459| 

76460| if ( NT_SUCCESS(ntStatus) ) { 
76461 1 ntStatus = pmStartThread( 
76462 1 

| (PKSTART_ROUTINE)SaveOriginalDataThread, // IN 

| PKSTART_ROUTINE StartRoutine, 
76463| (PVOID)ThreadNum, 

| // IN PVOID StartContext 
76464| &TempHandle 

| // OUT PHANDLE ThreadHandle, 
76465| ); 
76466| 

76467| if ( NT_SUCCESS(ntStatus) ) { 
76468| 

76469| ntStatus = ObReferenceObjectByHandle( 

76470 1 

| TempHandle, // IN HANDLE Handle, 
76471 | 

| THREAD_ALL_ACCESS, // IN ACCESS_MASK Desired Access, 
76472| NULL, 

| // IN POBJECT_TYPE ObjectType, /* 

| optional 7 
76473 1 

| (KPROCESSOR_MODE)KernelMode, // IN 
| KPROCESSOR_MODE AccessMode, 
76474| 

| &ThreadObjects[ThreadNum].ThreadObject, //OUT PVOID 
| *Object, 

76475| NULL 

| // OUT POBJECTHANDLEINFORMATION Handle Information 

| /* optional 7 
76476| ); 

76477| Debug(DEBUG_THREAD, ("Thread %d Handle = 

| %08x, Object=%08x, 

| Status=%08x\n",ThreadNum,TempHandle,ThreadObjects[Thread 

| Num].ThreadObject,ntStatus)); 
76478| // Dont need the handle anymore now that we 

| have an object 
76479| ZwClose(TempHandle); 
76480| TempHandle = NULL; 

76481 1 } 
76482 1 

76483 1 // if thread was started, wait for it to start. 
76484| if ( NT_SUCCESS(ntStatus) ) { 
76485| LARGEJNTEGER TimeToWait; 

76486| 

76487| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 



76488| 

76489| //Debug( D EBUG_TH R EAD, ("Writer: GTC=%d, 

| Save=%d\n",GlobalThreadCount,Save)); 
76490| TimeToWait.QuadPart = 

| RELATIVE(MICROSECONDS(10)); 
76491 1 ULARGEJNTEGER dummy = {0}; 

76492| SbUpdateWriterStatus( 

| _STATE_WAITING_FOR_EVENT, dummy, 0 ); 
76493| while ( GlobalThreadCount == Save ) { 

76494| //Debug(DEBUG_THREAD, ("Writer: GTC=%d, 

| Save=%d\n",GlobalThreadCount,Save)); 
76495| 

76496| KeDelayExecutionThread( 
76497| 

| (KPROCESSOR_MODE)KernelMode, // IN KPROCESSOR_MODE 
| WaitMode, 

76498| FALSE, // IN 

| BOOLEAN Alertable, 
76499| &TimeToWait // 

| IN PLARGEJNTEGER Interval 
76500 1 ); 
76501 | } 
76502 1 /* 

76503| ASSERT(KeGetCurrentlrql() < 

| DISPATCHJ.EVEL); 
76504| pmWaitForSingleObject( 

| &WorkerThreadEvent,NULL); 
76505| 7 
76506| } else { 

76507| pmAcquireMutex ( SWorkerThreadMutex, NULL 

I); 

76508| NumberOfThreads--; 

76509| pmReleaseMutex ( SWorkerThreadMutex ); 

76510| } 

7651 1 | } 

76512| 

76513| return NT_SUCCESS(ntStatus) ? TRUE : FALSE; 

76514| } 

76515| 

76516| 

76517| /* 



76518| STATIC NTSTATUS SbWaitForWriteFromNT() 
76519| { 

76520| PVOID ObjectTable[2] ={ 

| &PSManExitingEvent, SWriteSemaphore}; 
76521 1 

76522| TRACE( TRACE_WAITWRITEFROMNT, 0, 0, 0, 0, ""); 
76523| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
76524| return 



I pmWaitForMultipleObjects(ObjectTable,2,NULL); 
76525| } 
76526| 
76527| 

76528| /* 



76529| NTSTATUS SbCompleteWritesOnQueue() 

76530| { 

76531| PLISTENTRY ListEntry=NULL; 

76532| PDEVICE_OBJECT DeviceObject=NULL; 

76533| PIRP lrp=NULL; 

76534 1 t Write Requ est * Write Request= NULL; 

76535| 

76536| TRACE( TRACECOMPLETEWRITESONQUEUE, 0, 0, 0, 0, 

I ""); 

76537| while ( !lsListEmpty(&WriteQueue) ) { 

76538| ListEntry = ExInterlockedRemoveHeadList ( 

76539| 

| &WriteQueue, // List Head 
76540| 

| &WriteSpinLock // Lock 
76541| ); 
76542| 

76543| if ( (ListEntry) && (ListEntry!=&WriteQueue) ) 
|{ 

76544| /*lint-save-e413 7 

76545| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 
76546| Hint -restore 7 

76547 1 DeviceObject = Write Request->DeviceObject; 

76548| Irp = WriteRequest->lrp; 

76549 1 

76550| // If its on the write queue, its not on 

| the processing queue 
76551 | 

76552| FREE_POINTER(WriteRequest); 
76553 1 #if 1 

76554| File_Printlrp( M Writer Cleanup: 

| DeviceObject, Irp); 
76555| #endif 

76556| Interlocked Decrement 

| (PLONG)&OutstandingRequests ); 
76557| (void) PSMan PassThru(DeviceObject, I rp) ; 

76558| } else { 

76559| Debug(DEBUG_THREAD, ("Writer Cleanup: Error 

| ListEntry is empty\n")); 
76560 1 } 
76561 1 } 

76562| return STATUS_SUCCESS; 
76563| } 



76564| 

76565| NTSTATUS SbComplete Writes ReadQueueQ 
76566| { 

76567| PLISTENTRY ListEntry=NULL; 
76568| PDEVICE_OBJECT DeviceObject=NULL; 
76569| PIRP lrp=NULL; 
76570| tWriteRequest *WriteRequest=NULL; 
76571 | 

76572| while ( !lsListEmpty(&WriteAfterReadQueue) ) { 
76573| ListEntry = ExInterlockedRemoveHeadList ( 
76574| 

| &WriteAfterReadQueue, // List Head 
76575| 

| &WriteAfterReadSpinl_ock // Lock 
76576| ); 
76577| 

76578| if ( (ListEntry) && 

| (ListEntry!=&WriteAfterReadQueue) ) { 
76579| Hint -save -e41 3 7 

76580| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 
76581| Hint -restore 7 

76582| DeviceObject = Write Request->DeviceObject; 

76583| Irp = WriteRequest->lrp; 

76584| 

76585| FREE_POINTER(WriteRequest); 
76586| #if 1 

76587| File_Printlrp( M WriteAfterRead Cleanup: 

| ", DeviceObject, Irp); 
76588| #endif 

76589| Interlocked Decrement( 

| (PLONG)&OutstandingRequests ); 
76590| (void) PSMan PassThru ( DeviceObject, I rp) ; 

76591 1 } else { 

76592| Debug(DEBUG_THREAD,( M WriteAfterRead 

| Cleanup: Error ListEntry is empty\n")); 
76593 1 } 
76594| } 

76595| return STATUS_SUCCESS; 

76596| } 

76597| 

76598| /* 



76599| STATIC NTSTATUS SbWaitForFreeThread( ) 

76600| { 

76601 1 NTSTATUS Status; 

76602| LARGE INTEGER CurrentTime={0}; 

76603| LARGE_INTEGER EndTime={0}; 

76604| 

76605| WaitForThreads: 



76606| Status = SbThreadQueueWait(); 
76607| 

76608| if ( Status == STATUS_TIMEOUT ) { 

76609| //Debug(DEBUG_TH READ, ("Writer: Creating another 

| Thread\n")); 
7661 0| if ( SbMakeAnotherThread() ) { 
7661 1 1 Debug(DEBUG_TH READ, ("Writer: Created 

| another ThreadVn")); 
76612| }else{ 

76613| //Debug(DEBUG_THREAD, ("Writer: Error! 

| unable to make another thread\n")); 
76614| 

76615| // To keep hangs from occuring, we will see 

| if we are hung for 
7661 6| // longer than x number of seconds, if so, 

| abort the backup. 
76617| 

76618| if ( EndTime.QuadPart == 0 ) { 

76619| KeQuerySystemTime( &EndTime ); 

76620| EndTime.QuadPart += 

| MICROSECONDS(gHungSystemTimeOut); 
76621| } 

76622| KeQuerySystemTime( &CurrentTime ); 

76623| if ( CurrentTime.QuadPart > 

| EndTime.QuadPart ) { 
76624| Debug(DEBUG_TH READ, ("Writer: Error! 

| Timeout while waiting for threads\n")); 
76625| // DbgBreakPoint(); 

76626| FailRequest(NULL,PSM_ERROR_DEADLOCK); 
76627| SbCompleteWritesOnQueue(); 
76628| return PSM_ERROR_DEADLOCK; 

76629| } 
76630| } 

76631 1 goto WaitForThreads; 
76632 1 } 
76633 1 

76634 1 return Status; 

76635| } 

76636| 

76637| /* 

| */ 

76638| STATIC NTSTATUS SbAI locate I rp Resources ( PCHAR *Buffer, 
76639| PIRP *lrp, 

76640| PMDL *Mdl, 

76641 1 USHORT 

| StackSize, 
76642| ULONG 

| ByteCount 
76643 1 ) 
76644| { 



76645| NTSTATUS Status = STATUS_INSUFFICIENT_RESOURCES; 
76646| 

76647| TRACE( TRACE_ALLOCATERESOURCES, 0, 0, ByteCount, 0, 

I ""); 

76648| // allocate memory on aligned boundery 
76649| (*Buffer) = (PCHAR) 

| MemAllocatePoolWithTag(PagedPoolCacheAligned, 

| ByteCount, BUFFTAG); 
76650| 

76651 1 if ( ("Buffer) ) { 

76652| (*lrp) = IrpAllocatelrp ( StackSize ); 

76653| if ( (*lrp) ) { 

76654| (*Mdl) = loAllocateMdl( 

| (*Buffer),ByteCount,FALSE,FALSE,(*lrp)); 
76655| if ( (*Mdl) ) { 

76656| Hint -save -e1 49 V 

76657| _try { 

76658| //MmBuildMdlForNonPagedPool(Mdl); 
76659| MmProbeAndl_ockPages((*Mdl), 

| (KPROCESSORJv10DE)KernelMode,loModifyAccess); 
76660| return STATUS_SUCCESS; 
76661 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
76662| Debug(DEBUG_THREAD,(" Exception 

| while locking Mdl %p for %p\n",(*Mdl),(*Buffer))); 
76663| Status = GetExceptionCode(); 

76664| } 
76665| Hint -restore V 

76666| loFreeMdl((*Mdl)); 
76667| } 

76668| IrpFreelrp(flrp)); 
76669 1 } 

76670| MemFreePool((*Buffer)); 
76671 1 *Buffer=NULL; 
76672 1 } 
76673 1 

76674| return Status; 

76675| } 

76676| 

76677| /* 



76678| STATIC NTSTATUS SbAllocatelrpResourcesOrWait ( PCHAR 



| 'Buffer, 
76679 1 

I *lrp, 
76680 1 

| *Mdl, 
76681 | 

| StackSize, 
76682 1 



USHORT 



ULONG 



PIRP 



PMDL 



I ByteCount 
76683| ) 
76684| { 

76685| NTSTATUS Status = STATUS_INSUFFICIENT_RESOURCES; 
76686| 
76687| 
76688| 
76689| 
76690| 
76691 | 
76692 | 
76693 1 
76694| 

|{ 
76695| 
76696| 
76697| 



while ( Status==STATUS_INSUFFICIENT_RESOURCES ) { 
Status = SbAllocatelrpResources( Buffer, 
Irp, 
Mdl, 

Stacks ize, 
ByteCount 

); 

if ( Status == STATUS_INSUFFICIENT_RESOURCES ) 
LARGE INTEGER TimeOut; 



TimeOut.QuadPart = 
| RELATIVE(MICROSECONDS(((signed 
| long)NewThreadStartDelay))); 
76698| 

76699| // if not exiting, wait for some time, and 

| try alloc again 

76700| Debug(DEBUG_THREAD, ("Waiting for resources 

| to become available\n")); 
76701 | 

76702| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 
76703| Status = pmWaitForSingleObject( 

| &PSManExitingEvent,&TimeOut ); 
76704| // if the timeout occured, try allocing 

| resources again 



76705| 

76706| 

76707| 

76708| 

76709 1 

76710| 

7671 1 1 

76712| 

76713| } 

76714| 

76715| /*- 



// else, its time to exit... 

if ( Status==STATUS_TIMEOUT ) { 

Status = STATUS_INSUFFICIENT_RESOURCES; 

} 



} 

return Status: 
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76716| STATIC NTSTATUS SblnitReadlrp( 



76717| 
76718| 
76719| 
76720| 

| AuxiliaryBuffer, 
76721 | 



PIRP Newlrp, 
PMDL Mdl, 
PETHREAD Thread, 
PCHAR 

P FILE OBJECT 



I OriginalFileObject 
76722| ) 
76723| { 

76724| // set up our IRP to be sent down to the lower 

| driver. 
76725| 

76726| Newlrp->MdlAddress = Mdl; 

76727| Newlrp->Associatedlrp.SystemBuffer = NULL; 
76728| 

76729| // for removable media requests so it can display a 
| dialog box. 

76730| Newlrp->Tail.Overlay.Thread = Thread; 

76731| Newlrp->RequestorMode 

| (KPROCESSOR_MODE)KernelMode; 
76732| 

76733| // misc parameters that i dont know if there needed 

| but look like 
76734| // good candidates on saving 
76735| // undocumented fields... 
76736| Newlrp->Tail.Overlay.AuxiliaryBuffer = 

| AuxiliaryBuffer; 
76737| Newlrp->Tail. Overlay. OriginalFileObject = 

| OriginalFileObject; 
76738| 

76739| // you also have the following fields i dont know 

| if they are 
76740| // needed or not.. 
76741 1 // Newlrp->Userlosb 
76742 1 // Newlrp->UserEvent 
76743 1 

76744| Newlrp->UserBuffer = NULL; 
76745| 

76746| // loBuildSynchronousFsdRequest you pass in 

76747| // IN PKEVENT Event, and OUT PIO_STATUS_BLOCK losb 

76748| // so this makes me think i should set the fields 

| above... 
76749 1 

76750| // Indicate that this is a READ operation. 
76751| Newlrp->Flags 

| IRP_READ_OPERATION; 
76752| 

76753| Newlrp->loStatus. Status 

| STATUS_PENDING; 
76754| Newlrp->loStatus. Information = 0; 

76755| 

76756| return STATUS_SUCCESS; 

76757| } 

76758| 

76759| 

76760| /* 



PDEVICE OBJECT 



PFILE OBJECT 



| */ 

76761 1 STATIC NTSTATUS SblnitOtherlrpStack ( 
76762 1 PIO_STACK_LOCATION 

| Stack, 
76763 1 

| DeviceObject, 
76764| 

| FileObject, 
76765| 

I Flags, 
76766| 

I Arg1, 
76767| 

I Arg2, 
76768| 

I Arg3, 
76769 1 

I Arg4 
76770 1 
76771 1 { 

76772| Stack->CompletionRoutine = NULL; 

| // set by SetloCompletionRoutine 
76773 1 Stack->Context = 0; 

| // set by SetloCompletionRoutine 
76774| 

76775| Stack->Flags = Flags; 

| // Read/Write - SL OVERRIDE VERIFY VOLUME, etc... 
76776| Stack->Control = 0; 

| // SL_PENDING_RETURNED 
76777| Stack->MajorFunction = IRP_MJ_READ; 
Stack->MinorFunction = 0; 
Stack-> DeviceObject = DeviceObject; 
Stack->FileObject = FileObject; 



UCHAR 



PVOID 



PVOID 



PVOID 



PVOID 



) 



76778| 
76779 1 
76780 1 
76781 | 
76782 1 
76783 | 
76784| 
76785| 
76786| 
76787| } 
76788| 
76789 1 /* 



Stack->Parameters.Others.Argument1 = Arg1; 
Stack->Parameters.Others.Argument2 = Arg2; 
Stack->Parameters.Others.Argument3 = Arg3; 
Stack->Parameters.Others.Argument4 = Arg4; 
return STATUS SUCCESS; 
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76790| STATIC NTSTATUS SblnitReadlrpStack( 

76791 1 PIO_STACK_LOCATION 
| Stack, 

76792 1 PD EVI C EOBJ ECT 

| DeviceObject, 

76793| PFILE_OBJECT 

| FileObject, 



76794| UCHAR 
I Flags, 

76795| PLARGEJNTEGER 

| ByteOffset, 
76796| ULONG 

I Length, 

76797| ULONG 
| Key 

76798| ) 
76799| { 

76800| Stack->CompletionRoutine = NULL; 

| // set by SetloCompletionRoutine 
76801 1 Stack->Context = 0; 

| // set by SetloCompletionRoutine 
76802 1 

76803| Stack->Flags = Flags; 

| // Read/Write - SL OVERRIDE VERIFY VOLUME, etc... 
76804| Stack->Control = 0; 

[ // SL_PENDING_RETURNED 
76805| Stack->MajorFunction = IRP_MJ_READ; 

76806| Stack->MinorFunction = 0; 

76807 1 Stack->DeviceObject = DeviceObject; 

76808| Stack->FileObject = FileObject; 

76809 1 

76810| Stack-> Parameters. Read. Length = Length; 
7681 1 1 Stack-> Parameters. Read. ByteOffset = *ByteOffset; 
76812| Stack-> Parameters. Read. Key = Key; 

| // this may cause trouble later on 

76813| return STATUS_SUCCESS; 

76814| } 

76815| 

76816| 

76817| // running at IRQL = PASSIVE_LEVEL 

76818| // 

76819| // repeat 

76820| // Wait For NT Write 

76821 1 // Wait for Free Thread 

76822| // Process Read Old Data 

76823| // until Time To Exit 

76824| // 

76825| // Read Old Data Completed 

76826| // Send Original Write to Lower Level Driver 

76827| // Add Read Irp to Thread Queue 

76828| // Signal Thread Queue 

76829 1 // 

76830 1 // Thread Queue 
76831 1 // Init 
76832 1 // repeat 
76833|// Wait For Signal 
76834| // If not duplicate 



76835| // 
76836| // 
76837| // 



Write Old Data to cache WAIT 
Add to Tree 
Cleanup Read Irp 



76838| // until Time To Exit 
76839| // Cleanup 
76840| // 
76841 1 // 

76842| // 1 . Takes a write from the NT Dispatcher. 

76843| // 2. Waits for a thread 

76844| // 3. Then composes a Read Irp, and 

76845| // 4. Sends it to the lower level driver. 

76846| // 5. Loops back to 1 

76847| 

76848| // This thread is awoken when the Write dispatch 

| (write.c) has realized 
76849| // that we need to process this request. This has the 

| side affect of 
76850| // serializing all writes. 
76851 1 /* 



76852| void WriteDispatchThread ( PVOID Context ) 
76853 1 { 

76854| NTSTATUS Status={0}; 

76855| PFILTERED EXTENSION DevExt=NULL; 

76856| ULONG ExitThread=0; 

76857| PIO_STACK_LOCATION currentlrpStack=NULL; 

76858| PIO_STACK_LOCATION nextlrpStack=NULL; 

76859| PIO_STACK_LOCATION NewlrpCurrentStack=NULL; 

76860| PIRP Newlrp=NULL; 

76861| PCHAR buffer=NULL; 

76862| PMDL Mdl=NULL; 

76863| KIRQL oldlrql=0; 

76864| PLIST_ENTRY ListEntry=NULL; 

76865| tWriteRequest *WriteRequest=NULL; 

76866| 

76867| NOT_REFERENCED(Context); 
76868| 

76869| PAGED_CODE(); 
76870| 

76871 1 Debug(DEBUG_TH READ, ("Writer: Started T=%08x, 
| P=%08x, 

| irql=%d\n",KeGetCurrentThread(),loGetCurrentProcess(),Ke 

| GetCurrentlrql())); 
76872| ULARGEJNTEGER dummy = {0}; 
76873| SbUpdateWriterStatus( _STATE_INIT, dummy, 0 ); 
76874| 

76875| SblncrementRunningThreads(); 
76876| 

76877| #ifndef SYNC 

76878| // make sure other threads are ready first... 



76879| if ( !NT_SUCCESS(SbWaitOnEvent( &ThreadOlnited )) ) 
|{ 

76880| goto ExitThreadJmp; 
76881 1 } 
76882| #endif 
76883 1 

76884| // threads normally start with variable priority. 

| This sets it to the 
76885| // lowest of the time critical prioritys 
76886| // Realtime threads have no quantum timeout. They 

| only give up the 
76887| // cpu when they voluntarily go into a wait state, 

| or when preempted by 
76888| // a thread of higher priority 
76889| //KeSetPriorityThread( KeGetCurrentThread(), 

| LOW_REALTIME_PRIORITY); 
76890| Debug(DEBUG_TH READ, ("Writer: Waiting for 

| work.. An")); 
76891| 

76892| __try { 

76893| while ( SExitThread ) { 
76894| Thread Loop: 

76895| //Debug(DEBUG_THREAD, ("Writer: Going to 

| sleep irql=%d\n",KeGetCurrentlrql())); 
76896| SbUpdateWriterStatus( 

| _S TAT E_ W A I T I N G_ F O R_WO R K , dummy, 0 ); 
76897| 

76898| Status = SbWaitForWriteFromNT(); 

76899| 

76900| if ( Status == STATUS_WAIT_1 ) { 

76901 1 //Debug(DEBUG_THREAD, ("Writer: write 

| from nt, irql=%d\n",KeGetCurrentlrql())); 
76902 1 

76903| SbUpdateWriterStatus( 

| _STATE_WAITING_FOR_THREAD, dummy, 0 ); 
76904| 

76905| // returns 0 for success, else error 

| code (STATUS_WAIT_1 if exiting) 
76906| // PSM_ERROR_DEADLOCK if system is 

| hung... 
76907| #if 1 

76908| Status = SbWaitForFreeThread(); 

76909 1 #else 

76910| Status = 0; 

76911| #endif 

76912| 

76913| if ( Status == 0 ) { 

76914| //Debug(DEBUG_TH READ, ("Writer: 

| Thread is free, irql=%d\n",KeGetCurrentlrql())); 
76915| TRACE( TRACE WORKERGET, 0, 0, 0, 0, 



I ""); 

76916| //Debug(DEBUG_TH READ, ("Writer: 

| Signaled %d, sema=%d\n",ThreadsAwake,GetState())); 
76917| 

76918| //Debug(DEBUG_TH READ, ("Writer: Done 

| with trace, irql=%d\n",KeGetCurrentlrql())); 

769 1 9 1 SbU pdateWriterStatus( 

| _STATE_WORKING, dummy, 0 ); 

76920 1 GetAnother: 

76921 1 pmAcquireSpinLock ( &WriteSpinLock, 

| &oldlrql ); 
76922| WriteQueueDepth--; 
76923| ListEntry = RemoveHeadList 

| (&WriteQueue); 
76924| pmReleaseSpinLock( &WriteSpinLock, 

| oldlrql ); 

76925| //Debug(DEBUG_TH READ, ("Writer: 

| reseting irql from=%d back to 

| %d\n",KeGetCurrentlrql(),oldlrql)); 
76926| 

76927| if ( (SListEntry) || 

| (ListEntry==&WriteQueue) ) { 
76928| Debug(DEBUG_THREAD, ("Writer: 

| Error ListEntry is empty\n")); 
76929| SbThreadQueueDec(); // 

| Decrement the increment we did, since we did not start 

| a thread 

76930| goto ThreadLoop; 

76931| } 

76932| 

76933| //Debug(DEBUG_TH READ, ("Writer: Got 

| Work, irql=%d\n",KeGetCurrentlrql())); 
76934| 

76935| Hint -save -e41 3 7 

76936| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 

76937| Hint -restore 7 

76938| //Debug(DEBUG_TH READ, ("Writer: 

| WriteRequest=%08x, DeviceObject=%08x, 
| lrp=%08x\n", WriteRequest, DeviceObject, I rp)) ; 

76939 1 

76940 1 if ( 

| IsBeingProcessedEx(WriteRequest) ) { 
76941 1 BOOLEAN OnlyOne=FALSE; 

76942 1 

76943 1 pmAcquireSpinLock ( 

| &WriteSpinLock, &oldlrql ); 
76944| WriteQueueDepth++; 
76945| InsertTailList 

| (&WriteQueue,&WriteRequest->List Entry); 



76946| 

76947| // if only one on list 

76948| if ( WriteQueue.Flink == 

| &WriteRequest->ListEntry ) { 
76949| OnlyOne=TRUE; 
76950| } 
76951 1 pmReleaseSpinl_ock( 

| &WriteSpinl_ock, oldlrql ); 
76952| if ( OnlyOne ) { 

76953| LARGEJNTEGER TimeToWait = 

|{0}; 

76954| TimeToWait.QuadPart = 

| RELATIVE(MILLISECONDS(1 )); 
76955| KeDelayExecutionThread( 

| (KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait ); 
76956| } 
76957| goto GetAnother; 

76958| } 
76959 1 
76960 1 

76961 1 DevExt = 

| GetFilteredExtension(WriteRequest->DeviceObject); 
76962 1 current I rpStack = 

| loGetCurrentlrpStackLocation(WriteRequest->lrp); 
76963 1 nextlrpStack = 

| loGetNextlrpStackLocation(WriteRequest->lrp); 
76964| 

76965| SbUpdateWriterStatus( 

| _STAT E WA I T I N G_FO R_M E MO R Y , WriteRequest->RealSector, 

| WriteRequest->RealCount); 
76966| 
76967| 

| ASSERT(WriteRequest->RoundedCountlnBytes.LowPart % 
| GRANULE_SIZE == 0); 
76968| 

76969 1 Status = 

| SbAllocatelrpResourcesOrWait( &buffer, 
76970 1 

| &Newlrp, 
76971 | 

| &Mdl, 
76972 | 

| WriteRequest->DeviceObject->StackSize, 
76973 1 

| WriteRequest->RoundedCountlnBytes.LowPart 
76974| 

I); 

76975| 

76976| if ( !NT_SUCCESS(Status) ) { 

76977| 



I Debug(DEBUG_THREAD|DEBUG_ERROR,("Error! %08x while 

| allocating resources\n", Status)); 
76978| FailRequest(NULL,Status); 
76979| Debug(DEBUG_THREAD | 

| DEBUGJNFO, ("Calling original driver with orginal irp 

| %p\n",WriteRequest->lrp)); 
76980| SbThreadQueueDec(); // 

| Decrement the increment we did, since we did not start 

| a thread 

76981 1 Interlocked Decrement 

| (PLONG)&OutstandingRequests ); 
76982 1 

| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 
76983 1 

| RemoveEntryList(&(WriteRequest->ProcessingEntry)); 
76984| 

| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 
76985| Status = PSManPassThru( 

| WriteRequest->DeviceObject, Write Request->lrp ); 
76986| MemFreePool(WriteRequest); 
76987| goto ThreadLoop; 

76988| } 
76989 1 

76990| TRACE( 

76991 1 TRACE_SETTINGUP, 

76992| 0, 

76993 | 

| WriteRequest->RealSector.HighPart, 
76994| 

| WriteRequest->RealSector.LowPart, 
76995| WriteRequest->RealCount, 
76996| ""); 
76997| 

76998| #ifdef LINT 

76999| if ( INewIrp ) goto ThreadLoop; 

77000| #endif 

77001| 

77002 1 ASS E RT( Newl rp) ; 

77003| ASSERT(Mdl); 
77004| ASSERT(buffer); 
77005| 

77006| WriteRequest->Buffer = buffer; 

77007| 

77008| // push stack location so it points 

| at the first valid slot 
77009| // we use this slot to hold our 

| contexts 

77010| loSetNextlrpStackLocation( Newlrp 

I); 

7701 1 1 NewlrpCurrentStack = 



I loGetCurrentlrpStackLocation(Newlrp); 
77012| 

770 1 3 1 SbU pdateWriterStatus ( 

| STATEWORKING, Write Request->RealSector, 
| WriteRequest->RealCount); 

77014| 

77015| SblnitReadlrp( Newlrp, 

77016| Mdl, 
77017| 

| WriteRequest->lrp->Tail.Overlay.Thread, 
77018| 

| WriteRequest->lrp->Tail.Overlay.AuxiliaryBuffer, 
77019| 

| WriteRequest->lrp->Tail. Overlay. OriginalFileObject 
77020| ); 
77021 | 

77022 1 Sbl n itOtherl rpStack( 

77023 | 

| NewlrpCurrentStack, 
77024| 

| WriteRequest->DeviceObject, 
77025| 

| currentlrpStack->FileObject, 
77026| 

| currentlrpStack->Flags, 
77027| WriteRequest, 
77028| NULL, 
77029| NULL, 
77030| NULL 
77031| ); 
77032| 

77033| // Set up the next I/O stack 

| location. These are the parameters 
77034| // that will be passed to the 

| underlying driver. 
77035| nextlrpStack = 

| loGetNextlrpStackLocation(Newlrp); 
77036| 

77037| // make sure to not read past end 

| of volume, or the underlying driver (usually 
| ftdisk.sys) 

77038| // will fail the request with 

| STATUS_I N VALI D_PARAM ETE R 
77039| // we will do this by issuing the 

| read for less data than a granule, so the data 
77040| // after the requested area will be 

| junk 

77041 1 LARGEJNTEGER AdjustedCount = 

| Write Req u est- >RoundedCountln Bytes ; 
77042| 



77043| 

| if(WriteRequest->RoundedSectorlnBytes.QuadPart+AcljusteclC 

| ount.QuadPart>DevExt->Pi.PartitionLength.QuadPart) { 
77044| Debug(DEBUG_THREAD, ("Writer: 

| Request for write past end of drive, adjusting\n")); 
77045| AdjustedCount.QuadPart = 

| DevExt->Pi.PartitionLength.QuadPart-WriteRequest->Rounde 

| dSectorlnBytes.QuadPart; 
77046| } 
77047| 
77048| 

| ASSERT(AdjustedCount.LowPart>=WriteRequest->ByteLength); 
| //make sure this request isnt smaller than the passed 
| in request 

77049 1 ASS E RT( AdjustedCou nt. H igh Part==0) ; 

| //make sure the I/O length fits in 32 bits 
77050| 

77051 1 SblnitReadlrpStack( 
77052 1 nextlrpStack, 
77053 1 

| DevExt->TargetDeviceObject, 
77054| 

| currentlrpStack->FileObject, 
77055| 

| currentlrpStack->Flags, 
77056| 

| &WriteRequest->RoundedSectorlnBytes, 
77057| 

| AdjustedCou nt.LowPart, 
77058| 

| cu rrent I rpStack-> Parameters . Write . Key 
77059 1 ); 
77060 1 

77061 1 // We use a completion routine to 

| keep the I/O Manager from doing 
77062| // "cleanup" on our IRP - like 

| freeing our MDL. 
77063 1 

77064| // Pass Original Irp as context for 

| function. 

77065| Hint -save -e506 -e774 7 

77066| loSetCompletionRoutine(Newlrp, 

| PSManWriteCompletionDevice, WriteRequest->lrp, TRUE, 

| TRUE, TRUE); 
77067| Hint -restore 7 

77068| 

77069| //Debug(DEBUG_THREAD | 

| DEBUG_INFO,("Calling driver (tdo=%p, Newlrp=%p, Do=%p, 
| lrp=%p)\n", DevExt->TargetDeviceObject,Newlrp, DeviceObjec 
lUrp)); 



77070| //send to caller 
77071 | 

77072| TRACE( 

77073| TRACESENDINGREADFORWRITE, 

77074| 0, 

77075| 



| WriteRequest->RealSector.HighPart, 
77076| 

| WriteRequest->RealSector.LowPart, 
77077| WriteRequest->RealCount, 
77078| ""); 

77079| //Debug(DEBUG_TH READ, ("Writer: 

| Sending read to lower driver, 

| irql=%d\n",KeGetCurrentlrql())); 
77080 1 
77081 1 #if 1 

77082| (void)loCallDriver( 

| DevExt->TargetDeviceObject,Newlrp ); 
77083 1 #else 

77084| PSManWriteCompletionDevice( 

| DeviceObject, Newlrp, Irp ); 
77085| #endif 
77086| } else { 

77087| goto TimeToExit; 

77088| } 
77089 1 } else { 

77090| TimeToExit: 

77091 1 // most likely STATUS_WAIT_0 but could 

| be an error condition 
77092| // or PSM_ERROR_DEADLOCK 

77093| //Debug(DEBUG_THREAD, ("Writer: Error! 

| %08x on wait\n", Status)); 
77094| ExitThread = 1 ; 

77095| 

77096| // if any outstanding writes, send them 

| down so we can exit 
77097| //gracefully 
77098| 

77099| SbCompleteWritesOnQueueO; 
77100| 

77101| } 
77102| 
77103| } 

77104| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
771 05| Status=GetExceptionCode(); 

77106| Debug(DEBUG_THREAD, ("Writer: Error! Exception 

| %08x\n",Status)); 
771 07| FailRequest(NULL,Status); 
77108| } 



77109| 

77110| #ifndef SYNC 
77111| ExitThreadJmp: 
77112| #endif 
77113| 

77114| TRACE( TRACETHREADEXIT, 0, 0, 0, 0, ""); 
77115| 

771 16| Debug(DEBUG_TH READ, ("Writer: Waiting for other 

| threads to finish\n")); 
771 1 7| while ( GlobalThreadCount>1 ) { 
771 18| LARGEJNTEGER TimeToWait; 
77119| 

77120| TimeToWait.QuadPart = RELATIVE(SECONDS(1)); 
77121| 

77122| KeDelayExecutionThread( 

| (KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait ); 
77123| } 

771 24| SbCompleteWritesOnQueue() ; 
77125| 

77126| SbDecrementRunningThreads(); 
77127| 

77128| Debug(DEBUG_TH READ, ("Writer: Exiting\n")); 
77129| PsTerminateSystemThread( 0 ); 
77130| } 
77131| 

77132| #ifdef DEBUG 

77133| r 



77134| NTSTATUS 

771 35| PSManloSendWriteCompletionDevice( 
77136| IN PDEVICE_OBJECT 

| DeviceObject, 
77137| INPIRP Irp, 

77138| IN PVOID 

| Context 
77139| ) 
77140| 
77141| /*++ 
77142| 

77143| Routine Description: 
77144| 

77145| This routine will get control from the system at 

| the completion of an IRP. 
77146| It will calculate the difference between the time 

| the IRP was started 
771 47| and the current time, and decrement the queue 

| depth. 
77148| 

77149| IRQL <= DISPATCH_LEVEL Assume running at 
| DISPATCHLEVELM! 



771 50| as it will vary depending on what the higher 

| level driver is doing 
77151| 

77152| Arguments: 
77153| 

77154| DeviceObject - for the IRP. 

77155| Irp - The I/O request that just completed. 

77156| Context - Not used. 

77157| 

77158| Return Value: 
77159| 

77160| The IRP status. 

77161| 

77162| -7 

77163| 

77164| { 

77165| PIO_STACK_LOCATION irpStack 

| loGetCurrentlrpStackLocation(lrp); 
77166| 

77167| NOT_REFERENCED(Context); 
77168| 

771 69 1 TRACE( TRACE SENDINGORIGWRITECOMP, 

77170| 0, 

77171| 

| (long)(irpStack->Parameters.Read.ByteOffset.QuadPart / 
|512), 

77172| irpStack->Parameters. Read. Length / 512, 

771 73| irpStack->Parameters. Read. Key, 

77174| ""); 
77175| 

771 76| Interlocked Decrement ( (PLONG)&OutstandingRequests 

I); 

77177| 

77178| if ( lrp->PendingReturned ) { 
771 79 1 loMarklrpPending(lrp); 
77180| } 
77181| 

771 82 1 return STATUS_SUCCESS; 
77183| 

77184| } // PSManloSendWriteCompletion Device 
77185| 

77186| /* 



77187| NTSTATUS 

77188| PSManSendOrigWrite( 

77189| IN PDEVICE_OBJECT DeviceObject, 

77190| IN PIRP Irp 

77191| ) 

77192| 

77193| /*++ 



77194| 

77195| Routine Description: 
77196| 

771 97| This is the driver entry point for read requests 
77198| to disks to which the PSMan driver has attached. 
77199| This driver collects statistics and then sets a 
| completion 

77200| routine so that it can collect additional 

| information when 
77201 1 the request completes. Then it calls the next 

| driver below 
77202 1 it. 
77203 | 

77204| Arguments: 
77205| 

77206| DeviceObject 
77207| Irp 
77208| 

77209| Return Value: 
77210| 

77211| NTSTATUS 

77212| 

77213| -7 

77214| 

77215| { 

77216| PFILTERED_EXTENSION deviceExtension = 

| GetFilteredExtension(DeviceObject); 
7721 7| // PIO_STACK_LOCATION current I rpStack = 

| loGetCurrentlrpStackLocation(lrp); 
77218| // PIO_STACK_LOCATION nextlrpStack = 

| lo Get Next I rpStackLocatio n ( I rp) ; 
77219| NTSTATUS Status; 
77220| 

77221 1 lnterlockedlncrement( (PLONG)&OutstandingRequests 

I); 

77222 | 

77223| // Copy current stack to next stack. 

77224| loCopyCurrentlrpStackLocationToNext(lrp); 

77225| 

77226| // Set completion routine callback. 

77227| Hint -save -e506 -e774 7 

77228| loSetCompletionRoutine(lrp, 
77229 1 

| PSMan loSendWriteCompletionDevice, 

77230 1 DeviceObject, 

77231| TRUE, 

77232| TRUE, 

77233| TRUE); 

77234| Hint -restore 7 
77235| 



77236| // Return the results of the call to the disk 

| driver. 
77237| 

77238| Status = 

| loCallDriver(deviceExtension->TargetDeviceObject, Irp); 
77239| 

77240| return Status; 
77241 | 

77242| } //end PSManSendOrigWrite() 
77243| #endif 
77244| 
77245| /* 

77246| You can not call loCallDriver at >= D I S P ATC H_L E V E L 

| and completion routines can be 
77247| called back at <=DISPATCH_LEVEL, so we use this 

| thread to complete the writes 
77248| 7 

77249| void SendWriteAfterReadThread( PVOID Context ) 
77250 1 { 

77251 1 NTSTATUS Status={0}; 

77252| ULONG ExitThread=0; 

77253| PLISTENTRY ListEntry=NULL; 

77254| PDEVICE_OBJECT DeviceObject=NULL; 

77255| PIRP lrp=NULL; 

77256 1 t Write Requ est * Write Request= NULL; 

77257| PIO_STACK_LOCATION lrpStack=NULL; 

77258| 

77259| NOT_REFERENCED(Context); 
77260 1 

77261| PAGED_CODE(); 
77262| 

77263| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

77264| VDiskNumberOfThreads++; 

77265| pmReleaseMutex ( &VDiskThreadMutex); 

77266| 

77267| Debug(DEBUG_THREAD,( M WriteAfterRead: Started 
| T=%08x, P=%08x, 

| irql=%d\n M ,KeGetCurrentThread(),loGetCurrentProcess(),Ke 
| GetCurrentlrql())); 
77268| 

77269| // threads normally start with variable priority. 

| This sets it to the 
77270| // lowest of the time critical prioritys 
77271| // Realtime threads have no quantum timeout. They 

| only give up the 
77272| // cpu when they voluntarily go into a wait state, 

| or when preempted by 
77273| // a thread of higher priority 
77274| //KeSetPriorityThread( KeGetCurrentThread(), 

| LOW_REALTIME_PRIORITY ); 



77275| 

77276| __try { 

77277| while ( SExitThread ) { 
77278| 

77279| Status = SbWaitForWriteAfterRead(); 

77280| 

77281 1 if ( Status == STATUS_WAIT_1 ) { 

77282 1 

77283| ListEntry = ExInterlockedRemoveHeadList 

l( 
77284| 

| &WriteAfterReadQueue, // List Head 
77285| 

| &WriteAfterReadSpinLock // Lock 
77286| 

I); 

77287| 

77288| if ( (ListEntry) && 

| (ListEntry!=&WriteAfterReadQueue) ) { 
77289| Hint -save -e41 3 7 

77290| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 
77291| Hint -restore 7 

77292| 

77293| DeviceObject = 

| WriteRequest->DeviceObject; 
77294| Irp = WriteRequest->lrp; 

77295| FREE_POINTER(WriteRequ est) ; 

77296| 

77297| #ifdef DEBUG 
77298| lrpStack = 

| loGetCurrentlrpStackLocation( Irp ); 
77299| // send write down 

77300| TRACE( TRACESENDINGORIGWRITE, 0, 

| (long)(lrpStack->Parameters.Write.ByteOffset.QuadPart / 
| 512) , I rpStack->Parameters. Write. Length / 512, 0, ""); 

77301|#endif 

77302 1 I nterlocked Decrement ( 

| (PLONG)&OutstandingRequests ); 
77303| #ifdef DEBUG 

77304| // so we know when the io completed 

77305| (void)PSManSendOrigWrite( 

| DeviceObject, Irp); 
77306| #else 

77307| (void)PSManPassThru( DeviceObject, 

I Irp); 
77308| #endif 
77309 1 } else { 

77310| 

| Debug(DEBUG_THREAD,( M WriteAfterRead: Error ListEntry is 



I empty\n")); 
77311| } 
77312| }else{ 

77313| // most likely STATUS_WAIT_0 but could 

| be an error condition 
77314| // or PSM_ERROR_DEADLOCK 

77315| //Debug(DEBUG_THREAD,("WriteAfterRead: 

| Error! %08x on wait\n",Status)); 
77316| ExitThread = 1; 

77317| } 
77318| } 
77319| } except ( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
77320| Status=GetExceptionCode(); 
77321 1 Debug(DEBUG_THREAD,("WriteAfterRead: Error! 

| Exception %08x\n M , Status)); 
77322 1 Fai I Request( N U LL, Status) ; 
77323 1 } 
77324| 
77325| 

77326| // if any outstanding writes, send them down so we 

| can exit 
77327| //gracefully 

77328| SbCompleteWritesReadQueueO; 
77329 1 

77330| Debug(DEBUG_THREAD,("WriteAfterRead: Exiting\n")); 
77331| 

77332| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

77333| VDiskNumberOfThreads--; 

77334| pmReleaseMutex ( &VDiskThreadMutex); 

77335| 

77336| PsTerminateSystemThread( 0 ); 

77337| } 

77338| 

77339| 

77340| /* 



77341 | 

77342| NTSTATUS 

77343| PSManWriteCompletionDevice( 
77344| IN PDEVICE_OBJECT 

| DeviceObject, 
77345| IN PIRP Irp, 

77346| IN PVOID Context 

77347| ) 
77348| 
77349| /*++ 
77350 1 

77351| Routine Description: 
77352| 



77353| This routine will get control from the system at 

| the completion of the 
77354| read IRP we sent down instead of the read. It will 

| queue the data to 
77355| writer thread, and send down the original write. 
77356| 

77357| IRQL <= DISPATCH_LEVEL Assume running at 

| DISPATCH_LEVELM! 
77358| as it will vary depending on what the higher 

| level driver is doing 
77359| 

77360| Arguments: 
77361 | 

77362| DeviceObject - for the IRP. 

77363| Irp - The I/O request that just completed. 

77364 1 Context - Not used. 

77365| 

77366| Return Value: 
77367| 

77368| The IRP status. 

77369 | 

77370| -7 

77371 | 

77372| { 

77373 | 

77374| PIO_STACK_LOCATION NewlrpStackLoc = 

| loGetCurrentlrpStackl_ocation( Irp ); 
77375| PIRP Origlrp = (PIRP)Context; 

77376| PFILTERED_EXTENSION DevExt = 

| GetFilteredExtension(DeviceObject); 
77377| PIO_STACK_LOCATION irpStack 

| loGetCurrentlrpStackLocation(Origlrp); 
77378| NTSTATUS Status; 
77379| KIRQL oldlrql; 
77380| tWriteRequest *WriteRequest; 
77381 | 

77382| ASSERT(DevExt->ObjectType==OBJECT_FILTEREDDISK); 
77383| //Debug(DEBUG_THREAD | 

| DEBUG_PROCCALL,( M PSManWriteCompletionDevice Called 

| device = %p irp = %p Origlrp = 

| %p\n", DeviceObject, lrp,Context)); 
77384| 

77385| //Debug(DEBUG_THREAD,("ReadForWrite Done: 

| DeviceObject=%p, lrp=%p, 

| Orig I rp=%p\n M , DeviceObject, I rp,Orig Irp)); 
77386| // arg1 = WriteRequest 

77387| ASSERT(lrp->Associatedlrp.SystemBuffer == NULL); 
77388| WriteRequest = 

| (tWriteRequest*)NewlrpStackLoc->Parameters. Others. Argume 

I nt1; 



77389| 

77390| TRACE( 

77391 1 TRACE_READFORWRITE_COMP, 
77392| 0, 

77393 1 Write Request-> RealSecto r . H ig h Part, 
77394| WriteRequest->RealSector.LowPart, 
77395| WriteRequest->RealCount, 
77396| ""); 
77397| 

77398| #ifdef DEBUG 

77399| if ( DebugPrints ) { 

77400| File_PrintOneLiner("Write Done: 

| ",DeviceObject,Origlrp); 
77401| } 
77402| #endif 
77403| 

77404| if ( lrp->PendingReturned ) { 
77405| //Debug(DEBUG_THREAD | 

| DEBUG_INFO,("ReadForWrite: Marking device=%p, lrp=%p 

| pending\n",DeviceObject,lrp)); 
77406| loMarklrpPending(lrp); 
77407| } 
77408| 

77409| // unlock the pages and free the Mdl, as we no 

| longer need page locked 
77410| //memory... 
7741 1 1 if ( lrp->MdlAddress ) { 
77412| //Debug(DEBUG_TH READ, ("Freeing Mdl 

| %p\n",lrp->MdlAddress)); 
77413| MmUnlockPages(lrp->MdlAddress); 
77414| loFreeMdl(lrp->MdlAddress); 
77415| } 
77416| 

7741 7| // can not access Irp after we have queued it 

77418| Status = lrp->loStatus.Status; 

77419| 

77420| if ( NT_SUCCESS(Status) ) { 
77421| // do statistics 
77422| pmAcquireSpinLock ( 

| &DevExt->StatisticsSpinl_ock, &oldlrql ); 
77423| // update the logical partition 
77424| DevExt->SectorsWritten += 

| WriteRequest->Bytel_ength; 
77425| DevExt->NumberOfWriteRequests++; 
77426| 

77427| // update the physical drive 
77428| //PhyExt->Sectors Written += 

| (irpStack->Parameters.Write. Length / 

| DevExt->BytesPerSector ); 
77429| //PhyExt->NumberOfWriteRequests++; 



77430| pmReleaseSpinLock ( 

| &DevExt->StatisticsSpinl_ock, oldlrql ); 
77431| }else{ 

77432| // hmmm the read failed for some reason, lets 
| fail the write 

77433| // since we could not protect the data at this 

| sector (assuming it has data) 
77434| Origlrp->loStatus.Status = 

| lrp->loStatus. Status; 
77435| Origlrp->loStatus. Information = 

| lrp->loStatus. Information; 
77436| 

77437| Debug(DEBUG_THREAD,("Read for write Failed, 

| lrp=%08x, Status = %08x, 

| Origlrp=%08x\n",lrp,Status,Origlrp)); 
77438| 
77439| #if 0 

77440| File_PrintOnel_iner( M Read Failed: 

| ",DeviceObject,lrp); 
77441 1 File_PrintOnel_iner( M for write 

| M ,DeviceObject,Origlrp); 
77442| File_Printlrp( M Read Failed: 

| ",DeviceObject,lrp); 
77443| File_Printlrp(" for write 

| M ,DeviceObject,Origlrp); 
77444| DbgBreakPoint(); 
77445| #endif 
77446| #ifdef DEBUG 
77447| switch(Status) { 
77448| case STATUS_DEVICE_BUSY : 

77449| case STATUS_DEVICE_OFF_LINE : 

77450| // dont enter the debugger on these 

| errors 
77451 1 break; 

77452| case STATUS_INSUFFICIENT_RESOURCES : 

77453| default: 

77454| DbgBreakPoint(); 

77455| } 

77456| #endif 

77457| Interlocked Decrement ( 

| (PLONG)&OutstandingRequests ); 
77458| 

77459| // complete with DISK increment since we did do 
| IO. 

77460| loCompleteRequest(Origlrp, IO_DISK_INCREMENT); 
77461 1 } 
77462 1 

77463| //Debug(DEBUG_THREAD, ("Writer: Adding %p to 

| queue\n",lrp)); 
77464 1 //add to queue... 



77465| ExInterlockedlnsertTailList ( 

| &ThreadsWorkToDoQueue, 
77466| 

| &lrp->Tail. Overlay. ListEntry, 
77467| 

| &ThreadsWorkToDoSpinLock); 
77468| 

77469| //Debug(DEBUG_THREAD, ("Writer: Semaphore Count = 

| %d\n M ,pmExamineSemaphore(&ThreadSerriaphore))); 
77470| // have a thread work on it. 
77471 1 pmSignalSemaphore( &ThreadSemaphore); 
77472 1 

77473| // Debug(DEBUG_THREAD | 

| DEBUG_PROCCALL,("PSManWriteCompletionDevice Done\n")); 
77474| return STATUS_MORE_PROCESSING_REQUIRED; 
77475| 

77476| } // PSManWriteCompletion Device 

77477| 

77478| 

77479 1 

77480| File Listing: THREAD. h 
77481 | 

77482| STATIC void SblncrementRunningThreads( void ); 

77483| STATIC void SbDecrementRunningThreads( void ); 

77484| STATIC int SbThreadQueueUpdate ( int Up ); 

77485| STATIC int SbThreadQueuelnc (void); 

77486| STATIC int SbThreadQueueDec (void); 

77487| STATIC NTSTATUS SbThreadQueueWait (void); 

77488| STATIC NTSTATUS SbWaitForThreadWork(void); 

77489| STATIC NTSTATUS SbWaitOnEvent ( PKEVENT Event ); 

77490| STATIC NTSTATUS SbThreadlnit ( 

77491 1 ULONG ThreadNum 

77492| ); 

77493| PIRP SbGetWorkltem (void); 

77494| STATIC PIRP SbGetWork( 

77495| PDEVICE_OBJECT 

| *DeviceObject, 
77496| PIO_STACK_LOCATION *Stack, 

77497| PFILTERED_EXTENSION 

| *DeviceExtension, 
77498| ULONG *Sector, 

77499| ULONG *Count, 

77500| PCHAR *Buffer 

77501| ); 
77502| 

77503| STATIC int SbMakeAnotherThread ( void ); 
77504| STATIC NTSTATUS SbWaitForWriteFromNT(void); 
77505| STATIC NTSTATUS SbCompleteNextWriteOnQueue(void); 
77506| NTSTATUS SbCompleteWritesOnQueue(void); 
77507| STATIC NTSTATUS SbWaitForFreeThread(void); 



77508| STATIC NTSTATUS SbAllocatelrpResources ( PCHAR 'Buffer, 
77509| PIRP *lrp, 

77510| PMDL *Mdl, 

7751 1 1 USHORT 
| StackSize, 

77512| ULONG ByteCount 

77513| ); 

77514| STATIC NTSTATUS SbAllocatelrpResourcesOrWait ( PCHAR 
| *Buffer, 

PIRP *lrp, 
PMDL *Mdl, 
USHORT 



77515| 
77516| 
77517| 

| StackSize, 
77518| 

| ByteCount 
77519| 



ULONG 



); 



77520| STATIC NTSTATUS SblnitReadlrp( 
77521| PIRP Newlrp, 

77522| PMDL Mdl, 

77523| PETHREAD Thread, 

77524| PCHAR AuxiliaryBuffer, 

77525| PFILE_OBJECT 

| OriginalFileObject 
77526| ); 

77527| STATIC NTSTATUS SblnitOtherlrpStack ( 



77528| 

| Stack, 
77529| 

| DeviceObject, 
77530| 

| FileObject, 
77531 | 

I Flags, 
77532 1 

I Arg1, 
77533 1 

I Arg2, 
77534| 

I Arg3, 
77535| 

I Arg4 
77536| 



PIO STACK LOCATION 



PDEVICE OBJECT 



PFILE OBJECT 



UCHAR 



PVOID 



PVOID 



PVOID 



PVOID 



); 



77537| STATIC NTSTATUS SblnitReadlrpStack( 

77538| PIO_STACK_LOCATION 
| Stack, 

77539| PDEVICE_OBJECT 

| DeviceObject, 

77540| PFILE_OBJECT 

| FileObject, 

77541 1 UCHAR 



I Flags, 
77542| 

| ByteOffset, 
77543| 

I Length, 
77544| 

| Key 
77545| 
77546| 
77547| 
77548| 
77549| 



); 



ULONG 



PLARGEJNTEGER 



ULONG 



77550| void SaveOriginalDataThread( PVOID Context ); 
77551 1 void WriteDispatchThread ( PVOID Context ); 
77552| void Send WriteAfterReadTh read ( PVOID Context ); 
77553 1 

77554| void CacheThresholdReached(PDEVICE_OBJECT Volume); 
77555| 

77556| NTSTATUS PSManWriteCompletionDevice( 
77557| IN PDEVICE_OBJECT DeviceObject, 
77558| IN PIRP Irp, 
77559| IN PVOID Context 
77560 1 ); 
77561 | 

77562 1 // 



77563| // DeleteOldestSnapShot 
77564| // 

77565| // Returns TRUE if a snapshot was deleted, FALSE 

| otherwise. 
77566| // 

77567| BOOLEAN DeleteOldestSnapShot(PDEVICE_OBJECT Volume, 

| BOOLEAN DeleteAlwaysKeep ); 
77568| 
77569 1 
77570 1 

77571| File Listing: UNLOAD.cpp 
77572| 

77573| #include "precomp.h" 

77574| 

77575| VOID 

77576| PSManUnload( 

77577| IN PDRIVER_OBJECT DriverObject 
77578| ) 
77579| 
77580| { 

77581 1 PSBPSMAN_EXTENSION DevExt= 

| (PSBPSMAN_EXTENSION)GetDeviceExtension(PSManObject); 
77582 1 WCHAR deviceLinkBuffer[1 00]={0}; 
77583| UNICODE_STRING deviceLinkUnicodeString={0}; 



77584| 

77585| Debug(DEBUG_INIT,("Psm: Unloading. .An")); 
77586| 

77587| ExDeleteResourceLite(&DevExt->DeviceResource); 
77588| pmDeRegisterObject(&DevExt->DeviceResource); 
77589| ExDeleteResourceLite(&DevExt->SnapShotResource); 
77590| pmDeRegisterObject(&DevExt->SnapShotResource); 
77591| 

77592| ZwClose(gVDiskRootDirHandle); 
77593| 

77594| // Create a symbolic link, e.g. a name that a Win32 

| app can specify 
77595| // to open the device 
77596| 
77597| 

| swprintf(deviceLinkBuffer,L"%s_%04x",SBPSMAN_WIN32_NAME, 

| PSM_LOW_COMPATIBLE_VERSION); 
77598| RtllnitUnicodeString(&deviceLinkUnicodeString, 

| deviceLinkBuffer); 
77599| loDeleteSymbolicLink (&deviceLinkUnicodeString ); 
77600| 

77601 1 loDeleteDevice(PSManObject); 

77602| Debug(DEBUG_INIT,("Psm: Done Unloading. .An")); 

77603 1 return; 

77604| } 

77605| 

77606| 

77607| 

77608| File Listing: UNLOAD. h 

77609 1 

77610| VOID 

77611| PSManUnload( 

77612| IN PDRIVER_OBJECT DriverObject 

77613| ); 

77614| 

77615| 

77616| 

77617| File Listing: VDISK.cpp 
77618| 

77619| #include "precomp.h" 
77620| #include <initguid.h> 
77621 | 

77622| DEFINE_GUID(MOUNTDEV_MOUNTED_DEVICE_GUID, 0x53f5630d, 

| 0xb6bf, 0x1 1d0, 0x94, 0xf2, 0x00, OxaO, 0xc9, 0x1 e, 

| Oxfb, 0x8b); 
77623 1 

77624 1 // Device Characteristics 
77625| // FILE_REMOVABLE_MEDIA 

77626| // FILE_READ_ONLY_DEVICE 

77627| // FILE_FLOPPY_DISKETTE 



77628| 
77629| 
77630| 
77631| 



// FILE_WRITE_ONCE_MEDIA 
// FILE_REMOTE_DEVICE 
// FILE_DEVICE_IS_MOUNTED 
// FILE_VIRTUAL_VOLUME 



77632| 

77633| #define TDROM_CHARS (FILE_REMOVABLE_MEDIA | 

| FILE_VIRTUAL_VOLUME) 
77634| 

77635| // Device Types 

77636| // FILE_DEVICE_DISK 

77637| // FILE_DEVICE_VIRTUAL_DISK 

77638| 

77639| #define TDROM_TYPE (FILE_DEVICE_DISK) 
77640| 

77641| NTSTATUS VDisk_DismountDirtyVolume( PDEVICE_OBJECT 

| Volume ); 
77642| 

77643| // unique value for each entry 
77644| volatile ULONG VDisklnstance=0; 
77645| 
77646| /* 

77647\ Given a directory name returns back a name with no 
| slashs 

77648| ie: "\Device\Harddisk0\Partition1 " would return 
77649| "_Device_Harddisk0_Partition1 " 
77650 1 7 

77651 1 void NormalizeDeviceName( WCHAR *Name ) 
77652 1 { 

77653| ULONG Len=wcslen(Name); 

77654| ULONG i; 

77655| for(i=0;i<Len;i++) { 

77656| if(Name[i]==L'\V) { 

77657| Name[i] = L'_'; 

77658| } 

77659 1 } 

77660 1 return; 

77661 1 } 

77662 1 

77663 1 I* 

77664| If any other snapshots are using this instance then 

| it is not safe 
77665| 7 

77666| BOOLEAN SafeToUselnstance( tkSnapShotMaster 

| *MasterSnapShot, ULONG Instance ) 
77667| { 

77668| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
77669| BOOLEAN Safe = TRUE; 
77670 1 

77671| while(DevObj) { 



77672| 

| if(PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
77673| PVDISK_EXTENSION 

| DevExt=(PVDISK_EXTENSION)GetDeviceExtension(DevObj); 
77674| 

77675| if( (MasterSnapShot != 

| DevExt->MasterSnapShot) && 



77676| 
77677| 
77678| 
77679| 
77680| 
77681 | 
77682 1 
77683 1 
77684| 
77685| } 
77686| 
77687| /*- 



(DevExt-> Instance == Instance) && 
(DevExt->PartitionActive)) { 
Safe = FALSE; 



DevObj = DevObj->NextDevice; 



} 

return Safe; 



Return an unused device object or create one if 



77688| r 
77689 1 

| none exist 
77690 1 

77691 1 This routine is NOT reentrant. 
77692 1 7 

77693| STATIC NTSTATUS GetADeviceObject ( PDRIVER_OBJECT 
| DriverObject, 

WCHAR *NameToUse, 
PDEVICE_OBJECT 



77694| 
77695| 

| *DeviceObject, 
77696| 

| "MasterSnapShot, 
77697| 

| Assigned Instance 
77698| 
77699 1 { 
77700 1 
77701 | 
77702 1 
77703| 
77704| 
77705| 
77706| 
77707| 



tkSnapShotMaster 



CHAR 



) 



PDEVICE_OBJECT DevObj = DriverObject->DeviceObject; 
PVDISK_EXTENSION DevExt=NULL; 
WCHAR Name[256]={0}; 
UNICODE_STRING NameUnicode={0}; 
NTSTATUS Status=STATUS_UNSUCCESSFUL; 



// search for the lowest number, this is so we 
// do not start our number scheme going 
| downwards 

77708| // this is only for user display and not any 

| functional 
77709 1 // reason 
77710| 



ULONG Lowest=Oxffffffff; 
PDEVICE_OBJECT Lowest DevObj= NULL; 

while(DevObj) { 



7771 1 1 #if 1 
77712| 
77713| 
77714| 
77715| 
77716| 

| if(PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
77717| DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(DevObj); 
77718| 

77719| if( (_wcsicmp(NameToUse,DevExt->Name)==0) 

| && 
77720| 
77721| 
77722| 
77723| 



(!DevExt->PartitionActive) ) { 



if(Assignedlnstance) { 
if 

| (DevExt->lnstance==MasterSnapShot->lnstance) { 
77724| // use the passed in 

| instance number instead of looking for one 
77725| Lowest 

| = DevExt->lnstance; 
77726| 

| LowestDevObj = DevObj; 
77727| // we 

| found it so exit 
77728| break; 
77729| } 
77730| } else 

77731| 

| if(SafeToUselnstance(MasterSnapShot,DevExt->lnstance)) 
|{ 

77732| // dont use temporary 

| snapshots 
77733| 

| if((DevExt->lnstance<MAX_NUMBER_OF_SNAPSHOTS) && 
| (DevExt->lnstance<Lowest)) { 



77734| 

| DevExt->lnstance; 
77735| 

| DevObj; 
77736| 



Lowest = 



LowestDevObj = 



77737| 
77738| 
77739| 
77740| 
77741 | 
77742 1 
77743| 
77744| 
77745| 



} 



} 



DevObj = DevObj->NextDevice; 



if(LowestDevObj) { 
DevExt = 



I (PVDISK_EXTENSION)GetDeviceExtension(LowestDevObj); 
77746| (*DeviceObject) = Lowest DevObj; 
77747| 

77748| Debug(DEBUG_VDISK,("lnit: Reusing Virtual disk 
| Device %p '%S':%d instead of 

| %d\n",LowestDevObj,NameToUse,DevExt->lnstance,MasterSnap 
| Shot->lnstance)); 
77749| 

77750| DevExt->DriveNotReady = TRUE; 

77751 1 DevExt->PartitionActive = TRUE; 

77752 1 DevExt->DeviceShutDown = 0; 

77753| return STATUS_SUCCESS; 

77754| } 

77755| 

77756| #else 

77757| while( DevObj) { 

77758| 

| if(PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
77759 1 DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(DevObj); 
77760 1 

77761 1 if( (_wcsicmp(NameToUse,DevExt->Name)==0) 

| && 

77762 1 (!DevExt->PartitionActive) && 

77763 1 

| (SafeToUselnstance(MasterSnapShot,DevExt->lnstance)) 
77764| ) { 

77765| (*DeviceObject) = DevObj; 

77766| 

77767| Debug(DEBUG_VDISK,("lnit: Reusing 

| Virtual disk Device %p '%S':%d instead of 

| %d\n", DevObj, NameToUse,DevExt->lnstance,MasterSnapShot-> 
| Instance)); 



77768| 

77769| DevExt->DriveNotReady = TRUE; 

77770| DevExt->PartitionActive = TRUE; 

77771 1 return STATUS_SUCCESS; 

77772 1 } 

77773 1 } 
77774| 

77775| DevObj = DevObj->NextDevice; 



77776| } 
77777\ #endif 
77778| 

77779\ II no device was found, so create one. 
77780 1 
77781 | 

| swprintf(Name,L M \\Device\\PsmDevices_%04x\\%s_%d M ,PSM_LO 

| W_COMPATIBLE_VERSION,NameToUse,MasterSnapShot->lnstance 

I); 



77782| 

77783| RtllnitUnicodeString( &NameUnicode, Name); 

77784| 

77785| { 

77786| #ifdef DEBUG_EXTENSION 

77787| ULONG SizeOfDeviceExt = 

| sizeof(DEVICE_EXTENSION); 
77788| #else 

77789| ULONG SizeOfDeviceExt = 

| sizeof(VDISK_EXTENSION); 
77790| #endif 

77791 1 Status = loCreateDevice( 

77792 1 DriverObject, 
77793 1 S izeOf Device Ext, 

77794| &NameUnicode, 
77795| TDROM_TYPE, 
77796| TDROMCHARS, 
77797| FALSE, 
77798| &DevObj); 
77799 1 } 
77800 1 

77801 1 // enter the debugger 

77802| ASSERT(NT_SUCCESS( Status )); 

77803 1 

77804| if ( NT_SUCCESS( Status ) ) { 
77805 1 (*DeviceObject) = DevObj; 
77806| 

77807| Debug(DEBUG_VDISK,("lnit: Virtual disk Device 
| %p '%S':%d created for driver 

| %p\n M , DevObj, NameToUse,MasterSnapShot->lnstance,DriverOb 
I ject)); 

77808| //statisfy lint... 
77809| if(DevObj) { 
77810| #ifdef DEBUG_EXTENSION 
7781 1 | 

| ((PDEVICE_EXTENSION)(DevObj->DeviceExtension))->ObjectTy 
| pe = OBJECT_VIRTUALDISK; 
77812| 

| ((PDEVICE_EXTENSION)(DevObj->DeviceExtension))->RealDevi 
| ceExtension = 

| MemAllocatePoolWithTag(NonPagedPool,sizeof(VDISK_EXTENSI 
| ON),DEVEXTTAG); 
77813| 

| RtlZeroMemory(((PDEVICE_EXTENSION)(DevObj->DeviceExtensi 
| on))->RealDeviceExtension,sizeof(VDISK_EXTENSION)); 

77814| #endif 

77815| 

7781 6| DevExt = (PVDISK_EXTENSION) 

| GetDeviceExtension(DevObj); 
77817| DevExt->ObjectType 



I OBJECT_VIRTUALDISK; 
77818| DevExt->PartitionActive = TRUE; 

77819| DevExt->DriveNotReady = TRUE; 

77820| DevExt->lnstance 

| MasterSnapShot->lnstance; 
77821 1 DevExt->DeviceShutDown = 0; 

77822| wcscpy(DevExt->Name,NameToUse); 
77823 1 } 
77824| 

77825| } else { 

77826| Debug(DEBUG_VDISK,("lnit: Error creating %p 

| '%S' :%d\n", DevObj, NameToUse, MasterSnapShot->l nstance)) ; 
77827| } 
77828| 

77829 1 return Status; 

77830 1 } 

77831| 

77832| #include <initguid.h> 

77833| DEFINE_GUID(PSM_VDISK_GUID, 0x6b23c937, 0x1 06e, 0x4f94, 

| 0x96, 0x7d, 0xe6, 0x5b, 0x7e, 0x5f, Oxad, 0x9); 
77834| 
77835| 

77836| /* 



77837| /* 

77838| This function is not reentrant 
77839 1 7 

77840| NTSTATUS TdAddDrive ( PRTL_BITMAP *CachingBitMap, 
| PDEVICE_OBJECT DeviceToPSM, tkSnapShotMaster 
| *MasterSnapShot, PDEVICE_OBJECT *VirtualDeviceObject, 
| CHAR Assignedlnstance ) 

77841 1 { 

77842| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

77843| PDEVICE_OBJECT DeviceObject=NULL; 

77844| PVDISK_EXTENSION DevExt=NULL; 

77845| LARGEJNTEGER BO; 

77846| PFILTERED EXTENSION PartExt=NULL; 

77847| WCHAR *Name=(WCHAR*)MemAllocateString(256); 

77848| 

77849 1 

| ASSERT(PsmGetObjectType(DeviceToPSM)==OBJECT_FILTEREDDIS 
IK); 
77850 1 

77851| if(!Name){ 

77852| return STATUS_INSUFFICIENT_RESOURCES; 

77853| } 

77854| 

77855| #ifdef DEBUG 

77856| if(!lsSnapShotAcquiredForWrite()) { 

77857| Debug(DEBUG_DCPSM, ("TdAddDrive: Snapshot 



I resource not acquired!\n")); 
77858| DbgBreakPoint(); 
77859| } 
77860| #endif 
77861 | 

77862| // get physical device extension so we can get the 

| device params 
77863| PartExt = 

| (PFILTERED EXTENSION)GetDeviceExtension(DeviceToPSM); 
77864| 

77865| ASSERT(PartExt->ObjectType==OBJECT_FILTEREDDISK); 
77866| 

77867| wcscpy(Name,PartExt->Name); 
77868| NormalizeDeviceName(Name); 
77869 1 

77870| // get a device, reusing an object if available. 

77871 1 Status = GetADeviceObject( PSManDriverObject, Name, 

| &DeviceObject,MasterSnapShot, Assignedlnstance ); 
77872 1 

77873| if(!NT_SUCCESS(Status)) { 

77874| Debug(DEBUG_VDISK,("VDisk: Devcon: Error %08x 

| getting device object\n", Status)); 
77875| } 

77876| // satisfy lint 
77877| if(DeviceObject) { 
77878| 
77879 1 

77880| // Initialize device object and extension. 
77881 | 

77882| DeviceObject->Flags |= DO_DIRECT_IO; 
77883| DeviceObject->AlignmentRequirement = 

| DeviceToPSM->AlignmentRequirement; 
77884| 

77885| DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(DeviceObject); 
77886| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
77887| 

77888| // Make this disk a Unique Number... This is 

| to cause the file system to 
77889| // discard any cached data for the old volume 

| (due to a forced dismount) 
77890| // this however will cause all volumes to go 

| through the full mount stage 
77891 1 // even if the volume was not forced shutdown 
77892 1 

77893| Hint -save -e740 7 
77894| KeQueryTickCount( &BO ); 
77895| Hint -restore 7 

77896| DevExt->SerialNumber = BO.LowPart; 
77897| 



77898| DevExt->DriverObject = PSManDriverObject; 

77899| DevExt->DeviceObject = DeviceObject; 
77900| 

77901 1 DevExt->PSMDevice = DeviceToPSM; 

77902| DevExt->lsPhysical = PartExt->lsPhysical; 
77903 | 

77904| DevExt->Cylinders = PartExt->Cylinders; 

77905| DevExt->Heads 

| PartExt->TracksPerCylinder; 

77906| DevExt->SPT = PartExt->SectorsPerTrack; 

77907| DevExt->BPS = PartExt->BytesPerSector; 

77908| DevExt->MountDisabled = FALSE; 
77909 | 

77910| // set to TRUE if this volume can be write 
| protected. 

7791 1 1 DevExt->OriginalWriteProtected = FALSE; 
77912| 

77913| DevExt->LockCount = 

77914| DevExt->DiskChangeCount = 

77915| DevExt->DiskChangeCount = 

7791 6| DevExt->LockCount = 

7791 7| DevExt->NumberOfReadRequests = 

7791 8| DevExt->SectorsRead = 

77919| DevExt->NumberOfWriteRequests = 

77920| DevExt->SectorsWritten = 

77921 1 DevExt->CacheWrites = 0; 

77922 | 

77923| // record what instance this device is in case 
| it changed 

77924| MasterSnapShot->lnstance = DevExt->lnstance; 
77925| 

77926| DevExt->MasterSnapShot = MasterSnapShot; 

77927| DevExt->SnapShot = 

| FindSnapShotEntryForDevice(MasterSnapShot, DeviceToPSM); 
77928| 

77929| UseSnapShot(DevExt->SnapShot); 
77930 1 

77931 1 // compute length of drive in bytes. 

77932| DevExt->Pi = PartExt->Pi; 
77933 | 

77934| DevExt->PartitionActive = TRUE; 

77935| DevExt->DriveNotReady = FALSE; 
77936| 

77937| // Clear the device's init flag as per NT DDK 

| KB article on creating device 

77938| // objects from a dispatch routine 

77939| // From this point on, we will get Irp's 

77940| DeviceObject->Flags &= ~DO_DEVICE_INITIALIZING; 
77941 | 

77942| *VirtualDeviceObject = DeviceObject; 



77943| 

77944| Debug(DEBUG_VDISK,("VDisk: Devcon: Using %p 
| f%S\%d) in master %08x 

| %08x\n M ,DeviceObject,DevExt->Name,DevExt->lnstance,Maste 
| rSnapShot,DevExt->SnapShot)); 



77945| 

77946| UNICODE_STRING SymLink; 

77947| UNICODE_STRING Target; 

77948| WCHAR*Buffer=(WCHAR*)MemAllocateString(256); 

77949| WCHAR*Buffer2=(WCHAR*)MemAllocateString(256); 

77950| UUID Guid; 
77951 | 

77952 1 if (Buffer && Buffer2) { 
77953 1 



| wcscpy(Buffer,L M \\??\\Volume{00000000-0000-0000-0000-000 
| 000000000}"); 
77954| 

77955 1 // get a guid 

77956| // while(ExUuidCreate(&Guid)!=0); 

77957| Guid = PSM_VDISK_GUID; 

77958| Guid.Datal = PartExt->Volumeld; 

77959| if(Guid.Data1!=0) { 

77960| Guid.Data2 = (USHORT)DevExt->lnstance; 

77961 | 

77962| RtlStringFromGUID(Guid,&Target); 
77963 | 

| RtlCopy Memory (Buff er+1 0, Target. Buffer,Target. Length); 
77964| 

77965| RtlFreeUnicodeString(&Target); 
77966| 

77967| RtllnitUnicodeString(&SymLink, Buffer); 

77968| 

77969 1 // save in devext 

77970| wcscpy(DevExt->VolumeGuid, Buffer); 

77971 | 

77972 | 

| swprintf(Buffer2,L"\\Device\\PsmDevices_%04x\\%s_%d",PSM 

| _LOW_COMPATIBLE_VERSION,DevExt->Name,DevExt->lnstance); 

77973| RtllnitUnicodeString(&Target,Buffer2 ); 

77974 1 

77975| Status = loCreateSymbolicLink 

| (&Syml_ink,&Target); 
77976| if(NT_SUCCESS(Status)) { 

77977| Debug(DEBUG_VDISK,("Success 

| creating link '%S' to 

| '%S'\n", Sym Link. Buffer, Target. Buffer)) ; 
77978| 

77979| ReleaseSnapShotForWrite(); 
77980 1 __try { 

77981 1 Enable WritesToNewFiles() ; 



77982| if(gVDiskDoVirtuallO) { 

77983| __try { 

77984| // make sure the volume 

| is mounted 

77985| SbTouchVolume(Buffer2); 
77986| 

77987| // lets delete the 

| snapshot directory off of the virtual drive 
77988| // so nesting will not 

| occur when other snapshots exist 
77989| 

77990| wcscpy(Buffer,Buffer2); 
77991 1 wcscat(Buffer,L M \V); 
77992 1 

| wcscat(Buffer,gSnapShotDirName); 
77993 | 

| Debug(DEBUG_DEVSUP,( M Deleting directory 
| '%S'\n M , Buffer)); 
77994| 

| SbSnapShotCleanup(Buffer); 

77995| } ^finally { 

77996| 

| if(AbnormalTermination()) { 
77997| 

| DisableWritesToNewFiles(); 
77998| } 
77999 1 } 
78000 1 } 
78001| 

78002| #if 0 

78003| // Incase the junction point 

| has changed since the last 
78004| // time we mounted this volume. 

| This can happen on cluster 
78005| // server when the volume fails 

| over from one system to another 
78006| // if the user has already set 

| the name 
78007| 

| if(MasterSnapShot->UserSnapShotName[0]!=0) { 
78008| // make junction point 

78009| swprintf ( 

| Buffer,L M %s\\%s M ,PartExt->Name,MasterSnapShot->UserSnapS 

| hotName ); 
78010| swprintf ( Buffer2, 

| L M %s\\",DevExt->VolumeGuid ); 
78011| 
78012| 

| Debug(DEBUG_VDISK,( M Creating junction '%S' to 
| '%S'\n'\ Buffer, Buff er2)); 



78013| CreateJunction 

| (Buffer,Buffer2,MasterSnapShot->SnapShotTime); 
78014| }else{ 

78015| Debug(DEBUG_VDISK,("Cant 

| create junction as we dont know name yet\n")); 
78016| } 
78017| #endif 
78018| 

| if(PersistentDictionary::DoFreeSpaceChecks()) { 
78019| _try{ 
78020| GetSnapShotForRead() 
78021 1 _try { 

78022| pDictionary Diet; 

78023 1 

| PersistentDictionary::GetDictionaryForVolume(DeviceToPSM 
I .Diet); 
78024| 

78025| if 

| (((pPersistentDictionary)Dict)->ProcessCachingMap( 

| CachingBitMap, Buffer2, PartExt->Name)!=STATUS_SUCCESS) 

I { 

78026| // FIXFIXFIX 

| what to do???? - this could messup snapshots 
78027| // - maybe 

| switch off free_space ???? 
78028| 

| Debug(DEBUG_VDISK,("Error adjusting volume bitmap\n")); 
78029 1 } 

78030| } ^finally { 

78031 | 

| ReleaseSnapShotForRead(); 
78032 1 } 

78033| } finally { 

78034| 

| if(AbnormalTermination()) { 
78035| 

| DisableWritesToNewFiles(); 
78036| } 
78037| } 
78038| } // DoFreeSpaceChecks 

78039| DisableWritesToNewFiles(); 

78040| } ^finally { 

78041 1 GetSnapShotForWrite(); 
78042 1 } 
78043 1 } else { 

78044| Debug(DEBUG_VDISK,("Error %08x 

| creating link '%S' to 

| '%S'\n", Status,Sym Link. Buffer, Target. Buffer)) ; 
78045| } 
78046| }else{//guid!=0 



78047| Debug(DEBUG_VDISK,("Guid is 0\n")); 

78048| } 
78049| 
78050| #if 0 

78051 1 UNICODE_STRING SymLink={0}; 

78052| // register the volume with the mount 

| manager 
78053 1 Status = 

| loRegisterDevicelnterface(DeviceObject,&MOUNTDEV_MOUNTED 

| _DEVICE_GUID,NULL,&Syml_ink); 
78054| if(NT_SUCCESS(Status)) { 

78055| Debug(DEBUG_VDISK,("Vdisk: 

| Registered successful, 

| symlink='%S'\n",SymLink.Buffer)); 
78056| RtlFreeUnicodeString(&SymLink); 
78057| } else { 

78058| Debug(DEBUG_VDISK,("Vdisk: register 

| failed with %08x\n M ,Status)); 
78059 1 } 
78060 1 #endif 

78061 1 MemFreeString(Buffer); 
78062| MemFreeString(Buffer2); 
78063| Status = STATUS_SUCCESS; 

78064| } else { 

78065| Status = STATUS_INSUFFICIENT_RESOURCES; 

78066| Debug(DEBUG_VDISK,("Vdisk: Out of memory 

| for volume names\n")); 
78067| } 
78068| } 
78069| 

78070 1 Mem FreeString(Name) ; 
78071| return Status; 
78072| } 
78073| 

78074| NTSTATUS TdDelVirtual Drive ( PDEVICE_OBJECT 

| VirtualDrive ) 
78075| { 

78076| __try { 

78077| PVDISK_EXTENSION DevExt = (PVDISK_EXTENSION) 

| GetDeviceExtension(VirtualDrive); 
78078| 

78079| Debug(DEBUG_VDISK,("VDisk: Devcon: Cleaning up 
| %p C%S',%d) Reference=%d, Master= %08x 
| %08x\n",VirtualDrive,DevExt->Name,DevExt->lnstance,Virtu 
| alDrive->ReferenceCount,DevExt->MasterSnapShot,DevExt->S 
| napShot)); 

78080| Debug(DEBUG_VDISK,("VDisk: Devcon: 
| ChangeCount=%d, 

| LockCount=%d\n",DevExt->DiskChangeCount,DevExt->LockCoun 
It)); 



78081 1 

78082 1 if ((DevExt->DeviceObject->Vpb) && ( 

| DevExt->DeviceObject->Vpb->Flags & VPB_MOUNTED )) { 

78083| Debug(DEBUG_VDISK,("VDisk: Devcon: Volume 

| %08x is mounted\n M ,VirtualDrive)); 

78084| DevExt->DeviceObject->Flags |= 

| DO_VERIFY_VOLUME; 

78085| } 

78086| 

78087| DevExt->PartitionActive = FALSE; 
78088| DevExt->DriveNotReady = TRUE; 
78089| DevExt->PSMDevice = NULL; 
78090| DevExt->MountDisabled = TRUE; 
78091| 

78092| UNICODE_STRING Uni; 
78093| 

78094| RtllnitUnicodeString(&Uni, DevExt->VolumeGuid); 
78095| loDeleteSymbolicLink(&Uni); 
78096| //NTFS_EndFiltering(VirtualDrive); 
78097| 

78098| // this SHOULD delete the actual snapshot from 

| memory, as no 
78099| // more instances should be using it (ie we are 

| first to use, and last to free) 
781 00| if(DevExt->SnapShot) { 
781 01 1 DoneWithSnapShot(DevExt->SnapShot); 
781 02 1 DevExt->SnapShot = NULL; 

78103| } 

781 04| DevExt->MasterSnapShot=NULL; 
78105| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
781 06| Debug(DEBUG_DCPSM,("FreePsmVolume: Exception 

| %08x",GetExceptionCode())); 
78107| } 
78108| 

781 09 1 return STATUS_SUCCESS; 

78110| } 

781 1 1 | 

78112| 

78113| r 

781 14| This is called by snapback to dismount a volume. 
781 15| We really can not delete the devices, as NT does not 
| like it, so 

781 1 6| we will just mark them as not active, and delete the 

| drive letter 
781 1 7| associated with them. 
78118| 7 

78119| /* 



78120| NTSTATUS TdDelDrive ( PDEVICE_OBJECT DeviceToNotPSM, 



I tkSnapShotMaster *MasterSnapShot ) 
78121| { 

78122| NTSTATUS Status=STATUS_UNSUCCESSFUL; 
78123| 

78124| __try{ 

78125| PDEVICE_OBJECT DevObj = 

| PSManDriverObject->DeviceObject; 
781 26| PFILTERED_EXTENSION 

| FiltExt=(PFILTERED_EXTENSION) 

| GetDeviceExtension(DeviceToNotPSM); 
78127| 
78128| 

| ASSERT(FiltExt->ObjectType==OBJECT_FILTEREDDISK); 
78129| ASSERT(MasterSnapShot!=NULL); 
78130| 

78131| #ifdef DEBUG 

78132| if(!lsSnapShotAcquiredForWrite()) { 

78133| Debug(DEBUG_DCPSM,("TdDelDrive: Snapshot 

| resource not acquired!\n")); 
78134| DbgBreakPoint(); 
78135| } 
78136| #endif 
78137| 

78138| //dontfree resources while in use.... 

78139| Debug(DEBUG_VDISK,("VDisk: Devcon: Acquiring 
| VDisk resource to free master snapshot %08x for device 
| %08x\n",MasterSnapShot,DeviceToNotPSM)); 

78140| AcquireVDiskResource(); 

78141| 

78142| __try{ 

78143| while(DevObj!=NULL) { 

78144| PDEVICE_OBJECT Next = 

| DevObj->NextDevice; 
78145| 
78146| 

| if(PsmGetObjectType(DevObj)==OBJECT_VIRTUALDISK) { 
78147| PVDISK_EXTENSION DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(DevObj); 
78148| 

781 49 1 ASS E RT( DevObj == 

| DevExt->DeviceObject); 
78150| 

781 51 1 if ((DevExt->PartitionActive) && 

78152| 

| (DevExt->PSMDevice==DeviceToNotPSM) && 
781 53 1 (MasterSnapShot == 

| DevExt->MasterSnapShot)) { 
78154| Status = 

| TdDelVirtualDrive(DevObj); 
78155| break; 



78156| } 
78157| } 
78158| 

78159| DevObj = Next; 

78160| } 

78161| } ^finally { 

78162| Release VDiskResource(); 

78163| } 

78164| 

781 65 1 } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
781 66| Status = GetExceptionCode(); 
78167| Debug(DEBUG_DCPSM,("TdDelDrive: Exception 

| %08x",Status)); 
78168| } 

78169| return Status; 

78170| } 

78171| 

78172| ULONG FindEntryForDO( pOpenTransactionlnlnternal In, 

| PDEVICE_OBJECT DeviceObject) 
78173| { 

78174| PFILTERED_EXTENSION 

| DevExt=(PFILTERED_EXTENSION)GetDeviceExtension(DeviceObj 

I ect); 
78175| ULONG i; 
78176| 

78177| for(i=0;i<ln->NumberOfDevices;i++) { 
78178| if(_wcsicmp((WCHAR 

| *)DN_MakePointer(ln,ln->DeviceName[i]),DevExt->Name)==0) 

I { 

78179| return i; 

78180| } 
78181| } 

78182| return (ULONG)-1 ; 

78183| } 

78184| 

78185| /* 



78186| NTSTATUS VDiskMaplnDrives(tkSnapShotMaster 
| *MasterSnapShot, pOpenTransactionlnlnternal In, ULONG 
| OTOSize, pOpenTransactionOutlnternal Out) 

78187| { 

781 88| NTSTATUS Status = STATUS_SUCCESS; 
78189| PDEVICE_OBJECT VirtualObject = 0; 
78190| CHAR Assignedlnstance = 0; 
78191| 

78192| MasterSnapShot->lnstance = VDisklnstance; 
78193| 

781 94| Out->NumberOf Devices = ln->NumberOfDevices; 
781 95| WCHAR "Buffer = 



I (WCHAR*)((char*)Out->DeviceName)+Out->NumberOfDevices*si 

| zeof(ULONG); 
78196| OTOSize -= ((char*)Buffer-(char*)Out); 
78197| 

781 98| // sample of vdisk device name: 
78199| // 

| \Device\PsmDevices_01 1 0\_Device_HarddiskDmVolumes_W2kser 
| verl DgO_Volume1_0 
78200 | 

78201 1 Debug(DEBUG_VDISK,("VDisk: Mapping in drives for 

| snapshot %08x\n",MasterSnapShot)); 
78202| PersistentDictionary::BeginUpdate(); 
78203 1 __try { 

78204| GetSnapShotForWrite(); 
78205| __try { 
78206| if(MasterSnapShot) { 

78207| pkSnapShotEntry 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
78208| while(p) { 

78209 | 

| if(PsmGetObjectType(p->DeviceObject)==OBJECT_FILTEREDDIS 
|K){ 

78210| PFILTERED_EXTENSION DevExt = 

| (PFILTERED_EXTENSION)GetDeviceExtension(p->DeviceObject) 

I ; 

7821 1 1 PRTL_BITMAP CachingBitMap = 

| ((pPersistentDictionary)p->Dictionary)->GetVolumeCaching 
|Map(1); 

78212| 

7821 3| // we are depending on 

| SetVolume/SetVolumelnternal having already deactivated 
| the 

78214| // Shared->Map by NULLing it 

| after saving it in Shared->MaplnTransForm. 
78215| ASSERT( 

| !((pPersistentDictionary)p->Dictionary)->GetVolumeCachin 

I gMap(0) ); 
78216| 
78217| 

| ASSERT(lsValidHandle(DevExt->Cache.HeaderFile.FileHandle 

I)); 

78218| 

| ASSERT(lsValidHandle(DevExt->Cache.lndexFile.FileHandle) 

I); 

78219| 

| ASSERT(lsValidHandle(DevExt->Cache.CacheFile.FileHandle) 

I); 

78220| 

78221 1 Debug(DEBUG_VDISK,("VDisk: 
| Mapping in drive %p (%S) for snapshot %08x 



I %08x\n",p->DeviceObject,DevExt->Name,MasterSnapShot,p)); 
78222| Status = TdAddDrive( 

| &CachingBitMap, 

| p->DeviceObject,MasterSnapShot,&VirtualObject,Assignedln 
| stance); 

78223| Assignedlnstance = 1 ; 

78224| if(NT_SUCCESS(Status)) { 

78225| PVDISK_EXTENSION VdiskExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(VirtualObject); 
78226| ULONG i; 

78227| ULONG Len; 

78228| 

78229| // Adding the drive has 

| brought what we know is ( - since we're here!) the 

78230| // live caching bitmap up 

| to date. So we can return it into service. 

78231 | 

78232 1 //so -move 

| Shared->MaplnTransform back into Shared->Map 
78233 | 

| ((pPersistentDictionary)p->Dictionary)->SetVolumeCaching 

| Map( 0, CachingBitMap ); 
78234| // ...and clear 

| MaplnTransform. 
78235| 

| ((pPersistentDictionary)p->Dictionary)->SetVolumeCaching 
| Map( 1, NULL); 
78236| 

78237| // now that we now the 

| instance, tell the dictionary 
78238| // we it can re map to us 

| during bootup 
78239 1 

| ((pPersistentDictionary)VdiskExt->SnapShot->Dictionary)- 

| >SetSnapShotlnfo(MasterSnapShot); 
78240 1 
78241 | 

| Debug(DEBUG_DICT,("Dictionary %08x is snapshot %08x 
| instance %d for %08x\n", 
78242 1 

| VdiskExt->SnapShot->Dictionary,VdiskExt->DeviceObject,Ma 
| sterSnapShot->lnstance,VdiskExt->PSMDevice)); 
78243 1 

78244| i = 

| FindEntryForDO(ln,p->DeviceObject); 
78245| if(i!=-1) { 

78246| Len = 

| (wcslen(VdiskExt->Name)+0x1 b)*sizeof (WCHAR)+sizeof(WCHAR 

I); 

78247| if(Len>OTOSize) { 



78248| Status = 

| STATUS_INVALID_BUFFER_SIZE; 
78249| 

| Debug(DEBUG_VDISK, ("Buffer too small for 

| , %S , \n",VdiskExt->Name)); 
78250| goto 

| ErrorDu ring Add; 
78251 1 } 
78252| Out->DeviceName[i] = 

| DN_MakeOffset(Out, Buffer); 
78253 1 

78254 1 //Don says: Changed 

| this so that temporary snapshots would get GUID-style 
| device names. 

78255| // See commented out 

| code immediately below. 

78256| 

| swprintf(Buffer,L"%s",VdiskExt->VolumeGuid); 
78257| 

78258| /* 

78259| //Don says: This seems 

| to be messing up temporary snapshots! 
78260| //OTM fossil 

78261 1 // 

| 12345678 9abcdef-1 2345678 9a 
78262 1 

| if(ln->lnternalFlags & PSM_IFLAG_PERSISTENT) { 
78263 1 

| swprintf(Buffer,L"%s",VdiskExt->VolumeGuid); 
78264| 

| } else { 
78265| 

| swprintf (Buffer, U'WDeviceWPsm Devices_%04x\\%s_%d", PSM_ 
| LOW_COMPATIBLE_VERSION,VdiskExt->Name,MasterSnapShot- 
| stance); 
78266| 
I) 

78267| 7 
78268| 

78269 1 //get real length. 

| which should be less than calculated above. 
78270 1 Len = 

| wcslen(Buffer)*sizeof(WCHAR)+sizeof(WCHAR); 
78271 1 Buffer = (WCHAR *) 

| (((char*)Buffer) + Len); 
78272| OTOSize-=Len; 
78273 1 } else { 

78274| 

| Debug(DEBUG_VDISK,("Unable to find entry for 
| VoS'\n",DevExt->Name)); 



78275| } 
78276| } else { 

78277| Debug(DEBUG_VDISK,("VDisk: 

| failed to map in drive %p, unmapping 

| all.\n",p->DeviceObject)); 
78278| ErrorDuringAdd: 

78279| ReleaseSnapShotForWriteQ; 
78280| 

|VDiskUnMaplnD rives ( M aste rS n apS hot ) ; 
78281 1 GetSnapShotForWrite(); 
78282 1 // free snapshot, as break 

| will exit the while loop 
78283| DoneWithSnapShot(p); 
78284| break; 
78285| } 
78286| } 
78287| 

| p=GetNextSnapShotForMaster(&MasterSnapShot->SnapShots,p) 

I; 

78288| } 
78289| } else { 

78290| Debug(DEBUG_VDISK,("Map: No Master 

| Snapshot workon\n")); 
78291| #ifdef DEBUG 
78292 1 Dbg BreakPoi nt() ; 

78293| #endif 
78294| } 

78295| } ^finally { 

78296| ReleaseSnapShotForWrite(); 
78297| } 
78298| } ^finally { 

78299| PersistentDictionary::EndUpdate(); 
78300| } 
78301 | 

78302| if(MasterSnapShot->lnstance == VDisklnstance) { 
78303| VDisklnstance++; 
78304| } 
78305| 

78306 1 return Status; 

78307| } 

78308| 

78309| /* 



78310| NTSTATUS VDiskUnMaplnDrives(tkSnapShotMaster 

| *MasterSnapShot) 
78311| { 

78312| pkSnapShotEntry p; 
78313| 

78314| if(!MasterSnapShot) 

78315| return STATUS_I N VALI D_PARAM ETER; 



78316| 

78317| //DbgBreakPoint(); 
78318| 

78319| GetSnapShotForWrite(); 
78320| _try { 

78321 1 if(MasterSnapShot) { 
78322 1 

| p=GetTopSnapShotForMaster(&MasterSnapShot->SnapShots); 
78323| while(p) { 

78324| 

| if(PsmGetObjectType(p->DeviceObject)==OBJECT_FILTEREDDIS 
I K){ 

78325| PFILTERED_EXTENSION DevExt = 

| (PFILTERED_EXTENSION)GetDeviceExtension(p->DeviceObject) 

I ; 

78326| Debug(DEBUG_VDISK,("VDisk: 
| UnMapping in drive %p (%S) for snapshot %08x 
| %08x\n",p->DeviceObject,DevExt->Name,MasterSnapShot,p)); 

78327| 

| TdDelDrive(p->DeviceObject,MasterSnapShot); 
78328| } 
78329 1 

| p=GetNextSnapShotForMaster(&MasterSnapShot->SnapShots,p) 

I ; 

78330 1 } 
78331 1 } else { 

78332| Debug(DEBUG_VDISK,("UnMap: No Snapshot 

| master to work on\n")); 
78333| #ifdef DEBUG 
78334| DbgBreakPoint(); 
78335| #endif 
78336| } 

78337| } ^finally { 

78338| ReleaseSnapShotForWrite(); 
78339 1 } 

78340| return STATUS_SIICCESS; 
78341 1 } 
78342 1 

78343| NTSTATUS VDiskUnMaplnAIIDrives() 
78344| { 

78345| PDEVICE_OBJECT DevObj = 
| PSManDriverObject->DeviceObject; 
78346| pkSnapShotEntry p; 
78347| 

78348| while(DevObj) { 
78349 1 

| if(PsmGetObjectType(DevObj)==OBJECT_FILTEREDDISK) { 
78350| PFILTERED_EXTENSION DevExt = 

| (PFILTERED_EXTENSION)GetDeviceExtension(DevObj); 
78351 | 



78352| GetSnapShotForWrite(); 

78353| __try { 

78354| p=GetTopSnapShot(&DevExt->SnapShots); 

78355| while(p) { 

78356| 



| ASSERT(DevObj==DevExt->DeviceObject); 
78357| 
78358| 

| if(TdDelDrive(DevObj,p->MasterSnapShot)==STATUS_SUCCESS) 
I { 

78359| // start back at top since a 

| device was deleted 
78360| DoneWithSnapShot(p); 
78361 | 

| p=GetTopSnapShot(&DevExt->SnapShots); 
78362 1 } else { 

78363 1 // This is wierd. We have a 

| snapshot from a device. 
78364| // however when we went to look 

| up the snapshot from the devices 
78365| // it failed (TdDelDrive only 

| returns if it deleted it or not, and 
78366| // the only way it can not have 

| deleted it is that it didnt find it) 
78367| // instead of hanging, lets 

| just skip over it. 
78368| 

| Debug(DEBUG_DCPSM,("VDiskUnMaplnAIIDrives: Invalid 

| snapshot %08x in %08x\n M ,p,DevObj)); 
78369| #ifdef DEBUG 
78370| DbgBreakPoint(); 
78371 1 #endif 
78372 1 

| p=GetNextSnapShot(&DevExt->SnapShots,p); 
78373 1 } 
78374| } 

78375| lnitializeListHead(&DevExt->SnapShots); 

78376| } finally { 

78377| ReleaseSnapShotForWrite(); 
78378| } 
78379 1 } 
78380 1 

78381 1 DevObj = DevObj->NextDevice; 
78382 1 } 
78383 1 

78384| return STATUS_SUCCESS; 

78385| } 

78386| 

78387| 

78388| 



78389| File Listing: VDISK.h 
78390| 

78391 1 const ULONG PSM_VDISK_FLAG_READ_MASK 
| = OxOOff; 

78392| const ULONG PSM_VDISK_FLAG_WRITE_MASK 

| = OxffOO; 
78393 | 

78394| const ULONG PSM_VDISK_FLAG_FILL_MASK 
| = 0x0003; 

78395| const ULONG PSM_VDISK_FLAG_BUFFER_NO_FILL 
| = 0x0001 ; 

78396| const ULONG PSM_VDISK_FLAG_BUFFER_FILL_WITH_ZEROES 
| = 0x0002; 

78397| const ULONG PSM_VDISK_FLAG_BUFFER_FILL_COMPRESS 

| = 0x0003; 
78398| 

78399| const ULONG PSM_VDISK_FLAG_TACITLY_SUCCEED_WRITES 
|= 0x0100; 

78400| const ULONG PSM_VDISK_FLAG_ALLOW_OPEN_FOR_WRITE 
| = 0x0200; 

78401 1 const ULONG PSM_VDISK_FLAG_ALLOW_PSM_FILE_OPEN 
| = 0x0400; 

78402| const ULONG PSM_VDISK_FLAG_CACHE_FULL_DELETE_SS 

| = 0x0800; 
78403 1 
78404| 

78405| NTSTATUS VDiskMaplnDrives(tkSnapShotMaster 
| *MasterSnapShot, pOpenTransactionlnlnternal In, ULONG 
| OTOSize, pOpenTransactionOutlnternal Out); 

78406| NTSTATUS VDiskUnMaplnDrives(tkSnapShotMaster 
| *MasterSnapShot); 

78407| NTSTATUS VDiskDisableAII(void); 

78408| NTSTATUS TdDelDrive ( PDEVICE_OBJECT DeviceToNotPSM, 

| tkSnapShotMaster *MasterSnapShot ); 
78409| NTSTATUS VDiskUnMaplnAIIDrives(void); 
78410| NTSTATUS TdDelVirtual Drive ( PDEVICE_OBJECT 

| VirtualDrive ); 

78411| NTSTATUS TdAddDrive ( PRTL_BITMAP *CachingBitMap, 
| PDEVICE_OBJECT DeviceToPSM, tkSnapShotMaster 
| *MasterSnapShot, PDEVICE_OBJECT *VirtualDeviceObject, 
| CHAR Assignedlnstance ); 

78412| 

78413| extern volatile ULONG VDisklnstance; 

78414| 

78415| 

78416| 

78417| File Listing: virgin.cpp 
78418| 

78419| #include "precomp.h" 
78420| 



78421 1 #define VirginDebug(parms) Debu g ( D EB U G_D I CT, parms) 
78422 1 

78423| #ifndef I N VAL I D_B IT_I N D EX 

78424| #define INVALID BIT INDEX ((ULONG)(-1 )) 

78425| #endif /*INVALID_BIT_INDEX7 

78426| 

78427| // 



78428| 

78429| NTSTATUS PersistentDictionary::FindVirginSpace ( 

78430| PDEVICE_OBJECT Volume, 

78431 1 tVirginMap &VirginMap, 

78432| ULONG &ClusterSizelnBytes, 

78433| LARGE INTEGER &TotalC lusters ) 

78434| { 

78435| NTSTATUS status = STATUS_SUCCESS; 

78436| ULONG N urn Extents Lost = 0; // counter of how many 

| extents could not be inserted due to duplicate keys 
78437| Profile("pd::FindVirginSpace M ); 
78438| 

78439 1 _try { 

78440| ClusterSizelnBytes = 0; 

78441 1 TotalClusters.QuadPart = 0; 

78442| VirginMap.reset(); // start out by making sure 

| the map is completely empty. 
78443| if ( PsmGetObjectType(Volume) == 

| OBJECT FILTEREDDISK ) { 
78444| tVirginMap TempMap; 

78445| __try { 

78446| PFILTERED_EXTENSION DevExt = 

| (PFILTERED_EXTENSION) GetDeviceExtension(Volume); 

78447| PFILE_OBJECT VolumeObject = 0; 

78448| HANDLE VolumeHandle = 

| INVALID_HANDLE_VALUE; 

78449 1 

78450| status = Sblo_OpenVolumeHandle 

| (DevExt->Name, VolumeHandle, VolumeObject, 
| FILE_SHARE_WRITE|FILE_SHARE_READ ); 

78451 1 if ( NT_SUCCESS(status) ) { 

78452 1 __try { 

78453 1 status = GetClusterSize 

| (DevExt, ClusterSizelnBytes, TotalClusters); 

78454| if ( NT_SUCCESS(status) ) { 

78455| 

| VirginMap.enforceClusterLimit (TotalClusters.QuadPart); 
78456| TempMap.enforceClusterLimit 

| (TotalClusters.QuadPart); 
78457| ASSERT (ClusterSizelnBytes 

l>0); 

78458| ASSERT (GRANULE SIZE >= 



I ClusterSizelnBytes); 
78459| ASSERT (GRANULE_SIZE % 

| ClusterSizelnBytes == 0); 
78460| const ULONG 

| ClustersPerGranule = GRANULE_SIZE / ClusterSizelnBytes; 
78461 1 CLUSTERJNDEX firstCluster 

l = 0; 

78462| CLUSTERJNDEX lastCluster = 

|0; 

78463| CLUSTERJNDEX numClusters = 

|0; 
78464| 

78465| GetSnapShotForRead(); 
78466| _Jry { 

78467| pDictionary 

| AnyDictionaryOnVolume = 0; 
78468| GetDictionaryForVolume 

| (Volume, AnyDictionaryOnVolume); 
78469 1 if ( 

| AnyDictionaryOnVolume ) { 
78470 1 pShared Shared = 

| ((pPersistentDictionary)AnyDictionaryOnVolume)->Shared; 
78471 1 status = 

| FindVirginSpace_GranuleBitmapPhase (VirginMap, Shared, 

| ClustersPerGranule, NumExtentsLost, TotalClusters); 
78472 1 if ( 

| NT_SUCCESS(status) ) { 
78473 1 status = 

| FindVirginSpace_SnapshotPhase (VirginMap, TempMap, 

| Shared, ClustersPerGranule, NumExtentsLost); 
78474| if ( 

| NT_SUCCESS(status) ) { 
78475| status = 

| FindVirginSpace_VolumeBitmapPhase(VirginMap, TempMap, 

| NumExtentsLost, VolumeObject); 
78476| } 
78477| } 
78478| } else { 

78479 1 

| VirginDebug(("pd::FindVirginSpace: No persistent 
| dictionary was found on volume %08x\n",Volume)); 
78480 1 

78481 1 // caller can use 

| this return code to know that cache file doesn't need 
| to be migrated 

78482 1 status = 

| PSM_VIRGIN_ERROR_NO_SNAPSHOTS; 

78483 1 } 

78484| } ^finally { 

78485| 



I ReleaseSnapShotForRead(); 
78486| } 
78487| } 

78488| } ^finally { 

78489 1 Sb lo_C lose Vo lu meH and le 

| (VolumeHandle, VolumeObject); 
78490| } 
78491| } 

78492| } finally { 

78493| if ( AbnormalTerminationO ) { 

78494| TempMap.reset(); // if exception 

| did not occur, destructor will clean up TempMap. 
78495| } 
78496| } 
78497| } else { 

78498| status = STATUS_INVALID_PARAMETER; 

78499| VirginDebug(( M pd::FindVirginSpace: invalid 

| parameter: device object is not a filtered disk!\n")); 
78500 1 ASS E RT( F ALS E) ; 

78501 1 } 
78502 1 } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
78503 1 status = GetExceptionCode(); 
78504| VirginDebug(("M! pd::FindVirginSpace: 

| exception %08x\n",status)); 
78505| } 
78506| 

78507| VirginDebug(("pd::FindVirginSpace: 
| NumExtentsLost=%08x, returning 
| status=%08x\n",NumExtentsLost,status)); 

78508 1 return status; 

78509 1 } 

78510| 

7851 1 1 // 



78512| 

78513| NTSTATUS 

| PersistentDictionary::FindVirginSpace_GranuleBitmapPhase 
I ( 

78514| tVirginMap &VirginMap, 
78515| pShared Shared, 
78516| ULONG ClustersPerGranule, 
7851 7| ULONG &Num Extents Lost, 

78518| LARGEJNTEGER TotalClusters ) 
78519| { 

78520| // For every run of zeroes in the granule bitmap, 

| insert the clusters in the 
78521 1 // run into VirginMap. 
78522 1 

78523| Profile("pd::FindVirginSpace_GranulueBitmapPhase"); 



78524| 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase 
| called: Shared=%08x, ClustersPerGranule=%08x, 
| TotalClusters=%01 6l64x\n M ,Shared,ClustersPerGranule,Tota 
| Ousters. QuadPart)); 

78525| if ( Shared ) { 

78526| 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase: 

| Shared->Map = %08x\n",Shared->Map)); 
78527| } 
78528| 

78529| NTSTATUS status = STATUS_SUCCESS; 
78530 1 

78531 1 if ( DoFreeSpaceChecks() ) { 

78532| if ( Shared && Shared->Map ) { 

78533| ULONG Hintlndex = 0; 

78534| ULONG BitlndexStart = 0; 

78535| while ( B it I ndex Start ! = I N VAL I D_B I T_l N D EX && 

| NT_SUCCESS(status) && 

| Hintlndex<(Shared->Map->SizeOfBitMap) ) { 
78536| PsmBitMapValidate (Shared->Map); 

78537| BitlndexStart = RtlFindClearBits 

| (Shared->Map, 1, Hintlndex); 
78538| VirginDebug((" pd::fvs_gbp: 

| BitlndexStart = %08x\n M ,BitlndexStart)); 
78539| if ( BitlndexStart != INVALID_BIT_INDEX 

l){ 

78540| if ( BitlndexStart >= Hintlndex ) { 

78541 1 ULONG BitlndexEnd = 

| RtlFindSetBits (Shared->Map, 1, BitlndexStart); 
78542| VirginDebug(( M pd::fvs_gbp: 

| (A) BitlndexEnd = %08x\n",BitlndexEnd)); 
78543| if ( BitlndexEnd == 

| INVALID_BIT_INDEX) { 
78544| BitlndexEnd = 

| Shared->Map->SizeOfBitMap; 
78545| VirginDebug((" 

| pd::fvs_gbp: (B) INVALID_BIT_INDEX -> 

| BitlndexEnd=%08x\n",BitlndexEnd)); 
78546| } else if ( BitlndexEnd < 

| BitlndexStart ) { 
78547| BitlndexEnd = 

| Shared->Map->SizeOfBitMap; 
78548| Virgin Debug((" 

| pd::fvs_gbp: (C) RtlFindSetBits wrapped around -> 

| BitlndexEnd=%08x\n M ,BitlndexEnd)); 
78549 1 } 
78550 1 

78551 1 Hintlndex = 1 +BitlndexEnd; 

78552| ULONG NumGranulesClear = 



I (BitlndexEnd - BitlndexStart); 
78553| CLUSTERJNDEX firstCluster = 

| BitlndexStart * ClustersPerGranule; 
78554| CLUSTERJNDEX numClusters = 

| NumGranulesClear * ClustersPerGranule; 
78555| 

78556| // Now need to make sure we 

| aren't going past end of the volume, based on 

| TotalClusters. 
78557| // Assuming we get the correct 

| range of extent values in this function, all the others 
78558| // should stay in that range 

| because they just fragment and/or re-insert extents. 
78559| 

78560| if (firstCluster < 

| TotalClusters. QuadPart ) { 
78561 1 CLUSTERJNDEX lastCluster = 

| firstCluster + numClusters - 1 ; 
78562| ASSERT(lastCluster >= 

| firstCluster); 
78563| if ( lastCluster >= 

| TotalClusters. QuadPart ) { 
78564| lastCluster = 

| TotalClusters. QuadPart - 1 ; 
78565| ASSERT(lastCluster >= 

| firstCluster); 
78566| VirginDebug(( M 

| pd::fvs_gbp: Truncating numClusters=%016l64x to 

| %01 6l64x\n",numClusters,lastCluster-firstCluster+1 )); 
78567| numClusters = 

| lastCluster - firstCluster + 1 ; 
78568| } 
78569 1 status = 

| VirginMap.insertExtent (firstCluster, numClusters); 
78570 1 if ( status == 

| PSM_TREE_INSERT_ERROR ) { 
78571 1 ++NumExtentsLost; 
78572 1 status = 

| STATUS_SUCCESS; // not severe enough error to give 

I up 

78573 1 } 

78574| } else { 

78575| VirginDebug((" 

| pd::fvs_gbp: firstCluster=%016l64x is past end of 

| volume - ignoring\n",firstCluster)); 
78576| } 
78577| } else { 

78578| VirginDebug(( M pd::fvs_gbp: 

| RtlFindClearBits wrapped aroundAn")); 
78579| break; 



78580| } 
78581 1 } 
78582 1 } 
78583 1 } else { 
78584| status = 

| PSM_VIRGIN_ERROR_FREE_SPACE_DISABLED; 
78585| 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase: 

| granule bitmap is not available!!!\n")); 
78586| ASSERT(FALSE); 
78587| } 
78588| } else { 
78589 1 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase: 

| free space checking is disabled !\n")); 
78590| status = PSM_VIRGIN_ERROR_FREE_SPACE_DISABLED; 
78591 1 } 
78592 1 
78593 1 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase: 

| Dump of VirginMapAn")); 
78594| VirginMap.debugDumpO; 
78595| 
78596| 

| VirginDebug(("pd::FindVirginSpace_GranuleBitmapPhase 

| returning %08x\n",status)); 
78597| return status; 
78598| } 
78599| 

78600 1 // 

78601| 

78602| NTSTATUS 

| PersistentDictionary::FindVirginSpace_SnapshotPhase ( 
78603| tVirginMap &VirginMap, 
78604| tVirginMap &TempMap, 
78605| pShared Shared, 
78606| ULONG ClustersPerGranule, 
78607| ULONG &NumExtentsLost ) 
78608| { 

78609| // !!! Now remove extents from VirginMap, fragment 

| as necessary based on 
7861 0| // snapshot usage and virtual writes in snapshots, 

| then insert 

7861 1 1 // the results one by one into TempMap. 
78612| 

78613| Profile("pd::FindVirginSpace_SnapshotPhase M ); 
78614| VirginDebug(("pd::FindVirginSpace_SnapshotPhase 

| called\n")); 
78615| 



7861 6| NTSTATUS status = STATUS_SUCCESS; 
7861 7| CLUSTERJNDEX firstCluster = 0; 
78618| CLUSTERJNDEX numClusters = 0; 
78619| CLUSTERJNDEX lastCluster = 0; 
78620| 

78621 1 while ( NT_SUCCESS(status) && !VirginMap.isEmpty() 
l){ 

78622| status = VirginMap.removeAnyExtent ( 

| firstCluster, numClusters ); 
78623| ASSERT(NT_SUCCESS(status)); 
78624| if ( NT_SUCCESS(status) ) { 
78625| CLUSTERJNDEX originalLastCluster = 

| firstCluster + numClusters - 1 ; 
78626| CLUSTERJNDEX firstGranule = firstCluster / 

| ClustersPerGranule; 
78627| CLUSTERJNDEX lastGranule = 

| originalLastCluster / ClustersPerGranule; 
78628| ASSERT(firstGranule <= Oxffffffff); 

78629| ASSERT(lastGranule <= Oxffffffff); 

78630| ASSERT(lastGranule >= firstGranule); 

78631 1 LARGE JNTEGER Key = {0}; 

78632| CLUSTERJNDEX granule = firstGranule; 

78633| while ( granule <= lastGranule && 

| NT_SUCCESS(status) ) { 
78634| bool provedClear = true; 

78635| Key.GranulePart = ULONG(granule); 

78636| Key.SnapShotPart = 0; 

78637| MyAcquireResourceSharedLite 

| (&(Shared->TreeResource), TRUE); 
78638| _Jry { 

78639 1 tTreeLeaf * nodel = 

| rbtree_SearchUpperBound (&Shared->Tree, Key.QuadPart); 
78640 1 tTreeLeaf * node2 = 

| rbtree_SearchUpperBound (&Shared->VirtualWritesTree, 

| Key.QuadPart); 
78641 1 tTreeLeaf *relevantNode = nodel ; 

78642| if ( nodel ) { 

78643| if ( node2 ) { 

78644| LARGEJNTEGER Key1 , Key2; 

78645| Key1 .Quad Part = nodel ->Key; 

78646| Key2. Quad Part = node2->Key; 

78647| if ( Key2.GranulePart < 

| Keyl.GranulePart ) { 
78648| relevantNode = node2; 

78649| } 
78650| } 
78651 1 } else { 

78652 1 relevantNode = node2; 

78653 1 } 
78654| 



78655| if ( relevantNode ) { 

78656| LARGEJNTEGER rKey; 

78657| rKey. Quad Part = 

| relevantNode->Key; 
78658| CLUSTERJNDEX granuleHit = 

| CLUSTERJNDEX (rKey.GranulePart); 
78659| if ( granuleHit <= lastGranule 

l){ 

78660| if ( granuleHit > granule ) 

|{ 

78661 1 // There is a fragment 

| [granule. .(granuleHit-1)] 
78662 1 firstCluster = granule 

| * ClustersPerGranule; 
78663 1 lastCluster = 

| (granuleHit-1 )*ClustersPerGranule + 

| (ClustersPerGranule-1); 
78664| if ( lastCluster > 

| originalLastCluster ) { 
78665| lastCluster = 

| originalLastCluster; 
78666| } 

78667| ASSERT(lastCluster >= 

| firstCluster); 
78668| numClusters = 

| lastCluster - firstCluster + 1 ; 
78669 1 status = 

| TempMap.insertExtent (firstCluster, numClusters); 
78670 1 if ( status == 

| PSM_TREE_INSERT_ERROR ) { 
78671 1 ++NumExtentsLost; 
78672 1 status = 

| STATUS_SUCCESS; // not severe enough error to give 

I up 

78673 1 } 
78674| } 
78675| 

78676| granule = 1 + granuleHit; 

| // continue search after the interruption 
78677| provedClear = false; 

78678| } 
78679 1 } 
78680| } ^finally { 

78681 1 MyReleaseResourceForThreadLite 

| (&(Shared->TreeResource)); 
78682 1 } 
78683 1 

78684| if ( provedClear ) { 

78685| // No more interruptions exist in 

| this granule extent! 



78686| firstCluster = granule * 

| ClustersPerGranule; 
78687| lastCluster = 

| lastGranule*ClustersPerGranule + 

| (ClustersPerGranule-1); 
78688| if ( lastCluster > 

| originalLastCluster ) { 
78689| lastCluster = 

| originalLastCluster; 
78690 1 } 

78691 1 ASSERT(lastCluster >= 

| firstCluster); 
78692| numClusters = lastCluster - 

| firstCluster + 1 ; 
78693| status = TempMap.insertExtent 

| (firstCluster, numClusters); 
78694| if ( status == 

| PSM_TREE_INSERT_ERROR ) { 
78695| ++ N u m ExtentsLost ; 

78696| status = STATUS_SUCCESS; // 

| not severe enough error to give up 
78697| } 

78698| break; // move on to the next 

| granule extent 
78699| } 
78700 1 } 
78701| } 
78702| } 
78703| 

78704| VirginDebug(("pd::FindVirginSpace_SnapshotPhase: 

| Dump of TempMapAn")); 
78705| TempMap.debugDumpO; 
78706| 

78707| VirginDebug(("pd::FindVirginSpace_SnapshotPhase: 

| Dump of VirginMapAn")); 
78708| VirginMap.debugDump(); 
78709| 

78710| VirginDebug(("pd::FindVirginSpace_SnapshotPhase: 

| NumExtentsLost=%08x, returning 

| status=%08x\n",NumExtentsLost,status)); 
78711| return status; 
78712| } 
78713| 

78714| // 



78715| 

78716| NTSTATUS 

| PersistentDictionary::FindVirginSpace_VolumeBitmapPhase 
l( 

78717| tVirginMap &VirginMap, 



78718| 
78719| 



tVirginMap &TempMap, 
ULONG &NumExtentsLost, 



78720| PFILE_OBJECT VolumeObject ) 
78721| { 

78722| Profile("pd::FindVirginSpace_VolumeBitmapPhase"); 
78723| VirginDebug(("pd::FindVirginSpace_VolumeBitmapPhase 

| called\n M )); 
78724| 

78725| NTSTATUS status = STATUS_SUCCESS; 
78726| CLUSTERJNDEX firstCluster = 0; 
78727| CLUSTERJNDEX lastCluster = 0; 
78728| CLUSTERJNDEX numClusters = 0; 
78729| 

78730| if ( !TempMap.isEmpty() ) { 

78731 1 // Allocate space for the volume bitmap window 

| based on the largest 
78732| // extent in TempMap. This will be the largest 

| bitmap window needed for 
78733| // the rest of this process. 
78734| 

78735| status = TempMap.queryLongestExtent 

| (numClusters); 
78736| if ( NT_SUCCESS(status) ) { 
78737| // We need one bit in the volume bitmap for 

| every cluster. 

78738| // Round up to the nearest number of words. 

78739| ULONG Max Clusters = (ULONG) numClusters; 

78740| ASSERT (CLUSTERJNDEX(MaxClusters) == 

| numClusters); 

78741 1 ULONG VolumeBitmapWords = (MaxClusters + 

| 31)/ 32; 

78742| ULONG VolumeBitmapBytes = sizeof(DWORD) * 

| VolumeBitmapWords; 
78743| ULONG VolumeBitmapAlloc = 

| FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer) + 

| VolumeBitmapBytes + sizeof(DWORD); 
78744| VOLUME J3ITMAPJ3UFFER *WorkUnit = 

| (VOLUME J3ITMAPJ3UFFER *) MemAllocatePoolWithTag( 
78745| Paged Pool, 

78746| VolumeBitmapAlloc, 
78747| TEMPTAG ); 



78748| 

78749| if 



( WorkUnit ) { 
_try{ 



78750 1 
78751 1 



// !!! Remove nodes from TempMap, 
necessary based on live volume bitmap, 



| fragment as 
78752 1 

| VirginMap. 



// and insert the results into 



78753 1 
78754| 



RtlZeroMemory (WorkUnit, 



I VolumeBitmapAlloc); 
78755| RTL_BITMAP WorkUnitBitMap; 

78756| RtllnitializeBitMap ( 

| &WorkUnitBitMap, (PULONG)(&WorkUnit->Buffer), 

| MaxClusters ); 
78757| 

78758| while ( NT_SUCCESS(status) && 

| !TempMap.isEmpty() ) { 
78759| status = 

| TempMap.removeAny Extent (firstCluster, numClusters); 
78760| ASSERT(NT_SUCCESS(status)); 
78761 1 ASSERT(numClusters <= 

| MaxClusters); 
78762| ASSERT(numClusters > 0); 

78763| if ( NT_SUCCESS(status) ) { 

78764| CLUSTERJNDEX virginCluster 

| = firstCluster; 
78765| lastCluster = firstCluster 

| + numClusters - 1 ; 
78766| VirginDebug(("pd::fvs_vbp: 

| — firstCluster=%016l64x, numClusters=%016l64x, 

| lastCluster=%01 6l64x\n",firstCluster,numClusters,lastClu 

I ster)); 

78767| ULONG NumBytes = 

| 4*((ULONG(numClusters) + 31) / 32) + 

| FIELD_OFFSET(VOLUME_BITMAP_BUFFER,Buffer); 
78768| ASSERT (Num Bytes <= 

| VolumeBitmapAlloc); 
78769| STARTING_LCN_INPUT_BUFFER 

I slib = {0}; 

78770| slib.StartingLcn.QuadPart = 

| firstCluster; 

78771 1 status = FS_GetVolumeBitmap 

| (VolumeObject, &slib, WorkUnit, NumBytes); 
78772 1 if ( status == 

| STATU S_B U F F E R_0 V E R F LOW ) { 
78773 1 status = 

| STATUS_SUCCESS; // not a problem... just means more 

| volume data 
78774| } 
78775| 

78776| if ( NT_SUCCESS(status) ) { 

78777| ULONG Hintlndex = 0; 

78778| ULONG LastlndexInWindow 

| = ULONG(numClusters-l); 
78779| ASSERT ( 

| CLUSTER_INDEX(LastlndexlnWindow)+1 == numClusters ); 
78780| while ( 

| NT_SUCCESS(status) ) { 
78781 | 



I VirginDebug(("#loop# virginCluster=%016l64x, 

| Hintlndex=%08x\n",virginCluster,Hintlndex)); 
78782 1 // See if any 

| clusters in this extent are dirty. 
78783| ULONG Dirtylndex = 

| RtlFindSetBits (&WorkUnitBitMap, 1, Hintlndex); 
78784| if ( 

| Dirtylndex==INVALID_BIT_INDEX || Dirtylndex<Hintlndex 

| || Dirtylndex>LastlndexlnWindow ) { 
78785| 

| VirginDebug(("#break (A)# Dirtylndex=%08x, 
| Hintlndex=%08x, 

| LastlndexlnWindow=%08x\n", Dirtylndex, Hintlndex, Lastlndex 

| InWindow)); 
78786| break; //no 

| more dirty clusters in the volume bitmap window 
78787| } else { 

78788| CLUSTERJNDEX 

| DirtyCluster = firstCluster + Dirtylndex; 
78789 1 if ( 

| DirtyCluster <= lastCluster ) { 
78790 1 if ( 

| DirtyCluster > virginCluster ) { 
78791| 

| CLUSTERJNDEX numCleanClusters = DirtyCluster - 
| virginCluster; 
78792| 

| VirginDebug(("pd::fvs_vbp: +++ 

| virginCluster=%016l64x, DirtyCluster=%016l64x, 

| numCleanClusters=%01 6l64x\n",virginCluster,DirtyCluster, 

| numCleanClusters)); 
78793 1 status 

| = VirginMap.insertExtent (virginCluster, 

| numCleanClusters); 
78794| if ( 

| status == PSM_TREE_INSERT_ERROR ) { 
78795| 

| ++NumExtentsLost; 
78796| 

| status = STATUS_SUCCESS; 
78797| } 
78798| } else if ( 

| DirtyCluster != virginCluster ) { 
78799| 

| ASSERT(FALSE); // should not happen, but prevent 

| infinite loop potential 
78800 1 status 

| = STATUSJJNSUCCESSFUL; 
78801| break; 
78802| } 



78803| 

78804| Hint Index = 

| RtlFindClearBits (&WorkUnitBitMap, 1, Dirtylndex); 

78805| if ( 

| Hintlndex==INVALID_BIT_INDEX || Hintlndex<Dirtylndex || 
| Hintlndex>LastlndexlnWindow ) { 

78806| 

| VirginDebug(("#break (B)# Dirtylndex=%08x, 
| Hintlndex=%08x, 

| LastlndexlnWindow=%08x\n", Dirtylndex, Hintlndex,Lastlndex 
| InWindow)); 
78807| 

| virginCluster = 1 +lastCluster; // prevent inserting 
| tail extent 

78808| break; 

| // no more clean clusters in this extent 
78809 1 } else { 

78810| 

| virginCluster = firstCluster + Hintlndex; 
7881 1 1 } 
78812| }else{ 
78813| 

| VirginDebug(("#break (C)# DirtyCluster=%016l64x, 
| lastCluster=%016l64x\n",DirtyCluster,lastCluster)); 

78814| break; // 

| no more dirty clusters in this extent 

78815| } 

78816| } 

78817| } 

78818| 

78819| if ( NT_SUCCESS(status) 

l){ 

78820| if ( lastCluster >= 

| virginCluster ) { 
78821 1 numClusters = 

| lastCluster - virginCluster + 1 ; 
78822 1 

| VirginDebug(("pd::fvs_vbp: +++ 

| virginCluster=%016l64x, numClusters=%016l64x, 

| lastCluster=%016l64x\n",virginCluster,numClusters,lastCI 

I uster)); 

78823 1 status = 

| VirginMap.insertExtent (virginCluster, numClusters); 
78824 1 if ( status == 

| PSM TREE INSERT ERROR ) { 
78825| 

| ++NumExtentsl_ost; 
78826| status = 

| STATUS_SUCCESS; 
78827| } 



78828| } 
78829| } 
78830| } else { 

78831 | 

| VirginDebug(("pd::FindVirginSpace_VolumeBitmapPhase: 
| FS_GetVolumeBitmap returned %08x\n",status)); 

78832| ASSERT(FALSE); 

78833 1 } 

78834| } 

78835| } 

78836| } ^finally { 

78837| MemFreePool (WorkUnit); 

78838| WorkUnit = 0; 

78839 1 } 

78840 1 } else { 

78841 1 status = STATUS_INSUFFICIENT_RESOURCES; 

78842| VirginDebug(("H! pd::FindVirginSpace: 

| Out of memory (volume bitmap)\n")); 
78843 1 } 
78844| } else { 

78845| VirginDebug(("M! pd::FindVirginSpace: 

| TempMap.queryLongestExtentO returned %08x\n",status)); 
78846| ASSERT(FALSE); 
78847| } 
78848| } 
78849 1 
78850 1 

| VirginDebug(("pd::FindVirginSpace_VolumeBitmapPhase: 

| Dump of VirginMapAn")); 
78851| VirginMap.debugDump(); 
78852| 
78853| 

| VirginDebug(("pd::FindVirginSpace_VolumeBitmapPhase: 

| Dump of TempMapAn")); 
78854| TempMap.debugDump(); 
78855| 
78856| 

| VirginDebug(("pd::FindVirginSpace_VolumeBitmapPhase: 

| NumExtentsl_ost=%08x, returning 

| status=%08x\n",NumExtentsLost,status)); 
78857| return status; 
78858| } 
78859| 

78860| // 



78861 | 

78862| NTSTATUS GetClusterSize ( PFILTERED_EXTENSION DevExt, 
| ULONG &ClusterSizelnBytes, LARGEJNTEGER STotalClusters 
I) 

78863 1 { 



78864| Profile("GetClusterSize"); 
78865| VirginDebug(("GetClusterSize: 

| DevExt=%08x\n",DevExt)); 
78866| NTSTATUS status = STATUS_NOT_FOUND; 
78867| ClusterSizelnBytes = 0; 
78868| TotalClusters.QuadPart = 0; 
78869| 

78870| __try { 

78871 1 pPsmFilelnfo table[] = { 

78872| &(DevExt->Cache.CacheFile), 

78873| &(DevExt->Cache.lndexFile), 

78874| &(DevExt->Cache.HeaderFile), 

78875| NULL 

78876| }; 

78877| 

78878| for ( int i=0; table[i] != NULL; ++i ) { 
78879| if ( lsValidHandle(table[i]->FileObject) ) 

|{ 

78880| Virgin Debug(("GetClusterSize: Calling 

| FS_GetVolumelnfo on table[%d]->FileObject=%08x 
| , %S'\n",i,table[i]->FileObject,table[i]->FileName)); 

78881 1 ULONG SectorSize = 0; 

78882| LARGE_INTEGER AvailClusters={0}; 

78883| NTSTATUS infoStatus = FS_GetVolumelnfo 

| (table[i]->FileObject, ClusterSizelnBytes, SectorSize, 
| TotalClusters, AvailClusters); 

78884| if ( NT_SUCCESS(infoStatus) ) { 

78885| VirginDebug(( M GetClusterSize: 
| Found cluster size %08x from 
| FS_GetVolumelnfo\n M ,ClusterSizelnBytes)); 

78886| status = STATUS_SUCCESS; 

78887| break; 

78888| } else { 

78889| VirginDebug(("GetClusterSize: 
| FS_GetVolumelnfo returned %08x\n", infoStatus)); 

78890 1 } 

78891| } 

78892| } 

78893| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 

78894| status = GetExceptionCode(); 

78895| VirginDebug(("M! GetClusterSize: Exception 
| %08x\n M ,status)); 

78896| } 

78897| 

78898| VirginDebug(("GetClusterSize: 
| ClusterSizelnBytes=%08x, returning 
| status=%08x\n",ClusterSizelnBytes,status)); 

78899| return status; 

78900| } 



78901| 
78902| //- 



78904| #ifdef DEBUG 

78905| NTSTATUS TestVirginMap_Overwrite Extent ( 
78906| PFILTERED_EXTENSION DevExt, 
78907| const char *WriteBuffer, 
78908| CLUSTERJNDEX WriteBufferClusters, 
78909| ULONG ClusterSizelnBytes, 
78910| CLUSTERJNDEX FirstCluster, 
7891 1 1 CLUSTERJNDEX NumClusters ) 

78912| { 

78913| NTSTATUS status = STATUS_SUCCESS; 
78914| Profile('TestVirginMap_OverwriteExtent M ); 
78915| Virgin Debug((" tvm_Overwrite Extent: DevExt=%08x, 
| FirstCluster=%016l64x, 

| NumClusters=%01 6l64x\n",DevExt,FirstCluster,NumClusters) 

I); 

78916| 

78917| CLUSTERJNDEX CurrentCluster = FirstCluster; 
78918| CLUSTERJNDEX ClustersRemaining = NumClusters; 
78919| LARGE_INTEGER ByteOffset = {0}; 
78920| 

78921 1 while ( ClustersRemaining > 0 ) { 

78922| Profile("TestVirginMap_OverwriteExtent - 

| ClustersRemaining loop"); 
78923| CLUSTERJNDEX ClustersTo Write = 

| ClustersRemaining; 
78924| if ( WriteBufferClusters < ClustersToWrite ) { 
78925| ClustersToWrite = WriteBufferClusters; 

78926| } 
78927| 

78928| ByteOffset.QuadPart = CurrentCluster * 

| ClusterSizelnBytes; 
78929| CLUSTERJNDEX ByteCount Large = ClustersToWrite 

| * ClusterSizelnBytes; 
78930| ASSERT(ByteCountLarge<=Oxffffffff); 
78931 1 ULONG ByteCount = ULONG(ByteCountLarge); 
78932 | 

78933| VirginDebug((" Overwriting 
| ByteOffset=%016l64x, 

| ByteCount=%08x\n M ,ByteOffset.QuadPart,ByteCount)); 
78934| status = Sblo_WriteDevice 

| (DevExt->DeviceObject, &ByteOffset, ByteCount, 

| WriteBuffer); 
78935| if ( !NT_SUCCESS(status) ) { 
78936| VirginDebug(( M Sblo_WriteDevice 

| returned status=%08x\n",status)); 
78937| ASSERT(FALSE); 



78938| break; 
78939| } 
78940| 

78941 1 CurrentCluster += ClustersToWrite; 
78942| ClustersRemaining -= ClustersToWrite; 
78943 1 } 
78944 1 

78945| VirginDebug((" tvm_Overwrite Extent returning 

| status=%08x\n",status)); 
78946 1 return status; 
78947| } 

78948| #endif TDEBUG7 
78949 1 

78950 1 // 

| 

78951 | 

78952| #jfdef DEBUG 

78953| void InitVirginMapTestBuffer ( char *WriteBuffer, ULONG 

| WriteBufferBytes ) 
78954| { 

78955| const char *FillPattern = "(Virgin)"; 

78956| const ULONG PatternBytes = strlen(FillPattern); 

78957| ASSERT (WriteBufferBytes % PatternBytes == 0); 

78958| ULONG BytesFilled = 0; 

78959| while ( BytesFilled < WriteBufferBytes ) { 

78960| memcpy (&WriteBuffer[BytesFilled], FillPattern, 

| PatternBytes); 
78961 1 BytesFilled += PatternBytes; 
78962 1 } 
78963 1 } 

78964| #endif TDEBUG7 
78965| 

78966| // 



78968| #ifdef DEBUG 

78969| NTSTATUSTestVirginMap_OverwriteAIIExtents ( 
78970| PDEVICE_OBJECT Volume, 
78971| ULONG ClusterSizelnBytes, 
78972| LARGEJNTEGER TotalC lusters, 
78973| tVirginMap &VirginMap ) 
78974| { 

78975| NTSTATUS status = STATUS_SUCCESS; 
78976| VirginDebug(("Entering 

| Test V i rg i n M ap_Ove rwr ite A 1 1 Exte nts : 

| Volume=%08x\n",Volume)); 
78977| 

78978| __try { 

78979| if ( PsmGetObjectType(Volume) == 
| OBJECT FILTEREDDISK ) { 



78980| PFILTERED_EXTENSION DevExt = 

| (PFILTERED_EXTENSION) GetDeviceExtension(Volume); 

78981 1 tVirginMap TempMap; // holding pen for 

| extents. 

78982 1 _Jry { 

78983| CLUSTERJNDEX maxClusters = 0; 

78984 1 status = 

| VirginMap.queryLongestExtent(maxClusters); 
78985| if ( NT_SUCCESS(status) ) { 

78986| const ULONG WriteBufferClusters = 

I 256; 

78987| const ULONG Write Buff erBytes = 

| WriteBufferClusters * ClusterSizelnBytes; 
78988| VirginDebug(("WriteBufferBytes = 

| %08x\n M ,WriteBuff erBytes)); 
78989| char *WriteBuffer = (char 

| *)MemAllocatePoolWithTag(PagedPool,WriteBufferBytes,TEMP 

I TAG); 

78990| if ( WriteBuffer ) { 

78991 1 _Jry { 

78992| CLUSTERJNDEX 

| firstCluster=0; 
78993| CLUSTERJNDEX 

| numClusters=0; 
78994| CLUSTERJNDEX 

| prevNumClusters=0; 
78995| 

7899 6 1 I n it V i rg i n M apTest B uf f e r 

| (WriteBuffer, WriteBuff erBytes); 
78997| 

78998| while ( NT_SUCCESS(status) 

| && !VirginMap.isEmpty() ) { 
78999 1 status = 

| VirginMap.removeLongestExtent (firstCluster, 

| numClusters); 
79000| if ( NT_SUCCESS(status) 

l){ 
79001| 

| ASSERT(numClusters>0); 
79002| if ( 

| prevNumClusters ) { 
79003| if ( 

| numClusters > prevNumClusters ) { 
79004| 

| VirginDebug(("M! (A) numClusters=%016l64x, 
| prevNumClusters=%016l64x, 

| firstCluster=%016l64x\n", numClusters, prevNumClusters,fir 
| stCluster)); 
79005| 

| ASSERT(numClusters <= prevNumClusters); 



79006| status = 

| STATUSJJNSUCCESSFUL; 
79007| } 
79008| } 
79009| prevNumClusters = 

| numClusters; 
79010| status = 

| TempMap.insertExtent (firstCluster, numClusters); // 

| save for later 
79011| if( 

| NT_SUCCESS(status) ) { 
79012| ASSERT 

| (firstCluster < TotalClusters.QuadPart); 
79013| ASSERT 

| (firstCluster+numClusters-1 < TotalClusters.QuadPart); 
79014| status = 

| TestVirginMap_OverwriteExtent (DevExt, WriteBuffer, 

| WriteBufferClusters, ClusterSizelnBytes, firstCluster, 

| numClusters); 
79015| }else{ 
79016| ASSERT(FALSE); 
79017| status = 

| STATUSJJNSUCCESSFUL; 
79018| } 
79019| }else{ 
79020| ASSERT(FALSE); 
79021 1 status = 

| STATUSJJNSUCCESSFUL; 
79022 1 } 
79023 1 } 
79024| 

79025| // put all the stuff from 

| TempMap back into VirginMap 
79026| prevNumClusters = 0; 

79027| while ( !TempMap.isEmpty() 

l){ 

79028| NTSTATUS tempStatus = 

| TempMap. removeLongestExtent (firstCluster, 

| numClusters); 
79029 1 if ( 

| NT_SUCCESS(tempStatus) ) { 
79030| tempStatus = 

| VirginMap. insertExtent (firstCluster, numClusters); 
79031| 

| ASSERT(NT_SUCCESS(tempStatus)); 
79032| if ( 

| NT_SUCCESS(tempStatus) ) { 
79033| 

| ASSERT(numClusters>0); 
79034| if ( 



I prevNumClusters ) { 
79035| if ( 

| numClusters > prevNumClusters ) { 
79036| 

| VirginDebug(("M! (B) numClusters=%016l64x, 
| prevNumClusters=%016l64x, 

| firstCluster=%016l64x\n", numClusters, prevNumClusters,fir 
| stCluster)); 
79037| 

| ASSERT(numClusters<=prevNumClusters); 
79038| } 
79039 1 } 
79040| prevNumClusters 

| = numClusters; 
79041 1 } 
79042 1 } else { 

79043| ASSERT(FALSE); 
79044| } 
79045| } 

79046| } finally { 

79047| MemFreePool(WriteBuffer); 

79048| WriteBuffer = NULL; 

79049 1 } 

79050 1 } else { 

79051| VirginDebug(( M M! 

| TestVirginMap_OverwriteAIIExtents: Out of memory 

I m\n")); 
79052| status = 

| STATUS_INSUFFICIENT_RESOURCES; 
79053| } 
79054| } else { 

79055| VirginDebug(("M! 

| Test V i rg i n M ap_Ove rwr ite A IIExte nts : 

| VirginMap.queryLongestExtent() returned 

| %08x\n",status)); 
79056 1 ASS E RT( FALSE) ; 

79057| } 

79058| } finally { 

79059| TempMap.resetQ; 
79060| } 
79061 1 } else { 
79062 1 

| VirginDebug(("TestVirginMap_OverwriteAIIExtents: 

| Volume is not a filtered disk!\n")); 
79063| status = STATUS_INVALID_PARAMETER; 

79064| ASSERT(FALSE); 
79065| } 
79066| } except( 

| ExceptionFilter(GetExceptionlnformation()) ) { 
79067| status = GetExceptionCode(); 



79068| VirginDebug(("M! 

| TestVirginMap_OverwriteAIIExtents: Exception 

| %08x\n",status)); 
79069| } 
79070| 

79071 1 VirginDebug(("TestVirginMap_OverwriteAIIExtents: 

| returning status=%08x\n", status)); 
79072 1 return status; 
79073 1 } 

79074| #endif /"DEBUG*/ 
79075| 

79076| // 

| 

79077| 

79078| #ifdef DEBUG 

79079| void TestVirginMap ( void *parm ) 

79080 1 { 

79081 1 PDEVICE_OBJECT Volume = (PDEVICE_OBJECT)parm; 
79082| VirginDebug(("Entering TestVirginMapQ - Volume = 

| %08x\n M ,parm)); 
79083 1 

79084| tVirginMap VirginMap; 
79085| ULONG ClusterSizelnBytes = 0; 
79086| LARGE INTEGER TotalClusters = {0}; 
79087| NTSTATUS status = 

| PersistentDictionary::FindVirginSpace (Volume, 

| VirginMap, ClusterSizelnBytes, TotalClusters); 
79088| VirginDebug(("TestVirginMap: pd::FindVirginSpace 

| returned status=%08x, ClusterSizelnBytes=%08x, 

| TotalClusters=%01 6l64x\n M ,status,ClusterSizelnBytes,Tota 

| ICIusters.QuadPart)); 
79089 1 

79090| if ( NT_SUCCESS(status) ) { 
79091 1 if ( VirginMap. isEmpty() ) { 
79092| VirginDebug(("TestVirginMap: The VirginMap 

| is empty! No overwrite test will be performedAn")); 
79093 1 } else { 

79094| status = TestVirginMap_OverwriteAIIExtents 

| (Volume, ClusterSizelnBytes, TotalClusters, VirginMap); 
79095| } 
79096| } 
79097| 

79098| Virgin Debug(("Leaving TestVirginMap()\n")); 
79099 1 } 

79100| #endif TDEBUG7 
79101| 

79102| // 



79103| 

79104| /*— end of file virgin.cpp — */ 



79105| 
79106| 
79107| 

79108| File Listing: virgin. h 
79109| 

791 1 0| #ifndef PSM_VIRGIN_H 

791 1 1 1 #define _PSM_VIRGIN_H 1 
79112| 

791 13| #ifndef cplusplus 

791 1 4| #error This file must be compiled as C++ 

791 15| #endif I* cplusplus*/ 

79116| // 

I 

I- 
79117| 

79118| NTSTATUS GetClusterSize ( 

79119| PFILTEREDEXTENSION DevExt, 

79120| ULONG &ClusterSizelnBytes, 

79121| LARGEJNTEGER STotalClusters ); 

79122| 

79123| // 



79124| #endif /*_PSM_VIRGINJH7 

79125| I*— end of file virgin. h —7 

79126| 

79127| 

79128| 

79129| File Listing: VM.cpp 
79130| 

79131 1 #include "precomp.h" 
79132| 

79133| #if _WIN32_WINNT < 0x0500 
79134| r 

79135| * vold_devfile_open - open a device file given a 

| pathname 
79136| * 

79137| * Return a non-zero void error code for error. 
79138| 7 

79139| NTSTATUS vold_devf ile_open(H AN DLE 'Handle, WCHAR 

| *PathName) 
79140| { 

79141| OBJECT_ATTRIBUTES ObjAttrs; 
79142| UNICODE_STRING UniPath; 
79143| NTSTATUS Status; 
79144| IO_STATUS_BLOCK loStatus; 
79145| 

79146| *Handle = NULL; 
79147| 

79148| RtllnitUnicodeString(&UniPath, PathName); 



79149| lnitializeObjectAttributes(&ObjAttrs, &UniPath, 

| OBJ_CASE_INSENSITIVE, NULL, NULL); 
79150| 

791 51 1 Status = ZwOpenFile(Handle, 

79152| SYNCHRONIZE | F I L E_R E A D_D ATA | 

| FILE_WRITE_DATA, 
79153| &ObjAttrs, &loStatus, 

79154| FILE_SHARE_READ | 

| FILE SHARE WRITE, 
79155| FILE_SYNCHRONOUS_IO_ALERT); 
79156| 

79157| return Status; 

79158| } 

79159| 

79160| 

79161| I* 

79162| * vold_devfile_ioctl - issue an ioctl to a device 
79163| 7 

79164| NTSTATUS vold_devfile_ioctl( 
79165| HANDLE Handle, ULONG Cmd, 

79166| void *inbuf, ULONG 

| inbufsize, 

791 67| void *outbuf, ULONG 

| outbufsize) 
79168| { 

79169| NTSTATUS Status; 

791 70| IO_STATUS_BLOCK loStatus; 

79171| 

791 72| Status = ZwDeviceloControlFile(Handle, 
79173| (HANDLE) NULL, 

791 74| (PIO_APC_ROUTINE) 
| NULL, 

79175| (void *) NULL, 

79176| &loStatus, 

79177| Cmd, 

79178| inbuf, inbufsize, 

791 79| outbuf, outbufsize); 

79180| 

79181| return Status; 

79182| } 

79183| 

79184| 

79185| 

79186| /* 

79187| * vold_driver_ioctl - issue a standard LDM device 

| driver ioctl 
79188| * 

79189| * These ioctls are wrapped in a structure that can be 
| used to get 

79190| * the return value. If the ioctl encounters an error, 



I then return -1 . 
79191 1 * Also, these ioctls take a simple pointer, rather 
| than two pointers 



79192 
79193 
79194 



I *arg) 



79195 
79196 
79197 
79198 
79199 
79200 
79201 
79202 



| &ntarg, sizeof (ntarg), 



79203 
79204 
79205 
79206 
79207 
79208 
79209 
79210 
79211 
79212 
79213 
79214 
79215 
79216 
79217 
79218 
79219 
79220 
79221 
79222 
79223 
79224 
79225 
79226 
79227 
79228 
79229 
79230 
79231 
79232 
79233 



79234 
79235 



* and two sizes like general NT ioctls. 

7 

NTSTATUS vold_driver_ioctl(HANDLE Handle, int Cmd, void 



{ 

struct volnt_iocarg ntarg; 
NTSTATUS Status; 

ntarg. ntioc_arg = arg; 
ntarg. ntioc_rval = 0; 

Status = vold_devfile_ioctl(Handle, (ULONG)Cmd, 



&ntarg, sizeof (ntarg)); 

return Status; 

} 

#endif 



File Listing: WMI.cpp 

#include "precomp.h" 

#if _WIN32_WINNT>=0x0500 

STATIC NTSTATUS 
PSManWmiObject( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS 
PSManWmi Device( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

STATIC NTSTATUS PSManWmiVDisk( 
IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 



/* 



7 

NTSTATUS 
PSManWmi( 



79236| IN PDEVICE_OBJECT DeviceObject, 

79237| IN PIRP Irp 

79238| ) 

79239| 

79240| /*++ 

79241 | 

79242| Routine Description: 
79243 1 

79244| Passes the Irp to the correct handler 
79245| 

79246| Arguments: 
79247| 

79248| DriverObject - Pointer to device object to being 

| shutdown by system. 

79249| Irp - IRP involved. 
79250 1 

79251 1 Return Value: 
79252 1 

79253 1 NT Status 

79254| 

79255| ~7 

79256| 

79257| { 

79258| 

79259| NTSTATUS Status; 
79260 1 

79261 1 switch(PsmGetObjectType(DeviceObject)) { 

79262| case OBJECTJNTERNAL 

79263| Status = PSManWmiObject(DeviceObject, Irp); 

79264| break; 

79265| case OBJECT_FILTEREDDISK : 

79266| Status = PSManWmiDevice(DeviceObject, Irp); 

79267| break; 

79268| case OBJ ECT_VIRTUALDISK : 

79269| Status = PSManWmiVDisk(DeviceObject, Irp); 

79270 1 break; 

79271| case OBJECT_FS_FILTER : 

79272| Status = PSManWmiFSFilter(DeviceObject, 
I Irp); 

79273| break; 

79274| case OBJECT_FS_OBJECT : 

79275| Status = PSManWmiFSObject(DeviceObject, 
I Irp); 

79276| break; 

79277| default: 

79278| lrp->loStatus. Status = Status = 

| STATUS_NO_SUCH_DEVICE; 

79279| lrp->loStatus. Information = 0 ; 

79280| loComplete Request (Irp, IO_NO_INCREMENT) ; 

79281 1 break; 



79282| } 

79283| return Status; 
79284| 

79285| } //end PSManWmi() 

79286| 

79287| 

792881 r 



| */ 

79289| STATIC NTSTATUS 

79290| PSManWmiObject( 

79291 1 IN PDEVICE_OBJECT DeviceObject, 

79292| IN PIRP Irp 

79293 1 ) 

79294| 

79295| /*++ 

79296| 

79297| Routine Description: 
79298| 

79299| This routine is called for pnp IRPs. 
79300 | 

79301 1 Arguments: 
79302 | 

79303| DriverObject - Pointer to device object 

79304| Irp - IRP involved. 

79305| 

79306| Return Value: 
79307| 

79308| NT Status 
79309 | 
79310| -7 
79311| 
79312| { 

79313| NOT_REFERENCED(DeviceObject); 

79314| Debug(DEBUG_PROCCALL,("PSManWmiObject Called\n")); 
79315| lrp->loStatus.Status = STATUS_SUCCESS; 
79316| lrp->loStatus. Information = 0; 
79317| 

79318| loCompleteRequest(lrp, IO_NO_INCREMENT); 

79319| Debug(DEBUG_PROCCALL,("PSManWmiObject Done\n")); 

79320| return STATUS_SUCCESS; 

79321 | 

79322| } //end PSManWmiObject() 
79323 | 

79324| NTSTATUS 

79325| PSManQueryWmiReglnfo( 

79326| IN PDEVICE_OBJECT DeviceObject, 

79327| OUT ULONG *RegFlags, 

79328| OUT PUNICODE_STRING InstanceName, 

79329| OUT PUNICODE_STRING * Registry Path, 

79330| OUT PUNICODE_STRING MofResourceName, 



79331 1 OUT PDEVICE_OBJECT *Pdo 
79332 1 ) 
79333| /*++ 
79334| 

79335| Routine Description: 
79336| 

79337| This routine is a callback into the driver to 

| retrieve information about 
79338| the guids being registered. 
79339 | 

79340| Implementations of this routine may be in paged 

| memory 
79341 | 

79342| Arguments: 
79343 1 

79344| DeviceObject is the device whose registration 

| information is needed 
79345| 

79346| *RegFlags returns with a set of flags that describe 

| all of the guids being 
79347| registered for this device. If the device wants 

| enable and disable 
79348| collection callbacks before receiving queries 

| for the registered 
79349| guids then it should return the 

| WMIREG_FLAG_EXPENSIVE flag. Also the 
79350| returned flags may specify 

| WMIREG_FLAG_INSTANCE_PDO in which case 
79351 1 the instance name is determined from the PDO 

| associated with the 
79352| device object. Note that the PDO must have an 

| associated devnode. If 
79353| WMIREG_FLAG_INSTANCE_PDO is not set then Name 

| must return a unique 
79354| name for the device. These flags are ORed into 

| the flags specified 
79355| by the GUIDREGINFO for each guid. 
79356| 

79357| InstanceName returns with the instance name for the 
| guids if 

79358| WMIREG_FLAG_INSTANCE_PDO is not set in the 

| returned *RegFlags. The 
79359| caller will call ExFreePool with the buffer 

| returned. 
79360 1 

79361 1 *RegistryPath returns with the registry path of the 

| driver. This is 
79362 1 required 
79363 1 

79364| Mof ResourceName returns with the name of the MOF 



I resource attached to 
79365| the binary file. If the driver does not have a 

| mof resource attached 
79366| then this can be returned unmodified. If a 

| value is returned then 
79367| it is NOT freed. 
79368| 

79369| *Pdo returns with the device object for the PDO 

| associated with this 
79370| device if the WMIREG_FLAG_INSTANCE_PDO flag is 

| retured in 
79371| *RegFlags. 
79372| 

79373| Return Value: 
79374| 

79375| status 
79376| 
79377| -7 
79378| { 

79379| USHORTsize; 
79380| NTSTATUS status; 

79381| PFILTERED_EXTENSION deviceExtension = 

| (PFILTERED_EXTENSION)GetDeviceExtension(DeviceObject); 
79382| 

79383| PAG E D_CO D E () ; 
79384| 

79385| size = deviceExtension->PhysicalDeviceName. Length + 

| sizeof(UNICODE_NULL); 
79386| 

79387| lnstanceName->Buffer = (WCHAR 

| *)ExAllocatePool(PagedPool, size); 
79388| if (lnstanceName->Buffer != NULL) { 
79389| *RegistryPath = &gRegistryPath; 
79390| 

79391 1 *RegFlags = WMIREG_FLAG_INSTANCE_PDO | 

| WMIREG_FLAG_EXPENSIVE; 
79392| *Pdo = deviceExtension->PhysicalDeviceObject; 
79393| status = STATUS_SUCCESS; 
79394| } else { 

79395| status = STATUS_INSUFFICIENT_RESOURCES; 

79396| } 

79397| 

79398| return(status); 

79399 1 } 

79400| 

79401| 

79402| NTSTATUS 

79403| PSManQueryWmiDataBlock( 

79404| IN PDEVICE_OBJECT DeviceObject, 

79405| IN PIRP Irp, 



79406| IN ULONG Guidlndex, 

79407| IN ULONG Instance Index, 

79408| IN ULONG InstanceCount, 

79409| IN OUT PULONG InstanceLengthArray, 

79410| IN ULONG BufferAvail, 

7941 1 1 OUT PUCHAR Buffer 

79412| ) 

79413| /*++ 

79414| 

79415| Routine Description: 
79416| 

7941 7| This routine is a callback into the driver to query 

| for the contents of 
79418| all instances of a data block. When the driver has 

| finished filling the 
79419| data block it must call WmiComplete Request to 

| complete the irp. The 
79420| driver can return STATUS_PENDING if the irp cannot 

| be completed 
79421 1 immediately. 
79422 1 

79423| Arguments: 
79424| 

79425| DeviceObject is the device whose data block is 

| being queried 
79426| 

79427| Irp is the Irp that makes this request 
79428| 

79429| Guidlndex is the index into the list of guids 

| provided when the 
79430 1 device registered 
79431| 

79432| InstanceCount is the number of instnaces expected 

| to be returned for 
79433| the data block. 
79434| 

79435| InstanceLengthArray is a pointer to an array of 

| ULONG that returns the 
79436| lengths of each instance of the data block. If 

| this is NULL then 
79437| there was not enough space in the output buffer 

| to fufill the request 
79438| so the irp should be completed with the buffer 

| needed. 
79439| 

79440| BufferAvail on entry has the maximum size available 

| to write the data 
79441 1 blocks. 
79442 1 

79443| Buffer on return is filled with the returned data 



I blocks. Note that each 
79444| instance of the data block must be aligned on a 

| 8 byte boundry. 
79445| 
79446| 

79447| Return Value: 
79448| 

79449| status 
79450| 
79451 1 -7 
79452 1 { 

79453| NTSTATUS status; 

79454| PFILTERED_EXTENSION deviceExtension; 

79455| ULONG sizeNeeded; 

79456| PDISK_PERFORMANCE totalCounters; 

79457| PDISK_PERFORMANCE diskCounters; 

79458| PWMI DISK PERFORMANCE diskPerformance; 

79459| ULONG deviceNameSize; 

79460| PWCHAR diskNamePtr; 

79461 | 

79462| deviceExtension = (PFILTERED_EXTENSION) 

| GetDeviceExtension(DeviceObject); 
79463 1 

79464| if (Guidlndex == 0) { 
79465| deviceNameSize = 

| deviceExtension->PhysicalDeviceName. Length + 

| sizeof(USHORT); 
79466| sizeNeeded = ((sizeof(WMI_DISK_PERFORMANCE) + 

| 1) & ~1) + deviceNameSize; 
79467| diskCounters = deviceExtension->DiskCounters; 
79468| if (diskCounters == NULL) { 
79469| status = STATUSJJNSUCCESSFUL; 

79470 1 } else 

79471 1 if (BufferAvail >= sizeNeeded) { 
79472 1 // 

79473| // Update idle time if disk has been idle 

79474| // 
79475| ULONG i; 

79476| 

79477| RtlZeroMemory(Buffer, 

| sizeof(WMI_DISK_PERFORMANCE)); 
79478| diskPerformance = 

| (PWMI_DISK_PERFORMANCE)Buffer; 
79479 1 

79480| totalCounters = 

| (PDISK_PERFORMANCE)diskPerformance; 
79481 | 

79482| for (i=0; i<deviceExtension->Processors; 

I { 

79483| PSManAddCounters( totalCounters, 



I diskCounters); 
79484| diskCounters = (PDISK_PERFORMANCE) 

| ((PCHAR)diskCounters + PROCESSOR_COUNTERS_SIZE); 
79485| } 

79486| totalCounters->QueueDepth = 

| deviceExtension->QueueDepth; 
79487| 

| KeQuerySystemTime(&totalCounters->QueryTime); 
79488| 

79489| if (totalCounters->QueueDepth == 0) { 

79490| LARGEJNTEGER difference; 

79491| 

79492| difference.QuadPart = 

| totalCounters->QueryTime.QuadPart - 

| deviceExtension->LastldleClock.QuadPart; 
79493| totalCounters->ldleTime.QuadPart += 

| difference.QuadPart; 
79494| } 

79495| totalCounters->StorageDeviceNumber = 

| deviceExtension->DiskNumber; 
79496| RtlCopyMemory( 

| &totalCounters->StorageManagerName[0], 

| &deviceExtension->StorageManagerName[0], 8 * 

| sizeof(WCHAR)); 
79497| 

79498| diskNamePtr = (PWCHAR)(Buffer + 

| ((sizeof(DISK PERFORMANCE) + 1) & ~1)); 
79499| *diskNamePtr++ = 

| deviceExtension->PhysicalDeviceName. Length; 
79500| RtlCopyMemory(diskNamePtr, 

| deviceExtension->PhysicalDeviceName. Buffer, 

| deviceExtension->PhysicalDeviceName. Length); 
79501 1 *lnstanceLengthArray = sizeNeeded; 

79502 1 

79503| status = STATUS_SUCCESS; 

79504| } else { 

79505| status = STATUS_BUFFER_TOO_SMALL; 

79506| } 

79507| 

79508| } else { 

79509| status = STATUS_WMI_GUID_NOT_FOUND; 
79510| } 
7951 1 | 

79512| status = WmiCompleteRequest( 

| DeviceObject,lrp,status,sizeNeeded,IO_NO_INCREMENT); 
79513| return(status); 
79514| } 
79515| 
79516| 

79517| NTSTATUS 



79518| PSManWmiFunctionControl( 

79519| IN PDEVICE_OBJECT DeviceObject, 

79520| IN PIRP Irp, 

79521 1 IN ULONG Guidlndex, 

79522| IN WMIENABLEDISABLECONTROL Function, 

79523| IN BOOLEAN Enable 

79524| ) 

79525| /*++ 

79526| 

79527| Routine Description: 
79528| 

79529 1 This routine is a callback into the driver to query 

| for enabling or 
79530| disabling events and data collection. When the 

| driver has finished it 
79531 1 must call WmiCompleteRequest to complete the irp. 

| The driver can return 
79532| STATUS_PENDING if the irp cannot be completed 

| immediately. 
79533 1 

79534| Arguments: 
79535| 

79536| DeviceObject is the device whose events or data 

| collection are being 
79537| enabled or disabled 
79538| 

79539| Irp is the Irp that makes this request 
79540 1 

79541 1 Guidlndex is the index into the list of guids 

| provided when the 
79542| device registered 
79543 1 

79544| Function differentiates between event and data 

| collection operations 
79545| 

79546| Enable indicates whether to enable or disable 

79547| 

79548| 

79549| Return Value: 
79550 1 

79551 1 status 
79552 1 
79553 1 -7 
79554| { 

79555| NTSTATUS status; 

79556| PFILTERED_EXTENSION deviceExtension; 
79557| 

79558| deviceExtension = (PFILTERED_EXTENSION) 

| GetDeviceExtension(DeviceObject); 
79559| 



79560| if (Guidlndex == 0) { 

79561 1 if (Function == WmiDataBlockControl) { 

79562| if (Enable) { 

79563 1 if 

| (lnterlockedlncrement((PLONG)&deviceExtension->CountersE 

| nabled) == 1){ 
79564| // 

79565| // Reset per processor counters to 0 

79566| // 

79567| if (deviceExtension->DiskCounters != 

| NULL) { 
79568| 

| RtlZeroMemory(deviceExtension->DiskCounters,PROCESSOR_CO 

| UNTERS_SIZE * deviceExtension->Processors); 
79569 1 } 
79570 1 

| KeQuerySystemTime(&deviceExtension->LastldleClock); 
79571 1 deviceExtension->QueueDepth = 0; 

79572| Debug(DEBUG_WMI,("PSManWmi: Counters 

| enabled %d\n",deviceExtension->CountersEnabled)); 
79573 1 } 
79574| } else { 

79575| if 

| (lnterlockedDecrement((PLONG)&deviceExtension->CountersE 

| nabled)<= 0) { 
79576| deviceExtension->CountersEnabled = 0; 

79577| deviceExtension->QueueDepth = 0; 

79578| Debug(DEBUG_WMI,("PSManWmi: Counters 

| disabled %d\n",deviceExtension->CountersEnabled)); 
79579 1 } 
79580 1 } 
79581 1 } 

79582| status = STATUS_SUCCESS; 
79583 1 } else { 

79584| status = STATUS_WMI_GUID_NOT_FOUND; 

79585| } 

79586| 

79587| status = 

| WmiCompleteRequest(DeviceObject,lrp,status,0,IO_NO_INCRE 

| MENT); 
79588| return(status); 
79589 1 } 
79590 1 
79591 | 

79592| I* 



79593| STATIC NTSTATUS 

79594| PSManWmiDevice( 

79595| IN PDEVICE_OBJECT DeviceObject, 

79596| IN PIRP Irp 



79597| ) 
79598| 
79599| /*++ 
79600| 

79601| Routine Description: 
79602| 

79603| This routine handles any WMI requests for 

| information. Since the disk 
79604| information is read-only, is always collected and 

| does not have any 
79605| events only QueryAIIData, QuerySinglelnstance and 

| GetReglnfo requests 
79606| are supported. 
79607| 

79608| Arguments: 
79609| 

7961 0| DeviceObject - Context for the activity. 

7961 1 1 Irp - The device control argument block. 

79612| 

79613| Return Value: 
79614| 

79615| Status is returned. 

79616| 

79617| -7 

79618| 

79619| { 

79620 1 PI 0_STAC K_LOC ATI ON 

| irpSp=loGetCurrentlrpStackLocation(lrp); 
79621 1 NTSTATUS status; 
79622| PWMILIB_CONTEXT wmilibContext; 
79623| SYSCTL_IRP_DISPOSITION disposition; 
79624| PFILTERED_EXTENSION deviceExtension = 

| (PFILTERED_EXTENSION)GetDeviceExtension(DeviceObject); 
79625| 

79626| PAG E D_CO D E () ; 
79627| 

79628| Debug(DEBUG_WMI,( "PSManWmi: DeviceObject %X Irp %X 
| %d - %s\n", DeviceObject, 

| lrp,irpSp->MinorFunction,File_GetSystemControlMinorFunct 

| ionName(irpSp->MinorFunction))); 
79629| wmilibContext = &deviceExtension->WmilibContext; 
79630| if (wmilibContext->GuidCount == 0) { // 

| wmilibContext is not valid 
79631 1 Debug(DEBUG_WMI,( "PSManWmi: WmilibContext 

| invalid\n")); 

79632| return PSManPassThru(DeviceObject, Irp); 
79633 1 } 
79634| #if 0 

79635| if (irpSp->MinorFunction == 
| I R P_M N_S ET T R AC E N OT I F Y) { 



79636| PVOID buffer = irpSp->Parameters.WM I. Buffer; 
79637| ULONG bufferSize = 

| irpSp->Parameters.WMI. BufferSize; 
79638| 

79639| if (bufferSize < 

| sizeof(PPHYSICAL_DISK_IO_NOTIFY_ROUTINE)) { 
79640| status = STATUS_BUFFER_TOO_SMALL; 

79641 1 } else { 
79642 1 // 

79643 1 // First we need to turn on counters if we 

| are doing tracing 
79644| // 

79645| PVOID current, notifyRoutine; 

79646| ULONG i; 

79647| 

79648| current = (PVOID) 

| deviceExtension->PhysicalDiskloNotifyRoutine; 
79649| notifyRoutine = *((PVOID *)buffer); 

79650| if (current == NULL && notifyRoutine != 

| NULL) { 
79651 1 if 

| (lnterlockedlncrement(&deviceExtension->CountersEnabled) 

I ==1){ 
79652 1 // 

79653| // reset per processor counters 

I only 

79654| // 

79655| if (deviceExtension->DiskCounters 

| != NULL) { 
79656| RtlZeroMemory( 

| deviceExtension->DiskCounters, PROCESSOR_COUNTERS_SIZE 

| * deviceExtension->Processors); 
79657| } 
79658| 

| KeQuerySystemTime(&deviceExtension->LastldleClock); 
79659| deviceExtension->QueueDepth = 0; 

79660 1 } 

79661 1 Debug(DEBUG_WMI,( "PSManWmi: Counters 

| enabled %d\n",deviceExtension->CountersEnabled)); 
79662| } else 

79663| if (current != NULL && notifyRoutine == 

| NULL) { 
79664| 

| lnterlockedDecrement(&deviceExtension->CountersEnabled); 
79665| deviceExtension->QueueDepth = 0; 

79666| Debug(DEBUG_WMI,( "PSManWmi: Counters 

| disabled %d\n",deviceExtension->CountersEnabled)); 
79667| } 
79668| 

| deviceExtension->PhysicalDiskloNotifyRoutine = 



I (PPHYSICAL_DISK_IO_NOTIFY_ROUTINE)*((PVOID *)buffer); 
79669| 

79670| Debug(DEBUG_WMI,("PSManWmi: 
| S ET T R AC E N OTI FY to 

| %X\n",deviceExtension->PhysicalDiskloNotify Routine)); 
79671 1 status = STATUS_SUCCESS; 

79672 1 } 
79673 1 

79674| lrp->loStatus. Status = status; 

79675| lrp->loStatus. Information = 0; 

79676| loCompleteRequest( Irp, IO_NO_INCREMENT ); 

79677| } else { 

79678| Debug(DEBUG_WMI,( "PSManWmi: Calling 

| WmiSystemControlVn")); 
79679 1 status = 

| WmiSystemControl(wmilibContext,DeviceObject,lrp,&disposi 

I tion); 

79680| switch (disposition) { 
79681 1 case IrpProcessed: { 

79682 1 break; 
79683 1 } 

79684| case IrpNotCompleted: { 

79685| loCompleteRequest(lrp, 

| IO_NO_INCREMENT); 
79686| break; 
79687| } 
79688| 

79689| // case IrpForward: 
79690 1 // case IrpNotWmi: 
79691| default:{ 

79692| status = PSManPassThru(DeviceObject, 

I "rp); 

79693| break; 
79694| } 
79695| } 
79696| } 
79697| #else 

79698| // changed 3/7/2000 above doesnt work with release 

| of Win2000 DDK 
79699| Debug(DEBUG_WMI,( "PSManWmi: Calling 

| WmiSystemControlVn")); 
79700| status = 

| WmiSystemControl(wmilibContext,DeviceObject,lrp,&disposi 

I tion); 

79701 1 switch (disposition) { 



79702 1 case IrpProcessed: { 
79703 1 break; 

79704| } 

79705| case IrpNotCompleted: { 

79706| loCompleteRequest(lrp, IO_NO_INCREMENT); 



79707| break; 
79708| } 
79709| 

79710| // case IrpForward: 
7971 1 1 // case IrpNotWmi: 
79712| default: { 

79713| status = PSManPassThru(DeviceObject, Irp); 

79714| break; 

79715| } 

79716| } 

79717| 

79718| #endif 

79719| return(status); 

79720| 

79721 1 } // end PSManWmiDevice() 
79722 1 
79723 | 

79724| /* 



79725| STATIC NTSTATUS PSManWmiVDisk( 
79726| IN PDEVICE_OBJECT DeviceObject, 
79727| IN PIRP Irp 
79728| ) 
79729 1 { 

79730| NTSTATUS Statu s =ST ATUSJ N V ALI D_DE VI CE_ REQUEST; 
79731| 

79732| Debug(DEBUG_PROCCALL | DEBUG_WMI,("PSManWmiVDisk 

| Called Dev=%p, I rp=%p\n", DeviceObject, Irp)); 
79733| lrp->loStatus. Information = 0; 
79734| lrp->loStatus. Status = Status; 
79735| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
79736| Debug(DEBUG_PROCCALL | DEBUG_WMI,("PSManWmiVDisk 

| Done\n")); 
79737| 

79738| return Status; 

79739| } 

79740| 

79741 1 /* 



79742| STATIC NTSTATUS PSManWmiFSObject( 
79743| IN PDEVICE_OBJECT DeviceObject, 
79744| IN PIRP Irp 
79745| ) 
79746| { 

79747| NTSTATUS Statu s =ST ATUSJ N V ALI D_DE VI CE_ REQUEST; 
79748| 

79749| Debug(DEBUG_PROCCALL | DEBUG_WMI,( M PSManWmiFSObject 

| Called Dev=%p, lrp=%p\n", DeviceObject, Irp)); 
79750| lrp->loStatus. Information = 0; 
79751 1 lrp->loStatus. Status = Status; 



79752| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

79753| Debug(DEBUG_PROCCALL | DEBUG_WMI,("PSManWmiFSObject 

| Done\n")); 
79754| 

79755| return Status; 

79756| } 

79757| 

79758| 

79759| r 



79760| STATIC NTSTATUS 

79761| PSManWmiFSFilter( 

79762| IN PDEVICE_OBJECT DeviceObject, 

79763| IN PIRP Irp 

79764| ) 

79765| 

79766| /*++ 

79767| 

79768| Routine Description: 
79769| 

79770| Pass irp to handler 
79771 | 

79772| Arguments: 
79773 1 

79774| DriverObject - Pointer to device object to being 

| shutdown by system. 
79775| Irp - IRP involved. 
79776| 

79777| Return Value: 
79778| 

79779 1 NT Status 
79780 1 
79781 1 ~7 
79782 1 
79783 1 { 

79784| NTSTATUS Status; 
79785| 

79786| #ifdef DEBUG 

79787| if (Psm Active) { 

79788| Debug(DEBU G_WM I | 

| DEBUG_PROCCALL,("PSManWmiFSFilter Called Device=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
79789 1 } 
79790| #endif 
79791 | 

79792| Status = PSManFSPassThru( DeviceObject, Irp ); 
79793 1 

79794| #ifdef DEBUG 

79795| if (Psm Active) { 

79796| Debug(DEBU G_WM I | 



I DEBUG_PROCCALL,("PSManWmiFSFilter Done Device=%p, 
| lrp=%p, Status=%08x\n",DeviceObject,lrp,Status)); 



79797 
79798 
79799 
79800 
79801 
79802 
79803 
79804 
79805 
79806 
79807 
79808 
79809 
79810 
79811 
79812 
79813 
79814 
79815 
79816 
79817 
79818 
79819 
79820 
79821 
79822 
79823 
79824 
79825 
79826 
79827 
79828 
79829 
79830 
79831 
79832 
79833 
79834 
79835 
79836 
79837 
79838 
79839 
79840 
79841 
79842 
79843 
79844 



} 

#endif 

return Status; 
} // end PSManWmiFSFilter() 



#endif 



File Listing: WMI.h 

NTSTATUS 
PSManWmi( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp 

); 

NTSTATUS 

PSManQueryWmiDataBlock( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp, 

IN ULONG Guidlndex, 

IN ULONG Instancelndex, 

IN ULONG InstanceCount, 

IN OUT PULONG InstanceLengthArray, 

IN ULONG BufferAvail, 

OUT PUCHAR Buffer 

); 

NTSTATUS 

PSManWmiFunctionControl( 

IN PDEVICE_OBJECT DeviceObject, 

IN PIRP Irp, 

IN ULONG Guidlndex, 

IN WMIENABLEDISABLECONTROL Function, 
IN BOOLEAN Enable 

); 

NTSTATUS 

PSManQueryWmiReglnfo( 

IN PDEVICE_OBJECT DeviceObject, 

OUT ULONG *RegFlags, 

OUT PUNICODE_STRING InstanceName, 

OUT PUNICODE_STRING *RegistryPath, 

OUT PUNICODE_STRING MofResourceName, 

OUT PDEVICE_OBJECT *PdO 

); 

NTSTATUS 
PSManWmiFSObject( 



79845| IN PDEVICE_OBJECT DeviceObject, 

79846| IN PIRP Irp 

79847| ); 

79848| NTSTATUS 

79849| PSManWmiFSFilter( 

79850| IN PDEVICE_OBJECT DeviceObject, 

79851| IN PIRP Irp 

79852| ); 

79853| 

79854| 

79855| 

79856| File Listing: WRITE.cpp 
79857| 

79858| #include "precomp.h" 
79859| 

79860| // note: define DO_ALL_IO in precomp.h do get all io 

| related functions 
79861 1 // otherwise only io in this file will get printed 
79862 1 

79863| // define to not use a write cache. 
79864| //#define_NO_WRITE_ROUTINES_ 1 
79865| 

79866| // define if writes should return error on no media 

| loaded, or "Okay" if not defined 
79867| // should be set to 0 so we do not get "Lost delayed 

| write" popups on server 
79868| #define DO_ERROR_WRITES 1 
79869 | 

79870| Hint -save -e7677 

79871 1 // Try and keep the "lost delayed write" messages from 

| popping up 
79872| #if DO_ERROR_WRITES 

79873| #define VOLUME_NOT_ACTIVE_ERROR_CODE 

| STATUS_NO_MEDIA_IN_DEVICE 

| /*STATUS_DEVICE_NOT_CONNECTED7 
79874| #define INFORMATION_FOR_NOT_ACTIVE(lrp) 0 
79875| #else 

79876| #define VOLUME_NOT_ACTIVE_ERROR_CODE STATUS_SUCCESS 
79877| #define INFORMATION_FOR_NOT_ACTIVE(lrp) 

| loGetCurrentlrpStackLocation(lrp)->Parameters. Write. Leng 

|th 

79878| #endif 
79879| Hint -restore*/ 
79880 1 

79881 1 // set to 0 if you need to mount a volume with no 

| virtual writes on 
79882 1 // it as we need to in the rebuild process for 

| freespace 
79883| ULONG gVDiskDoVirtuallO=TRUE; 
79884| 



79885| STATIC NTSTATUS AddSectorsTo Memory Cache( 



| *Buffer ); 
79890| 
79891 | 

79892| /* 



79893| NTSTATUS 
79894| PSManWrite( 

79895| IN PDEVICE_OBJECT DeviceObject, 

79896| IN PIRP Irp 

79897| ) 

79898| 

79899 1 /*++ 

79900 | 

79901| Routine Description: 
79902| 

79903| This is the driver entry point for write requests 
79904| to disks to which the PSMan driver has attached. 
79905| This driver collects statistics and then sets a 
| completion 

79906| routine so that it can collect additional 

| information when 
79907| the request completes. Then it calls the next 

| driver below 
79908| it. 
79909| 

79910| Arguments: 
79911| 

79912| DeviceObject 
79913| Irp 
79914| 

79915| Return Value: 
79916| 

79917| NTSTATUS 

79918| 

79919| -7 

79920| 

79921| { 

79922| switch ( PsmGetObjectType(DeviceObject) ) { 

79923| case OBJECTJNTERNAL 

79924| return PSManWriteObject(DeviceObject, Irp); 

79925| case OBJECT_FILTEREDDISK : 

79926| return PSManWriteDevice( DeviceObject, Irp); 



79886| 

| DevExt, 
79887| 

| Sector, 
79888| 

| Count, 
79889| 



PVDISK_EXTENSION 



ULARGEJNTEGER 



ULONG 



char 



79927| case OBJECT_VIRTUALDISK : 
79928| return PSManWriteVDisk(DeviceObject, Irp); 

79929| case OBJECT_FS_OBJECT : 
79930| return PSManWriteFSObject(DeviceObject, 

I Irp); 

79931| case OBJECT_FS_FILTER : 
79932| return PSManWriteFSFilter(DeviceObject, 

I Irp); 

79933| default: 

79934| lrp->loStatus.Status = 

| STATUS_NO_SUCH_DEVICE; 
79935| lrp->loStatus.lnformation = 0 ; 

79936| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

79937| return STATUS_NO_SUCH_DEVICE; 

79938| } 

79939| } // PSManWrite 
79940| 

79941 1 typedef struct sFilesToSkip { 
79942| PFILE_OBJECT FileObject; 
79943| LIST_ENTRY ListEntry; 
79944| } tFilesToSkip, *pFilesToSkip; 
79945| 

79946| STATIC LIST_ENTRY FilesToSkip; 

79947| STATIC KSPIN_LOCK FilesToSkipSpinLock; 

79948| 

79949 1 

79950| NTSTATUS lnitWriteModule( ) 
79951 | { 

79952| lnitializeListHead(&FilesToSkip); 

79953| KelnitializeSpinLock(&FilesToSkipSpinLock); 

79954| 

| pmRegisterObject(&FilesToSkipSpinl_ock,"FilesToSkipSpinl_o 

| ck",pmSpinLock); 
79955| return STATUS_SUCCESS; 
79956| } 
79957| 

79958| NTSTATUS InsertFileObjectToSkip ( PFILE_OBJECT 

| FileObject ) 
79959 1 { 

79960| KIRQL_oldlrql_; 
79961 1 tFilesToSkip *Skip; 
79962 1 
79963 1 

| Skip=(tFilesToSkip*)MemAllocatePoolWithTag(NonPagedPool, 
| sizeof (tFilesToSkip), PSM_SKIP_FILE_TAG); 
79964| if ( Skip ) { 

79965| Skip->FileObject = FileObject; 
79966| pmAcquireSpinLock ( SFilesToSkipSpinLock, 
| &_oldlrql_); 

79967| lnsertTailList(&FilesToSkip,&Skip->ListEntry); 



79968| pmReleaseSpinLock( &FilesToSkipSpinl_ock, 

|_oldlrql_); 
79969| return STATUS_SUCCESS; 
79970| } else { 

79971 1 return STATUS_INSUFFICIENT_RESOURCES; 
79972 1 } 
79973 1 } 
79974| 

79975| NTSTATUS DeleteFileObjectToSkip ( PFILE_OBJECT 

| FileObject ) 
79976| { 

79977| KIRQL_oldlrql_; 
79978| tFilesToSkip *Skip; 
79979| PLISTENTRY ListEntry; 
79980 1 

79981 1 pmAcquireSpinLock ( &FilesToSkipSpinLock, 

| &_oldlrql_); 
79982| ListEntry = FilesToSkip.Flink; 
79983 1 

79984| while ( ListEntry!=&FilesToSkip ) { 
79985| Skip = 

| CONTAINING_RECORD(ListEntry,tFilesToSkip,ListEntry); 
79986| if ( Skip->FileObject == FileObject ) { 
79987| RemoveEntryList(List Entry); 

79988| MemFreePool(Skip); 

79989| KeReleaseSpinLock ( &FilesToSkipSpinLock, 

|_oldlrqlJ; 
79990| return STATUS_SUCCESS; 

79991| } 

79992| ListEntry = ListEntry->Flink; 

79993| } 

79994| 

79995| pmReleaseSpinLock( &FilesToSkipSpinLock, _oldlrql_ 

I); 

79996| return STATUS_NOT_FOUND; 

79997| } 

79998| 

79999| NTSTATUS IsFileObjectToSkip ( PFILE_OBJECT FileObject ) 
80000| { 

80001| KIRQL_oldlrql_; 
80002| tFilesToSkip *Skip; 
80003| PLIST ENTRY ListEntry; 
80004| 

80005| pmAcquireSpinLock ( &FilesToSkipSpinLock, 

| &_oldlrql_); 
80006| ListEntry = FilesToSkip.Flink; 
80007| 

80008| while ( ListEntry!=&FilesToSkip ) { 
80009| Skip = 

| CONTAINING_RECORD(ListEntry,tFilesToSkip,ListEntry); 



8001 0| if ( Skip->FileObject == FileObject ) { 

8001 1 1 KeReleaseSpinLock ( &FilesToSkipSpinl_ock, 

| _oldlrql_); 
80012| return STATUS_SUCCESS; 

80013| } 

80014| ListEntry = ListEntry->Flink; 

80015| } 

80016| 

80017| pmReleaseSpinl_ock( &FilesToSkipSpinLock, _oldlrql_ 

I); 

80018| return STATUS_NOT_FOUND; 

80019| } 

80020| 

80021 | 

80022 1 

80023| r 



80024| STATIC NTSTATUS 
80025| PSManWriteObject( 

80026| IN PDEVICE_OBJECT DeviceObject, 

80027| IN PIRP Irp 

80028| ) 

80029 1 

80030| /*++ 

80031 | 

80032| Routine Description: 
80033 1 

80034| This is the driver entry point for write requests 
80035| to disks to which the PSMan driver has attached. 
80036| This driver collects statistics and then sets a 
| completion 

80037| routine so that it can collect additional 

| information when 
80038| the request completes. Then it calls the next 

| driver below 
80039 1 it. 
80040 1 

80041| Arguments: 
80042| 

80043| DeviceObject 
80044| Irp 
80045| 

80046| Return Value: 
80047| 

80048| NTSTATUS 

80049| 

80050| ~7 

80051 | 

80052 1 { 

80053| NTSTATUS Status = STATUS_INVALID_PARAMETER; 



80054| NOT_REFERENCED(DeviceObject); 
80055| 

80056| Debug(DEBUG_PROCCALL,("PSManWriteObject 

| Called\n")); 
80057| lrp->loStatus.Status = Status; 
80058| lrp->loStatus. Information = 0; 
80059| 

80060| loCompleteRequest(lrp, IO_NO_INCREMENT); 

80061| Debug(DEBUG_PROCCALL,("PSManWriteObject Done\n")); 

80062| return Status; 

80063| } // PSManWriteObject 

80064| 

80065| #if 0 

80066| STATIC ULONG PsmNeedToPsm( PFILTERED EXTENSION DevExt, 

| ULONG Sector, ULONG Count) 
80067| { 

80068| ULONG Need=0; 
80069| ULONG j; 
80070| 

80071| GetDevExtForRead(DevExt); 
80072| if ( DevExt->PSMSectors ) { 
80073| for ( j=0;j<Count;j++ ) { 
80074| if ( 

| RtlCheckBit(DevExt->PSMSectors,Sector+j) ) { 
80075| Need++; 
80076| } 
80077| } 
80078| } else { 

80079| // need everything if no list 
80080| Need = Count; 
80081 | } 
80082 1 

80083| ReleaseDevExtForRead(DevExt); 

80084| return Need; 

80085| } 

80086| #endif 

80087| 

80088| BOOLEAN lsCacheFile( PDEVICE_OBJECT DeviceObject, PIRP 

I Irp) 
80089| { 
80090 1 if ( 

| lsFileObjectToSkip(lrp->Tail.Overlay.OriginalFileObject) 

| ==STATUS_SUCCESS ) { 
80091| return TRUE; 
80092| } 
80093| 

80094| // if master Irp is for cache file then dont PSM 
I it- 

80095| if ( lrp->Flags & IRP_ASSOCIATED_IRP ) { 
80096| if ( 



I lsFileObjectToSkip(lrp->Associatedlrp.Masterlrp->Tail.Ov 
| erlay.OriginalFileObject)==STATUS_SUCCESS ) { 

80097| return TRUE; 

80098| } 

80099| } 

80100| return FALSE; 

80101| } 

80102| 

80103| 

80104| /* 



80105| STATIC NTSTATUS 
80106| PSManWriteDevice( 

80107| IN PDEVICE_OBJECT DeviceObject, 

80108| INPIRPIrp 

80109| ) 

80110| 

80111| /*++ 

80112| 

80113| Routine Description: 
80114| 

801 15| This is the driver entry point for write requests 
801 1 6| to disks to which the PSMan driver has attached. 
801 1 7| This driver collects statistics and then sets a 
| completion 

801 18| routine so that it can collect additional 

| information when 
801 19| the request completes. Then it calls the next 

| driver below 
80120| it. 
80121| 

80122| Called at <DISPATCH_LEVEL (PASSIVE_LEVEL or 

| APC_LEVEL) 
80123| 

80124| Arguments: 
80125| 

80126| DeviceObject 
80127| Irp 
80128| 

80129| Return Value: 
80130| 

80131| NTSTATUS 

80132| 

80133| -7 

80134| 

80135| { 

80136| PFILTERED EXTENSION DevExt = 

| (PFILTERED_EXTENSION)GetDeviceExtension(DeviceObject); 
80137| PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 



80138| // PIO_STACK_LOCATION nextlrpStack = 

| lo Get Next I rpStackLocatio n ( I rp) ; 
80139| NTSTATUS Status=STATUS_PENDING; 
80140| KIRQL oldlrql; 

801 41 1 tWriteRequest *WriteRequest=NULL; 
80142| 

80143| ASSERT(DevExt->ObjectType==OBJECT_FILTEREDDISK); 
80144| #ifdef DEBUG 

80145| if ( KeGetCurrentlrql() >= D I S P ATC H_L E V E L ) { 

801 46| Debug(DEBUG_WRITE,( M PSManWriteDevice: Called at 

| >=DISPATCH_LEVEL\n")); 
80147| DbgBreakPointQ; 
80148| } 
80149| #endif 
80150| #if 0 

801 51 1 // verify we are at passive or ape 

80152| PAG E DCOD E () ; 

80153| 

80154| if ( KeGetCurrentlrql() >= D I S P ATC H_L E V E L ) { 
80155| DbgPrint("PSMan: Going to Bug Check! DO=%p, 

| lrp=%p\n",DeviceObject,lrp); 
80156| 

| PSManBugCheck(SB_BUG_WRITE_FILE,SB_BUG_ATDISPATCH,KeGetC 

| urrentlrql(),(ULONG)DeviceObject,(ULONG)lrp); 
80157| } 
80158| #endif 
80159| 
80160| 

80161| __try{ 
80162| 

801 63| // tell psm that we have an io. must be 

| <DISPATCH_LEVEL 
801 64| GetGlobalDeviceForRead(); 
80165| 

801 66| // if not capturing any devices, going ahead 

| and just send 
801 67| // it through, im not going to check to see if 

| the physical disk 
801 68| // is being psmed, as we dont currently allow 

| ONLY the physical disk to be psmed. 
801 69 1 if ( !DevExt->PSMed ) { 
801 70| pmAcquireSpinLock ( 

| &DevExt->StatisticsSpinl_ock, &oldlrql ); 
801 71 1 // update the logical partition 

801 72 1 DevExt->SectorsWritten += 

| (currentlrpStack->Parameters.Write. Length / 

| DevExt->BytesPerSector); 
801 73| DevExt->NumberOfWriteRequests++; 
80174| 

801 75| // update the physical drive 



801 76| //PhyExt->SectorsWritten += 

| (currentlrpStack->Parameters.Write. Length / 
| PhyExt->BytesPerSector); 

801 77| //PhyExt->NumberOfWriteRequests++; 

801 78| pmReleaseSpinLock ( 

| &DevExt->StatisticsSpinLock, oldlrql ); 

80179| 

80180| if ( DevExt->SignalWrite ) { 

801 81 1 // inform about write. 

80182| 

| KeSetEvent(&(DevExt->WriteEvent),(KPRIORITY)0,FALSE); 
80183| } 
80184| #if 0 

80185| //7-23-99 Dont do this as if a volume not being psmed 

| is busy, then we will 
80186| // not be able to get our quiescent period 
80187| if ( PhyExt->SignalWrite ) { 

801 88| // inform about write. 

80189| 

| KeSetEvent(&(PhyExt->WriteEvent),(KPRIORITY)0,FALSE); 
80190| } 
80191| #endif 
80192| 

801 93| ReleaseGlobalDeviceForRead(); 
80194| try_return ( Status = PSManPassThru( 

| DeviceObject, Irp ) ); 
80195| } 
80196| 

80197| TRACE( TRACE_WRITE, 

80198| 0, 

80199| 

| (long)(currentlrpStack->Parameters. Write. ByteOffset.Quad 
| Part/ 51 2), 

80200| currentlrpStack->Parameters.Write. Length 

1/512, 

80201 1 currentlrpStack->Parameters.Write.Key, 
80202| ""); 
80203 | 

80204| Interlocked I ncrement( 

| (PLONG)&OutstandingRequests ); 
80205| 

80206| // inform about write. 
80207| if ( DevExt->SignalWrite ) { 
80208| // inform about write. 

80209 | 

| KeSetEvent(&(DevExt->WriteEvent),(KPRIORITY)0,FALSE); 
80210| } 
80211| 
80212| 

| ASSERT((currentlrpStack->Parameters.Write.Length % 



I DevExt->BytesPerSector)==0); 
80213| 

80214| if ( IsCacheFile(DeviceObjectJrp)) { 
8021 5| #if DO_ALL_SEARCH 

8021 6| File_PrintOneLiner("Skip 

| File",DeviceObject,lrp); 
80217| #endif 
8021 8| goto SendOrigNoAudit; 

80219| } 
80220| 

80221 1 if ( (!DoPagingFile) && 

| (File_lsPagingFile(DeviceObject,lrp)) ) { 
80222| #if DO_ALL_SEARCH 

80223 | 

| File_PrintOneLiner("SwapFile M ,DeviceObject,lrp); 
80224| #endif 
80225| goto SendOrig; 

80226| } 
80227| 
80228| #if 0 

80229| // rob - we now write to our files direct during the 

| mount/dismount stage 
80230| // FIXFIXFIX This is a temporary flag to 

| prevent caching during rebuild - to be replaced 
80231 1 // with a holding pen to save the writes till 

| after rebuild is through. 
80232| // dont psm writes until the rebuild code has 

| completely initialized the system. 
80233| if ( DevExt->lnl_oadUnload ) { 
80234| 

| File_PrintOneLiner("lnLoadUnload",DeviceObject,lrp); 
80235| goto SendOrig; 

80236| } 
80237| #endif 
80238| 

80239 1 // if device has already been shutdown, then 

| dont handle it. 
80240| if ( DevExt->DeviceShutDown ) { 
80241 | 

| File_PrintOneLiner("ShutDown",DeviceObject,lrp); 
80242| goto SendOrig; 

80243 1 } 
80244| 

80245| // make sure to keep in sync with 
| SFIiter:Sfwrite 

80246| if(DevExt->Cache.CacheFullAction) { 

80247| ULONG CacheThreshold = (ULONG)(((unsigned 

| int64)DevExt->Cache.PSManBitMapSize * 

| DevExt->Cache.CacheFullActionPercent) / 100); 

80248| if ( 



I DevExt->Cache.CurrentCacheFileSize>CacheThreshold ) { 
80249| 

| File_PrintOneLiner("CacheFull M ,DeviceObject,lrp); 
80250| switch(DevExt->Cache.CacheFullAction) { 

80251 1 case CACHE_ACTION_DENY_WRITES : 

80252 1 

| if(AreThereAlwaysKeepSnapShots()) { 
80253 1 

| Debug(DEBUG_WRITE,("PSManWriteDevice: Reporting 

| STATUS_DISK_FULL because of always-keep snapshots. 

| DevExt=%08x\n",DevExt)); 
80254| lrp->loStatus.Status = 

| Status = STATUS_DISK_FULL; 
80255| lrp->loStatus. Information = 

|0; 
80256| 

| loCompleteRequest(lrp,IO_NO_INCREMENT); 
80257 1 I nte rlocked Decrement ( 

| (PLONG)&OutstandingRequests ); 
80258| 

| ReleaseGlobalDeviceForRead(); 
80259 1 return Status; 

80260 1 } 
80261 1 break; 

80262| case CACHE_ACTION_BSOD : 

80263 1 

| PSManBugCheck(SB_BUG_WRITE_FILE,SB_CACHE_FULL,DevExt->Ca 

| che.CurrentCacheFileSize,CacheThreshold, DevExt->Cache.Ca 

| cheFullActionPercent); 
80264| break; 
80265| case 

| CACH E_ACTI ON_D EL ET E_ALWAYS_KE E PS : 
80266| break; 
80267| default: 
80268| break; 
80269 1 } 
80270| } 
80271 1 } 
80272 1 
80273 1 

80274| //Debug(DEBUG_WRITE, ("Sector %d being 

| saved\n", Sector)); 
80275| 

80276| WriteRequest = (tWriteRequest *) 

| MemAllocatePoolWithTag(NonPagedPool, 
80277| 

| sizeof(tWriteRequest), 
80278| 

| WRITEREQUESTTAG); 
80279| if ( IWriteRequest ) { 



80280| Debug(DEBUG_WRITE | DEBUG_ERROR,("Error! 

| Out of memory allocating buffer for write\n")); 
80281 | 

| FailRequest(NULL,STATUS_INSUFFICIENT_RESOURCES); 
80282 1 

80283| //DbgBreakPoint(); 
80284| 

80285| SendOrig: 

80286| //Debug(DEBUG_WRITE | DEBUG_INFO, ("Calling 

| original driver with orginal irp %p\n",lrp)); 
80287| 

80288| pmAcquireSpinLock ( 

| &DevExt->StatisticsSpinLock, &oldlrql ); 
80289| // update the logical partition 

80290| DevExt->SectorsWritten += 

| (currentlrpStack->Parameters.Write. Length / 

| DevExt->BytesPerSector); 
80291 1 DevExt->NumberOfWriteRequests++; 
80292 | 

80293| // update the physical drive 

80294| //PhyExt->SectorsWritten += 

| (currentlrpStack->Parameters.Write. Length / 

| PhyExt->BytesPerSector); 
80295| //PhyExt->NumberOfWriteRequests++; 
80296| pmReleaseSpinLock ( 

| &DevExt->StatisticsSpinLock, oldlrql ); 
80297| 

80298| SendOrigNoAudit: 
80299 1 I nterlocked Decrement 

| (PLONG)&OutstandingRequests ); 



80300 1 


ReleaseGlobalDeviceForRead(); 


80301 | 


try_return(Status = PSManPassThru( 


| DeviceObject, Irp )); 


80302 1 


} 


80303 1 




80304| 




80305| 


r 


80306| 


Debug(DEBUG_INFO,("Write: 


| PsGetCurrentProcess=%08x " 


80307| 


"PsGetCurrentThread=%08x " 


80308| 


"loGetCurrentProcess=%08x 


r 

80309 1 


"KeGetCurrentThread=%08x " 


80310| 


"User Thread=%08x\n", 


8031 1 | 


PsGetCu rrentP rocess () , 


80312| 


PsGetCurrentThread(), 


80313| 


loGetCurrentProcess(), 


80314| 


KeGetCu rrentThread() , 


80315| 


lrp->Tail.Overlay.Thread 


80316| 


)); 



80317| 7 
80318| 

80319| FilllnWriteRequest( WriteRequest, DeviceObject, 

| Irp, DevExt->BytesPerSector); 
80320| 

80321 1 if ( MsBeingProcessed(WriteRequest) ) { 
80322| pDictionary Diet; 

80323 | 

80324| //note: 

80325| // The snapshot resource may 

| already be acquired 
80326| // because a thread did 

| SbWriteAndWait, but before 
80327 1 // the write is sent to me, ntfs 

| decides to checkpoint 
80328| // the volume. 

80329| // We acquire this resource so the 

| dictionary is not 
80330| // deleted while we are accessing it. 

80331 | 

80332| // rob - 1 1 -6-2000 we cant acquire the snapshot 

| resource after the global resource 
80333| // as a deadlock will occur when waiting for quiesence. 
80334| // GetSnapShotForRead(); 
80335| // __try { 
80336| 

| PersistentDictionary::GetDictionaryForVolume(DeviceObjec 
|t,Dict); 
80337| if ( Diet ) { 

80338| ULARGEJNTEGER SectorHuge; 

80339| ULONG CountDid=0; 

80340 1 

80341 1 SectorHuge.QuadPart = 

| WriteRequest->RealSector.QuadPart; 
80342 1 

80343 1 if ( 

| PersistentDictionary::DoFreeSpaceChecks() ) { 
80344| if ( 

| (((pPersistentDictionary)Dict)->NeedsCaching(SectorHuge, 

| WriteRequest->RealCount)) ) { 
80345| #if 0 

80346| // rob - 4-7-2001 - commented 

| out, as we now keep our rbtree stuff in virtual 
80347| // memory, and we cant access 

| that from an arbitrary thread context. 
80348| // This was just trying to 

| prevent a read from disk and 2 thread switches. 
80349 1 // SaveOriginal* does the same 

| thing, and will discard the data. 
80350| // 1 dont think this actually 



I would find anything anyway 
80351 | CheckForCache: 
80352 1 // can this test go now we have 

| the new Granule bit map logic?? FIXFIXFIX think 

| needed !! see if "Already cached" messages 

| disappear!!!!! 
80353 1 Status = 

| ((pPersistentDictionary)Dict)->searchMultiple( 
80354| 

| DevExt, 
80355| 

| SectorHuge, 
80356| 

| WriteRequest->RealCount, 
80357| 

| CountDid, 
80358| 

| NULL, 
80359 1 

| SectorHuge, // this doesnt matter since we are passing 

| in a NULL buffer 
80360| 

| NULL, 
80361 1 

|0); 
80362| 

80363| if ( (Status==STATUS_SUCCESS) 

| && (CountDid == WriteRequest->RealCount) ) { 
80364| #if DO_ALL_SEARCH 

80365| 

| File_PrintOneLiner("AlreadyCached",DeviceObject,lrp); 
80366| #endif /* DO_AL L_S E ARC H */ 

80367| F R E E_PO I NT E R( Write Request) ; 

80368| goto SendOrig; 

80369| } 
80370 1 #endif 
80371 1 } else { 

80372 1 // set that this data needs to 

| be psmed on the next write 
80373| // no no no!! 

| ((pPersistentDictionary)Dict)->SetFreeSpaceStatus(Sector 

| Huge,WriteRequest->RealCount,TRUE); 
80374| #if DO_ALL_SEARCH 

80375| 

| File_PrintOneLiner("FreeSpace &/or 

| cached", DeviceObjectJrp); 
80376| #endif /*DO_ALL_SEARCH7 

80377| FREE_POINTER(WriteRequest); 
80378| goto SendOrig; 

80379| } 



80380| 
80381 | 
80382 1 
80383 | 
80384| 
80385| 
80386| 
80387| 



} else { // DoFreeSpaceChecks 



#if 0 



goto CheckForCache; 



#endif 



// 



// 



_finally { 

ReleaseSnapShotForRead(); 



80388| // } 
80389 1 } else { 
80390| } 
80391| 

80392| #ifdef DEBUG 

80393| // File_Printlrp("Saving",DeviceObject,lrp); 

80394| #if DO_ALL_S E ARC H 

80395| 

| File_PrintOneLiner("Saving M ,DeviceObject,lrp); 
80396| #endif /* DO_ALL_S E A RC H */ 
80397| #endif 
80398| 

80399| // at least one or more need to be psmed 
80400| // or we cant tell because it is being 

| processed 
80401 1 // by another thread 
80402 1 
80403 1 

80404| //Debug(DEBUG_WRITE,("WriteDevice: 
| WriteRequest=%08x, DeviceObject=%08x, 
| lrp=%08x\n", WriteRequest, DeviceObject, I rp)) ; 

80405| pmAcquireSpinLock ( &WriteSpinl_ock, &oldlrql ); 

80406| 

80407| // add to queue. . . 
80408| InsertTailList ( 

| &WriteQueue,&(WriteRequest->ListEntry)); 
80409 1 

8041 0| WriteQueueDepth++; 

8041 1 1 if ( WriteQueueDepth>MaxWriteQueueDepth ) { 
8041 2 1 MaxWriteQueueDepth = WriteQueueDepth; 

80413| } 

80414| pmReleaseSpinl_ock( &WriteSpinLock, oldlrql ); 
80415| 

80416| // mark the current request as pending... 

80417| loMarklrpPending(lrp); 

80418| 

80419| //Debug(DEBUG_WRITE,( M Semaphore Count = 

| %d\n",WriteSemaphore.Header.SignalState)); 
80420| // have a thread work on it. 
80421 1 pmSignalSemaphore( &WriteSemaphore); 
80422 1 

80423| Status = STATUS_PENDING; 



80424| ReleaseGlobalDeviceForRead(); 
80425| try_exit: NOTHING; 
80426| } except 

| (ExceptionFilter(GetExceptionlnformation())) { 
80427| lrp->loStatus. Status = Status = 

| GetExceptionCode(); 
80428| Debug(DEBUG_WRITE,("PSMan: Write: Exception 

| %08x\n",Status)); 
80429| lrp->loStatus. Information = 0; 
80430| loCompleteRequest(lrp,IO_NO_INCREMENT); 
80431 1 ReleaseGlobalDeviceForRead(); 
80432 1 Fai I Request(NULL, Status) ; 
80433 1 } 
80434| 

80435 1 return Status; 

80436| // return STATUS_MORE_PROCESSING_REQUIRED; 
80437| 

80438| } // end PSManWriteDevice() 
80439| 

80440| STATIC ULONG IKnowAboutTheNtfsStructures = 1; 
80441 | 

80442| /* 



80443| STATIC NTSTATUS TdWaitForWriteWork() 
80444| { 

80445| PVOID ObjectTable[2] = { &VDiskExitingEvent, 

| &WriteVDiskSemaphore}; 
80446| 

80447| ASSERT(KeGetCurrentlrql() < DISPATCH_LEVEL); 
80448 1 return 

| pmWaitForMultipleObjects(ObjectTable,2,NULL); 
80449 1 } 
80450 1 

80451 1 /* 



80452 1 STATIC NTSTATUS WritePreProcessSpecialSectors ( 
80453 1 

| PDEVICE_OBJECT DeviceObject, 
80454| 

| ULARGEJNTEGER LogSector, 
80455| ULONG 
| Count, 

80456| char 

| *Buffer ) 
80457| { 

80458| NOT_REFERENCED(DeviceObject); 
80459| NOTREFERENCED(LogSector); 
80460| NOT_REFERENCED(Count); 
80461 1 NOT_REFERENCED(Buffer); 
80462| return STATUS_SUCCESS; 



80463| } 
80464| 

80465| r 

| ./ 

80466| STATIC NTSTATUS WritePostProcessSpecialSectors ( 
80467| 

| PDEVICE_OBJECT DeviceObject, 
80468| 

| ULARGEJNTEGER LogSector, 
80469| ULONG 
| Count, 

80470| char 
| 'Buffer ) 



80471 1 { 




80472 1 


NOTJ 


80473 1 


NOTJ 


80474 1 


NOTJ 


80475| 


NOTJ 


80476| 


return 


80477| } 




80478| 




80479| /*- 





| 7 

80480 1 

80481| STATIC long CacheThresholdReached_VDisk_NumPending = 0; 
80482| 

80483| void CacheThresholdReached_VDisk_Thread ( PVOID Context 
I) 

80484| { 

80485| long NumPending = InterlockedDecrement 

| (&CacheThresholdReached_VDisk_NumPending); 
80486| ASSERT(NumPending >= 0); 

80487| PDEVICE_OBJECT Volume = (PDEVICE_OBJECT) Context; 
80488| 

| Debug(DEBUG_WRITE,("CacheThresholdReached_VDisk_Thread: 
| Volume=%08x, NumPending=%08x\n",Volume, NumPending)); 

80489| CacheThresholdReached (Volume); 

80490| } 

80491| 

80492| /* 

| 7 

80493| 

80494| void CacheThresholdReached_VDisk (PDEVICE_OBJECT 

| Volume) 
80495| { 

80496| long NumPending = 

| lnterlockedlncrement(&CacheThresholdReached_VDisk_NumPen 
I ding); 

80497| boo I ThreadWasStarted = false; 
80498| ASSERT(NumPending > 0); 



80499| ASSERT(NumPending <= 2); 

80500| Debug(DEBUG_WRITE,("CacheThresholdReached_VDisk; 

| Volume=%08x, NumPending=%08x\n",Volume,NumPending)); 
80501 1 if ( NumPending <= 1 ) { 

80502| HANDLE ThreadHandle = INVALID_HANDLE_VALUE; 
80503 1 

80504| NTSTATUS status = pmStartThread ( 
80505| ( PKSTART_ROUTI N E) 

| CacheThresholdReached_VDisk_Thread, 
80506| Volume, 
80507| &ThreadHandle ); 

80508| 

80509| if ( NT_SUCCESS(status) ) { 

80510| ZwClose (ThreadHandle); 

8051 1 1 ThreadHandle = I N VALI D_H AN DLE_VALU E; 

80512| ThreadWasStarted = true; 

80513| }else{ 

80514| ASSERT(FALSE); 

80515| } 

80516| } 

80517| 

80518| if ( IThreadWasStarted ) { 
80519| NumPending = 

| lnterlockedDecrement(&CacheThresholdReached_VDisk_NumPen 

I ding); 

80520| ASSERT(NumPending >= 0); 
80521| } 
80522| } 
80523| 

80524| /* 



80525| void WriteVDiskThread ( PVOID Context ) 
80526| { 

80527| ULONG Exiting=0; 

80528| NTSTATUS Status=0; 

80529| ULONG Threshold Reached = FALSE; 

80530| 

80531| PAG E D_CO D E () ; 
80532| 

80533| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

80534| VDiskNumberOfThreads++; 

80535| pmReleaseMutex ( &VDiskThreadMutex); 

80536| 

80537| pmWaitForSingleObject( &Thread0lnited, NULL); 
80538| 

80539| // say we are inited 

80540| pmSetEvent( (PKEVENT)Context ); 

80541 | 

80542 1 Rest artT h read F ro m E r ro r : 
80543| 



80544| __try { 

80545| while ( lExiting ) { 

80546| Status = TdWaitForWriteWork(); 

80547| 

80548| if ( Status == STATUS_WAIT_1 ) { 

80549| PLIST_ENTRY ListEntry=NULL; 

80550| GetAnother: 

80551 1 ListEntry = ExInterlockedRemoveHeadList 

l( 
80552| 



| &WriteVDiskQueue, // List Head 
80553 1 

| &WriteVDiskSpinl_ock // Lock 
80554| 

I); 

80555| 

80556| PVDISK_EXTENSION DevExt=NULL; 

80557| if ( (ListEntry) && 

| (ListEntry!=&WriteVDiskQueue) ) { 
80558| tWriteRequest 

| *WriteRequest=NULL; 
80559 1 P 1 0_STAC K_LOC ATI ON 

| currentlrpStack=NULL; 
80560| CHAR lolncrement = 

| IO_NO_INCREMENT; 
80561 1 char *Buffer=NULL; 

80562| KIRQL oldlrql; 

80563 1 
80564| 

80565| Hint -save -e41 3 7 

80566| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 
80567| Hint -restore 7 

80568| 

80569 1 DevExt = 

| (PVDISK_EXTENSION)GetDeviceExtension(WriteRequest->Devic 

| eObject); 
80570 1 

| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
80571 | 

80572 1 if ( 

| IsBeingProcessedEx(WriteRequest) ) { 
80573| BOOLEAN OnlyOne=FALSE; 

80574| 

80575| pmAcquireSpinLock ( 

| &WriteVDiskSpinLock, &oldlrql ); 
80576| InsertTailList 

| (&WriteVDiskQueue,&WriteRequest->ListEntry); 
80577| 

80578| // if only one on list 



80579| if ( WriteVDiskQueue.Flink == 

| &WriteRequest->ListEntry ) { 
80580| OnlyOne=TRUE; 
80581 1 } 
80582| pmReleaseSpinl_ock( 

| &WriteVDiskSpinLock, oldlrql ); 
80583| if ( OnlyOne ) { 

80584| LARGE_INTEGER TimeToWait = 

|{0}; 

80585| TimeToWait.QuadPart = 

| RELATIVE(MILLISECONDS(1 )); 
80586| KeDelayExecutionThread( 

| (KPROCESSOR_MODE)KernelMode, FALSE, &TimeToWait ); 
80587| } 
80588| goto GetAnother; 

80589 1 } 
80590| 
80591| 

80592| // make sure PSM is enabled for 

| this device., otherwise someone is accessing us 
80593 1 // without our approval . . . 

80594| // 

| ASSERT(((PFILTERED_EXTENSION)(GetDeviceExtension(DevExt- 
| >PSMDevice)))->PSMed); 
80595| 

80596| current I rpStack = 

| loGetCurrentlrpStackLocation(WriteRequest->lrp); 
80597| 
80598| 

| WriteRequest->lrp->loStatus. Information = 0; 
80599| 

80600| // acquire resource first or a 

| deadlock will occur 
80601 1 GetSnapShotForRead(); 
80602 1 __try { 

80603 1 // since we are waiting for a 

| read, it may have been deleted 
80604| // make sure 

80605| if ( DevExt->SnapShot ) { 

80606| 

| //Debug(DEBUG_WRITE,("VDisk: Write: Acquiring VDisk 

| resource\n")); 
80607| AcquireVDiskResourceQ; 
80608| _try { 

80609| // protect this area so 

| we dont bring down NT 
80610| __try{ 
8061 1 | 

80612| // make sure the 

| device didnt disappear while 



80613| //waiting for 

| mutex 

80614| if( 

| (DevExt->PartitionActive)/* && 

| (!GlobalData->ShutDownCalled)V ) { 
80615| 

80616| //if a write 

80617| if( 

| currentlrpStack->MajorFunction == IRP_MJ_WRITE ) { 
80618| #if DO_ALL_IO 
80619| 

| PUNICODE_STRING FileName; 
80620| 

| //Debug(DEBUG_WRITE,("VDisk: Write: Irp %p F=%08x-FO %p 
| F=%08x-Sf=%08x 

| \n",lrp,lrp->Flags,lrp->Tail. Overlay. OriginalFileObject, 
| currentlrpStack->Flags)); 
80621| 

| FileName=File_GetFullFileName(WriteRequest->lrp->Tail.Ov 
| erlay. OriginalFileObject); 
80622| 

| Debug(DEBUG_WRITE,("VDisk: Write : %p-%p Log (%p)=%l64x 
| for %03x 

| '%wZ'\n",WriteRequest->lrp,WriteRequest->lrp->Tail.Overl 
| ay.OriginalFileObject,WriteRequest->DeviceObject,WriteRe 
| quest->RealSector,WriteRequest->RealCount, FileName)); 

80623| if ( 

| FileName ) { 

80624| 

| FREE_POINTER(FileName); 
80625| } 
80626| #endif 

80627| if ( 

| WriteRequest->lrp->MdlAddress != NULL ) { 

80628| #if _WIN32_WINNT >=0x0500 

80629| Buffer 
| = (char *)MmGetSystemAddressForMdlSafe( 
| WriteRequest->lrp->MdlAddress, NormalPagePriority ); 

80630| #else 

80631 1 Buffer 

| = (char *)MmGetSystemAddressForMdl( 

| WriteRequest->lrp->MdlAddress ); 
80632| #endif 
80633 1 

| WritePreProcessSpecialSectors( 
80634| 

| WriteRequest->DeviceObject, 
80635| 

| WriteRequest->RealSector, 
80636| 



I WriteRequest->RealCount, 
80637| 

| Buffer ); 
80638| 
80639| 

| ASSERT(WriteRequest->RoundedCountlnBytes.HighPart==0); 
80640| 
80641 | 
80642 1 r 

80643| Virtual Write, not in Virtual cache, not in cache - 

| Read old data, add to cache 
80644| Virtual Write, not in Virtual cache, in cache - 
80645| Virtual Write, in Virtual cache, in cache - 
80646| Virtual Write, in Virtual cache, in cache - 
80647| 7 
80648| 

80649| PCHAR 
| NewBuffer = 

| (PCHAR)MemAllocatePoolWithTag(PagedPool,WriteRequest->Ro 
| undedCountlnBytes.LowPart,PSM_VDISK_BUFFER_TAG); 

80650 1 if ( 

| NewBuffer ) { 

80651 | 

| PMDL NewMdl = loAllocateMdl( 

| NewBuffer, WriteRequest->RoundedCountlnBytes.LowPart,FALS 

| E,FALSE,NULL); 
80652 1 if 

| ( NewMdl ) { 
80653 1 

| Hint -save -e1 49 7 
80654| 

I _try { 
80655| 

| //MmBuildMdlForNonPagedPool(Mdl); 
80656| 

| MmProbeAndl_ockPages(NewMdl, 
| (KPROCESSOR_MODE)KernelMode,loModifyAccess); 
80657| 

| } except( ExceptionFilter(GetExceptionlnformation()) 

l){ 
80658| 

| Debug(DEBUG_THREAD,("Exception while locking Mdl %p for 
| %p\n",NewMdl,NewBuffer)); 
80659 1 

| Status = GetExceptionCode(); 
80660 1 

IJ 
80661 | 

| Hint -restore 7 
80662 1 



80663| 

| if ( NT_SUCCESS(Status) ) { 
80664| 

| LARGEJNTEGER UL; 
80665| 

| UL.QuadPart = WriteRequest->RoundedSector.QuadPart * 

| DevExt->BPS; 
80666| 
80667| 

| // read in whole granules 
80668| 

| Status = Sblo_ReadDeviceMdl( 
80669| 

| DevExt->PSM Device, // PDEVICE_OBJECT DeviceObject, 
80670| 

| &UL, // PLARGEJNTEGER ByteOffset, 
80671 | 

| WriteRequest->RoundedCountlnBytes.LowPart, // ULONG 
| ByteCount, 
80672 1 

| WriteRequest->lrp, // PIRP Originallrp, 
80673 1 

| NewMdl // PMDL Mdl 
80674| 

I); 

80675| 
80676| 

| if ( NT_SUCCESS(Status) ) { 
80677| 

| ULARGEJNTEGER BS; 
80678| 

| ULARGEJNTEGER UL; 
80679 1 

| ULONG CountDid=0; 
80680 1 

| BS.QuadPart = 

| WriteReq uest-> Rou nded Cou nt I n Bytes .Qu ad Part ; 
80681 | 
80682 1 

| UL.QuadPart = WriteRequest->RoundedSector.QuadPart; 
80683 1 

| Status = DevExt->SnapShot->Dictionary->searchMultiple( 
80684| 

| (PFILTERED_EXTENSION)GetDeviceExtension(DevExt->PSMDevic 

|e), 
80685| 

I UL, 
80686| 

| WriteRequest->RoundedCount, 
80687| 



I CountDid, 
80688| 

| NULL, 
80689| 

I BS, 
80690| 

| NewBuffer, 
80691 | 

| DICT_FLAG_VIRTUAL_IO); 
80692 1 
80693 1 

| if ( Status == STATUS_NOT_FOUND ) { 
80694| 

| Status = STATUS_SUCCESS; // Not really a problem. 
80695| 

I) 
80696| 
80697| 

| if ( !NT_SUCCESS(Status) ) { 
80698| 

| Debug(DEBUG_WRITE,("Vdisk Write: error %08x getting old 

| data\n",Status)); 
80699| 

| //ASSERT(FALSE); 
80700| 

I) 
80701 | 

80702 1 

| RtlMoveMemory( 

80703 1 

| &NewBuffer[(WriteRequest->RealSector.QuadPart-WriteReque 

| st->RoundedSector.QuadPart)*DevExt->BPS], 
80704| 

| Buffer, 
80705| 

| WriteRequest->RealCou nt* DevExt->B PS) ; 
80706| 
80707| 

| if ( NT_SUCCESS(Status) ) { 
80708| 

| // Check for using too much cache... 
80709 1 
|if( 

| pPersistentDictionary(DevExt->SnapShot->Dictionary)->lsC 
| acheWarningThresholdReached() ) { 
80710| 

| ThresholdReached = TRUE; 
8071 1 | 

I) 
80712| 



1} 

80713| 
80714| 

| if ( NT_SUCCESS(Status) ) { 
80715| 

| Status = AddSectorsToMemoryCache( 
80716| 

| DevExt, 
80717| 

| WriteRequest->RoundedSector, 
80718| 

| WriteRequest->RoundedCount, 
80719| 

| NewBuffer); 
80720| 

| if ( !NT_SUCCESS(Status) ) { 
80721 | 

| Debug(DEBUG_WRITE,("Vdisk Write: Add to cache failed 

| error %08x\n",Status)); 
80722 1 
80723 1 

| // always assume success 
80724| 

| Status = STATUS_SUCCESS; 
80725| 

I) 
80726| 

I) 
80727| 

80728| 

| //Debug(DEBUG_WRITE,("VDisk: Write: Log (%p)=%d for %d 

| Done\n",DeviceObject,LogSector,Count)); 
80729 1 
80730 1 

| if ( NT_SUCCESS(Status) ) { 
80731 | 

| lolncrement = IO_DISK_INCREMENT; 
80732 1 

| WriteRequest->lrp->loStatus. Information = 
| WriteRequest->Bytel_ength; 
80733 1 

| WritePostProcessSpecialSectors ( 
80734| 

| WriteRequest->DeviceObject, 
80735| 

| WriteRequest->RealSector, 
80736| 

| WriteRequest->RealCount, 
80737| 
| Buffer ); 



80738| 
80739| 

| // Update stats about volume 
80740| 

| // dont need spin lock as only 1 write can occur at any 
| time 
80741 | 

| DevExt->SectorsWritten+=WriteRequest->RealCount; 
80742 1 

| DevExt->NumberOfWriteRequests++; 
80743 1 
80744| 

I) 
80745| 

| } else { // success of ReadDeviceMdl 
80746| 

| Debug(DEBUG_WRITE,("VDisk: Write: Error %08x reading 
| via mdl\n",Status)); 
80747| 

I) 
80748| 

| MmUnlockPages(NewMdl); 
80749 1 

| } else { // status of mdl 
80750 1 

| Debug(DEBUG_WRITE,("VDisk: Write: Unable to lock 
| mdl\n")); 
80751 | 

I) 
80752 1 

| loFreeMdl(NewMdl); 
80753 1 } 

| else { // alloc mdl 
80754| 

| Debug(DEBUG_WRITE,("VDisk: Write: Unable to alloc new 
| mdl\n")); 
80755| 

| Status = STATUS_INSUFFICIENT_RESOURCES; 
80756| } 
80757| 

| MemFreePool(NewBuffer); 
80758| } else 

| { // buffer 
80759 1 

| Debug(DEBUG_WRITE,("VDisk: Write: Out of memory for 
| buffer\n")); 
80760 1 

| Status = STATUS_INSUFFICIENT_RESOURCES; 
80761 | } 
80762| } else { 



80763| 

| Debug(DEBUG_WRITE,("VDisk: Write: Invalid MDL\n")); 
80764| Status 

| = STATUS_INVALID_USER_BUFFER; 
80765| } 
80766| } else { 

80767| 

| Debug(DEBUG_WRITE,("VDisk: Verify: Log (%p)=%l64d for 

| %d\n",WriteRequest->DeviceObject,WriteRequest->RealSecto 

| r.QuadPart, WriteRequest->RealCount)); 
80768| Status = 

| STATUS_SUCCESS; 
80769| 

| WriteRequest->lrp->loStatus. Information = 

| WriteRequest->Bytel_ength; 
80770| } 
80771 1 } else { 

80772 1 if ( 

| GlobalData->ShutDownCalled ) { 
80773 1 

| Debug(DEBUG_WRITE,("VDisk: Write: Shutdown already 
| called\n M )); 
80774| 

| WriteRequest->lrp->loStatus. Information = 

| WriteRequest->Bytel_ength; 
80775| Status = 0; 

80776| } else { 

80777| 

| Debug(DEBUG_WRITE,("VDisk: Write: Device disappeared or 
| cache file not open\n")); 
80778| 

| WriteRequest->lrp->loStatus. Information = 

| INFORMATION_FOR_NOT_ACTIVE(lrp); 
80779 1 Status = 

| VOLUME_NOT_ACTIVE_ERROR_CODE; 
80780 1 } 
80781 1 } 
80782 1 

80783 1 // if media error, 

| say so... 

80784| switch ( Status ) { 

80785| case 

| STATUS_MEDIA_CHANGED : 
80786| case 

| STATUS_NO_MEDIA_IN_DEVICE : { 
80787| 

| lnterlockedlncrement((PLONG)&DevExt->DiskChangeCount); 
80788| 

| DevExt->DriveNotReady = TRUE; 
80789 1 



80790| 

| Debug(DEBUG_WRITE,("VDisk: Write: Media may have 

| changed\n")); 
80791| if( 

| DevExt->DeviceObject->Vpb->Flags & VPB_MOUNTED ) { 
80792| 

| Debug(DEBUG_WRITE,("VDisk: Write: Informing File system 
| Me=%08x, DO=%08x, 

| RO=%08x\n",DevExt->DeviceObject,DevExt->DeviceObject->Vp 
| b->DeviceObject,DevExt->DeviceObject->Vpb->RealDevice)); 
80793| 

| DevExt->DeviceObject->Flags |= DO_VERIFY_VOLUME; 
80794| 

| Status = STATUS_VERIFY_REQUIRED; 
80795| } else 

|{ 

80796| // 

| we may need to do this. 
80797| // 

| Status = STATUS_IO_DEVICE_ERROR; 
80798| } 
80799| break; 
80800| } 
80801| default: 
80802| break; 
80803| } 
80804| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

80805| Status = 

| GetExceptionCode(); 
80806| 

| Debug(DEBUG_WRITE,("VDisk: Write: Exception 

| %08x\n M ,Status)); 
80807| } 

80808| } ^finally { 

80809| ReleaseVDiskResou rce() ; 

80810| 

| WriteRequest->lrp->loStatus. Status = Status; 
8081 1 1 // TESTTEST keep "lost 

| delayed write" messages from popping up 
80812| #if 1 

80813| if( 

| lolsErrorUserlnduced(Status) ) { 
80814| 

| Debug(DEBUG_WRITE,("Setting hard error for error 
| %08x\n",Status)); 
80815| 

| loSetHardErrorOrVerifyDevice(WriteRequest->lrp,DevExt->D 
| eviceObject); 
80816| } 



80817| #endif 

80818| if ( Status!=0 ) { 

80819| 

| Debug(DEBUG_WRITE,("VDisk: Write: Device %08x Irp %08x 
| Error 

| %08x\n",DevExt->DeviceObject,WriteRequest->lrp,Status)); 
80820| 

80821| } 

80822| loComplete Request 

| (WriteRequest->lrp, lolncrement) ; 
80823| } 
80824| } else { 

80825| 

| Debug(DEBUG_WRITE,("VdiskWrite: Snapshot Deleted while 
| waiting or not psmed\n M )); 
80826| 

| WriteRequest->lrp->loStatus. Status = 

| VOLUME_NOT_ACTIVE_ERROR_CODE; 



80827| loCompleteRequest 

| (WriteRequest->lrp, lolncrement) ; 
80828| } 

80829| } ^finally { 

80830| ReleaseSnapShotForRead(); 

80831| } 

80832| 



| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 
80833| 

| RemoveEntryList(&(WriteRequest->ProcessingEntry)); 
80834| 

| pmReleaseSpinLock(&WriteSpinLock,oldlrql); 



80835| FREE_POINTER(WriteRequ est) ; 

80836| } else { 

80837| Debug(DEBUG_WRITE,("VDisk: Write: 

| Error ListEntry is NULLVn")); 

80838| } 
80839| 

80840| if ( Threshold Reached ) { 

80841 1 ThresholdReached = FALSE; 

80842| ASS E RT( Dev Ext != NULL); 

80843| if ( DevExt != NULL ) { 

80844| ASSERT(DevExt->SnapShot != 
| NULL); 

80845| if ( DevExt->SnapShot != NULL ) 

|{ 
80846| 

| ASSERT(DevExt->SnapShot->DeviceObject != NULL); 

80847| if ( 



| DevExt->SnapShot->DeviceObject != NULL ) { 
80848| 

| CacheThresholdReached_VDisk(DevExt->SnapShot->DeviceObje 



let); 

80849| } 
80850| } 
80851 1 } 
80852 1 } 
80853 1 } else { 

80854| Exiting = 1 ; 

80855| } 
80856| } 
80857| } 

| except(ExceptionFilter(GetExceptionlnformation())) { 

80858| Debug(DEBUG_WRITE,("VDisk: Write: Exception 

| %08x in thread\n",GetExceptionCode())); 
80859 1 } 
80860 1 

80861 1 // cant goto from within exception handler... 

80862 1 if ( ! Exiting ) { 

80863| goto RestartThreadFrom Error; 

80864| } 

80865| 

80866| //ExitThread: 



80867| 

80868| Debug(DEBUG_WRITE,("VdiskWrite: Exiting\n")); 
80869 1 

80870| // free cache file handle 

80871 1 AcquireVDiskResource(); 

80872 1 __try { 
80873 1 

80874| // free any writes to the volume 

80875| while ( !lsListEmpty(&WriteVDiskQueue) ) { 

80876| PLIST_ENTRY ListEntry; 

80877| tWriteRequest *WriteRequest; 

80878| PIRP Irp; 

80879| KIRQL oldlrql; 

80880 1 

80881 1 Debug(DEBUG_READ,( M VdiskWrite: Cleaning up 

| write on vdisk queue\n")); 

80882| ListEntry = ExInterlockedRemoveHeadList ( 
80883| 



| &WriteVDiskQueue, // List Head 
80884| 

| &WriteVDiskSpinLock // Lock 



80885| ); 

80886| Hint -save -e41 3 7 

80887| WriteRequest = CONTAINING_RECORD( 

| ListEntry, tWriteRequest, ListEntry ); 

80888| Hint -restore 7 
80889 1 

80890| Irp = WriteRequest->lrp; 

80891| pmAcquireSpinLock(&WriteSpinLock,&oldlrql); 



80892| 

| RemoveEntryList(&(WriteRequest->ProcessingEntry)); 
80893| pm ReleaseSpi nl_ock(& WriteSpinl_ock,old I rql) ; 

80894| FREE_POINTER(WriteRequest); 
80895| 

80896| lrp->loStatus. Information = 

| INFORMATION_FOR_NOT_ACTIVE(lrp); 
80897| lrp->loStatus.Status = 

| VOLUME_NOT_ACTIVE_ERROR_CODE; 
80898| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

80899| } 

80900| } ^finally { 

80901 1 ReleaseVDiskResource(); 
80902 1 } 
80903 | 

80904| pmAcquireMutex ( &VDiskThreadMutex, NULL); 

80905| VDiskNumberOfThreads--; 

80906| pmReleaseMutex ( &VDiskThreadMutex); 

80907| 

80908| Debug(DEBUG_WRITE,("VdiskWrite: Exited\n M )); 
80909| PsTerminateSystemThread( 0 ); 
80910| } 
80911| 

80912| STATIC PFILE_OBJECT 

| NtFsMetaDataFileObjects[MAX_NTFS_ENTRY_NUM]={0}; 
80913| 
80914| 

80915| I* 



80916| STATIC NTSTATUS PSManWriteVDisk( 
80917| IN PDEVICE_OBJECT 

| DeviceObject, 
80918| IN PIRP Irp 

80919| ) 
80920| { 

80921 1 PIO_STACK_LOCATION currentlrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
80922| NTSTATUS Status=STATUS_PENDING; 
80923| tWriteRequest *WriteRequest=NULL; 
80924| PVDISK_EXTENSION 

| DevExt=(PVDISK_EXTENSION)GetDeviceExtension(DeviceObject 

I); 

80925| 

80926 1 PAG E D_CO D E () ; 
80927| 

80928| // Debug(DEBUG_WRITE | DEBUG_PROCCALL, 

| ("PSManWriteVDisk Called\n")); 
80929 | 

80930| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
80931| 



80932| //TESTTEST 

80933| #define _COMPLETE_WRITES_UNCONDITIONALLY_ 0 
80934| 

80935| #if _COMPLETE_WRITES_UNCONDITIONALLY_ 
80936| Status = STATUS_SUCCESS; 
80937| lrp->loStatus. Information = 

| currentlrpStack->Parameters. Write. Length; 
80938| loCompleteRequest(lrp,IO_DISK_INCREMENT); 
80939| return Status; 
80940| #endif 
80941 | 
80942 | 

80943| #if DO_ERROR_WRITES 

80944| if ( CheckMediaLoaded(DeviceObject, Irp 

| )!=STATUS_SUCCESS ) { 
80945| Debug(DEBUG_WRITE,("VDisk: Write: Media not 

| loaded\n M )); 
80946| Status = lrp->loStatus.Status; 
80947| loCompleteRequest(lrp,IO_NO_INCREMENT); 
80948| return Status; 
80949 1 } 
80950 1 
80951 1 #else 

80952| // trying to minimize "lost delayed write" errors 
80953| if ( (!DevExt->PartitionActive) || 

| (DevExt->DriveNotReady) ) { 
80954| // when a error occured (out of cache file for 

| example...) 

80955| Debug(DEBUG_WRITE,("VDisk: Write: drive not 

| ready\n")); 
80956| lrp->loStatus. Information = 

| INFORMATION_FOR_NOT_ACTIVE(lrp); 
80957| lrp->loStatus. Status = Status = 

| VOLUME_NOT_ACTIVE_ERROR_CODE; 
80958| loCompleteRequest(lrp,IO_DISK_INCREMENT); 
80959 1 return Status; 
80960| } 
80961 1 #endif 
80962 1 

80963| /* TESTTEST 

80964| // trying to minimize "lost delayed write" errors 
80965| if(!DevExt->PSMed) { 

80966| // when a error occured (out of cache file for 
| example...) 

80967| Debug(DEBUG_WRITE,("VDisk: Write: drive not 

| psmed\n")); 
80968| lrp->loStatus. Information = 

| loGetCurrentlrpStackLocation(lrp)->Parameters. Write. Leng 

|th; 

80969| lrp->loStatus. Status = Status = STATUS_SUCCESS; 



80970| loCompleteRequest(lrp,IO_DISK_INCREMENT); 
80971 1 return Status; 
80972 1 } 
80973 1 7 

80974| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
80975| 

80976| // if this occurs, something is wrong.. 

80977| if ( SVDiskNumberOf Threads ) { 

80978| Debug(DEBUG_READ | DEBUG_PROCCALL, 

| ("PSManWriteVDisk: No threads to handle 

| request!!!\n")); 
80979| lrp->loStatus. Information = 

| INFORMATION_FOR_NOT_ACTIVE(lrp); 
80980| Status = VOLUME_NOT_ACTIVE_ERROR_CODE; 
80981| loCompleteRequest(lrp,IO_NO_INCREMENT); 
80982| return Status; 
80983| } 
80984| 

80985| if ( (gVDisklOHandling & 

| PSM_VDISK_FLAG_TACITLY_SUCCEED_WRITES) || 

| (IgVDiskDoVirtuallO) ) { 
80986| lrp->loStatus. Information = 

| loGetCurrentlrpStackLocation(lrp)->Parameters. Write. Leng 

|th; 

80987| Status = I rp->loStatus. Status = STATUS_SUCCESS; 

80988| loCompleteRequest(lrp, 0); 

80989| return Status; 

80990| } 

80991| 

80992| #if 0 

80993| // remmed out until we get read only snapshots 
| working 

80994| // this will keep them from doing lost -delayed 

| writes. 
80995| if ( 

| ((pPersistentDictionary)DevExt->SnapShot->Dictionary)->G 

| etSnapShotFlags() & PSM_SS_FLAG_READONLY_PERSISTENT ) { 

80996| if ( 

| NtFslsSystemFile(DeviceObject,lrp)==0xffffffff ) { 

80997| // if write from user application. 

80998| Status = STATUS_MEDIA_WRITE_PROTECTED; 

80999| lrp->loStatus. Information = 0; 

81000| lrp->loStatus.Status = Status; 

81 001 1 loCompleteRequest(lrp,IO_NO_INCREMENT); 

81002| return Status; 

81003| } 

81004| } 

81005| #endif 

81006| 

81007| // nothing to do... just return success. 



81 008| if ( currentlrpStack->Parameters. Write. Length == 0 
l){ 

81009| lrp->loStatus. Information = 0; 

81010| Status = STATUS_SUCCESS; 

81011| loCompleteRequest(lrp,IO_NO_INCREMENT); 

81012| return Status; 

81013| } 

81014| 

81015| WriteRequest = (tWriteRequest 

| *)MemAllocatePoolWithTag(NonPagedPool, 
| sizeof(tWriteRequest),WRITEREQUESTTAG); 

81016| if ( WriteRequest ) { 

81017| loMarklrpPending(lrp); 

81018| 

81019| 

| FilllnWriteRequest(WriteRequest,DeviceObject,lrp,DevExt- 
I >BPS); 
81020| 

81 021 1 Status = I rp->loStatus. Status 

| STATUS_PENDING; 
81022| lrp->loStatus. Information = 0; 
81023| 

81024| //add to queue... 

81 025| ExInterlockedlnsertTailList ( &WriteVDiskQueue, 
81026| 

| &(WriteRequest->ListEntry), 
81027| 

| &WriteVDiskSpinLock); 
81028| 
81029| 

81 030| pmSignalSemaphore( &WriteVDiskSemaphore); 
81031| 

81032| }else{ 

81 033| Debug(DEBUG_WRITE,("VDisk: Write: Out of memory 

| for write commandXn")); 
81 034| Status=STATUS_INSUFFICIENT_RESOURCES; 
81035| lrp->loStatus. Information = 0; 
81036| loCompleteRequest(lrp,IO_NO_INCREMENT); 
81037| } 
81038| 

81039| //Debug(DEBUG_WRITE | DEBUG_PROCCALL, 

| ("PSManWriteVDisk Done %08x\n",Status)); 
81040| return Status; 
81041| } 
81042| 

81043| /* 



81044| STATIC NTSTATUS AddSectorsTo Memory Cache ( 
81045| 

| PVDISK_EXTENSION DevExt, 



81046| ULARGEJNTEGER 
| Sector, 

81047| ULONG 
| Count, 

81048| char 

| 'Buffer ) 
81049| { 

81050| #ifndef _NO_WRITE_ROUTINES_ 

81 051 1 NTSTATUS Status=STATUS_SUCCESS; 

81052| ULARGEJNTEGER DS; 

81053| ULONG CountDid; 

81054| tDictSiblinglnfo Sl={0}; 

81055| 

81056| PAGED_CODE(); 
81057| 

81 058| DS.QuadPart = (unsigned int64)Count * 

| DevExt->BPS; 

81059| ASSERT(DevExt->ObjectType==OBJECT_VIRTUALDISK); 
81060| 

81 061 1 Status = 

| DevExt->SnapShot->Dictionary->searchAndlnsertMultiple( 
81062| 

| (PFILTERED_EXTENSION)GetDeviceExtension(DevExt->PSMDevic 

|e), 
81063| 

| Sector, 
81064| 

| Count, 
81065| 

| CountDid, 
81066| 

| NULL, 
81067| 

I DS, 
81068| 

| Buffer, 
81069| 

l&SI, 
81070| 

| DICT_FLAG_VIRTUAL_IO); 
81071| 

81072| return Status; 
81073| #else 

81074| return STATUS_SUCCESS; 
81075| #endif 
81076| } 
81077| 

81078| r 



81079| NTSTATUS lnitVDiskWriteCache( ULONG WriteCacheMaxSize ) 



81080| { 

81 081 1 #ifndef _NO_WRITE_ROUTINES_ 

81 082| NTSTATUS Status=STATUS_SUCCESS; 

81083| 

81 084| NOT_REFERENCED(WriteCacheMaxSize); 

81085| PAG E DCOD E () ; 

81086| 

81087| return Status; 
81088| #else 

81 089| return STATUS_SUCCESS; 
81090| #endif 
81091| } 
81092| 

81093|/* 



81094| NTSTATUS DelnitVDiskWriteCache( ) 
81095| { 

81096| #ifndef _NO_WRITE_ROUTINES_ 
81097| 

81098| PAG E D_CO D E () ; 
81099| 

81100| #endif 

81 1 01 1 return STATUS_SUCCESS; 

81102| } 

81103| 

81104| 

81105| r 



81106| STATIC NTSTATUS 
81107| PSManWriteFSObject( 

81 108| IN PDEVICE_OBJECT DeviceObject, 

81109| INPIRPIrp 

81110| ) 

81111| 

81112| /*++ 

81113| 

81114| Routine Description: 
81115| 

81116| This is the driver entry point for read requests 
81 1 1 7| to disks to which the PSMan driver has attached. 
81 1 18| This driver collects statistics and then sets a 
| completion 

81119| routine so that it can collect additional 

| information when 
81 120| the request completes. Then it calls the next 

| driver below 
81121| it. 
81122| 

81123| Arguments: 
81124| 



81125| DeviceObject 
81126| Irp 
81127| 

81128| Return Value: 
81129| 

81130| NTSTATUS 

81131| 

81132| -7 

81133| 

81134| { 

81135| NTSTATUS Status=STATUS_INVALID_PARAMETER; 

81 136| NOT_REFERENCED(DeviceObject); 

81137| 

81 138| Debug(DEBUG_PROCCALL,("PSManWriteFSObject 

| Called\n")); 
81 139| lrp->loStatus.Status = Status; 
81140| I rp->loStatus. Information = 0; 
81141| 

81142| loCompleteRequest(lrp, IO_NO_INCREMENT); 

81 143| Debug(DEBUG_PROCCALL,("PSManWriteFSObject 

| Done\n")); 
81144| return Status; 
81 145| } // PSManWriteFSObject 
81146| 
81147| 

81148| r 



81149| STATIC NTSTATUS 
81150| PSManWriteFSFilter( 

81 151 1 IN PDEVICE_OBJECT DeviceObject, 

81152| INPIRPIrp 

81153| ) 

81154| 

81155| /*++ 

81156| 

81157| Routine Description: 
81158| 

81 1 59| Pass irp to handler 
81160| 

81 161 1 Arguments: 
81162| 

81 1 63| DriverObject - Pointer to device object to being 

| shutdown by system. 
81164| Irp - IRP involved. 
81165| 

81166| Return Value: 
81167| 

81168| NT Status 

81169| 

81170| ~7 



81171| 
81172| { 

81 1 73 1 return Sf FsWrite(DeviceObjectJrp); 

81174| } // end PSManWriteFSFilter() 

81175| 

81176| 

81177| 

81 1 78| File Listing: WRITE. h 
81179| 

81180| NTSTATUS 
81181| PSManWrite( 

81182| IN PDEVICE_OBJECT DeviceObject, 
81183| INPIRPIrp 
81184| ); 
81185| 

81186| STATIC NTSTATUS 

81187| PSManWriteObject( 

81 188| IN PDEVICE_OBJECT DeviceObject, 

81189| INPIRPIrp 

81190| ); 

81191| 

81192| STATIC NTSTATUS 

81193| PSManWriteDevice( 

81194| IN PDEVICE_OBJECT DeviceObject, 

81195| INPIRPIrp 

81196| ); 

81197| 

81198| STATIC NTSTATUS 

81199| PSManWriteVDisk( 

81200| IN PDEVICE_OBJECT DeviceObject, 

81201| INPIRPIrp 

81202| ); 

81203| 

81204| STATIC NTSTATUS 

81205| PSManWriteFSFilter( 

81206| IN PDEVICE_OBJECT DeviceObject, 

81207| IN PIRP Irp 

81208| ); 

81209| 

81210| STATIC NTSTATUS 

81211| PSManWriteFSObject( 

81212| IN PDEVICE_OBJECT DeviceObject, 

81213| IN PIRP Irp 

81214| ); 

81215| 

81216| void WriteVDiskThread ( PVOID Context ); 
81217| NTSTATUS DelnitVDiskWriteCache(void); 
81218| NTSTATUS lnitVDiskWriteCache( ULONG WriteCacheMaxSize 

I); 

81219| 



81220| 

81221| NTSTATUS InsertFileObjectToSkip ( PFILE_OBJECT 
| FileObject ); 

81222| NTSTATUS DeleteFileObjectToSkip ( PFILE_OBJECT 
| FileObject ); 

81223| NTSTATUS IsFileObjectToSkip ( PFILE_OBJECT FileObject 

I); 

81224| NTSTATUS InitWriteModule(void); 

81225| BOOLEAN lsCacheFile( PDEVICE_OBJECT DeviceObject, PIRP 

I "rp ); 
81226| 
81227| 
81228| 

81229| PSM to OTM Client Bridge Source 
81230| 

81231 1 The OTM Bridge allows the PSM system to support an OTM 

| application level client. --LPW 
81232| 
81233| 
81234| 

81235| File Listing: buildnum_otmbridge.h 
81236| 

81237| // buildnum_otmbridge.h - Determines build number of 

| OTM Bridge Driver. 
81238| 

81239| #define _OtmBridge_BuildNumber_ 102 

81 240| #def ine _OtmBridge_BuildNumberStr_ "1 02\0" 

81241 1 #define _OtmBridge_BuildNumberWStr_ L"1 02\0 M 

81242| 

81243| 

81244| 

81245| File Listing: CDP.h 
81246| 

81247| #define VE R COM PAN YN AM E_STR "Columbia Data 
| Products, Inc." 

81248| #define VER_LEGALTRADEMARKS_STR "PSM\256 is a 

| trademark of " VER COMPANYNAME STR 
81249| 

81250| #define VER_LEGALCOPYRIGHT_YEARS "1995-2001" 
81251 1 #define VER_LEGALCOPYRIGHT_STR "Copyright \251 " 

| VER_LEGALCOPYRIGHT_YEARS " " VER_COMPANYNAME_STR 
81252| 

81253| #if DBG 

81254| #define VER_DEBUG VS_FF_DEBUG 
81255| #else 

81256| #define VER_DEBUG 0 

81257| #endif 

81258| 

81259| #if BETA 

81260| #define VER_PRODUCTBETA_STR "BETA" 



81261| #define VER_PRERELEASE 
81262| #else 

81263| #define VER_PRERELEASE 



VS_FF_PRERELEASE 



0 



81 264| #def ine VER PRODUCTBETA STR 

81265| #endif 

81266| 

81267| #define VER_FILEFLAGSMASK VS_FFI_FILEFLAGSMASK 



| VER_DEBUG) 
81270| 
81271| 
81272| 

81273| File Listing: init.cpp 
81274| 

81275| #include "precomp.h" 
81276| 

81277| extern "C" NTSTATUS BridgeFilterOtm( void ); 
81278| 

81279| #pragma alloc_text(INIT, DriverEntry) 
81280| #pragma alloc_text(INIT, BridgeFilterOtm) 
81281| 

81282| PDEVICE_OBJECT BridgeControlObject=NULL; 

81283| PDRIVER_OBJECT BridgeDriverObject=NULL; 

81284| PDEVICE_OBJECT OtmFilteredObject=NULL; 

81285| PDEVICE_OBJECT PsmDeviceObject=NULL; 

81286| PFILE_OBJECT PsmFileObject=NULL; 

81287| WCHAR gRegistryPath[256]={0}; 

81288| ULONG PsmBuildNumber=0; 

81289| ULONG PsmMajorVersion=0; 

81290| ULONG PsmMinorVersion=0; 

81291| 

81292| 

81293| extern "C" 
81294| NTSTATUS 
81295| DriverEntry( 

81296| IN PDRIVER_OBJECT DriverObject, 

81297| IN PUNICODE_STRING RegistryPath 

81298| ) 
81299| { 

81300| #ifdef DEBUG 

81301 1 ULONG shouldBreak=0; 

81302| 

81303| 

| Reg_GetULONGKey(RegistryPath->Buffer,L M BreakOnEntry M ,0,& 
| shouldBreak); 
81304| 

81305| if ( shouldBreak ) { 

81306| DbgPrint("Bridge: Breaking in driver entry\n"); 
81307| DbgBreakPoint(); 



81268| #define VER_FILEOS 
81269| #define VER FILEFLAGS 



VOS_NT_WI N DOWS32 
(VER PRERELEASE | 



81308| } 
81309| #endif 
81310| 

8131 1 1 UNICODE_STRING deviceNameUnicodeString={0}; 
81312| UNICODE_STRING deviceLinkUnicodeString={0}; 
81313| NTSTATUS Status=STATUS_SUCCESS; 
81314| 

81315| Bridge DriverObject = DriverObject; 

81316| 

81317| 

| RtlCopyMemory(gRegistryPath,RegistryPath->Buffer,Registr 
| yPath->Length); 
81318| 

81319| RtllnitUnicodeString 

| (&deviceNameUnicodeString,BRIDGE_DEVICE_NAME); 
81320| RtllnitUnicodeString 

| (&deviceLinkUnicodeString,BRIDGE_LINK_NAME); 
81321| 

81322| Status = loCreateDevice ( DriverObject, 
81323| 

| sizeof(BRIDGE_DEVICE_EXTENSION), 
81324| 

| &deviceNameUnicodeString, 
81325| FILEDEVICEUNKNOWN, 
81326| 

| FILE_DEVICE_SECURE_OPEN, 
81327| FALSE, 
81 328| &BridgeControlObject 
81329| ); 
81330| 

81 331 1 if (NT_SUCCESS(Status)) { 

81332| PBRIDGE DEVICE EXTENSION DevExt = 

| (PBRIDGE_DEVICE_EXTENSION)BridgeControlObject->DeviceExt 

| ension; 
81333| 

81334| DevExt->DeviceObject = BridgeControlObject; 
81 335| DevExt->DriverObject = DriverObject; 
81336| DevExt->ObjectType = OBJECTJNTERNAL; 
81337| 

81338| DriverObject->MajorFunction[IRP_MJ_CREATE] 

| = BridgeCreate; 
81339| DriverObject->MajorFunction[IRP_MJ_CLOSE] 

| = BridgeClose; 
81340| 

| DriverObject->MajorFunction[IRP_MJ_DEVICE_CONTROL] 

| = BridgeDeviceControl; 
81341| DriverObject->MajorFunction[IRP_MJ_CLEANUP] 

| = BridgeCleanup; 
81342| 

81 343| DriverObject->DriverUnload 



I = BridgeUnload; 
81344| 

81345| // Create a symbolic link, e.g. a name that a 

| Win32 app can specify 
81 346| // to open the device 
81347| 

81348| Status = loCreateSymbolicLink ( 

| &deviceLinkUnicodeString, &deviceNameUnicodeString); 
81349| 

81350| if(NT_SUCCESS(Status)) { 

81351 1 NTSTATUS FilterStatus = BridgeFilterOtm(); 

81352| 

81353| if(NT_SUCCESS(FilterStatus)) { 

81354| Debug(DEBUG_INIT,("Bridge: Success 

| bridging OTM to PSM\n M )); 
81355| }else{ 

81356| Debug(DEBUG_INIT,("Bridge: Error %08x 

| bridging OTM to PSM\n M , FilterStatus)); 
81 357| loDeleteSymbolicLink 

| (&deviceLinkL)nicodeString ); 
81358| loDeleteDevice(BridgeControlObject); 
81 359| BridgeControlObject=NULL; 
81360| } 

81 361 1 // We dont want the system to report a 

| failure if OTM or PSM is not installed 
81362| // so we return success. This means we 

| dont load, but i dont know of any other 
81363| // way of getting Windows 2000 from issuing 

| that nasty event message. 
81364| Status = STATUS_SUCCESS; 

81365| }else{ 

81366| loDeleteDevice(BridgeControlObject); 

81 367| BridgeControlObject=NULL; 

81368| } 

81369| } 

81370| 

81371| 

81372| return Status; 

81373| } 

81374| 

81375| extern "C" 

81376| NTSTATUS BridgeFilterOtm( void ) 
81377| { 

81378| PDEVICE_OBJECT MyDevObj; 

81379| PFILE_OBJECT FileObject; 

81380| PDEVICE_OBJECT OtmDevObj; 

81381| UNICODE_STRING Uni; 

81382| NTSTATUS Status; 

81383| POTM_FILTER_EXTENSION DevExt; 

81384| 



81385| // lets see if psm is installed, otherwise there is 

| nothing for us to do 
81386| RtllnitUnicodeString(&Uni, 

| L M \\Device\\PSMan_0200"); 
81387| 

81388| Status = loGetDeviceObjectPointer( &Uni, 
81389| 

| FILE_READ_ATTRIBUTES, 
81 390| &PsmFileObject, 
81391| 

| &PsmDeviceObject); 
81 392| if (NT_SUCCESS(Status)) { 
81393| tPSM_Versionlnfo Version; 
81394| 

81395| PsmGetVersion( &Version ); 
81396| 

81397| PsmBuildNumber = (Version.Version & OxffffOOOO) 
|»16; 

81398| PsmMajorVersion = (Version.Version & 

| OxOOOOffOO) » 8; 
81399| PsmMinorVersion = (Version.Version & 

| OxOOOOOOff); 
81400| 

81401 1 // dont support PSM 1 .x (which has a version of 
| 2.00 and a build number less than 200 decimal) 

81402| if(PsmBuildNumber>=200) { 

81403| Debug(DEBUG_IN IT, ("Bridge: PSM v%d.%02x 

| build %4d is 

| installed\n", PsmMajorVersion, PsmMinorVersion, PsmBuildNum 
I ber)); 
81404| 

81 405| // lets see if otm is there so we can 

| filter it. 

81406| RtllnitUnicodeString(&Uni, 

| L"\\Device\\OtMan_0110 M ); 
81407| 

81408| Status = loGetDeviceObjectPointer( &Uni, 

81409| 

| FILE_READ_ATTRIBUTES, 
81410| 

| &FileObject, 
81411| 

| &OtmDevObj); 
81412| if(NT_SUCCESS(Status)) { 

81413| ULONG SizeOfDeviceExt = 

| sizeof(OTM_FILTER_EXTENSION); 
81414| 

81415| Debug(DEBUG_INIT,("Bridge: OTM v1.1x is 

| installed\n")); 
81416| 



81417| Status = 

| loCreateDevice(BridgeDriverObject, 
81418| 

| SizeOfDeviceExt, 
81419| NULL, 
81420| 

| FILE_DEVICE_UNKNOWN, 
81421| 

| FILE_DEVICE_SECURE_OPEN, 
81422| FALSE, 
81423| &MyDevObj); 
81424| 

81425| if ( NT_SUCCESS(Status) ) { 

81426| Debug(DEBUGJNIT,("Bridge: Filtered 

| Device %p created for driver OTM\n M ,MyDevObj)); 
81427| 

81428| DevExt = 

| (POTM_FILTER_EXTENSION)GetDeviceExtension(MyDevObj); 
81429| ASS E RT( Dev Ext) ; 

81430| 

81 431 1 DevExt->DeviceObject = MyDevObj; 

81 432| DevExt->DriverObject = 

| BridgeDriverObject; 
81433| DevExt->ObjectType = 

| OBJ ECT_OTM_F I LT E R ; 
81434| 

81435| Status = loAttachDevice(MyDevObj, 

81436| &Uni, 

81437| 

| &DevExt->TargetDeviceObject); 
81438| 

81439| if ( NT_SUCCESS(Status) ) { 

81440| 

81441| // 

81 442| // Propogate driver's alignment 

| requirements. 
81443| // 
81444| 

81 445| MyDevObj->Flags 

| = DevExt->TargetDeviceObject->Flags; 
81 446| MyDevObj->AlignmentRequirement 

| = DevExt->TargetDeviceObject->AlignmentRequirement; 
81 447| MyDevObj->StackSize 

| = DevExt->TargetDeviceObject->StackSize+1 ; 
81 448| MyDevObj->DeviceType 

| = DevExt->TargetDeviceObject->DeviceType; 
81 449| MyDevObj->Characteristics 

| = DevExt->TargetDeviceObject->Characteristics; 
81450| 

81451| Hint -save -e61 3 7 



81452| MyDevObj->Flags &= 

| ~DO_DEVICE_INITIALIZING; 
81453| Hint -restore 7 

81454| 

81 455| // we are now filtered over the 

| otman device object 
81456| OtmFilteredObject = MyDevObj; 

81457| 

81458| Tlint -save -e740 7 

81459| 

| LogError((PDEVICE_OBJECT)BridgeDriverObject,NULL,BRIDGE_ 

| ACTIVATED,0,NULL,0,NULL,0); 
81460| Hint -restore 7 

81461| 

81462| }else{ 

81463| Debug(DEBUG_INIT,("Bridge: 
| Error! %08x Unable to attach to otm\n",Status)); 
81464| loDeleteDevice(MyDevObj); 
81465| } 
81466| 

81467| }else{ 

81468| Debug(DEBUG_INIT,("Bridge: Error! 

| %08x Unable to create device for otm\n", Status)); 
81469| } 
81470| 

81 471 1 // we are now done with deviceobject 

| (always free fileobject when given both) 
81 472| ObDereferenceObject(FileObject); 
81473| FileObject = NULL; 

81474| }else{ 

81475| Debug(DEBUG_INIT,("Bridge: OTM v1.1x is 

| not installed\n")); 
81476| Status = STATUS_NOT_FOUND; 

81477| } 
81478| 

81479| }else{ 

81480| Debug(DEBUG_INIT,("Bridge: PSM 1 .x build %d 

| not supported\n",PsmBuildNumber)); 
81481| 

81 482| /-lint -save -e740 7 

81483| 

| LogError((PDEVICE_OBJECT)BridgeDriverObject,NULL,BRIDGE_ 

| WRONG_PSM_VERSION,BRIDGE_WRONG_PSM_VERSION,NULL,0,NULL,0 

I); 

81484| Tlint -restore 7 

81485| 

81 486| Status = STATUS_NOT_FOUND; 

81487| } 

81488| 

81 489| // if error, free psm 



81490| if(!NT_SUCCESS(Status)) { 

81491 1 ObDereferenceObject(PsmFileObject); 

81492| PsmFileObject = NULL; 

81493| PsmDeviceObject=NULL; 

81494| } 

81495| }else{ 

81496| Debug(DEBUG_l NIT, ("Bridge: PSM v2.x is not 

| installed\n")); 
81497| Status = STATUS_NOT_FOUND; 
81498| PsmFileObject = NULL; 
81499| PsmDeviceObject=NULL; 
81500| } 
81501| 

81502| return Status; 

81503| } 

81504| 

81505| // 

81506| VOID 

81507| BridgeUnload( 

81508| IN PDRIVER_OBJECT DriverObject 
81509| ) 
81510| { 

81511| Debug(DEBUG_OTM_FILTER, ("Bridge: Unload\n")); 
81512| 

81513| if(BridgeControlObject) { 

81514| UNICODE_STRING deviceLinkUnicodeString={0}; 
81515| 

81516| Debug(DEBUG_OTM_FILTER,("Bridge: Unload: 

| Removing Control object\n")); 
81517| 

81518| RtllnitUnicodeString 

| (&deviceLinkUnicodeString,BRIDGE_LINK_NAME); 
81519| loDeleteSymbolicLink (&deviceLinkUnicodeString 

I); 

81520| 

81521 1 loDeleteDevice(BridgeControlObject); 
81 522| BridgeControlObject=NULL; 
81523| } 
81524| 

81525| if(OtmFilteredObject) { 

81526| POTM_FILTER_EXTENSION 

| DevExt=(POTM_FILTER_EXTENSION)GetDeviceExtension(OtmFilt 

| eredObject); 
81527| 

81528| Debug(DEBUG_OTM_FILTER,("Bridge: Unload: 

| Detaching from OTM\n")); 
81529| loDetachDevice(DevExt->TargetDeviceObject); 
81530| loDeleteDevice(OtmFilteredObject); 
81531 1 OtmFilteredObject=NULL; 
81532| } 



81533| 

81534| if(PsmFileObject) { 

81535| Debug(DEBUG_OTM_FILTER,("Bridge: Unload: 

| Detaching from PSM\n")); 
81536| 

81 537| // get rid of reference count to psm 
81538| ObDereferenceObject(PsmFileObject); 
81539| 

81540| PsmFileObject = NULL; 
81541 1 PsmDeviceObject=NULL; 
81542| 

81 543| // only log the event if we actually filtered 
| anything 

81544| // ie, we are still loaded if otm or psm is not 
| installed 

81 545| // but we didnt generate any event, so if we 

| are being unloaded 
81 546| // lets make sure to be silent 
81547| 

81548| Hint -save -e740 7 
81549| 

| LogError((PDEVICE_OBJECT)DriverObject,NULL,BRIDGE_DEACTI 

| VATED,0,NULL,0,NULL,0); 
81550| Hint -restore 7 
81551| } 
81552| 
81553| 

81554| return; 
81555| } 
81556| 

81557| // 

81558| NTSTATUS 
81559| BridgeCreate ( 

81560| IN PDEVICE_OBJECT DeviceObject, 
81561| INPIRPIrp 
81562| ) 
81563| { 

81564| POTM_FILTER_EXTENSION 

| DevExt=(POTM_FILTER_EXTENSION)GetDeviceExtension(DeviceO 

I bject); 
81565| 

81566| Debug(DEBUG_OTM_FILTER,("Bridge: Create: %08x 

| (%d)-%08x\n",DeviceObject,DevExt->ObjectType,lrp)); 
81567| 

81568| if(DevExt->ObjectType == OBJECTJNTERNAL) { 

81569| lrp->loStatus. Status = STATUS_SUCCESS; 

81570| lrp->loStatus. Information = 0 ; 

81571 1 loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

81572| return STATUS_SUCCESS; 

81573| } 



81574| 

81575| ASSERT(DevExt->ObjectType == O B J E CT_OTM_F I LTE R) ; 
81576| 

81 577| // call directly into psm 

81578| ASSERT(PsmDeviceObject); 

81579| ASSERT(PsmDeviceObject->DriverObject); 

81580| 

| ASSERT(PsmDeviceObject->DriverObject->MajorFunction[IRP_ 
| MJ CREATE]); 
81581| 

81582| return 

| PsmDeviceObject->DriverObject->MajorFunction[IRP_MJ_CREA 

| TE](PsmDeviceObject,lrp); 
81583| } 
81584| 

81585| // 

81586| NTSTATUS 
81587| BridgeClose ( 

81588| IN PDEVICE_OBJECT DeviceObject, 
81589| INPIRPIrp 
81590| ) 
81591| { 

81592| POTM_FILTER_EXTENSION 

| DevExt=(POTM_FILTER_EXTENSION)GetDeviceExtension(DeviceO 

I bject); 
81593| 

81594| Debug(DEBUG_OTM_FILTER,("Bridge: Close: %08x 

| (%d)-%08x\n",DeviceObject,DevExt->ObjectType,lrp)); 
81595| 

81596| if(DevExt->ObjectType == OBJECTJNTERNAL) { 

81597| lrp->loStatus. Status = STATUS_SUCCESS; 

81598| lrp->loStatus. Information = 0 ; 

81599| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

81 600| return STATUS_SUCCESS; 

81601| } 

81602| 

81 603| ASSERT(DevExt->ObjectType == OBJECTOTMFILTER); 
81604| 

81 605| // call directly into psm 

81 606| ASSERT(PsmDeviceObject); 

81 607| ASSERT(PsmDeviceObject->DriverObject); 

81608| 

| ASSERT(PsmDeviceObject->DriverObject->MajorFunction[IRP_ 
| MJ_CLOSE]); 
81609| 

81610| return 

| PsmDeviceObject->DriverObject->MajorFunction[IRP_MJ_CLOS 

| E](PsmDeviceObject,lrp); 
81611| } 
81612| 



81613|// 

81614| NTSTATUS 
81615| BridgeCleanup ( 

81616| IN PDEVICE_OBJECT DeviceObject, 
81617| INPIRPIrp 
81618| ) 
81619| { 

81 620| POTM_FILTER_EXTENSION 

| DevExt=(POTM_FILTER_EXTENSION)GetDeviceExtension(DeviceO 

I bject); 
81621| 

81 622| Debug(DEBUG_OTM_FILTER, ("Bridge: Cleanup: %08x 

| (%d)-%08x\n",DeviceObject,DevExt->ObjectType,lrp)); 
81623| 

81 624| if(DevExt->ObjectType == OBJECTJNTERNAL) { 

81 625| lrp->loStatus. Status = STATUS_SUCCESS; 

81626| lrp->loStatus. Information = 0 ; 

81627| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

81 628| return STATUS_SUCCESS; 

81629| } 

81630| 

81 631 1 ASSERT(DevExt->ObjectType == OBJECTOTMFILTER); 
81632| 

81 633| // call directly into psm 

81 634| ASSERT(PsmDeviceObject); 

81 635| ASSERT(PsmDeviceObject->DriverObject); 

81636| 

| ASSERT(PsmDeviceObject->DriverObject->MajorFunction[IRP_ 
| MJ_CLEANUP]); 
81637| 

81638| return 

| PsmDeviceObject->DriverObject->MajorFunction[IRP_MJ_CLEA 

| NUP](PsmDeviceObject,lrp); 
81639| } 
81640| 

81 641 1 /*— end of file init.cpp —7 

81642| 

81643| 

81644| 

81645| File Listing: init.h 
81646| 

81 647| #define OBJECTJNTERNAL 0 
81 648| #def ine OBJ ECT_OTM_F I LTE R 1 
81649| 

81650| typedef struct _BRIDGE_DEVICE_EXTENSION { 
81 651 1 // common header 

81652| PDEVICE_OBJECT DeviceObject; //Back 

| pointer to device object 
81653| PDRIVER_OBJECT DriverObject; //The 

| driver object for use on repartitioning. 



81654 
81655 
81656 
81657 
81658 
81659 
81660 
81661 



| pointer to device object 



81662 



| driver object for use on repartitioning. 



81663 
81664 
81665 
81666 
81667 
81668 
81669 
81670 
81671 
81672 
81673 
81674 
81675 
81676 
81677 
81678 
81679 
81680 
81681 
81682 
81683 
81684 
81685 
81686 
81687 
81688 
81689 
81690 
81691 
81692 
81693 
81694 
81695 
81696 
81697 
81698 
81699 
81700 
81701 



ULONG ObjectType; 

// Extension specific 
} BRIDGEDEVICEEXTENSION, *PBRIDGE_DEVICE_EXTENSION; 

typedef struct _OTM_FILTER_EXTENSION { 
//common header 

PDEVICE_OBJECT DeviceObject; //Back 



PDRIVER_OBJECT DriverObject; //The 



ULONG ObjectType; 
// Extension specific 

PDEVICE_OBJECT TargetDeviceObject; 
} OTM_FILTER_EXTENSION, *POTM_FILTER_EXTENSION; 



#define BRIDGE_DEVICE_NAME L"\\Device\\OtmBridge" 
#define BRIDGE_LINK_NAME L"\\DosDevices\\OtmBridge" 

#define DWORD_ALIGN(x) ((((x)+31 )/32)*32) 

extern "C" { 

NTSTATUS DriverEntry( 

IN PDRIVER_OBJECT DriverObject, 
IN PUNICODE_STRING RegistryPath 

); 

NTSTATUS BridgeCreate ( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

NTSTATUS BridgeClose ( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

NTSTATUS BridgeCleanup ( 

IN PDEVICE_OBJECT DeviceObject, 
IN PIRP Irp 

); 

VOID BridgeUnload( 

IN PDRIVER_OBJECT DriverObject 

); 

NTSTATUS BridgeDeviceControl ( 
IN PDEVICE_OBJECT DeviceObject, 



81702| INPIRPIrp 

81703| ); 

81704| 

81705| 

81706| } 

81707| 

81708| 

81 709| #ifdef DEBUG 

81710| #define STATIC 

8171 1 1 #define Debug(a,x) DbgPrint x 

81712| #else 

81713| #define Debug(a,x) 
81714| #define STATIC static 
81715| #endif 
81716| 

81717| #define GetDeviceExtension(x) x->DeviceExtension 
81718| 

81719| #define INVALID_HANDLE_VALUE ((PVOID)-1) 
81720| #define IsValidHandle(Handle) (((Handle)!=(void*)0) && 

| ((Handle) !=(void*)-1)) 
81721| 

81722| #define pmWaitForSingleObject(o,t) 

| KeWaitForSingleObject(o,Suspended,(KPROCESSOR_MODE)Kerne 

| IMode,FALSE,t) 
81723| 

81724| extern PDEVICE_OBJECT BridgeControlObject; 
81725| extern PDRIVER_OBJECT BridgeDriverObject; 
81726| extern PDEVICE_OBJECT PsmDeviceObject; 
81727| extern ULONG PsmBuildNumber; 
81728| extern ULONG PsmMajorVersion; 
81729| extern ULONG PsmMinorVersion; 
81730| extern WCHAR gRegistryPath[]; 
81731| 

81732| #define OTM BRIDGE INSTALLED BIT 0x8000 
81733| 

81734| /*— end of file init.h —7 

81735| 

81736| 

81737| 

81738| File Listing: otm.cpp 
81739| 

81740| #include <precomp.h> 
81741| 

81742| #include <otm_private.h> 
81743| 

81744| #include <buildnum_otmbridge.h> 
81745| 

81746| r 

I V 

81747| NTSTATUS OtmGetVersion(PIRP Irp) 



81748| { 

81 749| NTSTATUS Status = STATUS_SUCCESS; 

81 750| ULONG RetSize=0; 

81751| 

81752| __try{ 

81 753| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
81 754| tOTM_Versionlnfo *Buffer=NULL; 
81755| 

81 756| Debug(DEBUG_PROCCALL | 

| DEBUG_OTM_FILTER, ("Bridge: GetVersion\n")); 

81 757| // METHOD_BUFFERED 

81 758| // lrp->Associatedlrp.SystemBuffer = 
| Input/Output buffer 

81759| 

81760| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(DWORD)) { 
81 761 1 Debug(DEBUG_OTM_FILTER, ("Bridge: Error! 

| Input IOCTL buffer not big enough\n")); 
81762| Status = STATUS_INVALID_BUFFER_SIZE; 

81763| }else 
81764| if 

| (plrpStack->Parameters.DeviceloControl.OutputBufferLengt 

| h < sizeof(tOTM_Versionlnfo)) { 
81765| Debug(DEBUG_OTM_FILTER, ("Bridge: Error! 

| Output IOCTL buffer not big enough\n")); 
81766| Status = STATUS_INVALID_BUFFER_SIZE; 

81767| }else{ 
81768| 

81 769| Buffer = (tOTM_Versionlnfo 

| *) I rp-> Associated I rp. System Buff er; 
81770| 

81771| if (Buffer) { 

81772| 

81 773| // inbound is a DWORD size 

81 774| // we are doing this on the fact that 

| the input and output buffers 
81 775| // are the same and that Size is the 

| first argument of the output. 
81776| 
81777| 

| if(Buffer->Size==sizeof(tOTM_Versionlnfo)) { 
81 778| // Set our build number, with the 

| version we our emulating 
81779| Buffer->Version 

| OTM BRIDGE INSTALLED BIT | (_OtmBridge_BuildNumber_ « 

| 16) | OTM_SUPPORTED_VERSION_NUMBER; 
81780| Buffer->Lo Version 

| OTM_SUPPORTED_LOW_VERSION_NUMBER; 



81 781 1 Buffer->OSType = 0; 

81782| Buffer->OSVersion =0; 

81783| Buffer->CommunicationMethods = 0; 

81784| 

81 785| Status = STATUS_SUCCESS; 

81786| RetSize = 

| sizeof(tOTM_Versionlnfo); 
81787| }else{ 
81 788| Status = 

| STATUS_INVALID_BUFFER_SIZE; 
81789| } 
81790| }else{ 

81 791 1 Debug(DEBUG_OTM_FILTER,("Bridge: Error! 

| Buffer is NULL\n")); 
81 792| Status = STATUS_I N VALI D_PARAM ETER; 

81793| } 
81794| } 

81 795| } _except( EXCEPTION_EXECUTE_HANDLER ) { 
81 796| Status = GetExceptionCode() ; 

81797| Debug(DEBUG_OTM_FILTER,("Bridge: OtmGetVersion: 

| Error! Exception %08x\n", Status)); 
81798| } 
81799| 

81800| lrp->loStatus. Information = RetSize; 

81801 1 lrp->loStatus.Status = Status; 

81802| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

81803| return Status; 

81804| } 

81805| 

81806| typedef struct sOtmToPsm { 

81807| PIRPIrp; 

81808| PVOIDOtmOut; 

81809| PVOID PsmOut; 

81810| IO_STATUS_BLOCK loStatus; 

81811| PKEVENT Event; 

81812| } tOtmToPsm; 

81813| 

81814| VOID 

81 81 5| OtmToPsmCreateSnapShotThread( 
81816| IN PVOID Context 
81817| ) 
81818| { 

81819| tOtmToPsm *OtmToPsm=(tOtmToPsm*)Context; 
81 820| tOpenTransactionOutlnternal 

| *PsmOut=(tOpenTransactionOutlnternal 

| *)OtmToPsm->PsmOut; 
81821 1 tOTMOpenTransactionlnlnternal 

| *Otmln=(tOTMOpenTransactionlnlnternal 

| *)OtmToPsm->OtmOut; 
81822| tOTMOpenTransactionOutlnternal 



I *OtmOut=(tOTMOpenTransactionOutlnternal 
| *)OtmToPsm->OtmOut; 
81823| 

81 824| // wait for open to finish 

81825| Debug(DEBUG_OTM_FILTER,(" Bridge: CreateCallBack: 

| Waiting for PSM open to complete\n")); 
81826| 
81827| 

| KeWaitForSingleObject(OtmToPsm->Event,Suspended,(KPROCES 
| SOR_MODE)KernelMode,FALSE,NULL); 
81828| 

81829| ULONG Status = OtmToPsm->loStatus. Status; 
81830| ULONG RetSize = OtmToPsm->loStatus. Information; 
81831| 

81832| ASSERT(!PsmOut->Persistent); 
81833| 

81834| Debug(DEBUG_OTM_FILTER, ("Bridge: CreateCallBack: 

| Status=%08x, lnfo=%08x\n", Status, RetSize)); 
81835| 

81836| __try{ 

81837| if(NT_SUCCESS(Status)) { 
81838| if(Otmln->lnternalFlags & 

| PSM_IFLAG_NEW_SNAPSHOT) { 
81839| 

81 840| OtmOut->KernelSnapShotPointer = 

| PsmOut->KernelSnapShotPointer; 
81 841 1 OtmOut->SnapShotTime = 

| PsmOut->SnapShotTime; 
81842| OtmOut->lnstance = PsmOut->lnstance; 

81843| 

| wcscpy(OtmOut->CacheFileName,L"C:\\psm"); 
81844| 

81 845| OtmOut->NumberOf Devices = 

| PsmOut->NumberOfDevices; 
81846| 

81847| WCHAR 

| *p=(WCHAR*)(OtmOut->DeviceName+PsmOut->NumberOf Devices); 
81848| for(ULONG 

| i=0;i<PsmOut->NumberOfDevices;i++) { 
81849| 

| wcscpy(p,(WCHAR*)DN_MakePointer(PsmOut,PsmOut->DeviceNam 
I e[i])); 



81850| OtmOut->DeviceName[i] = 

| DN_MakeOffset(OtmOut,p); 

81851 1 p+=wcslen(p)+1 ; 

81852| } 

81 853| RetSize = (char*)p-(char*)OtmOut; 

81854| } 

81855| }else{ 

81856| RetSize = 0; 



81857| } 

81858| } _except( EXCEPTION_EXECUTE_HANDLER ) { 
81859| Status = GetExceptionCode(); 
81860| RetSize = 0; 

81 861 1 Debug(DEBUG_OTM_FILTER,("Bridge: 
| OtmTurnOnOtmCallBack: Error! Exception %08x\n", 
| Status)); 

81862| } 

81863| 

81864| OtmToPsm->lrp->loStatus.Status = Status; 

81865| OtmToPsm->lrp->loStatus. Information = RetSize; 
81866| 

81867| loCompleteRequest(OtmToPsm->lrp,IO_NO_INCREMENT); 
81868| 

81 869 1 Ex FreePoo l(Ot mTo Psm-> Event) ; 

81870| ExFreePool(OtmToPsm); 

81871| return; 

81872| } 

81873| 

81874| 

81875| /* 



81876| NTSTATUS OtmTurnOnOtm(PIRP Irp) 
81877| { 
81878| #if 1 

81879| NTSTATUS Status = STATUS_SUCCESS; 
81880| 

81881| __try{ 

81882| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
81883| tOTMOpenTransactionlnlnternal *ln=NULL; 
81884| tOTMOpenTransactionOutlnternal *Out=NULL; 
81885| tOpenTransactionlnlnternal *Psmln=NULL; 
81886| PIRP newlrp; 
81887| tOtmToPsm *OtmToPsm; 
81888| 

81889| // METHOD BUFFERED 

81890| // lrp->Associatedlrp.SystemBuffer = 

| Input/Output buffer 
81891| 

81892| Debug(DEBUG_PROCCALL | 

| DEBUG_OTM_FILTER, ("Bridge: OtmTurnOnOtmVn")); 
81893| In = (tOTMOpenTransactionlnlnternal 

| *) I rp-> Associated I rp. System Buff er; 
81894| 

81895| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 
| < sizeof(tOTMOpenTransactionlnlnternal)) { 
81896| Debug(DEBUG_OTM_FILTER, ("Bridge: 

| OtmTurnOnOtm: Error! IOCTL buffer not big enough\n")); 



81897| Status = STATUS_INVALID_BUFFER_SIZE; 

81898| }else 
81899| if ((!ln) || 

| (ln->Size!=sizeof(tOTMOpenTransactionlnlnternal))){ 
81900| Debug(DEBUG_OTM_FILTER, ("Bridge: 

| OtmTurnOnOtm: Error! Buffer is NULL or not right 

| size\n")); 

81901 1 Status = STATUS_INVALID_PARAMETER; 

81902| }else 

81903| if ((ln->lnternalFlags & 

| OTM_IFLAG_NEW_SNAPSHOT) && 
81904| 

| (plrpStack->Parameters.DeviceloControl.OutputBufferLengt 

| h < sizeof(tOTMOpenTransactionOutlnternal))) { 
81905| Debug(DEBUG_OTM_FILTER,("Bridge: 

| OtmTurnOnOtm: Error! IOCTL buffer not big enough\n")); 
81906| Status = STATUS_INVALID_BUFFER_SIZE; 

81907| }else{ 
81908| 
81909| 

81910| // okay, to make life simple for us we will 

| allocate another irp 
81911| // and send this to psm with the correct 

| parameters. We will have 
81912| //a completion routine that will copy from 

| the new to the old 
81913| // and complete the original irp. We have 

| to do this because this 
81914| // api executes asynchronously. 

81915| OtmToPsm= 

| (tOtmToPsm*)ExAllocatePoolWithTag(PagedPool,65536+sizeof 

| (tOtmToPsm),'PmtO'); 
81916| Psmln = (tOpenTransactionlnlnternal 

| *)(OtmToPsm+1); 
81917| if(OtmToPsm) { 

81918| 

81919| OtmToPsm->Event = 

| (PKEVENT)ExAllocatePoolWithTag(NonPagedPool,sizeof(KEVEN 

I T),'EmtO'); 
81920| if(OtmToPsm->Event) { 

81921 1 KelnitializeEvent( OtmToPsm->Event, 

| Notification Event, FALSE); 
81922| 

81923| OtmToPsm->lrp = Irp; 

81 924| OtmToPsm->OtmOut = 

| I rp-> Associated I rp . System Buff er; 
81925| OtmToPsm->PsmOut = Psmln; 

81926| OtmToPsm->loStatus. Status = 

| STATUS_PENDING; 
81927| OtmToPsm->loStatus. Information = 0; 



81928| 

81929| Psmln->Size = 

| sizeof(tOpenTransactionlnlnternal); 
81 930| Psmln->Flags = 0; 

81931 1 Psmln->lnternalFlags = 

| PSM_IFLAG_NEW_SNAPSHOT; 
81932| Psmln->AbortEvent = ln->AbortEvent; 

81933| Psmln->ErrorEvent = ln->ErrorEvent; 

81934| Psmln->SnapShotFlags = 0; 

81935| 

81936| if(PsmMajorVersion==2) { 

81937| if(PsmMinorVersion==0) { 

81938| 

| Debug(DEBUG_OTM_FILTER,("Bridge: CreateSnapShot: PSM 

| version 2.0 installed, creating persistent 

| snapshot\n")); 
81 939| // version 2.0 doesnt 

| support temporary snapshots 
81940| // so we just say its 

| persistent... 
81941| 

| Psmln->SnapShotFlags=PSM_2_00_SS_FLAG_READWRITE; 
81942| 

| Psmln->lnternalFlags|=PSM_IFLAG_PERSISTENT; 
81943| }else{ 
81944| 

| Debug(DEBUG_OTM_FILTER,("Bridge: CreateSnapShot: PSM 

| version 2.1+ installed, creating temporary 

| snapshot\n")); 
81945| //version 2.1 or above 

| support temporary snapshots 
81946| 

| Psmln->SnapShotFlags=PSM_SS_FLAG_T_READWRITE; 
81947| } 
81948| 

81949| }else{ 

81 950| // dont support version 1 , init 

| should have not even loaded 
81951 1 ASSERT(PsmMajorVersion>2); 
81952| 

| Debug (DEBUG_OTM_FILTER, ("Bridge: CreateSnapShot: PSM 
| version 3.0+ installed, creating temporary 
| snapshot\n")); 
81953| 

| Psmln->SnapShotFlags=PSM_SS_FLAG_T_READWRITE; 
81954| } 
81955| 

81956| // see if registry has an override. 

81957| ULONG Temp; 

81958| 



I Reg_GetULONGKey(gRegistryPath,L"SnapShotFlags",Psmln->Sn 

| apShotFlags,&Temp); 
81959| Psmln->SnapShotFlags = UCHAR(Temp & 

I Oxff); 
81960| 

81961| // not used fields 

81962| wcscpy(Psmln->CacheFileName,L" M ); 

81963| Psmln->SizeOfCacheFileMB=0; 

81964| Psmln->MaxSizeOfCacheFileMB=0; 

81965| Psmln->QuiescentWait = 0; 

81966| Psmln->QuiescentTimeout=0; 

81967| 

81 968| // set snapshot properties 

81969| Psmln->DIIPrivateUse=0; 
81970| 

| Psmln->CallerPrivateUse=(void*)'BmtO'; // set the group 
81 971 1 Psmln->NumToKeep=-1 ; 

81972| Psmln->Priority=0; 
81973| Psmln-> Rese rved 1=0; 

81974| Psmln->Reserved2=0; 
81975| 

81976| Psmln->NumberOf Devices = 

| ln->NumberOfDevices; 
81977| 

81978| WCHAR 

| *p=(WCHAR*)(Psmln->DeviceName+ln->NumberOf Devices); 



81979| 


for(ULONG 


| i=0;i<ln->NumberOfDevices;i++) { 


81980| 




| wcscpy(p,(WCHAR*)DN_MakePointer(ln,ln- 


81981| 


Psmln->DeviceName[i] = 


| DN_MakeOffset(Psmln,p); 


81982| 


p+=wcslen(p)+1 ; 


81983| 


} 


81984| 




81985| 


newlrp = 


| loBuildDeviceloControlRequest ( 


81986| 


IOCTL_TURNON_PSM, 


81987| 


PsmDeviceObject, 


81988| 


Psmln, 


81989| 


65536, 


81990| 


Psmln, 


81991| 


65536, 


81992| 


FALSE, 


81993| 


OtmToPsm->Event, 


81994| 


&OtmToPsm->loStatus ); 


81995| 




81996| 


if(newlrp) { 


81997| 





| Debug(DEBUG_OTM_FILTER,("Bridge: CreateSnapShot: 



I Otmlrp=%08x, Psmlrp=%08x, 
| OtmToPsm=%08x\n",lrp,newlrp,OtmToPsm)); 
81998| 

81 999| HANDLE TempHandle; 

82000| 

82001 1 Status = PsCreateSystemThread( 

82002| 

| &TempHandle,THREAD_ALL_ACCESS,NULL,NULL,NULL, 
82003| 

| (PKSTART_ROUTINE)OtmToPsmCreateSnapShotThread, // IN 

| P KST A RT_RO UTI N E StartRoutine, 
82004| (PVOID)OtmToPsm 

| // IN PVOID StartContext 
82005| ); 
82006| 

82007| if(NT_SUCCESS(Status)) { 

82008| // we dont care about the 

| thread status 
82009| ZwClose(TempHandle); 
82010| 

8201 1 1 // its pending so do not 

| complete the request 
82012| lrp->loStatus.Status = 

| STATUS_PENDING; 
82013| loMarklrpPending(lrp); 
82014| 

82015| Status = loCallDriver 

| (PsmDeviceObject, newlrp); 
82016| 

| Debug(DEBUG_OTM_FILTER,("Bridge: Psm Create returned 

| %08x\n",Status)); 
82017| return STATUS_PENDING; 

82018| }else{ 
82019| 

| Debug(DEBUG_OTM_FILTER, ("Bridge: CreateSnapShot: Error 

| %08x starting thread\n",Status)); 
82020| lo Free I rp(newl rp) ; 

82021| } 
82022| } else { 

82023| Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
82024| } 

82025| ExFreePool(OtmToPsm->Event); 
82026| } else { 

82027| Status = 

| STATUS_INSUFFICIENT_RESOURCES; 
82028| } 

82029| ExFreePool(OtmToPsm); 
82030| } else { 

82031 1 Status = STATUS_INSUFFICIENT_RESOURCES; 



82032| } 
82033| } 

82034| } _except( EXCEPTION_EXECUTE_HANDLER ) { 
82035| Status = GetExceptionCode(); 

82036| Debug(DEBUG_OTM_FILTER,("Bridge: OtmTurnOnOtm: 

| Error! Exception %08x\n", Status)); 
82037| } 
82038| #else 

82039| NTSTATUS Status=STATUS_INVALID_PARAMETER; 
82040| #endif 
82041 | 

82042| lrp->loStatus. Information = 0; 

82043| lrp->loStatus.Status = Status; 

82044| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

82045| return Status; 

82046| } 

82047| r 



82048| NTSTATUS OtmTurnOffOtm(PIRP Irp) 
82049 1 { 

82050| NTSTATUS Status = STATUS_SUCCESS; 
82051 1 __try { 

82052| tClosePSMInternal *Buffer=NULL; 
82053| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
82054| 

82055| Debug(DEBUG_PROCCALL | 

| DEBUG_OTM_FILTER, ("Bridge: TurnOffOtm\n")); 

82056| // METHOD_BUFFERED 

82057| // lrp->Associatedlrp.SystemBuffer = 
| Input/Output buffer 

82058| 

82059 1 if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| < sizeof(tCloseOTM Internal)) { 
82060| Status = PsmDestroySnapShot(NULL); 

82061 1 } else { 

82062 1 Buffer = (tClosePSMInternal 

| *) I rp-> Associated I rp. System Buff er; 
82063 1 Status = 

| PsmDestroySnapShot(Buffer->KernelSnapShotPointer); 
82064| } 

82065| } _except( EXCEPTION_EXECUTE_HANDLER ) { 
82066| Status = GetExceptionCode(); 

82067| Debug(DEBUG_OTM_FILTER,("Bridge: OtmTurnOffOtm: 

| Error! Exception %08x\n", Status)); 
82068| } 
82069 1 

82070| lrp->loStatus. Information = 0; 
82071 1 lrp->loStatus.Status = Status; 



82072| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
82073| return Status; 
82074| 
82075| } 

82076| /* 



82077| NTSTATUS OtmGetError(PIRP Irp) 
82078| { 

82079| NTSTATUS Status = STATUS_SUCCESS; 
82080| ULONG RetCode=0; 
82081 | 

82082 1 __try { 

82083| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
82084| tOTM_GetErrorOut *Buffer=NULL; 
82085| PVOID Master=NULL; 
82086| // METHOD OUT DIRECT 
82087| // lrp->MdlAddress = Output buffer 
82088| // lrp->Associatedlrp.SystemBuffer = Input 

| buffer 
82089 1 

82090| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >=sizeof(PVOID)){ 
82091 1 Master = 

| *((PVOID*)(lrp->Associatedlrp.SystemBuffer)); 
82092 1 } 
82093 | 

82094| Debug(DEBUG_PROCCALL | 

| D E B U G_OTM_F I LT E R , (" B ri dge : GetError %08x\n'\ Master)); 
82095| 

82096| if 

| (plrpStack->Parameters.DeviceloControl.OutputBufferLengt 

| h < sizeof(tOTM_GetErrorOut)) { 
82097| Debug(DEBUG_OTM_FILTER, ("Bridge: Error! 

| Output IOCTL buffer not big enough\n")); 
82098| Status = STATUS_INVALID_BUFFER_SIZE; 

82099 1 } else { 
82100| Hint -save -e641 7 

821 01 1 Buffer = (tOTM_GetErrorOut 

| *)MmGetSystemAddressForMdlSafe( lrp->MdlAddress, 

| NormalPagePriority ); 
82102| Hint -restore 7 

82103| 

82104| if (Buffer) { 

82105| Status = 

| PsmGetError(Master,(pPSM_GetErrorOut)Buffer); 
82106| 

821 07| RetCode = sizeof(tOTM_GetErrorOut); 

82108| }else{ 



821 09 1 Debug(DEBUG_OTM_FILTER, ("Bridge: Error! 

| Buffer is NULL\n")); 
82110| Status = STATUS_I N VALI D_PARAM ETER; 

821 1 1 | } 
82112| } 
82113| 

82114| } __except( EXCEPTION_EXECUTE_HANDLER ) { 
82115| Status = GetExceptionCode(); 

821 1 6| Debug(DEBUG_OTM_FILTER,("Bridge: OtmGetError: 

| Error! Exception %08x\n", Status)); 
82117| } 

821 18| // same here, except it will get converted to the 

| Win32 error code 
821 19| // by the io manager for us. this is the reason we 

| use METHOD_OUT_DIRECT 
82120| // is so we can return a error code, otherwise, 

| when buffering, the buffer 
821 21 1 // will not be copied into the user buffer. 
82122| lrp->loStatus.Status = Status; 
82123| lrp->loStatus. Information = RetCode; 
82124| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 
82125| return Status; 
82126| } 
82127| 

82128| /* 



82129| NTSTATUS OtmSetWin32Link(PIRP Irp) 
82130| { 

82131 1 NTSTATUS Status=STATUS_INVALID_BUFFER_SIZE; 
82132| 

82133| __try{ 

82134| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
821 35| pOTM_SetWin32Link 

| Link=(pOTM_SetWin32Link)lrp->Associatedlrp.SystemBuffer; 
82136| HANDLE TempHandle; 
82137| 
82138| 

| ASSERT(sizeof(tOTM_SetWin32Link)==sizeof(tPSM_SetWin32Li 
I nk)); 
82139| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >= sizeof(tOTM_SetWin32Link)) { 
82140| Status = 

| PsmSetWin32Link((pPSM_SetWin32Link)Link); 
82141| } 

82142| } _except( EXCEPTION_EXECUTE_HANDLER ) { 

82143| Status = GetExceptionCode(); 

821 44| Debug(DEBUG_OTM_FILTER,("Bridge: 

| OtmSetWin32Link: Error! Exception %08x\n", Status)); 



82145| } 
82146| 

82147| lrp->loStatus. Information = 0; 

82148| lrp->loStatus.Status = Status; 

82149| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

82150| return Status; 

82151| } 

82152| /* 



82153| NTSTATUS OtmGetProgress(PIRP Irp) 
82154| { 

82155| NTSTATUS Status = STATUS_SUCCESS; 

82156| ULONG RetSize=0; 

82157| 

82158| __try{ 

82159| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
821 60| tPSM_GetProgressOut PsmProg; 
821 61 1 tOTM_GetProgressOut *OtmProg; 
82162| PVOID Master=NULL; 
82163| 

821 64| // METHOD_BUFFERED 

821 65| // lrp->Associatedlrp.SystemBuffer = 

| Input/Output buffer 
82166| 

82167| if 

| (plrpStack->Parameters.DeviceloControl.lnputBufferLength 

| >=sizeof(PVOID)){ 
82168| Master = 

| *((PVOID*)(lrp->Associatedlrp.SystemBuffer)); 
82169| } 
82170| 

821 71 1 Debug(DEBUG_PROCCALL | 

| DEBUG_OTM_FILTER, ("Bridge: OtmGetProgress 
| %08x\n",Master)); 

82172| 

82173| if 

| (plrpStack->Parameters.DeviceloControl.OutputBufferLengt 

| h < sizeof(tOTM_GetProgressOut)) { 
82174| Debug(DEBUG_OTM_FILTER, ("Bridge: Error! 

| IOCTL buffer not big enough\n")); 
82175| Status = STATUS_INVALID_BUFFER_SIZE; 

82176| }else{ 

821 77| OtmProg = (tOTM_GetProgressOut 

| *) I rp-> Associated I rp. System Buff er; 
821 78\ ASSERT(OtmProg); 
82179| 

82180| Status = PsmGetProgress( Master, &PsmProg 

I); 

82181 1 if(NT_SUCCESS(Status)) { 



82182| OtmProg->OnSecond 

| PsmProg.OnSecond; 
82183| OtmProg->OutOf Seconds 

| PsmProg.OutOfSeconds; 
82184| OtmProg->CacheFileSize 

| PsmProg.CacheFileSize; 
821 85| OtmProg->CurrentCacheFileSize = 

| PsmProg.CurrentCacheFileSize; 
82186| RetSize = sizeof(*OtmProg); 

82187| } 
82188| } 

82189| } _except( EXCEPTION_EXECUTE_HANDLER ) { 

82190| Status = GetExceptionCode(); 

82191 1 Debug(DEBUG_OTM_FILTER,("Bridge: 

| OtmGetProgress: Error! Exception %08x\n", Status)); 
82192| } 
82193| 
82194| 

82195| lrp->loStatus. Information = RetSize; 

82196| lrp->loStatus.Status = Status; 

82197| loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

82198| return Status; 

82199| } 

82200| 

82201| /* 



82202| NTSTATUS BridgeDeviceControl(PDEVICE_OBJECT 

| DeviceObject,PIRP Irp) 
82203| { 

82204| NTSTATUS Status=STATUS_INVALID_DEVICE_REQUEST; 
82205| PIO_STACK_LOCATION plrpStack = 

| loGetCurrentlrpStackLocation (Irp) ; 
82206| 

82207| Debug(DEBUG_PROCCALL | DEBUG_OTM_FILTER, ("Bridge: 

| BridgeDeviceControl Called Dev=%p, 

| lrp=%p\n",DeviceObject,lrp)); 
82208| 
82209| 

| switch(plrpStack->Parameters.DeviceloControl.loControlCo 
|de){ 

8221 0| case OTM_IOCTL_GET_VERSION : Status = 

| OtmGetVersion(lrp); break; 
8221 1 1 case OTM_IOCTL_TURNON_OTM : Status = 

| OtmTurnOnOtm(lrp); break; 
82212| case OTM_IOCTL_TURNOFF_OTM : Status = 

| OtmTurnOffOtm(lrp); break; 
82213| case OTM IOCTL GET ERROR : Status = 

| OtmGetError(lrp); break; 
82214| case OTM_IOCTL_SET_WIN32_LINK : Status = 

| OtmSetWin32Link(lrp); break; 



8221 5| case OTM_IOCTL_GET_PROGRESS : Status = 
| OtmGetProgress(lrp); break; 



82216 
82217 
82218 
82219 
82220 
82221 
82222 
82223 
82224 
82225 
82226 
82227 
82228 
82229 
82230 
82231 
82232 
82233 
82234 
82235 
82236 
82237 
82238 
82239 
82240 
82241 
82242 
82243 
82244 
82245 
82246 
82247 
82248 
82249 
82250 
82251 
82252 
82253 
82254 
82255 
82256 
82257 
82258 
82259 
82260 
82261 



case OTM_IOCTL_GET_VOLUME_STATS : 

case OTM_IOCTL_GET_VOLUME_INFO : 

case OTM_IOCTL_OPEN_EX 

case OTM_IOCTL_CLOSE_EX 

case OTM_IOCTL_FREE_VOLUME 

case OTM_IOCTL_FREE_RANGES 

case OTM_IOCTL_SET_FLUSH_ROUTINE: 

case BRIDGE_IOCTL_IS_BRIDGE_INSTALLED: 

Status = STATUS_SUCCESS; 

lrp->loStatus. Information = 0; 

lrp->loStatus. Status = Status; 

loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

break; 
default: 

lrp->loStatus. Information = 0; 
lrp->loStatus. Status = Status; 
loCompleteRequest (Irp, IO_NO_INCREMENT) ; 

} 

return Status; 



/*— end of file otm.cpp —7 



File Listing: otm.h 

NTSTATUS OtmGetVersion( PIRP Irp ); 
NTSTATUS OtmTurnOnOtm( PIRP Irp ); 
NTSTATUS OtmTurnOffOtm( PIRP Irp ); 
NTSTATUS OtmGetError( PIRP Irp ); 
NTSTATUS OtmSetWin32Link( PIRP Irp ); 
NTSTATUS OtmGetProgress( PIRP Irp ); 

/*— end of file otm.h —7 



File Listing: otm_private.h 
#include <devioctl.h> 



Hint -save -e437 
// otm ioctls 

#define OTM_IOCTL_GET_VERSION 
| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA0,METHOD_BUFFERED,FILE_ 
| ANY_ACCESS) 



82262| #define OTM_IOCTL_TURNON_OTM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA1 ,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82263| #define OTM IOCTL TURNOFF OTM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA2,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82264| #define OTM_IOCTI__GET_ERROR 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA3,METHOD_OUT_DIRECT,FIL 

I E_ANY_ACCESS) 
82265| //#define OTM_IOCTL_GET_STATS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA4,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82266| #define OTM_IOCTL_SET_WIN32_LINK 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA6,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82267| #define OTM_IOCTL_OPEN_EX 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA7,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82268| #define OTM_IOCTL_CLOSE_EX 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA8,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82269| #define OTM IOCTL FREE VOLUME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA9,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82270| #define OTM_IOCTL_FREE_RANGES 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAB,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82271 1 #define OTM_IOCTL_GET_PROGRESS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAC,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82272| //#define OTM_IOCTL_GET_OTM_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAD,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
82273| #define OTM_IOCTL_SET_FLUSH_ROUTINE 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAE,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82274| #define OTM_IOCTL_GET_VOLUME_STATS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAF,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82275| #define OTM_IOCTL_GET_VOLUME_INFO 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB0,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82276| 

82277| #define OTM_IOCTL_BUG_CHECK 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xFFE,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82278| #if MEMDBG 

82279| #define OTM_IOCTL_GET_MEMORY_USAGE 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xFFF,METHOD_BUFFERED,FILE_ 
| ANY_ACCESS) 



82280| #endif 
82281 | 

82282 1 //vdisk ioctls 

82283| #define OTM_IOCTL_UNWRITE_PROTECT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB6,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82284| #define OTM_IOCTL_WRITE_PROTECT 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB7,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82285| #define OTM_IOCTL_IS_OTM_VOLUME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB8,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82286| 
82287| 

82288| // OTM bridge specific ioctls 

82289| #define BRIDGE_IOCTL_IS_BRIDGE_INSTALLED 

| CTL_CODE(FILE_DEVICE_U NKNOWN, 0x900, METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82290 1 
82291 | 

82292| #define OT M_l F L A G_N E W_S N A P S H OT 1 
82293| 

82294| // if this number goes above 15 then we need to change 

| OtManBitMapUseCount 
82295| #define OTM_MAX_NUMBER_OF_SNAPSHOTS 15 
82296| 

82297| #define OTM L I N K SetLi nk 0 
82298| #define OTM_LINK_DeleteLink 1 
82299| 

82300 1 typedef struct sOTM_SetWin32Link { 

82301 1 ULONG Operation; 

82302| WCHAR Win32Link[256]; 

82303| WCHAR NTDeviceName[256]; 

82304| } tOTM_SetWin32Link,*pOTM_SetWin32Link; 

82305| 

82306| typedef struct sOTM_FreeVolume { 
82307| PVOID KernelSnapShotPointer; 
82308| WCHAR VolumeName[256]; 
82309| } tOTM_FreeVolume, *pOTM_FreeVolume; 
82310| 
82311| 

82312| #pragma warning (push) 
82313| #pragma warning (disable:4200) 
82314| Hint -save -e43 -e1501 7 

82315| typedef struct sOTMOpenTransactionlnlnternal { 
82316| DWORD Size; 
82317| WCHAR CacheFileName[256]; 
82318| DWORD SizeOfCacheFileMB; 
82319| DWORD MaxSizeOfCacheFileMB; 
82320| DWORD Flags; 



82321| 


DWORD 


InternalFlags; 


82322| 


DWORD 


QuiescentWait; 


82323| 


DWORD 


Qu iescentTi meo ut ; 


82324| 


HANDLE 


ErrorEvent; 


82325| 


HANDLE 


AbortEvent; 


82326| 


ULONG 


NumberOf Devices; 


82327| 


ULONG 


DeviceName[]; // offset from 



| beginning of this structure 
82328| } tOTMOpenTransactionlnlnternal, 

| *pOTMOpenTransaction I n I nternal ; 
82329| 

82330| typedef struct sOTMOpenTransactionOutlnternal { 
82331 1 PVOID KernelSnapShotPointer; // cant access kernel 

| mode addresses in user mode 
82332| LARGEJNTEGER SnapShotTime; // time snapshot 

| occured. 

82333| ULONG Instance; // instance number 

| for this snapshot for volume mapping 
82334| WCHAR CacheFileName[256]; //cache file 

| name being used 
82335| ULONG NumberOfDevices; 
82336| ULONG DeviceName[]; //offset from 

| beginning of this structure 
82337| } tOTMOpenTransactionOutl nternal, 

| *pOTMOpenTransactionOutlnternal; 
82338| Hint -restore*/ 
82339| #pragma warning (pop) 
82340 1 

82341 1 typedef struct sCloseOTM I nternal { 

82342| PVOID KernelSnapShotPointer; // cant access kernel 

| mode addresses in user mode 
82343| } tCloseOTM I nternal, *pCloseOTM Internal; 
82344| 

82345| typedef struct sOTMVolumelnfoln { 

82346| unsigned short Size; 

82347| unsigned short Version; 

82348| WCHAR VolumeName[256]; 

82349| } tOTMVolumelnfoln, *pOTMVolumelnfoln; 

82350 1 

82351 | 

82352| typedef struct sOTMVolumelnfoOut { 

82353| ULONG Sectors PerC luster; 

82354| ULONG ClusterOOffset; 

82355| } tOTMVolumelnfoOut, *pOTMVolumelnfoOut; 

82356| 

82357| #if MEMDBG 

82358| typedef struct sOTMGetMemoryUsageOut { 
82359| ULONG MemTotalNonpagedAlloced; 
82360| ULONG MemTotal Paged Alloced; 
82361 1 ULONG M em M ax No n paged Alloced; 



82362 
82363 
82364 
82365 
82366 
82367 
82368 
I Fi 
82369 
82370 
82371 
82372 
82373 
82374 
82375 
82376 
82377 
82378 
82379 
82380 
82381 
82382 
82383 
82384 
82385 
82386 
82387 
82388 
82389 
82390 
82391 
82392 
82393 
82394 
82395 
82396 
82397 
82398 
82399 
82400 
82401 
82402 
82403 
82404 
82405 
82406 



82407 
82408 
Ifo 



ULONG MemMax Paged Alloced; 
} tOTMGetMemoryUsageOut, *pOTMGetMemoryUsageOut; 

#endif 

typedef struct sOTMSetFlushRoutine { 

NTSTATUS (*ZwFlushBuffersFile)( IN HANDLE 
eHandle, OUT PIO_STATUS_BLOCK loStatusBlock ); 
} tOTMSetFlushRoutine,*pOTMSetFlushRoutine; 

typedef struct sOTM_GetErrorOut { 

DWORD ErrorCode; 
} tOTM_GetErrorOut, *pOTM_GetErrorOut; 

typedef struct sOTM_GetProgressOut { 

DWORD OnSecond; 

DWORD OutOfSeconds; 

DWORD CacheFileSize; 

DWORD CurrentCacheFileSize; 
} tOTM_GetProgressOut,*pOTM_GetProgressOut; 

typedef struct _sOTM_Versionlnfo { 

DWORD Size; 

DWORD LoVersion; 

DWORD Version; 

DWORD OSType; 

DWORD OSVersion; 

DWORD CommunicationMethods; 
} tOTM_Versionlnfo, *pOTM_Versionlnfo; 



#define OTM_SUPPORTED_VERSION_NUMBER 0x01 1 1 
#define OTM_SUPPORTED_LOW_VERSION_NUMBER 0x01 10 



/*lint -restore*/ 

/*— end of file otm_private.h —7 

File Listing: otmbridge.h 

//File Name: messages. mc 

// 

// Note: comments in the .mc file must use both 



and "//". 



// 

// Status values are 32 bit values layed out as 
lows: 



82409| // 

82410| // 3322222222221111111111 
8241 1 1 // 1098765432109876543210987 

165432 10 
82412| // 



82413| // |Sev|C| Facility | 

| Code | 
82414| // 



82415| // 
82416| // where 
82417| // 

82418| // Sev - is the severity code 
82419| // 

82420| // 00 - Success 
82421 1 // 01 - Informational 
82422| // 10 - Warning 
82423 1 // 11 - Error 
82424| // 

82425| // C - is the Customer code flag 
82426| // 

82427| // Facility - is the facility code 
82428| // 

82429 1 // Code - is the facility's status code 

82430 1 // 

82431| 

82432| 

82433| // 

82434| // %1 is reserved by the IO Manager. If 

| loAllocateErrorLogEntry is 
82435| // called with a device, the name of the device will be 

| inserted into 

82436| // the message at %1 . Otherwise, the place of %1 will 

| be left empty. 
82437| // In either case, the insertion strings from the 

| driver's error log 
82438| // entry starts at %2. In other words, the first 

| insertion string goes 
82439| // to %2, the second to %3 and so on. 
82440 1 // 
82441 | 
82442 1 // 

82443| // Values are 32 bit values layed out as follows: 
82444| // 

82445| // 3322222222221111111111 
82446| // 1098765432109876543210987 
165432 10 



82447 

l+- 
I- 
82448 



| Code | 



82449 

l+- 
I- 
82450 
82451 
82452 
82453 
82454 
82455 
82456 
82457 
82458 
82459 
82460 
82461 
82462 
82463 
82464 
82465 
82466 
82467 
82468 
82469 
82470 
82471 
82472 
82473 
82474 
82475 
82476 
82477 
82478 
82479 
82480 
82481 
82482 
82483 
82484 
82485 
82486 
82487 
82488 
82489 
82490 
82491 



// 

+ 

// |Sev|C|R| Facility | 



// 

— + 

// 

// where 

// 

// Sev - is the severity code 

// 

// 00 - Success 
// 01 - Informational 
// 10 -Warning 
// 1 1 - Error 

// 

// C - is the Customer code flag 

// 

// R - is a reserved bit 

// 

// Facility - is the facility code 

// 

// Code - is the facility's status code 

// 
// 

// Define the facility codes 

// 

#define FACILITY_RPC_STUBS 0x3 
#define FACILITY_RPC_RUNTIME 0x2 
#define FACILITY IO ERROR CODE 0x4 



// 

// Define the severity codes 

// 

#define STATUS_SEVERITY_WARNING 0x2 
#define STATUS_SEVERITY_SUCCESS 0x0 
#define STATUS_SEVERITY_IN FORMATION AL 0x1 
#define STATUS SEVERITY ERROR 0x3 



// 

// Messageld: BRIDGE_SUCCESS 

// 

// MessageText: 

// 

// %2 

// 



82492| #define BRIDGE_SUCCESS 

| ((NTSTATUS)0x20000001L) 
82493| 
82494| // 

82495| // Messageld: BRIDGEJNFO 
82496| // 

82497| // MessageText: 
82498| // 
82499 1 // %2 
82500 1 // 

82501 1 #define BRIDGEJNFO 

| ((NTSTATUS)0x60000001L) 
82502 1 
82503 1 // 

82504| // Messageld: BRIDGE_ACTIVATED 
82505| // 

82506| // MessageText: 
82507| // 

82508| // OTM to PSM Bridge installed and activated. 
82509 1 // 

82510| #define B R I DG E_ACTI VAT E D 

| ((NTSTATUS)0x60000002L) 
8251 1 | 
82512| // 

82513| // Messageld: BRIDGE_DEACTIVATED 
82514| // 

82515| // MessageText: 
82516| // 

82517| // OTM to PSM Bridge deactivated. 
82518| // 

82519| #define BRIDGE_DEACTIVATED 

| ((NTSTATUS)0x60000003L) 
82520| 
82521 1 // 

82522| // Messageld: BRIDGE_WARNING 
82523 1 // 

82524| // MessageText: 
82525| // 
82526| // %2 
82527| // 

82528| #define BRIDGE_WARNING 

| ((NTSTATUS)0xA0000001 L) 
82529| 
82530| // 

82531| // Messageld: BRIDGE_ERROR 
82532| // 

82533| // MessageText: 
82534| // 
82535| // %2 
82536| // 



82537| #define BRIDGE_ERROR 
| ((NTSTATUS)OxEOOOOOOI L) 
82538| 
82539| // 

82540| // Messageld: BRIDGE_WRONG_PSM_VERSION 
82541 1 // 

82542| // MessageText: 
82543 1 // 

82544| // An incompatible version of PSM is installed 
82545| // 

82546| #define BRIDGE_WRONG_PSM_VERSION 

| ((NTSTATUS)0xE0000002L) 
82547| 
82548| // 

82549| // Messageld: BRIDGE_WRONG_OTM_VERSION 
82550 1 // 

82551 1 // MessageText: 
82552 1 // 

82553| // An incompatible version of OTM is installed 
82554| // 

82555| #define BRIDGE_WRONG_OTM_VERSION 

| ((NTSTATUS)0xE0000003L) 
82556| 

82557| /*— end of file otmbridge.h —7 
82558 
82559 
82560 
82561 
82562 
82563 
82564 
82565 
82566 
82567 
82568 
82569 
82570 
82571 
82572 
82573 
82574 
82575 
82576 
82577 
82578 
82579 
82580 
82581 
82582 
82583 



File Listing: precomp.h 

extern "C" { 
#include <ddk\ntddk.h> 
#include <stdarg.h> 
#include <stdio.h> 

} 

#define DWORD ULONG 
#define BYTE UCHAR 

#include "init.h" 
#include "otmbridge.h" 
#include "support. h" 
#include "otm.h" 
#include "psm.h" 

/*— end of file precomp.h — 7 



File Listing: psm.cpp 



82584| #include <precomp.h> 
82585| 

82586| NTSTATUS PsmDestroySnapShot( PVOID Snapshot ) 
82587| { 

82588| PIRP lrp=NULL; 

82589| KEVENT Event={0}; 

82590| IO_STATUS_BLOCK loStatusBlock={0}; 

82591 1 NTSTATUS Status=0; 

82592| tClosePSMInternal Close; 

82593 1 

82594| _try { 
82595| 

82596| Close.KernelSnapShotPointer = Snapshot; 
82597| 

82598| // 

82599| // Set the event object to the unsignaled 
| state. 

82600| // It will be used to signal request 

| completion. 
82601 1 // 
82602 1 

82603| KelnitializeEvent(&Event, 

82604| Notification Event, 

82605| FALSE); 

82606| 

82607| 

82608| 

82609 1 // 

8261 0| // Create IRP for get drive layout device 

| control. 
8261 1 1 // 
82612| 

82613| lrp = 

| loBuildDeviceloControlRequest(IOCTL_TURNOFF_PSM, 
82614| 

| PsmDeviceObject, 
82615| &Close, 
82616| 

| sizeof(Close), 
82617| NULL, 
82618| 0, 
82619| FALSE, 
82620| & Event, 

82621 | 

| SloStatusBlock); 
82622 1 

82623 1 if (!lrp) { 

82624| Debug(DEBUG_DEVSUP,("PsmDestroySnapShot: 

| Error! Unable to allocate irp\n")); 
82625| return STATUS_INSUFFICIENT_RESOURCES; 



82626| } 
82627| 

82628| Status = loCallDriver(PsmDeviceObject, Irp); 
82629| 

82630| if (Status == STATUS_PENDING) { 
82631| 

82632| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
82633 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

82634| 

82635| Status = loStatusBlock.Status; 

82636| } 

82637| } except(EXCEPTION_EXECUTE_HANDLER) { 

82638| Status = GetExceptionCode(); 

82639| Debug(DEBUG_DEVSUP,("PsmDestroySnapShot: 

| Exception %08x\n M , Status)); 
82640| } 

82641 1 return Status; 
82642 1 } 
82643 1 

82644| NTSTATUS PsmGetError( PVOID Snapshot, tPSM_GetErrorOut 

| *Error ) 
82645| { 

82646| PIRP lrp=NULL; 

82647| KEVENT Event={0}; 

82648| IO_STATUS_BLOCK loStatusBlock={0}; 

82649| NTSTATUS Status=0; 

82650| tClosePSM Internal Close; 

82651 | 

82652 1 __try { 
82653 1 

82654| Close.KernelSnapShotPointer = Snapshot; 
82655| 

82656| // 

82657| // Set the event object to the unsignaled 
| state. 

82658| // It will be used to signal request 

| completion. 
82659 1 // 
82660 1 

82661 1 KelnitializeEvent(&Event, 

82662 1 Notification Event, 

82663| FALSE); 

82664| 

82665| 

82666| 

82667| // 

82668| // Create IRP for get drive layout device 

| control. 
82669| // 



82670| 

82671 1 Irp = 

| lo Bu ildDevice loControl Request( IOCTL_G ET_E RRO R, 
82672 1 

| PsmDeviceObject, 
82673| &Close, 
82674| 

| sizeof(Close), 
82675| Error, 
82676| 

| sizeof(* Error), 
82677| FALSE, 
82678| &Event, 
82679 1 

| SloStatusBlock); 
82680 1 

82681| if (Mrp) { 

82682| Debug(DEBUG_DEVSUP,("PsmGetError: Error! 

| Unable to allocate irp\n")); 
82683| return STATUSJNSUFFICIENT_RESOURCES; 

82684| } 
82685| 

82686| Status = loCallDriver(PsmDeviceObject, Irp); 
82687| 

82688| if (Status == STATUS_PENDING) { 
82689| 

82690| ASSERT(KeGetCurrentlrql() < 

| DISPATCHJ.EVEL); 
82691 1 pmWaitForSingleObject(&Event,NULL); 
82692 1 

82693 1 Status = loStatusBlock. Status; 

82694| } 

82695| } except( EXC E PTI ON_EX ECUT E_H AN D L E R) { 

82696| Status = GetExceptionCode(); 

82697| Debug(DEBUG_DEVSUP,("PsmGetError: Exception 

| %08x\n",Status)); 
82698| } 

82699| return Status; 
82700 1 } 
82701 | 

82702| NTSTATUS PsmSetWin32Link( tPSM_SetWin32Link *Link ) 
82703 1 { 

82704| PIRP lrp=NULL; 

82705| KEVENT Event={0}; 

82706| IO_STATUS_BLOCK loStatusBlock={0}; 

82707| NTSTATUS Status=0; 

82708| 

82709 1 _try { 
82710| 

8271 1 1 // 



82712| // Set the event object to the unsignaled 
| state. 

82713| // It will be used to signal request 

| completion. 
82714| // 
82715| 

8271 6| KelnitializeEvent(&Event, 

8271 7| Notif icationEvent, 

82718| FALSE); 

82719| 

82720| 

82721 | 

82722 1 // 

82723| // Create IRP for get drive layout device 

| control. 
82724| // 
82725| 

82726| Irp = 

| loBuildDeviceloControlRequest(IOCTL_SET_WIN32_LINK, 
82727| 

| PsmDeviceObject, 
82728| Link, 
82729 1 

| sizeof(*Link), 
82730| NULL, 
82731| 0, 
82732| FALSE, 
82733| & Event, 

82734| 

| &loStatusBlock); 
82735| 

82736| if (!lrp) { 

82737| Debug(DEBUG_DEVSUP,( M PsmSetWin32Link: 

| Error! Unable to allocate irp\n")); 
82738| return STATUS_INSUFFICIENT_RESOURCES; 

82739| } 
82740| 

82741 1 Status = loCallDriver(PsmDeviceObject, Irp); 
82742 1 

82743| if (Status == STATUS_PENDING) { 
82744| 

82745| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
82746 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

82747| 

82748| Status = loStatusBlock.Status; 

82749 1 } 

82750| } except(EXCEPTION_EXECUTE_HANDLER) { 

82751 1 Status = GetExceptionCode(); 

82752| Debug(DEBUG_DEVSUP,("PsmSetWin32Link: Exception 



I %08x\n",Status)); 
82753| } 

82754| return Status; 

82755| } 

82756| 

82757| NTSTATUS PsmGetProgress( PVOID Snapshot, 

| tPSM_GetProgressOut 'Progress ) 
82758| { 

82759| PIRP lrp=NULL; 

82760| KEVENT Event={0}; 

82761| IO_STATUS_BLOCK loStatusBlock={0}; 

82762| NTSTATUS Status=0; 

82763| tClosePSMInternal Close; 

82764| 

82765| _try { 
82766| 

82767| Close.KernelSnapShotPointer = Snapshot; 
82768| 

82769| // 

82770| // Set the event object to the unsignaled 
| state. 

82771 1 // It will be used to signal request 

| completion. 
82772 1 // 
82773 1 

82774| KelnitializeEvent(&Event, 

82775| Notification Event, 

82776| FALSE); 

82777| 

82778| 

82779 1 

82780| // 

82781 1 // Create IRP for get drive layout device 

| control. 
82782 1 // 
82783 1 

82784| Irp = 

| loBuildDeviceloControlRequest(IOCTL_GET_PROGRESS, 
82785| 

| PsmDeviceObject, 
82786| &Close, 
82787| 

| sizeof(Close), 
82788| Progress, 
82789| 

| sizeof(*Progress), 
82790 1 FALSE, 
82791| & Event, 

82792| 

| &loStatusBlock); 



82793| 

82794| if (!lrp) { 

82795| Debug(DEBUG_DEVSUP,( M PsmGetProgress: Error! 

| Unable to allocate irp\n")); 
82796| return STATUS_INSUFFICIENT_RESOURCES; 

82797| } 
82798| 

82799| Status = loCallDriver(PsmDeviceObject, Irp); 
82800| 

82801 1 if (Status == STATU S_P EN DING) { 
82802 1 

82803| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
82804 1 pm Wait Fo rSi ng leObject (& Event , NULL); 

82805| 

82806| Status = loStatusBlock.Status; 

82807| } 

82808| } except( EXC E PTI ON_EXECUTE_H AN D LE R) { 

82809| Status = GetExceptionCode(); 

82810| Debug(DEBUG_DEVSUP,("PsmGetProgress: Exception 

| %08x\n",Status)); 
8281 1 1 } 

82812| return Status; 

82813| } 

82814| 

82815| NTSTATUS PsmGetVersion( tPSM_Versionlnfo ^Version ) 
82816| { 

82817| PIRP lrp=NULL; 

82818| KEVENT Event={0}; 

82819| IO_STATUS_BLOCK loStatusBlock={0}; 

82820| NTSTATUS Status=0; 

82821 | 

82822 1 __try { 
82823 1 

82824| // 

82825| // Set the event object to the unsignaled 
| state. 

82826| // It will be used to signal request 

| completion. 
82827| // 
82828| 

82829| KelnitializeEvent(&Event, 
82830| NotificationEvent, 
82831| FALSE); 
82832| 

82833| Version->Size = sizeof(*Version); 
82834| 

82835| // 

82836| // Create IRP for get drive layout device 
| control. 



82837| // 
82838| 

82839| Irp = 

| loBuildDeviceloControlRequest(IOCTL_GET_VERSION, 
82840| 

| PsmDeviceObject, 
82841 1 Version, 
82842 1 

| sizeof(*Version), 
82843| Version, 
82844| 

| sizeoffVersion), 
82845| FALSE, 
82846| &Event, 
82847| 

| SloStatusBlock); 
82848| 

82849| if (Mrp) { 

82850| Debug(DEBUG_DEVSUP,("PsmGetVersion: Error! 

| Unable to allocate irp\n")); 
82851| return STATUS_INSUFFICIENT_RESOURCES; 

82852| } 
82853| 

82854| Status = loCallDriver(PsmDeviceObject, Irp); 
82855| 

82856| if (Status == STATUS_PENDING) { 
82857| 

82858| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
82859| pmWaitForSingleObject(&Event,NULL); 
82860| 

82861 1 Status = loStatusBlock. Status; 

82862 1 } 

82863| } except( EXC E PTI ON_EX ECUT E_H AN D L E R) { 

82864| Status = GetExceptionCode(); 

82865| Debug(DEBUG_DEVSUP,("PsmGetVersion: Exception 

| %08x\n",Status)); 
82866| } 

82867| return Status; 

82868| } 

82869| 

82870 1 #ifdef NOTJJSED 

82871| PUNICODE_STRING UpperUnicodeString( PUNICODE_STRING Uni 
I ) 

82872| { 

82873| for(ULONG i=0;i<Uni->Length;i++) { 
82874| Uni->Buffer[0] = 

| RtlUpcaseUnicodeChar(Uni->Buffer[0]); 
82875| } 
82876| return Uni; 



82877| } 
82878| 

82879| BOOLEAN PsmlsVolumeExcluded( WCHAR *NTName ) 
82880| { 

82881 1 WCHAR Path[256]; 
82882| UNICODE_STRING Result; 
82883| BOOLEAN Ret = FALSE; 
82884| 
82885| 

| wcscpy(Path,L"\\Registry\\Machine\\System\\CurrentContro 

| ISet\\Services\\psman5\\persistent"); 
82886| 
82887| 

| Reg_GetStringKey(Path,L"ExcludedDrives",L"A:\\,BA\",&Re 
I suit); 
82888| 

82889| if(Result.Buffer) { 

82890| // FIXFIXFIX exclude list can also contain 

| volume guids, 
82891 1 // nt name, and volume mount points. 
82892 1 

82893| // incase there is no drive letter 
82894| wcscpy(Path,NTName); 
82895| 

82896| GetDriveLetterFromNTName( NTName, Path, 

| sizeof(Path)); 
82897| 

82898| // the excluded list looks like 

82899| // a:\\,b:\\,c:\\ 

82900| // returned Path looks like 

82901| II C: 

82902| 

82903| wcscpy(Path,L"\V); 
82904| 

82905| U pperU nicodeString (& Resu It) ; 
82906| 

82907| if ( wcsstr(Result.Buffer,Path)!=NULL ) { 
82908| Ret = TRUE; 

82909| } 
82910| 

82911| Reg_FreeString(&Result); 

82912| } 

82913| 

82914| return Ret; 

82915| } 

82916| 

82917| NTSTATUS PsmCreateFiles( tOpenTransactionlnlnternal *ln 
I ) 

82918| { 

82919| PIRP lrp=NULL; 



82920| 
82921 | 
82922 | 



KEVENT 

IO_STATUS_BLOCK 
NTSTATUS 



Event={0}; 



Status=0; 



loStatusBlock={0}; 



82923 | 

82924| __try { 
82925| 

82926| // 

82927| // Set the event object to the unsignaled 
| state. 

82928| // It will be used to signal request 

| completion. 
82929 1 // 
82930 | 

82931 1 KelnitializeEvent(&Event, 

82932| NotificationEvent, 

82933| FALSE); 

82934| 

82935| 

82936| 

82937| // 

82938| // Create IRP for get drive layout device 

| control. 
82939 1 // 
82940 1 

82941| lrp = 

| loBuildDeviceloControlRequest(IOCTL_CREATE_FILES, 
82942| 

| PsmDeviceObject, 
82943| In, 
82944| 

| sizeof(*ln), 
82945| NULL, 
82946| 0, 
82947| FALSE, 
82948| & Event, 

82949| 

| &loStatusBlock); 
82950| 

82951| if (!lrp){ 

82952| Debug(DEBUG_DEVSUP,("PsmCreateFiles: Error! 

| Unable to allocate irp\n")); 
82953| return STATUS_INSUFFICIENT_RESOURCES; 

82954| } 
82955| 

82956| Status = loCallDriver(PsmDeviceObject, Irp); 
82957| 

82958| if (Status == STATUS_PENDING) { 
82959| 

82960| ASSERT(KeGetCurrentlrql() < 

| DISPATCH LEVEL); 



82961 1 pmWaitForSingleObject(&Event,NULL); 
82962 1 

82963| Status = loStatusBlock.Status; 

82964| } 

82965| } except(EXCEPTION_EXECUTE_HANDLER) { 

82966| Status = GetExceptionCode(); 

82967| Debug(DEBUG_DEVSUP,("PsmCreateFiles: Exception 

| %08x\n",Status)); 
82968| } 

82969 1 return Status; 
82970 1 } 
82971 1 

82972| #endif 
82973 1 

82974| /*— end of file psm.cpp —7 

82975| 

82976| 

82977| 

82978| File Listing: psm.h 
82979 1 

82980| #define IOCTL_GET_VERSION 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA0,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82981 1 #def ine IOCTL_TURNON_PSM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA1 ,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82982| #define IOCTL_TURNOFF_PSM 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA2,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82983| #define I OCTL_G ET_E R RO R 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA3,METHOD_OUT_DIRECT,FIL 

| E_ANY_ACCESS) 
82984| #define IOCTL_SET_WIN32_LINK 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAA6,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82985| #define IOCTL_GET_PROGRESS 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAAC,METHOD_BUFFERED,FILE 

| ANY_ACCESS) 
82986| #define IOCTL_CREATE_FILES 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAC7,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82987| 

82988 1 // vdisk ioctls 

82989| #define IOCTL_IS_PSM_VOLUME 

| CTL_CODE(FILE_DEVICE_UNKNOWN,0xAB8,METHOD_BUFFERED,FILE_ 

| ANY_ACCESS) 
82990 1 

82991 1 #define LINK_SetLink 0 
82992| #define LINK_Deletel_ink 1 
82993| 



82994| typedef struct sPSM_SetWin32Link { 

82995| ULONG Operation; 

82996| WCHAR Win32Link[256]; 

82997| WCHAR NTDeviceName[256]; 

82998| } tPSM_SetWin32Link,*pPSM_SetWin32Link; 

82999| 

83000| #pragma warning (push) 

83001 1 #pragma warning (disable:4200) 

83002| typedef struct sOpenTransactionlnlnternal { 



83003| 


DWORD 


Size; 


83004| 


WCHAR 


CacheFileName[256]; 


83005| 


DWORD 


SizeOfCacheFileMB; 


83006| 


DWORD 


MaxSizeOfCacheFileMB; 


83007| 


DWORD 


Flags; 


83008| 


DWORD 


InternalFlags; 


83009| 


DWORD 


QuiescentWait; 


83010| 


DWORD 


QuiescentTimeout; 


83011| 


HANDLE 


ErrorEvent; 


83012| 


HANDLE 


AbortEvent; 


83013| 


PVOID 


DllPrivateUse; 


83014| 


PVOID 


CallerPrivateUse; 


83015| 


ULONG 


NumToKeep; 


83016| 


BYTE 


Priority; 


83017| 


BYTE 


SnapShotFlags; 


83018| 


BYTE 


Reserved 1 ; 


83019| 


BYTE 


Reserved2; // padding 


83020| 


ULONG 


N u mberOf Devices ; 


83021| 


ULONG 


DeviceName[]; // offset fro 



| beginning of this structure 
83022| } tOpenTransactionlnlnternal, 

| *pOpenTransactionlnlnternal; 
83023 | 

83024| typedef struct sOpenTransactionOutlnternal { 

83025| PVOID KernelSnapShotPointer; // cant access kernel 

| mode addresses in user mode 
83026| LARGEJNTEGER SnapShotTime; // time snapshot 

| occured. 

83027| ULONG Instance; // instance number 

| for this snapshot for volume mapping 
83028| WCHAR CacheFileName[256]; //cache file 

| name being used 
83029| ULONG Persistent; 
83030| ULONG NumberOfDevices; 
83031| ULONG DeviceName[]; //offset from 

| beginning of this structure 
83032| } tOpenTransactionOutlnternal, 

| *pOpenTransactionOutlnternal; 
83033| Hint -restore*/ 
83034| #pragma warning (pop) 
83035| 



83036 
83037 



| mode addresses in user mode 



83038 
83039 
83040 
83041 
83042 
83043 
83044 
83045 
83046 
83047 
83048 
83049 
83050 
83051 
83052 
83053 
83054 
83055 
83056 
83057 
83058 
83059 
83060 
83061 
83062 
83063 
83064 
83065 
83066 
83067 
83068 
83069 
83070 
83071 
83072 
83073 
83074 
83075 
83076 
83077 
83078 
83079 



typedef struct sClosePSMInternal { 

PVOID KernelSnapShotPointer; // cant access kernel 



} tClosePSMInternal, *pClosePSMInternal; 

typedef struct _sPSM_Versionlnfo2 { 

DWORD Size; 

DWORD LoVersion; 

DWORD Version; 

DWORD OSType; 

DWORD OSVersion; 

DWORD CommunicationMethods; 

DWORD Eval:1; 

DWORD Expired:1; 

DWORD Reserved:30; 

ULARGEJNTEGER ExpireDate; 
} tPSM_Versionlnfo2, *pPSM_Versionlnfo2; 

#define sPSM_Versionlnfo sPSM_Versionlnfo2 
#define tPSM_Versionlnfo tPSM_Versionlnfo2 
#define pPSM_Versionlnfo pPSM_Versionlnfo2 

typedef struct sPSM_GetErrorOut { 

DWORD ErrorCode; 
} tPSM_GetErrorOut, *pPSM_GetErrorOut; 

typedef struct sPSM_GetProgressOut { 

DWORD OnSecond; 

DWORD OutOfSeconds; 

DWORD CacheFileSize; 

DWORD CurrentCacheFileSize; 
} tPSM_GetProgressOut,*pPSM_GetProgressOut; 

#define PSM_IFLAG_NEW_SNAPSHOT 0x01 
#define PSM_IFLAG_PERSISTENT 0x02 

// version 2.0 snapshot flags 

#define PSM_2_00_SS_FLAG_READWRITE 0x00 
#define PSM_2_00_SS_FLAG_READONLY 0x01 
#define PSM_2_00_SS_FLAG_READWRITE_PERSISTENT 0x02 



// version 2.1 + snapshot flags 

#define PSM_SS_BIT_WRITEABLE 0x02 
#define PS M_SS_F LAG_T_R E A DON L Y (0) 
#define PSM_SS_FLAG_T_READWRITE 
| (PSM_SS_BIT_WRITEABLE) 
83080 1 

83081 1 #define DN_MakePointer(Start, Offset) 

| ((PVOID)(((char*)(Start))+(Offset))) 
83082| #define DN_MakeOffset(Start,Offset) 



I ((ULONG)(((char*)(Offset))-((char*)(Start)))) 
830831 
83084 
83085 
83086 

|*E 
83087 
83088 



| tPSM_GetProgressOut 'Progress ); 



83089 
83090 
83091 

I); 

83092 
83093 
83094 
83095 
83096 
83097 
83098 
83099 
83100 
83101 
83102 
83103 
83104 
83105 
83106 
83107 
83108 
83109 
83110 
83111 
83112 
83113 
83114 
83115 
83116 
83117 
83118 
83119 
83120 
83121 
83122 
83123 
83124 
83125 
83126 
83127 
83128 



NTSTATUS PsmDestroySnapShot( PVOID Snapshot ); 
NTSTATUS PsmGetError( PVOID Snapshot, tPSM_GetErrorOut 
rror ); 

NTSTATUS PsmSetWin32Link( tPSM_SetWin32Link 'Link ); 
NTSTATUS PsmGetProgress( PVOID Snapshot, 



NTSTATUS PsmGetVersion( tPSM_Versionlnfo "Version ); 
BOOLEAN PsmlsVolumeExcluded( WCHAR *NTName ); 
NTSTATUS PsmCreateFiles( tOpenTransactionlnlnternal *ln 



/*— end of file psm.h —7 



File Listing: resource.h 
//{{NO_DEPENDENCIES}} 

// Microsoft Developer Studio generated include file. 
// Used by SBPSMAN.RC 

// 

#define VEFt_PRODUCTBUILD 3 

#define VER_PRODUCTVERSION_W 0x0101 

// Next default values for new objects 

// 

#ifdef APSTUDIOJNVOKED 

#ifndef APSTUDIO_READONLY_SYMBOLS 

#define_APS_NO_MFC 1 

#define _APS_NEXT_RESOURCE_VALUE 1 01 

#define _APS_NEXT_COMMAND_VALUE 40001 

#define _APS_NEXT_CONTROL_VALUE 1 000 

#define_APS_NEXT_SYMED_VALUE 101 

#endif 

#endif 



File Listing: support. cpp 

#include "precomp.h" 

// modified from psm\reg.cpp 

void Reg_GetULONGKey ( 

IN PWCHAR RegistryPath, 

IN PWCHAR Key, 

IN ULONG Default, 

OUT PULONG Result 



83129 
83130 
83131 
83132 
83133 

I); 

83134 
83135 
83136 
83137 
83138 
83139 
83140 
83141 
83142 
83143 
83144 
83145 
83146 
83147 
83148 
83149 
83150 
83151 
83152 
83153 

I- 
83154 
83155 
83156 
83157 
83158 
83159 
83160 
83161 
83162 
83163 
83164 
83165 
83166 
83167 
83168 
83169 
83170 
83171 



| not exist 
83172 
83173 
83174 
83175 



) 

RTL_QUERY_REGISTRY_TABLE paramTable[2]={0}; 
RtlZeroMemory( &paramTable[0], sizeof(paramTable) 



paramTable[0]. Flags = RTL_QU E R Y_R EG I STR Y_D I R ECT; 
paramTable[0].Name = Key; 
paramTable[0].EntryContext = Result; 
paramTable[0].DefaultType = REG_DWORD; 
paramTable[0].DefaultData = &Default; 
paramTable[0].Defaultl_ength = sizeof(ULONG); 

if (!NT_SUCCESS(RtlQueryRegistryValues( 

RTL_REGISTRY_ABSOLUTE | RTL_REGISTRY_OPTIONAL, 

RegistryPath, 

&paramTable[0], 

NULL, 

NULL 
))){ 

'Result = Default; 

} 



r 



7 

// modified from psm\reg.cpp 
void Reg_GetStringKey ( 

IN PWCHAR RegistryPath, 

IN PWCHAR Key, 

IN PWCHAR Default, 

OUT PUNICODE_STRING Result 

) 

/*++ 

Routine Description: 

Get a string from the registry 

Arguments: 

RegistryPath the path to query 

Key Key to query 

Default Default value to return if Key does 



Return Value: 
The Key value 



83176| -7 
83177| 
83178| { 

83179| RTL QUERY REGISTRY TABLE paramTable[2]={0}; 

83180| NTSTATUS Status; 

83181| 

83182| RtlZeroMemory( &paramTable[0], sizeof(paramTable) 

I); 

83183| 

83184| paramTable[0]. Flags = RTL_QU E RY_R EG I STR Y_D I R ECT | 

| RTL_QUERY_REGISTRY_NOEXPAND; 
83185| paramTable[0].Name = Key; 
83186| paramTable[0].EntryContext = Result; 
83187| paramTable[0].DefaultType = REG_SZ; 
83 1 88| paramTable[0] . Defau ItData = Def au It; 
83 1 89 1 paramTable[0] . Defau ItLength = 

| wcslen(Default)*sizeof(WCHAR)+sizeof(WCHAR); 
83190| 

83191 1 Result->Length = 0; 

83192| Result->Maximuml_ength=256; 

83193| Result->Buffer = (WCHAR 

| *)ExAllocatePoolWithTag(PagedPool,256,'RmtO'); 
83194| 

83195| Debug(DEBUG_INFO,("Path='%S', 

| Key= , %S'\n", Registry Path, Key)); 
83196| 

83197| if (!NT_SUCCESS(Status = RtlQueryRegistryValues( 
83198| RTL_REGISTRY_ABSOLUTE | 

| RTL_REGISTRY_OPTIONAL, 
83199| RegistryPath, 
83200| &paramTable[0], 
83201 1 NULL, 
83202 1 NULL 
83203| ))) { 

83204| 

83205| Debug(DEBUG_INFO,("Error %08x reading registry 

| key '%S'\n",Status, RegistryPath)); 
83206| if(Result->Buffer) { 
83207| 

| RtlZeroMemory(Result->Buffer,Result->MaximumLength); 
83208| Result->Length = 

| wcslen(Default)*sizeof(WCHAR); 
83209 1 

| RtlCopyMemory(Result->Buffer,Default,Result->Length); 
8321 0| Debug(DEBUG_INFO,("Setting default of 

| '%S'\n",Result->Buffer)); 
8321 1 1 } else { 

83212| Debug(DEBUG_INFO,("Error! Out of 

| memory\n")); 
83213| } 



83214| }else{ 
83215| 

| Debug(DEBUG_INFO,("Value='%S , \n",Result->Buffer)); 
83216| } 
83217| 
83218| } 
83219| 

83220| void Reg_FreeString( PUNICODE_STRING String ) 
83221 | { 

83222| String->Length = String->MaximumLength = 0; 

83223 1 Ex FreePoo l(String->Buff er) ; 

83224| return; 

83225| } 

83226| 

83227| 

83228| // taken from psmMog.cpp 

83229| NTSTATUS LogError( PDEVICE_OBJECT DeviceObject, 



83230| PIRP Irp, 

83231 1 ULONG Messageld, 

83232| NTSTATUS Error, 

83233| PVOID DumpData, 

83234| ULONG DumpDataSize, //in bytes!!! 

83235| WCHAR *Strings[], 

83236| ULONG NumStrings ) 



83237| { 

83238| PIO_ERROR_LOG_PACKET errorLogEntry=NULL; 
83239| PIO_ERROR_LOG_PACKET LogEntry=NULL; 
83240| PWCHAR insertionString=NULL; 
83241 1 USHORT Strlens=0; 
83242| ULONG i; 

83243| NTSTATUS Status=STATUS_SUCCESS; 

83244| USHORT LogSize=0; 

83245| USHORT SafeDumpSize=0; 

83246| USHORT DumpOffset=0; 

83247| 

83248| for(i=0;i<NumStrings;i++) { 
83249 1 

| Strlens+=wcslen(Strings[i])*sizeof(WCHAR)+sizeof (WCHAR); 

| // add in null character 
83250 1 } 
83251 | 

83252| // round up to nearest dword length 

83253| SafeDumpSize = ((USHORT)((DumpDataSize+3) / 

| sizeof(ULONG)) * sizeof(ULONG)); 
83254| 
83255| r 

83256| typedef struct _IO_ERROR_LOG_PACKET { 
83257| UCHAR MajorFunctionCode; //0 
83258| UCHAR RetryCount; 1 
83259| USHORT DumpDataSize; 2 



83260| 
83261 1 
83262 1 
83263 1 
83264| 
83265| 
83266| 
83267| 
83268| 
83269 1 
83270 1 



USHORT NumberOf Strings; 
USHORT StringOffset; 
USHORT EventCategory; 
NTSTATUS ErrorCode; 
ULONG UniqueErrorValue; 
NTSTATUS FinalStatus; 
ULONG SequenceNumber; 
ULONG loControlCode; 
LARGE_INTEGER DeviceOffset; 
ULONG DumpData[1]; 



6 



28 



1c 



14 



c 



8 



10 



4 



18 



20 



2c 



83271| }IO_ERROR_LOG_PACKET, *PIO_ERROR_LOG_PACKET; 

83272| 7 

83273| 

83274| Hint -save -e734 -e545 7 
83275| DumpOffset = 

| (USHORT)FIELD_OFFSET(IO_ERROR_LOG_PACKET,DumpData); 
83276| Hint -restore 7 
83277| 

83278| LogSize = DumpOffset; // Have it start 

| here(28) instead of after (30) 
83279| LogSize += SafeDumpSize; // number of bytes 

| needed rounded to dword 
83280| LogSize += Strlens; // length of strings 
83281 | 

83282 1 // can get bigger than a byte (255) 

83283| ASSERT(LogSize<=ERROR_LOG_MAXIMUM_SIZE); 

83284| 

83285| // make sure at least as big as structure (its 

| aligned funny) 
83286| if(LogSize<sizeof(IO_ERROR_LOG_PACKET)) { 
83287| LogSize = sizeof(IO_ERROR_LOG_PACKET); 
83288| } 
83289 1 

83290| errorLogEntry = (PIO_ERROR_LOG_PACKET) 
| ExAllocatePoolWithTag( PagedPool,LogSize,TNVE'); 
83291| 

83292| if(errorLogEntry) { 
83293| // manditory 

83294| errorLogEntry->ErrorCode = Messageld; 
83295| 

83296| // optional 

83297| errorLogEntry->StringOffset = NumStrings>0 ? 

| DumpOffset+(USHORT)(SafeDumpSize) : 0; 
83298| errorLogEntry->NumberOfStrings = 

| (USHORT)NumStrings; 
83299| errorLogEntry->DumpDataSize = 

| (USHORT)SafeDumpSize; 
83300| errorLogEntry->SequenceNumber = 0; 
83301 1 errorLogEntry->RetryCount = 0; 



83302| errorLogEntry->L)niqueErrorValue = 0; 
83303| errorLogEntry->FinalStatus = Error; 
83304| errorLogEntry->EventCategory = 0; 
83305| 

83306| if(lrp) { 

83307| PIO_STACK_LOCATION IrpStack = 

| loGetCurrentlrpStackLocation(lrp); 
83308| 

83309| errorLogEntry->MajorFunctionCode = 

| lrpStack->MajorFunction; 
83310| 

8331 1 1 if( (lrpStack->MajorFunction == 

I IRP_MJ_DEVICE_CONTROL) || 
83312| (lrpStack->MajorFunction == 

I IRP_MJ_INTERNAL_DEVICE_CONTROL) || 
83313| (lrpStack->MajorFunction == 

| IRP_MJ_SCSI) ) { 
83314| 

83315| errorLogEntry->loControlCode = 

| lrpStack->Parameters.DeviceloControl.loControlCode; 

8331 6| errorLogEntry->DeviceOffset.QuadPart = 

|0; 

83317| }else{ 

83318| errorLogEntry->DeviceOffset = 

| lrpStack->Parameters.Read.ByteOffset; 
83319| errorLogEntry->loControlCode = 0; 

83320| } 
83321| }else{ 

83322| errorLogEntry->MajorFunctionCode = 0 ; 

83323| errorLogEntry->loControlCode = 0; 

83324| errorLogEntry->DeviceOffset.QuadPart = 0; 

83325| } 
83326| 

83327| if(DumpDataSize>0) { 
83328| 

| RtlZeroMemory(errorLogEntry->DumpData,SafeDumpSize); 
83329| 

| RtlMoveMemory(errorLogEntry->DumpData,DumpData,DumpDataS 

I ize); 
83330| } 
83331| 

83332| insertionString = 

| (PWSTR)((PCHAR)(errorLogEntry) + 

| errorLogEntry->StringOffset); 
83333| 

83334| for(i=0;i<NumStrings;i++) { 

83335| RtlCopyMemory(insertionString, Strings[i], 

| wcslen(Strings[i])*sizeof(WCHAR)+sizeof(WCHAR)); 
83336| insertionString+=wcslen(Strings[i])+1 ; // 

| in WCHARs 



83337| } 
83338| 

83339| // we do this so we can check we dont overwrite 
| our buffers. 

83340| LogEntry = (PIO_ERROR_LOG_PACKET) 

| loAllocateErrorl_ogEntry( DeviceObject, (UCHAR)LogSize); 

83341| if(LogEntry) { 
83342| 

| RtlMoveMemory(LogEntry,errorLogEntry,LogSize); 

83343| loWriteErrorLogEntry (LogEntry); 

83344| } else { 

83345| Status = STATUS_INSUFFICIENT_RESOURCES; 

83346| } 

83347| 

83348| ExFreePool(errorLogEntry); 

83349| Status=STATUS_SUCCESS; 

83350| } else { 

83351 1 Status = STATUS_INSUFFICIENT_RESOURCES; 

83352 1 } 

83353 1 return Status; 

83354| } 

83355| 

83356| 

83357| #ifdef NOTJJSED 

83358| NTSTATUS GetDriveLetterFromNTName( WCHAR *NTName, WCHAR 

| *DriveString, ULONG BufferSize ) 
83359| { 

83360| WCHAR DriveName[20] = L"\\DosDevices\\C:"; 

83361 1 UNICODE_STRING UniName={0}; 

83362| OBJECT_ATTRIBUTES ObjAttr={0}; 

83363| HANDLE SymHandle=NULL; 

83364| WCHAR SymSpace[256]={0}; 

83365| NTSTATUS Status=STATUS_UNSUCCESSFUL; 

83366| ULONG Ret=0; 

83367| UCHAR DriveLetter=0; 

83368| NTSTATUS RetStatus = STATUS_NOT_FOUND; 

83369 1 

83370| PAG E D_CO D E () ; 
83371 1 

83372| for ( DriveLetter=2;DriveLetter<26;DriveLetter++ ) 

|{ 
83373 1 

83374| DriveName[12] = DriveLetter+65; 
83375| 

83376| RtllnitUnicodeString( &UniName, DriveName ); 
83377| 

83378| ObjAttr. Length 

| sizeof (ObjAttr); 

83379| ObjAttr. RootDirectory = NULL; 

83380 1 ObjAttr. Attributes 



I OBJ_CASE_INSENSITIVE; 
83381 1 ObjAttr.ObjectName = &UniName; 

83382| ObjAttr.SecurityDescriptor = NULL; 
83383| ObjAttr.SecurityQualityOfService = NULL; 
83384| 

83385| Status = ZwOpenSymbolicLinkObject( &SymHandle, 

| STANDARD_RIGHTS_READ, &ObjAttr ); 
83386| if ( NT_SUCCESS(Status) ) { 
83387| UniName.Length = 0; 

83388| UniName.MaximumLength = 256; 

83389| UniName.Buffer = SymSpace; 

83390 1 Status = 

| ZwQuerySymbolicLinkObject(SymHandle,&UniName,&Ret); 
83391 1 if ( NT_SUCCESS(Status) ) { 

83392| Debug(DEBUG_DCPSM,("Symlink '%S' == 

| , %wZ , \n" s DriveName,&UniName)); 
83393 | 

83394| if ( 

| _wcsnicmp(UniName.Buffer,NTName,wcslen(NTName))==0 ) { 



83395| 


//\DosDevices\C: 


83396| 


// 01 23456789-1 2 


83397| 


DriveString[0] = DriveLetter+65; 


83398| 


DriveString[1] = 0; 


83399 1 


ZwClose(SymHandle); 


83400 1 


RetStatus= STATUS_SUCCESS; 


83401 | 


break; 


83402 1 


} 


83403 1 


} else { 


83404| 


Debug(DEBUG_DCPSM, ("Error 


| %08x\n",Status)); 


83405| 


} 


83406| 




83407| 


ZwClose(SymHandle); 


83408| 


} else { 


83409 1 


//Debug(DEBUG_DCPSM, ("Error 


| %08x\n",Status)); 


83410| 


} 


8341 1 | 


} // for 


83412| 




83413| 


return RetStatus; 


83414| } 




83415| 




83416| NTSTATUS Sblo_OpenVolumeHandle ( 


83417| 


const WCHAR *VolumeName, 


83418| 


HANDLE SVolumeHandle, 


83419| 


PFILE_OBJECT &VolumeFileObject, 


83420| 


ULONG Desired Access ) 


83421 | { 




83422| 


UNICODE_STRING UniName={0}; 



83423| OBJECT_ATTRIBUTES ObjectAttributes={0}; 



83424| 
83425| 
83426| 



IO_STATUS_BLOCK loStatus = {0}; 
HANDLE FileHandle = 0; 

NTSTATUS Status = 0; 



83427| 

83428| VolumeHandle = INVALID_HANDLE_VALUE; 

83429| VolumeFileObject = NULL; 

83430| 

83431| RtllnitUnicodeString(&UniName,VolumeName); 
83432| 

83433| InitializeObjectAttributes ( 

83434| &ObjectAttributes, 

83435| &UniName, 

83436| OBJ_CASE_INSENSITIVE, 

83437| NULL, 

83438| NULL ); 

83439| 

83440| Status = ZwCreateFile( 

83441| & VolumeHandle, 

83442 1 Des i red Access , 

83443| &ObjectAttributes, 

83444| &loStatus, 

83445| NULL, // 
| alloc size 

83446| FILEATTRIBUTENORMAL, 

83447| FILE_SHARE_WRITE | FILE_SHARE_READ, 

83448| FILE_OPEN, 

83449| 0, // 

| create options 

83450| NULL, // 

| eabuffer 

83451| 0); // 

| ealength 
83452| 

83453| if(NT_SUCCESS(Status)) { 

83454| Status = ObReferenceObjectByHandle( 

83455| VolumeHandle, 

83456| GENERIC_WRITE, 

83457| NULL, 

83458| (KPROCESSOR_MODE)KernelMode, 

83459| (PVOID *)&VolumeFileObject, 

83460| NULL); 
83461 | 

83462| if(!NT_SUCCESS(Status)) { 

83463| Debug(DEBUG_DEVSUP,( M Sblo_OpenVolumeHandle: 
| Error %08x in 

| ObReferenceObjectByHandle('%S')\n",Status,VolumeName)); 

83464| ZwClose (VolumeHandle); 

83465| VolumeHandle = INVALID_HANDLE_VALUE; 

83466| VolumeFileObject = NULL; 

83467| } 



83468| } else { 

83469| Debug(DEBUG_DEVSUP,("Sblo_OpenVolumeHandle: 
| Error %08x in 

| ZwCreateFile('%S')\n",Status,VolumeName)); 
83470| VolumeHandle = INVALID_HANDLE_VALUE; 
83471 1 } 
83472 1 

83473 1 return Status; 

83474| } 

83475| 

83476| 

83477| NTSTATUS Sblo_CloseVolumeHandle ( 
83478| HANDLE &VolumeHandle, 
83479| PFILE_OBJECT &VolumeFileObject ) 
83480 1 { 

83481 1 NTSTATUS Status = STATUS_SUCCESS; 
83482| if ( VolumeFileObject==NULL || 

| !lsValidHandle(VolumeHandle) ) { 
83483| ASSERT ( VolumeFileObject != NULL ); 
83484| ASSERT ( IsValidHandle(VolumeHandle) ); 
83485| Status = STATUS_INVALID_PARAMETER; 
83486| Debug(DEBUG_DEVSUP,("Sblo_CloseVolumeHandle: 

| Invalid parameter -- VolumeHandle=%08x, 

| VolumeFileObject=%08x\n M ,VolumeHandle,VolumeFileObject)) 

I ; 

83487| } else { 

83488| ObDereferenceObject (VolumeFileObject); 
83489| ZwClose (VolumeHandle); 
83490 1 

83491 1 VolumeFileObject = NULL; 

83492| VolumeHandle = INVALID_HANDLE_VALUE; 

83493 1 } 

83494| 

83495 1 return Status; 

83496| } 

83497| 

83498| 

83499| NTSTATUS Sblo_DeviceloControl( PDEVICE_OBJECT 
| DeviceObject, 



83500 1 


ULONG loctlCode, 


83501| 


char *lnBuffer, 


83502| 


ULONG InBufferSize, 


83503| 


char *OutBuffer, 


83504| 


ULONG OutBufferSize, 


83505| 


ULONG *BytesReturned 


83506| 


) 


83507| { 





83508| PIRP lrp=NULL; 

83509| IO_STATUS_BLOCK losb={0}; 

83510| KEVENT Event={0}; 



8351 1 1 NTSTATUS Status=STATUS_UNSUCCESSFUL; 
83512| 

83513| *BytesReturned = 0; 
83514| 

8351 5| // Set the event object to the unsignaled state. 
8351 6| // It will be used to signal request completion. 
83517| 

83518| KelnitializeEvent(&Event, NotificationEvent, 

| FALSE); 
83519| 

83520| Irp = loBuildDeviceloControlRequest( loctlCode, 



83521 1 DeviceObject, 

83522| InBuffer, 

83523| InBufferSize, 

83524| OutBuffer, 

83525| OutBufferSize, 

83526| FALSE, 

83527| &Event, 

83528| &losb); 
83529 1 
83530 1 



83531 1 if (Irp) { 
83532 1 

83533 1 _try { 

83534| Status = loCallDriver(DeviceObject, Irp); 

83535| 

83536| if (Status == STATUS_PENDING) { 

83537| 

83538| ASSERT(KeGetCurrentlrql() < 

| DISPATCH_LEVEL); 
83539| pmWaitForSingleObject(&Event,NULL); 
83540 1 

83541 1 Status = losb.Status; 

83542 1 } 

83543| } except(EXCEPTION_EXECUTE_HANDLER) { 

83544| Status = GetExceptionCode(); 

83545| 

| Debug(DEBUG_DEVSUP,("Sblo_DeviceloControl:Error! 

| Exception %08x sending scsi command\n",Status)); 
83546| } 
83547| } else { 

83548| Debug(DEBUG_INFO,("Sblo_DeviceloControl: Error 

| no Irp available\n")); 
83549| Status = losb.Status; 
83550 1 } 
83551 1 

83552| if (!NT_SUCCESS(Status)) { 

83553| * Bytes Returned = losb. Information; 

83554| } 

83555| 



83556 
83557 
83558 
83559 
83560 
83561 
83562 
83563 
83564 
83565 
83566 
83567 
83568 
83569 
83570 
83571 
83572 
83573 
83574 
83575 
83576 
83577 
83578 
83579 
83580 
83581 
83582 
83583 
83584 



83585 
83586 
83587 
83588 
83589 
83590 
83591 
83592 
83593 
83594 
83595 
83596 
83597 
83598 



return Status; 

} 

#endif 

/*— end of file support.cpp —7 



File Listing: support. h 

extern "C" { 

void Reg_GetULONGKey ( 
IN PWCHAR RegistryPath, 
IN PWCHAR Key, 
IN ULONG Default, 
OUT PULONG Result 

); 

NTSTATUS LogError( PDEVICE_OBJECT DeviceObject, 
PIRP Irp, 

ULONG Messageld, 

NTSTATUS Error, 

PVOID DumpData, 

ULONG DumpDataSize, //in bytes!!! 

WCHAR *Strings[], 

ULONG NumStrings 

); 

NTSTATUS GetDriveLetterFromNTName( WCHAR *NTName, 



WCHAR *DriveString, ULONG BufferSize ); 



void Reg_GetStringKey ( 
IN PWCHAR RegistryPath, 
IN PWCHAR Key, 
IN PWCHAR Default, 
OUT PUNICODE_STRING Result 

); 

void Reg_FreeString( PUNICODE_STRING String ); 



/*— end of file support. h —7 



